Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rn1A0CGl-H21bYi96iO-7sif8u4.roa
File: rn1A0CGl-H21bYi96iO-7sif8u4.roa (raw, json)
Hash identifier: YN/rJ4cmQv1jmANHMd2NT3MegvfrErVgr4yZ8kpwULY=
Subject key identifier: AE:7D:40:D0:21:A5:F8:7D:B5:6D:88:BD:EA:23:BE:EE:C8:9F:F2:EE
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0194258F887C59D5E4F5698E3B3593C62F7C
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rn1A0CGl-H21bYi96iO-7sif8u4.roa
Signing time: Thu 02 Jan 2025 05:49:11 +0000
ROA not before: Thu 02 Jan 2025 05:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 91.246.176.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 24 Jan 2025 14:57:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:88:7c:59:d5:e4:f5:69:8e:3b:35:93:c6:2f:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 05:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae7d40d021a5f87db56d88bdea23beeec89ff2ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4e:e2:81:46:5b:73:dd:be:f3:62:29:fc:12:
df:00:94:91:ae:27:89:3e:4a:8a:f1:5d:a6:8c:79:
f0:54:73:16:b9:1e:c3:55:25:57:6c:dd:68:18:0e:
c7:69:37:e6:53:71:b6:b3:ee:2e:a9:67:b9:17:60:
e1:ac:1b:6c:b9:9f:12:c1:82:31:c5:f9:62:36:72:
68:1e:20:a1:fe:5d:4b:3d:cc:49:c5:b8:dc:2c:bd:
ec:e8:c0:0d:4b:e3:00:b6:ba:2b:ab:8d:a8:80:db:
5e:46:5a:bf:9a:7d:9e:93:5f:66:a9:50:1c:68:17:
6f:d2:8b:4e:c5:26:fc:9e:99:61:05:2a:5b:80:8d:
de:8e:70:53:8b:c7:a4:b0:b6:bc:21:dc:50:76:25:
a6:a7:d6:09:23:77:db:b8:72:76:c0:13:09:ea:68:
10:ca:f3:13:08:51:3a:48:cf:11:f2:2f:c4:4a:3c:
ae:19:74:7e:1a:5a:d3:59:54:f5:a7:07:7c:89:b3:
38:a9:8d:c9:f3:5e:f1:a3:c8:42:07:d2:71:ca:a8:
05:81:e4:79:da:dc:92:af:7b:11:1d:8b:6d:a6:0a:
3d:f8:77:91:1e:21:e4:83:a8:b8:30:df:79:de:09:
6f:f2:3f:33:65:2d:7b:45:ca:88:87:fd:d1:3e:36:
f0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:7D:40:D0:21:A5:F8:7D:B5:6D:88:BD:EA:23:BE:EE:C8:9F:F2:EE
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rn1A0CGl-H21bYi96iO-7sif8u4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.176.0/21
Signature Algorithm: sha256WithRSAEncryption
78:aa:07:88:a6:6e:2a:25:e0:17:22:ec:64:d6:a2:76:95:51:
f6:37:ac:19:b8:01:72:ad:88:18:c3:9b:6a:2e:b7:36:58:8f:
4d:a7:19:13:0e:f5:f6:bc:9d:45:ca:76:08:75:6c:1e:42:8b:
6e:cf:af:53:61:ed:68:24:5c:9c:be:50:04:7f:8a:23:08:48:
0a:d2:9b:10:33:1c:1a:56:ee:be:b4:e2:11:27:f4:73:5f:3a:
09:cf:fc:e7:74:86:d1:a1:0f:02:98:94:77:bb:eb:e3:37:cf:
b0:66:92:15:ee:26:b3:78:67:7d:d1:71:fe:57:0a:80:51:3a:
db:2c:c7:cd:e8:38:e3:26:84:41:c8:c9:8d:1a:d9:52:be:20:
2b:1e:bb:be:f9:b2:0e:63:51:0f:cb:82:88:33:ad:b7:67:5b:
12:ca:9b:13:09:01:7c:dc:b6:3b:55:b1:f6:a7:22:49:de:9e:
12:07:25:0f:da:02:5c:c1:82:01:5c:0a:12:2b:4f:37:d0:52:
a4:a1:40:9e:d5:65:fb:45:c0:4a:a9:5f:a3:38:bf:11:70:c9:
e8:6a:e3:a6:60:5c:5d:cc:04:08:bc:15:2c:65:7c:d6:0a:58:
53:a0:35:68:22:ca:b2:7b:ba:5e:cd:1b:20:23:30:bd:82:22:
d7:1d:51:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj4h8WdXk9WmOOzWTxi98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTAyMDU0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTdkNDBkMDIxYTVmODdkYjU2ZDg4YmRlYTIzYmVlZWM4OWZmMmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk7igUZbc92+82Ip/BLfAJSRrieJ
PkqK8V2mjHnwVHMWuR7DVSVXbN1oGA7HaTfmU3G2s+4uqWe5F2DhrBtsuZ8SwYIx
xfliNnJoHiCh/l1LPcxJxbjcLL3s6MANS+MAtrorq42ogNteRlq/mn2ek19mqVAc
aBdv0otOxSb8nplhBSpbgI3ejnBTi8eksLa8IdxQdiWmp9YJI3fbuHJ2wBMJ6mgQ
yvMTCFE6SM8R8i/ESjyuGXR+GlrTWVT1pwd8ibM4qY3J817xo8hCB9JxyqgFgeR5
2tySr3sRHYttpgo9+HeRHiHkg6i4MN953glv8j8zZS17RcqIh/3RPjbw5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK59QNAhpfh9tW2Iveojvu7In/LuMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvcm4xQTBDR2wtSDIxYllpOTZpTy03c2lmOHU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW/awMA0G
CSqGSIb3DQEBCwUAA4IBAQB4qgeIpm4qJeAXIuxk1qJ2lVH2N6wZuAFyrYgYw5tq
Lrc2WI9NpxkTDvX2vJ1FynYIdWweQotuz69TYe1oJFycvlAEf4ojCEgK0psQMxwa
Vu6+tOIRJ/RzXzoJz/zndIbRoQ8CmJR3u+vjN8+wZpIV7iazeGd90XH+VwqAUTrb
LMfN6DjjJoRByMmNGtlSviArHru++bIOY1EPy4KIM623Z1sSypsTCQF83LY7VbH2
pyJJ3p4SByUP2gJcwYIBXAoSK0830FKkoUCe1WX7RcBKqV+jOL8RcMnoauOmYFxd
zAQIvBUsZXzWClhToDVoIsqye7pezRsgIzC9giLXHVGa
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:41:30 2025 by rpki-client