Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/igf8yybkESa6z61yfHX-nXMrMGI.roa
File: igf8yybkESa6z61yfHX-nXMrMGI.roa (raw, json)
Hash identifier: dHI6oOx44V97neSNdj8Flt7RRZeYAodFDvq/dnDGQec=
Subject key identifier: 8A:07:FC:CB:26:E4:11:26:BA:CF:AD:72:7C:75:FE:9D:73:2B:30:62
Certificate issuer: /CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
Certificate serial: 0195AE12E9915538EAC94E40ECD41463C4DD
Authority key identifier: FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/igf8yybkESa6z61yfHX-nXMrMGI.roa
Signing time: Wed 19 Mar 2025 11:03:49 +0000
ROA not before: Wed 19 Mar 2025 11:03:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30860
IP address blocks: 91.234.4.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 21 Mar 2025 15:43:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ae:12:e9:91:55:38:ea:c9:4e:40:ec:d4:14:63:c4:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
Validity
Not Before: Mar 19 11:03:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a07fccb26e41126bacfad727c75fe9d732b3062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fb:97:2e:c1:1f:54:b7:d2:08:d9:b7:43:12:
fc:6e:69:e4:67:d8:b7:c9:ab:83:0e:6f:7a:61:50:
33:e6:5d:bc:05:80:fb:dd:7d:7e:ae:c7:77:f6:3f:
8f:e4:b6:d6:86:ad:b8:d3:fb:ea:25:5a:a1:6d:b0:
a7:94:99:6e:e3:35:6e:61:84:1f:34:0c:e5:d6:b5:
9e:f3:dd:3e:64:3d:ab:77:83:76:46:2c:96:74:10:
f3:9c:1a:72:e4:bf:6d:95:77:52:c8:00:8c:f9:25:
12:ac:b2:c5:9a:4f:e9:6e:01:64:57:79:3f:fe:fa:
01:a5:23:64:3a:3f:e4:30:89:66:57:b8:47:c0:26:
62:d3:0e:9a:0a:00:cb:f4:c2:c4:fa:cc:4a:00:85:
ce:ec:15:32:ef:94:e7:81:81:23:cb:df:53:3a:45:
e5:b0:89:d7:73:da:15:66:08:b4:ec:94:08:c4:c5:
e0:3a:f7:53:e5:ef:92:ec:3a:e0:fb:cd:83:74:ea:
c9:dd:e7:13:55:6e:49:da:89:80:fd:1c:45:10:c2:
22:23:b5:aa:6b:ae:da:eb:74:c3:3a:2f:46:e5:e3:
d7:c0:b4:1a:fd:a3:00:d3:53:0a:18:ee:e7:ab:32:
ab:5e:87:ff:00:32:8b:a3:89:08:b9:a3:00:88:8d:
f4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:07:FC:CB:26:E4:11:26:BA:CF:AD:72:7C:75:FE:9D:73:2B:30:62
X509v3 Authority Key Identifier:
keyid:FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/igf8yybkESa6z61yfHX-nXMrMGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.4.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:1d:6e:55:65:ed:a5:1a:33:29:e8:f8:01:09:eb:96:40:08:
a0:3a:af:09:04:ca:74:73:12:ba:5d:c8:5b:1b:67:1e:ee:50:
e1:94:b7:64:2c:48:1a:bf:eb:98:5b:a3:bf:3d:fc:59:ae:10:
36:07:27:8f:58:e5:84:40:97:88:bf:e0:2e:2c:dd:c4:19:dd:
20:53:c8:62:dd:e9:d0:ba:80:ec:15:2b:70:41:e9:e4:f9:01:
3c:73:ae:3a:7a:14:32:92:1f:01:5e:f6:0c:cb:e2:2c:84:31:
6f:0f:f2:59:1f:c5:d2:3d:9c:0e:e6:a6:86:b4:6d:c9:76:28:
83:05:2f:b9:fc:ee:8b:90:7e:b5:71:c9:5e:c6:ca:fe:7d:5b:
b8:5f:21:a2:0f:ee:28:a9:9b:95:12:c7:60:07:45:b5:a8:f3:
28:bb:fd:de:57:72:e9:6b:f4:50:cb:99:4a:81:da:04:bd:3a:
e3:cf:2a:7b:45:56:94:ae:07:1b:03:42:f2:4b:b8:95:55:c2:
17:0c:d8:d4:f3:db:79:be:68:49:6f:3e:9f:b7:70:30:f5:90:
5c:52:3a:11:c5:90:50:31:55:cd:7a:04:af:da:80:a5:cd:ab:
76:3d:bc:fe:76:f3:b2:35:ff:8f:fa:59:2b:e5:b6:b9:11:75:
e5:9d:e6:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWuEumRVTjqyU5A7NQUY8TdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmN2Q4YTc5YmFkNGY5ODNkMGM0OTg5NWFmNTBlYThhMDNl
YmM3MGQwHhcNMjUwMzE5MTEwMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTA3ZmNjYjI2ZTQxMTI2YmFjZmFkNzI3Yzc1ZmU5ZDczMmIzMDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvuXLsEfVLfSCNm3QxL8bmnkZ9i3
yauDDm96YVAz5l28BYD73X1+rsd39j+P5LbWhq240/vqJVqhbbCnlJlu4zVuYYQf
NAzl1rWe890+ZD2rd4N2RiyWdBDznBpy5L9tlXdSyACM+SUSrLLFmk/pbgFkV3k/
/voBpSNkOj/kMIlmV7hHwCZi0w6aCgDL9MLE+sxKAIXO7BUy75TngYEjy99TOkXl
sInXc9oVZgi07JQIxMXgOvdT5e+S7Drg+82DdOrJ3ecTVW5J2omA/RxFEMIiI7Wq
a67a63TDOi9G5ePXwLQa/aMA01MKGO7nqzKrXof/ADKLo4kIuaMAiI30qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIoH/Msm5BEmus+tcnx1/p1zKzBiMB8GA1UdIwQY
MBaAFP99inm61PmD0MSYla9Q6ooD68cNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2Mt
MDg3M2UzOTk0ZDBlLzEvaWdmOHl5YmtFU2E2ejYxeWZIWC1uWE1yTUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2MtMDg3M2UzOTk0ZDBl
LzEvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+oEMA0G
CSqGSIb3DQEBCwUAA4IBAQA/HW5VZe2lGjMp6PgBCeuWQAigOq8JBMp0cxK6Xchb
G2ce7lDhlLdkLEgav+uYW6O/PfxZrhA2ByePWOWEQJeIv+AuLN3EGd0gU8hi3enQ
uoDsFStwQenk+QE8c646ehQykh8BXvYMy+IshDFvD/JZH8XSPZwO5qaGtG3JdiiD
BS+5/O6LkH61cclexsr+fVu4XyGiD+4oqZuVEsdgB0W1qPMou/3eV3Lpa/RQy5lK
gdoEvTrjzyp7RVaUrgcbA0LyS7iVVcIXDNjU89t5vmhJbz6ft3Aw9ZBcUjoRxZBQ
MVXNegSv2oClzat2Pbz+dvOyNf+P+lkr5ba5EXXlneZO
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:41:55 2025 by rpki-client