Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/14e4c2-8a98-456e-9612-9429da87bd50/1/p1G3SPjQtuVqLbTqD5pbOBQ-g6w.roa
File: p1G3SPjQtuVqLbTqD5pbOBQ-g6w.roa (raw, json)
Hash identifier: au3O9BcRAP0sNjAfiDBgY1OpADJ6xp7vVwLr8c9aOpI=
Subject key identifier: A7:51:B7:48:F8:D0:B6:E5:6A:2D:B4:EA:0F:9A:5B:38:14:3E:83:AC
Certificate issuer: /CN=74ae941a681c1586379e07247dcc19f3f41035d8
Certificate serial: 018CC4938F439DB6BF5F4EEE8B7379C9716D
Authority key identifier: 74:AE:94:1A:68:1C:15:86:37:9E:07:24:7D:CC:19:F3:F4:10:35:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dK6UGmgcFYY3ngckfcwZ8_QQNdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/14e4c2-8a98-456e-9612-9429da87bd50/1/p1G3SPjQtuVqLbTqD5pbOBQ-g6w.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49552
IP address blocks: 91.213.36.0/24 maxlen: 24
2001:67c:24::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8f:43:9d:b6:bf:5f:4e:ee:8b:73:79:c9:71:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74ae941a681c1586379e07247dcc19f3f41035d8
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a751b748f8d0b6e56a2db4ea0f9a5b38143e83ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e9:1f:fd:47:a7:a8:52:11:21:36:68:fd:8f:
e0:76:5c:96:79:07:ef:b7:2f:6d:8a:a6:7a:3f:78:
7d:bd:9a:df:b3:15:43:ed:9d:a8:aa:c2:fd:ea:78:
92:96:c9:fc:09:e5:2e:bd:15:be:1d:29:3d:1c:00:
65:8b:e5:32:ec:1d:97:3c:f6:21:3c:89:b6:89:89:
47:84:18:5a:64:66:ca:57:62:b3:44:00:e9:6e:30:
33:d3:69:3f:c2:8f:39:92:61:b6:e1:30:c3:69:a6:
1a:43:2f:72:16:32:99:7d:af:48:95:ad:7e:b6:77:
b6:0f:21:23:ea:40:bf:c7:b5:84:8c:d8:34:38:2d:
8c:21:ac:75:15:be:0f:a5:61:3f:2e:08:7d:4e:f6:
cd:0d:9a:92:55:f8:f4:75:95:5c:ad:72:c1:c3:18:
80:6a:1e:c2:c8:70:16:5c:47:46:00:39:5d:71:cc:
0e:52:5f:32:28:d8:18:49:5d:e3:75:5c:7e:9d:68:
da:bc:6a:3b:47:37:2c:e3:6b:e0:3c:d5:2d:1c:04:
be:94:75:cf:cf:f7:6b:fb:fd:ed:84:49:0a:71:3c:
bb:70:6e:16:53:ae:83:30:33:ab:2a:fb:7e:89:cd:
61:16:b7:64:37:3b:2d:cd:04:27:b7:cb:0c:99:49:
eb:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:51:B7:48:F8:D0:B6:E5:6A:2D:B4:EA:0F:9A:5B:38:14:3E:83:AC
X509v3 Authority Key Identifier:
keyid:74:AE:94:1A:68:1C:15:86:37:9E:07:24:7D:CC:19:F3:F4:10:35:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dK6UGmgcFYY3ngckfcwZ8_QQNdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/14e4c2-8a98-456e-9612-9429da87bd50/1/p1G3SPjQtuVqLbTqD5pbOBQ-g6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/14e4c2-8a98-456e-9612-9429da87bd50/1/dK6UGmgcFYY3ngckfcwZ8_QQNdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.36.0/24
IPv6:
2001:67c:24::/48
Signature Algorithm: sha256WithRSAEncryption
6b:11:eb:3d:81:0d:cd:8f:45:97:e4:9b:0c:d4:7a:a9:5a:fb:
d0:42:6f:67:af:73:6f:1c:fb:39:3a:83:f2:c7:83:68:1f:09:
71:1a:39:db:f7:e6:ed:72:01:27:91:2b:96:95:7a:a1:06:5d:
9d:b1:ed:f7:19:a9:89:c0:05:f4:ce:97:c9:57:77:04:84:14:
41:3b:c1:df:ab:22:ef:47:e1:09:cd:a1:05:a4:37:b9:80:05:
9e:5b:7f:16:0c:fb:1d:09:61:9c:dc:77:5a:21:ae:34:1c:ba:
57:10:b0:ed:d8:26:58:01:c7:4d:38:78:18:22:a7:75:13:57:
eb:18:ea:26:8d:f7:45:7f:cc:c0:29:20:42:d1:2f:06:0f:de:
e3:e6:a3:86:ad:55:4e:3f:77:10:75:80:87:c6:de:52:04:f2:
d2:ce:2c:eb:bd:83:a3:0e:ab:10:3e:05:ed:f0:95:44:df:7a:
c8:fa:1e:a8:87:f9:3f:11:41:fe:33:eb:4f:8e:eb:cd:c2:01:
5b:3d:97:a9:fd:44:14:74:60:f8:e8:1a:d5:fb:a6:01:c0:25:
35:04:54:24:fa:24:61:03:67:10:25:8d:04:e0:1b:c4:64:5e:
c4:9d:6a:00:86:ce:6e:df:32:f7:e6:a4:a1:35:7c:56:5e:79:
69:e1:fd:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEk49Dnba/X07ui3N5yXFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YWU5NDFhNjgxYzE1ODYzNzllMDcyNDdkY2MxOWYzZjQx
MDM1ZDgwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzUxYjc0OGY4ZDBiNmU1NmEyZGI0ZWEwZjlhNWIzODE0M2U4M2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+kf/UenqFIRITZo/Y/gdlyWeQfv
ty9tiqZ6P3h9vZrfsxVD7Z2oqsL96niSlsn8CeUuvRW+HSk9HABli+Uy7B2XPPYh
PIm2iYlHhBhaZGbKV2KzRADpbjAz02k/wo85kmG24TDDaaYaQy9yFjKZfa9Ila1+
tne2DyEj6kC/x7WEjNg0OC2MIax1Fb4PpWE/Lgh9TvbNDZqSVfj0dZVcrXLBwxiA
ah7CyHAWXEdGADldccwOUl8yKNgYSV3jdVx+nWjavGo7Rzcs42vgPNUtHAS+lHXP
z/dr+/3thEkKcTy7cG4WU66DMDOrKvt+ic1hFrdkNzstzQQnt8sMmUnrJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKdRt0j40Lblai206g+aWzgUPoOsMB8GA1UdIwQY
MBaAFHSulBpoHBWGN54HJH3MGfP0EDXYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEs2VUdtZ2NGWVkzbmdja2Zjd1o4X1FRTmRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8xNGU0YzItOGE5OC00NTZlLTk2MTIt
OTQyOWRhODdiZDUwLzEvcDFHM1NQalF0dVZxTGJUcUQ1cGJPQlEtZzZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8xNGU0YzItOGE5OC00NTZlLTk2MTItOTQyOWRhODdiZDUw
LzEvZEs2VUdtZ2NGWVkzbmdja2Zjd1o4X1FRTmRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9UkMA8E
AgACMAkDBwAgAQZ8ACQwDQYJKoZIhvcNAQELBQADggEBAGsR6z2BDc2PRZfkmwzU
eqla+9BCb2evc28c+zk6g/LHg2gfCXEaOdv35u1yASeRK5aVeqEGXZ2x7fcZqYnA
BfTOl8lXdwSEFEE7wd+rIu9H4QnNoQWkN7mABZ5bfxYM+x0JYZzcd1ohrjQculcQ
sO3YJlgBx004eBgip3UTV+sY6iaN90V/zMApIELRLwYP3uPmo4atVU4/dxB1gIfG
3lIE8tLOLOu9g6MOqxA+Be3wlUTfesj6HqiH+T8RQf4z60+O683CAVs9l6n9RBR0
YPjoGtX7pgHAJTUEVCT6JGEDZxAljQTgG8RkXsSdagCGzm7fMvfmpKE1fFZeeWnh
/WI=
-----END CERTIFICATE-----
Generated at Tue Apr 15 17:41:17 2025 by rpki-client