Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/edb208-6fed-44e4-b1ab-df0ca4d41955/1/IWauoYmEpj6N8ESc_tuw5Ffyyts.roa
File: IWauoYmEpj6N8ESc_tuw5Ffyyts.roa (raw, json)
Hash identifier: sAOAnqIUoVUa0hvL3w6UftpjebkKRA9n9wzODudi57w=
Subject key identifier: 21:66:AE:A1:89:84:A6:3E:8D:F0:44:9C:FE:DB:B0:E4:57:F2:CA:DB
Certificate issuer: /CN=6611a57d2a03b7065fa8c17b313735bdcda390e9
Certificate serial: 018CC64B2DFCF57B174DA9E88DBEC63DF117
Authority key identifier: 66:11:A5:7D:2A:03:B7:06:5F:A8:C1:7B:31:37:35:BD:CD:A3:90:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZhGlfSoDtwZfqMF7MTc1vc2jkOk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/edb208-6fed-44e4-b1ab-df0ca4d41955/1/IWauoYmEpj6N8ESc_tuw5Ffyyts.roa
Signing time: Mon 01 Jan 2024 18:31:04 +0000
ROA not before: Mon 01 Jan 2024 18:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31027
IP address blocks: 91.238.206.0/24 maxlen: 24
2001:67c:2a78::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:2d:fc:f5:7b:17:4d:a9:e8:8d:be:c6:3d:f1:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6611a57d2a03b7065fa8c17b313735bdcda390e9
Validity
Not Before: Jan 1 18:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2166aea18984a63e8df0449cfedbb0e457f2cadb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:cd:db:f2:66:83:e7:7c:27:8a:fe:2b:4d:4c:
dc:94:bc:04:51:a7:b3:7e:38:e4:fa:60:11:9d:b3:
5f:34:3f:e5:b0:7e:cf:ee:48:90:6f:c3:82:91:da:
d0:ce:50:3e:5e:9a:7e:50:a3:d2:fe:a9:e1:00:09:
c5:f4:bc:8b:94:94:56:86:4e:8a:68:b4:9b:d5:74:
8d:ea:38:45:42:30:59:12:ba:f3:74:26:00:13:bf:
51:33:9d:75:25:39:5b:79:47:57:26:2b:e3:ff:c4:
0f:e6:f1:ef:06:d3:55:c3:91:c6:76:27:93:78:e8:
38:09:76:d8:c8:9d:cf:5f:4f:41:66:17:bd:97:9c:
03:87:9d:6c:2e:f6:ce:04:6c:60:02:88:08:22:35:
61:33:76:d9:d0:92:e9:32:94:09:ab:6f:42:3b:93:
ca:88:73:ed:33:a3:cc:55:13:8a:1c:bc:0c:3e:b8:
e1:95:3b:75:a9:d2:75:51:56:9d:3c:5d:06:31:fc:
ff:fc:dd:58:56:d3:87:90:49:8c:17:c8:4a:1e:c0:
dc:b1:2b:75:06:8d:12:8c:28:a9:70:fa:65:7d:1c:
c0:14:33:f9:b5:8a:b2:6c:16:bf:ec:3d:1a:4a:df:
91:d3:87:19:20:54:d6:63:34:60:d6:84:27:b8:64:
02:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:66:AE:A1:89:84:A6:3E:8D:F0:44:9C:FE:DB:B0:E4:57:F2:CA:DB
X509v3 Authority Key Identifier:
keyid:66:11:A5:7D:2A:03:B7:06:5F:A8:C1:7B:31:37:35:BD:CD:A3:90:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZhGlfSoDtwZfqMF7MTc1vc2jkOk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/edb208-6fed-44e4-b1ab-df0ca4d41955/1/IWauoYmEpj6N8ESc_tuw5Ffyyts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/edb208-6fed-44e4-b1ab-df0ca4d41955/1/ZhGlfSoDtwZfqMF7MTc1vc2jkOk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.206.0/24
IPv6:
2001:67c:2a78::/48
Signature Algorithm: sha256WithRSAEncryption
76:6a:f9:c8:2f:f9:f7:d0:79:97:9e:dd:ce:f5:d8:7e:30:0d:
7e:76:ca:f8:f9:c0:ba:ca:03:3c:a6:cb:a7:63:77:9d:a1:c3:
1b:4e:ad:ec:fa:e1:b1:d2:d1:84:7b:a7:e1:2f:bd:55:30:a3:
94:ad:8b:7e:20:c9:74:1d:c7:39:c0:31:61:cf:90:80:00:40:
50:e3:e9:e2:47:c0:cf:d7:dd:38:99:da:c9:a5:9f:29:b2:84:
73:82:4f:22:27:50:3a:47:e7:a9:69:d9:b0:02:e6:aa:8b:32:
29:f8:7d:a6:8a:cd:fb:e5:26:cb:77:80:8e:cc:cf:de:41:9d:
1d:a2:d7:5b:e1:59:9b:11:43:2e:76:fc:ab:b6:7e:5e:d8:ec:
d7:29:28:08:93:9d:0e:a7:ec:fd:1f:27:50:ba:e9:e6:36:5e:
bd:a1:9a:35:9c:14:0b:45:d0:83:f0:51:99:cf:b6:35:cb:ca:
7c:55:fe:79:73:6d:20:1c:5c:a2:aa:c9:0a:ae:6c:e2:96:af:
bf:ac:c3:bc:fd:1c:39:59:8b:02:d5:0e:10:64:c0:4e:b5:19:
5a:b8:b0:da:7d:12:19:6c:b4:ce:ec:ac:24:a2:45:80:ee:95:
a4:cd:40:37:fe:05:d2:b2:c2:fc:ee:19:dc:ac:f6:0d:4e:a9:
e9:a1:69:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGSy389XsXTanojb7GPfEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MTFhNTdkMmEwM2I3MDY1ZmE4YzE3YjMxMzczNWJkY2Rh
MzkwZTkwHhcNMjQwMTAxMTgzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTY2YWVhMTg5ODRhNjNlOGRmMDQ0OWNmZWRiYjBlNDU3ZjJjYWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlM3b8maD53wniv4rTUzclLwEUaez
fjjk+mARnbNfND/lsH7P7kiQb8OCkdrQzlA+Xpp+UKPS/qnhAAnF9LyLlJRWhk6K
aLSb1XSN6jhFQjBZErrzdCYAE79RM511JTlbeUdXJivj/8QP5vHvBtNVw5HGdieT
eOg4CXbYyJ3PX09BZhe9l5wDh51sLvbOBGxgAogIIjVhM3bZ0JLpMpQJq29CO5PK
iHPtM6PMVROKHLwMPrjhlTt1qdJ1UVadPF0GMfz//N1YVtOHkEmMF8hKHsDcsSt1
Bo0SjCipcPplfRzAFDP5tYqybBa/7D0aSt+R04cZIFTWYzRg1oQnuGQC3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCFmrqGJhKY+jfBEnP7bsORX8srbMB8GA1UdIwQY
MBaAFGYRpX0qA7cGX6jBezE3Nb3No5DpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmhHbGZTb0R0d1pmcU1GN01UYzF2YzJqa09rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9lZGIyMDgtNmZlZC00NGU0LWIxYWIt
ZGYwY2E0ZDQxOTU1LzEvSVdhdW9ZbUVwajZOOEVTY190dXc1RmZ5eXRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9lZGIyMDgtNmZlZC00NGU0LWIxYWItZGYwY2E0ZDQxOTU1
LzEvWmhHbGZTb0R0d1pmcU1GN01UYzF2YzJqa09rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+7OMA8E
AgACMAkDBwAgAQZ8KngwDQYJKoZIhvcNAQELBQADggEBAHZq+cgv+ffQeZee3c71
2H4wDX52yvj5wLrKAzymy6djd52hwxtOrez64bHS0YR7p+EvvVUwo5Sti34gyXQd
xznAMWHPkIAAQFDj6eJHwM/X3TiZ2smlnymyhHOCTyInUDpH56lp2bAC5qqLMin4
faaKzfvlJst3gI7Mz95BnR2i11vhWZsRQy52/Ku2fl7Y7NcpKAiTnQ6n7P0fJ1C6
6eY2Xr2hmjWcFAtF0IPwUZnPtjXLynxV/nlzbSAcXKKqyQqubOKWr7+sw7z9HDlZ
iwLVDhBkwE61GVq4sNp9EhlstM7srCSiRYDulaTNQDf+BdKywvzuGdys9g1Oqemh
aUA=
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:04:52 2025 by rpki-client