Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/p1LaJv65ksphHAr2y2KixzweT94.roa
File: p1LaJv65ksphHAr2y2KixzweT94.roa (raw, json)
Hash identifier: slQenCjS6HPwYLt1yWAvSqJNbEu1E8hlKCi6G0lQWZc=
Subject key identifier: A7:52:DA:26:FE:B9:92:CA:61:1C:0A:F6:CB:62:A2:C7:3C:1E:4F:DE
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 01941701762A82FD090AF9318EDEE265E768
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/p1LaJv65ksphHAr2y2KixzweT94.roa
Signing time: Mon 30 Dec 2024 09:59:19 +0000
ROA not before: Mon 30 Dec 2024 09:59:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212384
IP address blocks: 91.213.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:17:01:76:2a:82:fd:09:0a:f9:31:8e:de:e2:65:e7:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Dec 30 09:59:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a752da26feb992ca611c0af6cb62a2c73c1e4fde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b5:ba:d6:98:ea:be:52:d2:53:06:7e:43:8c:
ce:ce:7e:34:8d:89:4c:f3:50:59:ad:73:48:8f:4c:
ff:4f:d2:d2:49:32:77:d8:f1:bc:b8:48:9b:cc:3e:
c9:f2:c6:20:c0:c1:8d:c9:d6:60:aa:98:c3:51:14:
ab:30:21:db:61:5d:65:9c:87:2b:5f:83:7e:ee:c5:
20:08:6a:97:2a:88:35:81:41:a3:c8:29:cb:c4:19:
cd:84:1b:ec:40:41:89:4f:6c:58:51:a4:ec:df:90:
7d:94:22:27:ae:4d:e9:27:97:c7:25:79:06:d3:4b:
29:66:b7:d6:2e:f1:a3:a8:8f:b9:b3:83:8e:e4:f1:
14:8e:de:5e:4e:f2:f6:63:9e:ee:f1:56:f6:58:14:
ff:c3:c2:21:15:35:0a:61:3c:df:68:a9:01:4b:3e:
26:a9:47:b4:97:2f:89:dd:b8:13:a3:b0:9f:3e:11:
8c:78:7f:cd:eb:93:a5:ed:cb:4a:89:61:0e:d8:e4:
a4:94:7d:f6:f7:b9:8a:9d:73:3d:02:7a:69:61:6f:
f9:1c:9d:8f:dc:ab:44:84:4b:07:2c:fa:57:04:80:
6f:06:0d:d5:46:39:21:49:06:58:3b:d7:ee:e0:73:
4b:8c:73:b0:e2:70:59:cc:f9:c5:ab:df:ba:fb:32:
30:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:52:DA:26:FE:B9:92:CA:61:1C:0A:F6:CB:62:A2:C7:3C:1E:4F:DE
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/p1LaJv65ksphHAr2y2KixzweT94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.173.0/24
Signature Algorithm: sha256WithRSAEncryption
19:5b:59:f7:53:09:bc:a9:3c:66:72:10:39:6f:d1:a4:22:ca:
0b:79:95:50:15:5d:7a:e5:5a:53:6f:bf:c6:49:62:65:56:6b:
1c:cc:93:f8:b3:70:74:dd:ed:a8:30:25:3d:a3:5f:b2:90:3f:
52:40:04:a6:e8:c2:f4:d1:56:eb:59:cf:6d:f9:93:43:56:36:
42:e4:d0:7c:1f:12:d0:4f:c0:83:bc:e2:62:01:d5:50:46:61:
f7:ea:0d:b0:90:13:11:ac:21:9d:cc:93:a5:d2:4a:35:77:d0:
d1:62:2f:ec:07:a0:6a:1b:3d:7f:a4:46:32:56:85:bb:f1:ca:
a8:52:76:92:ef:94:22:85:d9:04:e1:97:e8:8d:ec:12:6c:e1:
6c:1d:51:f8:a6:57:ed:a3:f9:51:27:da:f9:b6:f6:27:2d:7e:
46:0b:f1:53:43:b9:e0:5c:1b:22:93:fd:69:54:6c:54:4e:8b:
6e:e0:df:a4:c4:d5:a1:1d:0a:2e:a5:f1:6f:99:15:d9:34:93:
93:66:cd:e8:a9:83:37:0e:25:a8:c7:1b:6b:1f:f9:bb:a2:45:
f1:bf:d9:2c:ee:f7:9c:a5:d1:01:f3:a0:75:48:b9:d3:4a:34:
07:3b:1c:90:7f:3c:b1:f7:7e:35:6e:2c:de:b0:d0:e0:15:0e:
71:55:d1:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQXAXYqgv0JCvkxjt7iZedoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjQxMjMwMDk1OTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzUyZGEyNmZlYjk5MmNhNjExYzBhZjZjYjYyYTJjNzNjMWU0ZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07W61pjqvlLSUwZ+Q4zOzn40jYlM
81BZrXNIj0z/T9LSSTJ32PG8uEibzD7J8sYgwMGNydZgqpjDURSrMCHbYV1lnIcr
X4N+7sUgCGqXKog1gUGjyCnLxBnNhBvsQEGJT2xYUaTs35B9lCInrk3pJ5fHJXkG
00spZrfWLvGjqI+5s4OO5PEUjt5eTvL2Y57u8Vb2WBT/w8IhFTUKYTzfaKkBSz4m
qUe0ly+J3bgTo7CfPhGMeH/N65Ol7ctKiWEO2OSklH3297mKnXM9AnppYW/5HJ2P
3KtEhEsHLPpXBIBvBg3VRjkhSQZYO9fu4HNLjHOw4nBZzPnFq9+6+zIwNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKdS2ib+uZLKYRwK9stiosc8Hk/eMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvcDFMYUp2NjVrc3BoSEFyMnkyS2l4endlVDk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9WtMA0G
CSqGSIb3DQEBCwUAA4IBAQAZW1n3Uwm8qTxmchA5b9GkIsoLeZVQFV165VpTb7/G
SWJlVmsczJP4s3B03e2oMCU9o1+ykD9SQASm6ML00VbrWc9t+ZNDVjZC5NB8HxLQ
T8CDvOJiAdVQRmH36g2wkBMRrCGdzJOl0ko1d9DRYi/sB6BqGz1/pEYyVoW78cqo
UnaS75QihdkE4ZfojewSbOFsHVH4plfto/lRJ9r5tvYnLX5GC/FTQ7ngXBsik/1p
VGxUTotu4N+kxNWhHQoupfFvmRXZNJOTZs3oqYM3DiWoxxtrH/m7okXxv9ks7vec
pdEB86B1SLnTSjQHOxyQfzyx9341bizesNDgFQ5xVdHL
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:04:43 2025 by rpki-client