Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/0d4aff-42db-427d-ad5e-c637b0dcdc8e/1/N9qcHPlXTkCMGqtTFOubU0Xp8j0.roa
File: N9qcHPlXTkCMGqtTFOubU0Xp8j0.roa (raw, json)
Hash identifier: fNsczq3ZgVMC4rixHV+8oKyYG7xNs9jElM0ZLCQUsx0=
Subject key identifier: 37:DA:9C:1C:F9:57:4E:40:8C:1A:AB:53:14:EB:9B:53:45:E9:F2:3D
Certificate issuer: /CN=175124a17b87215f79205cd1486f61839cf9e6f8
Certificate serial: 018CC4252AA8D4EED529823CA7AD4EB1655D
Authority key identifier: 17:51:24:A1:7B:87:21:5F:79:20:5C:D1:48:6F:61:83:9C:F9:E6:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1EkoXuHIV95IFzRSG9hg5z55vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/0d4aff-42db-427d-ad5e-c637b0dcdc8e/1/N9qcHPlXTkCMGqtTFOubU0Xp8j0.roa
Signing time: Mon 01 Jan 2024 08:30:19 +0000
ROA not before: Mon 01 Jan 2024 08:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51932
IP address blocks: 91.221.140.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:2a:a8:d4:ee:d5:29:82:3c:a7:ad:4e:b1:65:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=175124a17b87215f79205cd1486f61839cf9e6f8
Validity
Not Before: Jan 1 08:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37da9c1cf9574e408c1aab5314eb9b5345e9f23d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:89:49:bf:24:fa:84:aa:a3:d4:41:af:5b:ef:
82:8c:0f:93:da:09:9e:19:54:33:6b:07:23:68:33:
ae:d5:f4:96:ed:1f:fb:e2:71:16:2f:08:33:f9:5c:
ca:a0:85:c5:83:16:79:f7:6d:7a:36:91:62:20:8c:
e8:2e:14:a3:07:24:04:d8:8b:b5:10:9f:3f:5f:c3:
45:51:01:62:1d:a7:41:b9:b2:1c:61:12:42:0c:e3:
5a:af:5b:26:90:9d:44:0c:67:ac:9a:4b:ad:af:ee:
58:ac:5d:27:12:d7:ee:b6:28:cd:80:cf:3c:70:3c:
f0:76:6c:5e:8f:cf:8c:5e:36:6b:e4:6e:ab:5f:d5:
94:7f:98:2f:70:99:f6:96:94:fb:a5:53:06:cd:60:
8f:5d:99:84:01:6d:32:e2:db:09:26:3b:70:d6:71:
4e:7e:73:24:e1:b3:58:29:8c:4a:31:19:24:fe:f4:
dd:6a:22:c6:ff:10:a4:08:bf:71:e9:42:5c:7c:1f:
50:cf:af:cc:de:16:71:31:0c:fa:f5:a0:3d:0d:03:
df:0f:f4:a8:3a:d1:b0:b1:6d:35:c4:62:9f:eb:54:
9f:35:dc:d1:42:e6:66:99:61:8b:f7:76:69:e3:e2:
56:d8:34:8b:b4:00:79:f9:c1:5b:dd:82:c3:77:35:
db:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:DA:9C:1C:F9:57:4E:40:8C:1A:AB:53:14:EB:9B:53:45:E9:F2:3D
X509v3 Authority Key Identifier:
keyid:17:51:24:A1:7B:87:21:5F:79:20:5C:D1:48:6F:61:83:9C:F9:E6:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1EkoXuHIV95IFzRSG9hg5z55vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/0d4aff-42db-427d-ad5e-c637b0dcdc8e/1/N9qcHPlXTkCMGqtTFOubU0Xp8j0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/0d4aff-42db-427d-ad5e-c637b0dcdc8e/1/F1EkoXuHIV95IFzRSG9hg5z55vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.140.0/23
Signature Algorithm: sha256WithRSAEncryption
07:c6:4a:e2:08:e6:50:0a:99:d0:31:9e:cb:d7:26:5b:8e:a6:
97:dc:fd:78:4c:16:f7:4e:c1:5c:8a:e2:67:3f:9f:7a:6f:fa:
82:99:18:80:fd:c6:10:0f:21:fe:e8:df:4a:9d:59:dd:06:50:
04:38:43:9e:83:36:54:6f:bf:3c:e4:d7:3a:3f:88:f3:82:ef:
80:5f:c2:2c:d7:90:b8:5f:88:06:03:81:a8:38:e6:5f:04:36:
61:0c:8e:9f:f1:31:fe:02:de:3c:e7:7f:68:d6:7a:ef:01:9a:
4e:ba:0e:65:2a:f4:e6:57:e1:7e:b9:c0:5a:2f:16:d5:2b:16:
f4:bc:0c:7d:20:09:3c:af:c4:42:99:bc:3e:50:03:68:21:82:
74:71:0c:73:78:fd:48:a7:97:25:41:c9:6d:26:c3:42:c7:87:
50:3b:a1:d7:6b:22:70:bd:8d:f5:c5:17:61:28:f0:c4:bb:80:
c5:1e:80:8e:6d:bd:f3:45:d8:95:da:00:db:3a:36:ec:0e:33:
55:1f:56:4b:c3:77:2a:a0:08:4b:d6:d3:a7:65:b8:1f:af:73:
6f:57:ec:3b:cb:e5:fe:9d:92:e0:a3:92:0c:53:4d:4c:76:9b:
02:9d:8d:05:88:93:5f:33:b3:f3:8a:f2:3a:d5:e6:59:c7:23:
ac:db:46:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJSqo1O7VKYI8p61OsWVdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTEyNGExN2I4NzIxNWY3OTIwNWNkMTQ4NmY2MTgzOWNm
OWU2ZjgwHhcNMjQwMTAxMDgzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2RhOWMxY2Y5NTc0ZTQwOGMxYWFiNTMxNGViOWI1MzQ1ZTlmMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4lJvyT6hKqj1EGvW++CjA+T2gme
GVQzawcjaDOu1fSW7R/74nEWLwgz+VzKoIXFgxZ59216NpFiIIzoLhSjByQE2Iu1
EJ8/X8NFUQFiHadBubIcYRJCDONar1smkJ1EDGesmkutr+5YrF0nEtfutijNgM88
cDzwdmxej8+MXjZr5G6rX9WUf5gvcJn2lpT7pVMGzWCPXZmEAW0y4tsJJjtw1nFO
fnMk4bNYKYxKMRkk/vTdaiLG/xCkCL9x6UJcfB9Qz6/M3hZxMQz69aA9DQPfD/So
OtGwsW01xGKf61SfNdzRQuZmmWGL93Zp4+JW2DSLtAB5+cFb3YLDdzXbtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDfanBz5V05AjBqrUxTrm1NF6fI9MB8GA1UdIwQY
MBaAFBdRJKF7hyFfeSBc0UhvYYOc+eb4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFFa29YdUhJVjk1SUZ6UlNHOWhnNXo1NXZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8wZDRhZmYtNDJkYi00MjdkLWFkNWUt
YzYzN2IwZGNkYzhlLzEvTjlxY0hQbFhUa0NNR3F0VEZPdWJVMFhwOGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8wZDRhZmYtNDJkYi00MjdkLWFkNWUtYzYzN2IwZGNkYzhl
LzEvRjFFa29YdUhJVjk1SUZ6UlNHOWhnNXo1NXZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW92MMA0G
CSqGSIb3DQEBCwUAA4IBAQAHxkriCOZQCpnQMZ7L1yZbjqaX3P14TBb3TsFciuJn
P596b/qCmRiA/cYQDyH+6N9KnVndBlAEOEOegzZUb7885Nc6P4jzgu+AX8Is15C4
X4gGA4GoOOZfBDZhDI6f8TH+At48539o1nrvAZpOug5lKvTmV+F+ucBaLxbVKxb0
vAx9IAk8r8RCmbw+UANoIYJ0cQxzeP1Ip5clQcltJsNCx4dQO6HXayJwvY31xRdh
KPDEu4DFHoCObb3zRdiV2gDbOjbsDjNVH1ZLw3cqoAhL1tOnZbgfr3NvV+w7y+X+
nZLgo5IMU01MdpsCnY0FiJNfM7PzivI61eZZxyOs20ZC
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:53:26 2025 by rpki-client