Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f0b285-d038-4de6-9374-c472e62ebea8/1/qIHFhtr0Wye-WS0_ltBm-gxqOlE.roa
File: qIHFhtr0Wye-WS0_ltBm-gxqOlE.roa (raw, json)
Hash identifier: 6PNheQ4+hVYR3MABgEgAZ7XsYGCbr7GYNmF36PfEpg8=
Subject key identifier: A8:81:C5:86:DA:F4:5B:27:BE:59:2D:3F:96:D0:66:FA:0C:6A:3A:51
Certificate issuer: /CN=4dd6e779a6c0f0b09216622380467dce2d11a318
Certificate serial: 018CC64B57D999DD6BC17216583C06D60193
Authority key identifier: 4D:D6:E7:79:A6:C0:F0:B0:92:16:62:23:80:46:7D:CE:2D:11:A3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdbneabA8LCSFmIjgEZ9zi0Roxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f0b285-d038-4de6-9374-c472e62ebea8/1/qIHFhtr0Wye-WS0_ltBm-gxqOlE.roa
Signing time: Mon 01 Jan 2024 18:31:15 +0000
ROA not before: Mon 01 Jan 2024 18:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8758
IP address blocks: 91.229.102.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:57:d9:99:dd:6b:c1:72:16:58:3c:06:d6:01:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd6e779a6c0f0b09216622380467dce2d11a318
Validity
Not Before: Jan 1 18:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a881c586daf45b27be592d3f96d066fa0c6a3a51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:da:77:29:17:b6:16:b7:da:17:4c:4f:70:5c:
c4:62:26:39:a1:8b:7c:21:37:23:10:a4:d8:85:f2:
65:69:ec:2b:e9:81:05:59:bf:a4:39:10:17:ce:0f:
18:9d:5c:7c:c2:1f:76:54:3d:39:45:25:03:a9:ad:
92:8f:23:36:1b:e2:67:c4:e6:c0:ee:20:d8:8f:ca:
8d:33:5d:2d:c2:2b:f6:bf:ea:fa:d1:5c:16:48:9f:
18:98:1d:83:74:10:ef:92:ae:48:74:4d:74:59:ea:
81:bb:9f:bd:99:e8:66:85:a6:4a:a2:6e:c2:9f:12:
17:4a:56:ac:7d:69:84:72:46:d2:26:5d:82:94:49:
87:26:5a:23:9e:3e:4c:31:5b:ec:b5:fe:04:02:fe:
ce:28:fb:73:7a:37:f2:88:56:5d:1a:25:0e:ec:ae:
68:5f:a0:27:e3:27:22:90:ba:62:03:0c:89:bc:3e:
1a:23:e2:c4:fb:5a:8c:99:82:77:a2:ef:62:8b:76:
d3:7b:66:b7:02:a8:d9:75:e0:15:25:bc:c0:7f:36:
19:a9:cc:bb:2b:ee:5b:ea:4c:97:9b:42:15:6b:a5:
41:0e:d2:fd:ce:6f:33:83:26:13:d6:af:42:bc:6b:
cd:b1:e2:04:cb:dc:c7:f6:38:7f:9a:4d:f8:f3:64:
ed:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:81:C5:86:DA:F4:5B:27:BE:59:2D:3F:96:D0:66:FA:0C:6A:3A:51
X509v3 Authority Key Identifier:
keyid:4D:D6:E7:79:A6:C0:F0:B0:92:16:62:23:80:46:7D:CE:2D:11:A3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdbneabA8LCSFmIjgEZ9zi0Roxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f0b285-d038-4de6-9374-c472e62ebea8/1/qIHFhtr0Wye-WS0_ltBm-gxqOlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f0b285-d038-4de6-9374-c472e62ebea8/1/TdbneabA8LCSFmIjgEZ9zi0Roxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.102.0/23
Signature Algorithm: sha256WithRSAEncryption
79:af:d4:cd:81:e8:0f:86:76:7e:4f:16:c9:c2:72:84:fb:ab:
05:b4:7b:5e:c3:a7:4d:e1:6e:26:d0:91:a7:c1:9a:b0:6a:fc:
13:00:9f:40:46:c2:77:c0:a9:23:ee:c7:2e:cc:60:7e:05:3c:
4f:5a:88:57:0b:99:59:96:36:93:5f:2b:df:a4:0f:b7:e5:dd:
11:39:de:6f:0a:58:79:a5:0b:9f:f2:0d:23:43:69:f6:fa:2c:
12:8d:35:45:94:5c:97:7b:2d:1f:74:af:c8:6d:70:a2:79:c0:
79:61:f6:2c:8c:6d:6e:b4:a2:04:3b:1e:2d:ff:d4:e6:88:2c:
c6:a7:03:4c:62:b2:d7:2b:6b:f9:15:74:db:a6:0f:56:46:81:
cd:44:4a:05:0b:e0:7f:bb:6f:37:f9:23:37:5f:bf:25:45:38:
86:c7:09:ad:45:51:39:9e:09:3d:21:e6:fa:05:a5:42:91:a5:
89:4c:b5:da:50:4b:d2:6f:55:ea:49:2f:97:f0:36:02:b6:8f:
6b:1d:26:9e:ff:42:b4:c7:c5:20:56:32:56:25:96:e8:42:79:
c4:eb:9c:ad:d7:7f:17:50:64:db:b9:8f:7d:26:21:9c:cb:8a:
7a:1d:4b:84:47:54:c6:3e:4e:b2:b9:dd:10:2e:c4:99:49:09:
37:ca:ef:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS1fZmd1rwXIWWDwG1gGTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDZlNzc5YTZjMGYwYjA5MjE2NjIyMzgwNDY3ZGNlMmQx
MWEzMTgwHhcNMjQwMTAxMTgzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODgxYzU4NmRhZjQ1YjI3YmU1OTJkM2Y5NmQwNjZmYTBjNmEzYTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNp3KRe2FrfaF0xPcFzEYiY5oYt8
ITcjEKTYhfJlaewr6YEFWb+kORAXzg8YnVx8wh92VD05RSUDqa2SjyM2G+JnxObA
7iDYj8qNM10twiv2v+r60VwWSJ8YmB2DdBDvkq5IdE10WeqBu5+9mehmhaZKom7C
nxIXSlasfWmEckbSJl2ClEmHJlojnj5MMVvstf4EAv7OKPtzejfyiFZdGiUO7K5o
X6An4ycikLpiAwyJvD4aI+LE+1qMmYJ3ou9ii3bTe2a3AqjZdeAVJbzAfzYZqcy7
K+5b6kyXm0IVa6VBDtL9zm8zgyYT1q9CvGvNseIEy9zH9jh/mk3482TtdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKiBxYba9FsnvlktP5bQZvoMajpRMB8GA1UdIwQY
MBaAFE3W53mmwPCwkhZiI4BGfc4tEaMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRibmVhYkE4TENTRm1JamdFWjl6aTBSb3hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMGIyODUtZDAzOC00ZGU2LTkzNzQt
YzQ3MmU2MmViZWE4LzEvcUlIRmh0cjBXeWUtV1MwX2x0Qm0tZ3hxT2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMGIyODUtZDAzOC00ZGU2LTkzNzQtYzQ3MmU2MmViZWE4
LzEvVGRibmVhYkE4TENTRm1JamdFWjl6aTBSb3hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+VmMA0G
CSqGSIb3DQEBCwUAA4IBAQB5r9TNgegPhnZ+TxbJwnKE+6sFtHtew6dN4W4m0JGn
wZqwavwTAJ9ARsJ3wKkj7scuzGB+BTxPWohXC5lZljaTXyvfpA+35d0ROd5vClh5
pQuf8g0jQ2n2+iwSjTVFlFyXey0fdK/IbXCiecB5YfYsjG1utKIEOx4t/9TmiCzG
pwNMYrLXK2v5FXTbpg9WRoHNREoFC+B/u283+SM3X78lRTiGxwmtRVE5ngk9Ieb6
BaVCkaWJTLXaUEvSb1XqSS+X8DYCto9rHSae/0K0x8UgVjJWJZboQnnE65yt138X
UGTbuY99JiGcy4p6HUuER1TGPk6yud0QLsSZSQk3yu9d
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:07:44 2025 by rpki-client