Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/cd8269-2b7e-4a78-a9c6-ec7a3603e17e/1/xGQPahDqKj3i256JbjAUD1APknw.roa
File: xGQPahDqKj3i256JbjAUD1APknw.roa (raw, json)
Hash identifier: A9F6s58YDqumnldnhU5waoSV6UdQpDxcGU8uj7OQpXU=
Subject key identifier: C4:64:0F:6A:10:EA:2A:3D:E2:DB:9E:89:6E:30:14:0F:50:0F:92:7C
Certificate issuer: /CN=96b122a7dba7432930c831f57a9406f73449c5b7
Certificate serial: 018CC3B7313260BC459157E32D9E6D945481
Authority key identifier: 96:B1:22:A7:DB:A7:43:29:30:C8:31:F5:7A:94:06:F7:34:49:C5:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrEip9unQykwyDH1epQG9zRJxbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/cd8269-2b7e-4a78-a9c6-ec7a3603e17e/1/xGQPahDqKj3i256JbjAUD1APknw.roa
Signing time: Mon 01 Jan 2024 06:30:11 +0000
ROA not before: Mon 01 Jan 2024 06:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213374
IP address blocks: 91.234.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:31:32:60:bc:45:91:57:e3:2d:9e:6d:94:54:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b122a7dba7432930c831f57a9406f73449c5b7
Validity
Not Before: Jan 1 06:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4640f6a10ea2a3de2db9e896e30140f500f927c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d2:66:f5:af:f4:d4:2a:59:c8:5a:74:40:4a:
c1:95:e1:6c:8d:88:01:4b:c1:81:da:f8:aa:18:46:
a7:48:4f:4b:ee:17:57:25:12:4a:68:50:6a:5a:43:
21:d7:5d:40:74:e4:01:a3:b8:9e:a6:f1:21:1e:f5:
8a:1d:c1:9d:e8:79:98:0f:b1:48:f5:e3:8f:88:d2:
a5:a9:d4:67:d7:a6:f0:30:fb:7e:6c:48:f8:ca:fa:
5a:b7:8f:13:1b:36:2c:45:c8:c1:b3:a6:0d:11:e5:
e0:42:1d:09:fa:82:5d:f7:18:ad:c2:97:43:b8:be:
39:00:99:5e:d1:49:4c:f2:97:00:95:a8:09:07:89:
86:e8:93:a6:a9:03:e8:bd:f2:f1:a5:74:2c:26:21:
d2:d4:ba:7f:c8:e6:2c:71:bb:19:fa:2c:d9:40:e9:
4e:f8:04:cb:d4:d8:c4:e0:4a:d1:fa:e5:a8:e5:47:
2e:f5:e1:ce:6a:fb:c5:12:43:84:c0:f8:39:9d:b3:
7a:32:bc:19:a3:4e:29:30:a9:aa:c7:aa:b7:24:8a:
a8:e3:8c:83:0c:ea:48:cd:da:b5:35:1e:45:54:88:
31:9f:1d:e2:5a:ad:39:57:8b:18:af:d6:14:63:11:
61:e1:7f:30:c5:12:72:2d:2e:33:e9:7c:3e:39:df:
23:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:64:0F:6A:10:EA:2A:3D:E2:DB:9E:89:6E:30:14:0F:50:0F:92:7C
X509v3 Authority Key Identifier:
keyid:96:B1:22:A7:DB:A7:43:29:30:C8:31:F5:7A:94:06:F7:34:49:C5:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrEip9unQykwyDH1epQG9zRJxbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/cd8269-2b7e-4a78-a9c6-ec7a3603e17e/1/xGQPahDqKj3i256JbjAUD1APknw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/cd8269-2b7e-4a78-a9c6-ec7a3603e17e/1/lrEip9unQykwyDH1epQG9zRJxbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.238.0/24
Signature Algorithm: sha256WithRSAEncryption
01:66:f9:89:b6:97:eb:93:cc:2c:1d:28:0b:5d:72:68:72:5c:
37:46:71:67:95:08:46:a6:a8:9e:02:8f:ee:82:79:e1:cc:88:
a3:04:0f:66:ee:f9:ba:5d:08:9e:66:c9:1c:d3:aa:91:76:7a:
86:af:4b:a9:db:93:96:c7:5c:9a:b9:b5:0a:a7:7b:e8:42:cb:
1a:d8:a0:2a:ce:c6:2a:6e:48:6c:55:08:b5:48:d7:d4:23:72:
ae:4a:50:7d:43:a4:b4:cf:a8:06:84:79:53:ef:45:1d:95:cf:
5f:1c:73:3d:54:56:4c:d0:d4:c9:11:e4:27:e5:75:04:b8:d9:
88:bf:59:ce:a1:a2:a4:f7:eb:4e:6d:a3:91:99:70:aa:a1:b8:
c0:09:12:6a:67:82:0b:bc:36:17:d0:18:4a:25:66:82:5f:8f:
1c:6b:68:10:02:57:cb:c4:a3:02:08:cf:60:b7:28:83:de:e7:
4f:df:8f:6e:ec:65:04:c7:78:47:0f:df:93:8a:0a:84:66:fd:
53:bc:96:a2:d4:a4:78:8b:99:3c:5d:e7:6f:d7:71:df:1e:aa:
b8:4f:03:a1:b6:48:61:94:8f:c1:c8:81:8f:cb:5c:83:0c:6d:
46:0c:e0:48:3b:ed:f5:16:f2:a5:53:f0:a9:ad:64:a5:b5:ee:
da:ad:56:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtzEyYLxFkVfjLZ5tlFSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YjEyMmE3ZGJhNzQzMjkzMGM4MzFmNTdhOTQwNmY3MzQ0
OWM1YjcwHhcNMjQwMTAxMDYzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDY0MGY2YTEwZWEyYTNkZTJkYjllODk2ZTMwMTQwZjUwMGY5MjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNJm9a/01CpZyFp0QErBleFsjYgB
S8GB2viqGEanSE9L7hdXJRJKaFBqWkMh111AdOQBo7iepvEhHvWKHcGd6HmYD7FI
9eOPiNKlqdRn16bwMPt+bEj4yvpat48TGzYsRcjBs6YNEeXgQh0J+oJd9xitwpdD
uL45AJle0UlM8pcAlagJB4mG6JOmqQPovfLxpXQsJiHS1Lp/yOYscbsZ+izZQOlO
+ATL1NjE4ErR+uWo5Ucu9eHOavvFEkOEwPg5nbN6MrwZo04pMKmqx6q3JIqo44yD
DOpIzdq1NR5FVIgxnx3iWq05V4sYr9YUYxFh4X8wxRJyLS4z6Xw+Od8jhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRkD2oQ6io94tueiW4wFA9QD5J8MB8GA1UdIwQY
MBaAFJaxIqfbp0MpMMgx9XqUBvc0ScW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJFaXA5dW5ReWt3eURIMWVwUUc5elJKeGJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jZDgyNjktMmI3ZS00YTc4LWE5YzYt
ZWM3YTM2MDNlMTdlLzEveEdRUGFoRHFLajNpMjU2SmJqQVVEMUFQa253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jZDgyNjktMmI3ZS00YTc4LWE5YzYtZWM3YTM2MDNlMTdl
LzEvbHJFaXA5dW5ReWt3eURIMWVwUUc5elJKeGJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+ruMA0G
CSqGSIb3DQEBCwUAA4IBAQABZvmJtpfrk8wsHSgLXXJoclw3RnFnlQhGpqieAo/u
gnnhzIijBA9m7vm6XQieZskc06qRdnqGr0up25OWx1yaubUKp3voQssa2KAqzsYq
bkhsVQi1SNfUI3KuSlB9Q6S0z6gGhHlT70Udlc9fHHM9VFZM0NTJEeQn5XUEuNmI
v1nOoaKk9+tObaORmXCqobjACRJqZ4ILvDYX0BhKJWaCX48ca2gQAlfLxKMCCM9g
tyiD3udP349u7GUEx3hHD9+TigqEZv1TvJai1KR4i5k8Xedv13HfHqq4TwOhtkhh
lI/ByIGPy1yDDG1GDOBIO+31FvKlU/CprWSlte7arVaM
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:49 2025 by rpki-client