Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/3brg1dCX36oMEeYGxW--NTLBJWc.roa
File: 3brg1dCX36oMEeYGxW--NTLBJWc.roa (raw, json)
Hash identifier: nfNJ2/RKHA4sUEH5L86VxG7uEQOk5Z2onjU01CRh0ps=
Subject key identifier: DD:BA:E0:D5:D0:97:DF:AA:0C:11:E6:06:C5:6F:BE:35:32:C1:25:67
Certificate issuer: /CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Certificate serial: 0195B8D4D14B9CB18A31D85BDF5A1E90B04F
Authority key identifier: 5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/3brg1dCX36oMEeYGxW--NTLBJWc.roa
Signing time: Fri 21 Mar 2025 13:11:49 +0000
ROA not before: Fri 21 Mar 2025 13:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58030
IP address blocks: 91.237.254.0/24 maxlen: 24
91.237.255.0/24 maxlen: 24
2001:67c:1158::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 28 Mar 2025 03:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b8:d4:d1:4b:9c:b1:8a:31:d8:5b:df:5a:1e:90:b0:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Validity
Not Before: Mar 21 13:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddbae0d5d097dfaa0c11e606c56fbe3532c12567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fb:f8:f6:3c:8d:42:c8:93:4f:31:5d:26:10:
dc:9f:f5:fe:9e:8b:a0:c1:6e:4b:79:cd:37:1c:4d:
c2:db:af:76:e2:8c:0f:e5:11:8c:05:40:b3:29:65:
c2:2b:ab:17:3e:c8:89:36:81:88:0c:3c:9f:28:0c:
c7:ea:2a:fa:d8:a7:ea:ab:c7:1b:b7:bf:f3:9e:f0:
4e:97:cb:bc:a3:7f:10:0d:78:41:44:29:d3:5f:5c:
d3:66:f1:7f:e6:ae:40:b1:be:a1:70:5d:4a:17:2b:
2a:25:c6:df:99:ea:3d:86:5c:55:13:80:2e:57:00:
e4:86:21:25:7c:08:5d:ae:19:99:f0:d1:5a:0c:72:
e6:f9:55:ea:db:48:c6:aa:2d:ec:12:41:a3:03:39:
30:f6:fc:82:e0:d8:92:19:ba:5e:2b:4d:fe:dc:02:
b8:ce:39:ac:3c:8e:02:e0:de:24:e0:d1:42:7a:f7:
0b:d4:e9:9a:9e:04:cd:23:a7:38:d9:dd:73:2a:74:
8a:f7:30:88:aa:ba:53:15:97:91:77:29:4f:1c:58:
60:79:24:0e:59:3d:04:75:19:ff:5b:37:8d:ee:67:
b5:61:29:67:07:2e:35:52:8e:15:f6:d3:fa:34:cb:
ea:49:3a:51:62:60:26:2e:4e:dd:9e:42:26:21:e3:
7e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BA:E0:D5:D0:97:DF:AA:0C:11:E6:06:C5:6F:BE:35:32:C1:25:67
X509v3 Authority Key Identifier:
keyid:5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/3brg1dCX36oMEeYGxW--NTLBJWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.254.0/23
IPv6:
2001:67c:1158::/48
Signature Algorithm: sha256WithRSAEncryption
37:5d:6d:41:f7:5c:87:ee:78:0e:70:db:9f:8a:ab:03:0d:4d:
85:b5:2b:59:26:69:75:02:c4:02:db:eb:14:bf:fc:0d:3e:c0:
9f:68:22:cf:9c:c6:69:79:88:08:4a:f6:80:f0:93:e1:bc:a4:
6c:dc:b1:4d:4b:e3:56:2c:79:4e:67:cd:ea:b6:97:75:09:f0:
b1:ef:52:bb:9a:8a:a4:c2:c5:46:63:83:39:6e:c4:3f:2b:f1:
ac:d6:4f:8e:f5:7c:1b:5f:13:cd:dc:33:6f:16:1c:10:37:43:
b7:a7:64:7f:04:ef:d5:f2:d7:68:95:79:19:d1:44:13:aa:08:
ae:4c:6d:e3:76:e6:30:44:a7:84:7b:bf:44:86:1f:2e:6e:eb:
e7:3f:e7:12:51:bf:e9:22:10:07:b4:16:bd:08:4d:9a:b7:77:
4a:44:ec:e9:52:66:30:c7:ee:c2:5f:fe:57:b5:c4:87:14:69:
c4:a8:89:a9:1b:dc:32:ce:ee:86:cf:a5:93:b1:dc:ab:2d:99:
96:af:0c:48:41:06:95:fd:6a:3d:f1:da:37:b8:8c:26:19:33:
71:ff:f0:19:c2:00:e0:a7:89:ff:5a:cc:aa:5a:32:cc:69:89:
63:e1:d4:34:de:69:cc:6c:35:47:02:7a:7e:ff:63:13:58:a3:
99:1c:5e:ed
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZW41NFLnLGKMdhb31oekLBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNWU2NmIyNzU5ZTUwYmI2OWJiMGE0NDA5ZWViM2JhNDhj
NDZjNTYwHhcNMjUwMzIxMTMxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGJhZTBkNWQwOTdkZmFhMGMxMWU2MDZjNTZmYmUzNTMyYzEyNTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfv49jyNQsiTTzFdJhDcn/X+noug
wW5Lec03HE3C26924owP5RGMBUCzKWXCK6sXPsiJNoGIDDyfKAzH6ir62Kfqq8cb
t7/znvBOl8u8o38QDXhBRCnTX1zTZvF/5q5Asb6hcF1KFysqJcbfmeo9hlxVE4Au
VwDkhiElfAhdrhmZ8NFaDHLm+VXq20jGqi3sEkGjAzkw9vyC4NiSGbpeK03+3AK4
zjmsPI4C4N4k4NFCevcL1OmangTNI6c42d1zKnSK9zCIqrpTFZeRdylPHFhgeSQO
WT0EdRn/WzeN7me1YSlnBy41Uo4V9tP6NMvqSTpRYmAmLk7dnkImIeN+JQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN264NXQl9+qDBHmBsVvvjUywSVnMB8GA1UdIwQY
MBaAFFpeZrJ1nlC7absKRAnus7pIxGxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWIt
NjUzZjIzOWZlOWEwLzEvM2JyZzFkQ1gzNm9NRWVZR3hXLS1OVExCSldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWItNjUzZjIzOWZlOWEw
LzEvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW+3+MA8E
AgACMAkDBwAgAQZ8EVgwDQYJKoZIhvcNAQELBQADggEBADddbUH3XIfueA5w25+K
qwMNTYW1K1kmaXUCxALb6xS//A0+wJ9oIs+cxml5iAhK9oDwk+G8pGzcsU1L41Ys
eU5nzeq2l3UJ8LHvUruaiqTCxUZjgzluxD8r8azWT471fBtfE83cM28WHBA3Q7en
ZH8E79Xy12iVeRnRRBOqCK5MbeN25jBEp4R7v0SGHy5u6+c/5xJRv+kiEAe0Fr0I
TZq3d0pE7OlSZjDH7sJf/le1xIcUacSoiakb3DLO7obPpZOx3KstmZavDEhBBpX9
aj3x2je4jCYZM3H/8BnCAOCnif9azKpaMsxpiWPh1DTeacxsNUcCen7/YxNYo5kc
Xu0=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:21:22 2025 by rpki-client