Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/8Qb1leVNHctRsxvSrVccd8B1nJ0.roa
File: 8Qb1leVNHctRsxvSrVccd8B1nJ0.roa (raw, json)
Hash identifier: 6Nr+L1zWvNPxljks49DAes0yZ/ClsB0NzZ/wfw9Utxk=
Subject key identifier: F1:06:F5:95:E5:4D:1D:CB:51:B3:1B:D2:AD:57:1C:77:C0:75:9C:9D
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 019541B5B6CB7E90D6A95F3EF4E344F3A494
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/8Qb1leVNHctRsxvSrVccd8B1nJ0.roa
Signing time: Wed 26 Feb 2025 10:03:02 +0000
ROA not before: Wed 26 Feb 2025 10:03:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34686
IP address blocks: 80.254.231.0/24 maxlen: 24
91.216.32.0/24 maxlen: 24
2a13:5240::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 26 Feb 2025 11:33:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:41:b5:b6:cb:7e:90:d6:a9:5f:3e:f4:e3:44:f3:a4:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Feb 26 10:03:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f106f595e54d1dcb51b31bd2ad571c77c0759c9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:52:50:67:72:2e:98:2e:73:93:78:a6:9d:c5:
6a:d1:3a:be:98:77:93:10:47:0d:09:9d:de:9b:51:
76:4e:34:20:4d:a5:7b:40:65:1b:14:7b:17:8a:55:
b0:c4:d6:3d:a8:89:dd:09:79:a0:44:f0:9d:24:15:
48:a0:18:e8:d7:15:52:67:d6:65:79:e3:16:f9:07:
40:16:20:92:fe:a0:97:61:0f:45:ba:ff:d7:82:ad:
53:c1:cd:5f:29:a2:62:bd:4f:57:8c:42:bd:07:c7:
fb:d6:c2:d6:28:97:3a:7f:4a:8a:de:fe:42:58:24:
8e:06:ff:41:ad:a3:d5:ae:0b:26:93:48:c3:38:8d:
5c:c7:4f:b5:18:fb:6b:80:8d:bb:19:e5:e7:39:67:
75:65:39:60:7e:80:7d:50:a9:de:93:b2:76:e7:3b:
e8:75:db:5b:bb:d6:5e:ab:61:cc:5f:b5:6e:6b:46:
79:f9:c9:c8:b7:34:61:6c:c0:39:e5:5c:2d:2b:a7:
8c:8b:58:6f:c5:1b:fe:30:32:47:2b:bb:49:97:de:
13:cf:28:44:1f:32:ae:1d:e5:1c:31:37:dc:11:55:
3b:17:1e:64:4f:b9:2c:4c:c1:06:5a:48:3a:1a:0a:
75:48:d5:c6:72:9a:c8:12:60:13:9a:4c:5e:45:3a:
a3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:06:F5:95:E5:4D:1D:CB:51:B3:1B:D2:AD:57:1C:77:C0:75:9C:9D
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/8Qb1leVNHctRsxvSrVccd8B1nJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.231.0/24
91.216.32.0/24
IPv6:
2a13:5240::/32
Signature Algorithm: sha256WithRSAEncryption
c4:4b:fe:04:f5:39:2d:f8:e5:d3:c3:4f:fd:62:3d:c0:61:ae:
12:e6:13:a1:51:b9:5b:f3:04:e9:7e:3d:b3:11:0c:03:0b:d3:
ca:b9:dd:6d:15:52:b7:fe:f1:55:6b:0b:03:8b:5c:e5:29:41:
4f:ef:30:42:0d:d7:6b:90:f7:a8:53:8d:4c:73:23:98:ce:83:
a7:2c:f5:e6:ea:fe:83:4c:db:6b:b3:e6:02:83:db:9d:86:fb:
f7:03:46:fe:da:29:73:7d:fc:54:2f:ea:2c:41:fa:a2:7d:81:
10:9c:96:6d:f8:ac:3d:e9:8e:c7:0c:14:91:f9:1a:61:cd:37:
40:ba:b6:c5:0e:2c:a2:e5:08:27:71:f3:12:80:19:7f:8e:55:
ae:05:1c:6a:06:44:24:30:8a:0d:52:d5:4b:5a:58:14:ad:45:
5c:00:f9:1c:ef:7a:74:02:5a:5f:ae:50:c3:6a:d9:fa:c8:b3:
6e:fb:71:a6:fe:3e:b3:51:f3:16:00:f9:ec:2e:bb:1c:f0:79:
99:93:57:0f:a1:d5:a8:8c:9c:b6:77:48:1b:ae:94:bd:f5:ee:
05:a8:ce:89:1f:df:62:02:84:db:2c:51:8b:1b:47:ea:07:78:
13:f0:11:fc:55:1a:33:17:9a:98:b8:09:22:19:e8:0e:91:83:
e3:a4:f0:85
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZVBtbbLfpDWqV8+9ONE86SUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjUwMjI2MTAwMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTA2ZjU5NWU1NGQxZGNiNTFiMzFiZDJhZDU3MWM3N2MwNzU5YzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFJQZ3IumC5zk3imncVq0Tq+mHeT
EEcNCZ3em1F2TjQgTaV7QGUbFHsXilWwxNY9qIndCXmgRPCdJBVIoBjo1xVSZ9Zl
eeMW+QdAFiCS/qCXYQ9Fuv/Xgq1Twc1fKaJivU9XjEK9B8f71sLWKJc6f0qK3v5C
WCSOBv9BraPVrgsmk0jDOI1cx0+1GPtrgI27GeXnOWd1ZTlgfoB9UKnek7J25zvo
ddtbu9Zeq2HMX7Vua0Z5+cnItzRhbMA55VwtK6eMi1hvxRv+MDJHK7tJl94TzyhE
HzKuHeUcMTfcEVU7Fx5kT7ksTMEGWkg6Ggp1SNXGcprIEmATmkxeRTqj3wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPEG9ZXlTR3LUbMb0q1XHHfAdZydMB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvOFFiMWxlVk5IY3RSc3h2U3JWY2NkOEIxbkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUP7nAwQA
W9ggMA0EAgACMAcDBQAqE1JAMA0GCSqGSIb3DQEBCwUAA4IBAQDES/4E9Tkt+OXT
w0/9Yj3AYa4S5hOhUblb8wTpfj2zEQwDC9PKud1tFVK3/vFVawsDi1zlKUFP7zBC
DddrkPeoU41McyOYzoOnLPXm6v6DTNtrs+YCg9udhvv3A0b+2ilzffxUL+osQfqi
fYEQnJZt+Kw96Y7HDBSR+RphzTdAurbFDiyi5QgncfMSgBl/jlWuBRxqBkQkMIoN
UtVLWlgUrUVcAPkc73p0AlpfrlDDatn6yLNu+3Gm/j6zUfMWAPnsLrsc8HmZk1cP
odWojJy2d0gbrpS99e4FqM6JH99iAoTbLFGLG0fqB3gT8BH8VRozF5qYuAkiGegO
kYPjpPCF
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:32:47 2025 by rpki-client