Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/97e057-0f60-4aaf-9a48-83a44310a964/1/7_3oP-ZjtFzyEWSksl7QHB1YdiY.roa
File: 7_3oP-ZjtFzyEWSksl7QHB1YdiY.roa (raw, json)
Hash identifier: //eGm7CZWhD9KEV8pIbdNbjnRpl7T/TKzsLH9H2oU7g=
Subject key identifier: EF:FD:E8:3F:E6:63:B4:5C:F2:11:64:A4:B2:5E:D0:1C:1D:58:76:26
Certificate issuer: /CN=8c96c66af331c985b859d403b36974c0632e1ef2
Certificate serial: 01942444A1D3D19DAE4FED0D66F933DA3C95
Authority key identifier: 8C:96:C6:6A:F3:31:C9:85:B8:59:D4:03:B3:69:74:C0:63:2E:1E:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jJbGavMxyYW4WdQDs2l0wGMuHvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/97e057-0f60-4aaf-9a48-83a44310a964/1/7_3oP-ZjtFzyEWSksl7QHB1YdiY.roa
Signing time: Wed 01 Jan 2025 23:47:45 +0000
ROA not before: Wed 01 Jan 2025 23:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49250
IP address blocks: 91.233.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 10:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a1:d3:d1:9d:ae:4f:ed:0d:66:f9:33:da:3c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c96c66af331c985b859d403b36974c0632e1ef2
Validity
Not Before: Jan 1 23:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=effde83fe663b45cf21164a4b25ed01c1d587626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:41:8c:51:70:52:e9:e8:4f:75:10:1d:65:ed:
eb:ae:35:f2:16:3d:61:4f:25:87:11:50:55:a9:0f:
4e:da:31:29:ca:86:c3:8e:2e:0f:48:b8:34:e4:f7:
19:31:a9:19:41:1c:47:71:65:ef:19:3b:6b:4c:56:
cb:46:3d:0e:5d:88:b3:a2:3e:38:62:1d:08:a8:13:
6b:e2:2e:7a:51:a2:b5:33:4f:b5:82:35:f9:92:fa:
dd:f7:2d:ea:b4:0b:eb:48:71:4f:f8:2d:1f:72:12:
6f:2e:4c:a7:50:61:35:bd:dc:8b:b1:7e:1b:28:c8:
40:48:e8:3b:a2:1a:4e:72:f2:f5:67:42:62:dd:b2:
0a:b5:c9:4a:df:f4:30:93:87:ed:0d:1d:7a:21:70:
ca:e9:ea:c1:ae:75:61:2c:94:93:e8:ce:39:59:08:
34:63:6e:48:e0:ae:4b:3e:0b:b0:1e:3a:76:ee:e3:
36:6c:25:03:9d:c8:27:6a:24:88:2c:44:47:fd:4b:
b4:fe:d7:e9:f6:3f:58:a2:fe:8a:ee:63:2e:e2:e5:
56:91:3a:cf:da:fe:ae:d2:91:d0:78:26:ff:4f:f8:
97:74:32:55:5c:2a:bb:a4:46:7f:7e:a1:29:94:c0:
ee:28:c9:c8:08:53:5a:21:5f:6f:cf:aa:5d:06:76:
72:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:FD:E8:3F:E6:63:B4:5C:F2:11:64:A4:B2:5E:D0:1C:1D:58:76:26
X509v3 Authority Key Identifier:
keyid:8C:96:C6:6A:F3:31:C9:85:B8:59:D4:03:B3:69:74:C0:63:2E:1E:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jJbGavMxyYW4WdQDs2l0wGMuHvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/97e057-0f60-4aaf-9a48-83a44310a964/1/7_3oP-ZjtFzyEWSksl7QHB1YdiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/97e057-0f60-4aaf-9a48-83a44310a964/1/jJbGavMxyYW4WdQDs2l0wGMuHvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.67.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:2b:86:31:36:eb:3b:a1:50:3c:f4:de:3e:c9:8c:0c:76:a8:
6b:4b:3d:73:9e:a2:85:6c:bf:c9:c9:16:02:a2:68:ed:aa:e3:
5b:36:2b:78:b8:4f:6a:10:2f:a6:86:58:43:17:5a:2c:50:8d:
16:26:15:f0:2b:fd:e4:ba:ae:20:b8:14:36:35:4c:bb:57:f0:
2f:30:e7:44:a9:c0:ad:39:42:a7:70:b1:15:d7:d9:d8:9d:43:
4f:c6:0f:cf:62:b2:c2:ef:96:39:af:e8:8f:06:0d:93:fc:61:
ad:cd:cb:ab:df:aa:08:10:44:f5:83:bc:cd:16:16:d2:87:18:
e1:f5:5d:c5:85:e1:4f:16:78:69:3d:76:27:7b:f4:b2:07:d6:
52:88:ea:5c:c5:60:ec:39:39:0f:ab:be:8c:8b:bc:74:21:6e:
57:46:54:3d:3c:ee:24:a5:24:c8:da:e6:85:59:98:3e:bd:ce:
bd:2f:71:5c:1e:4d:4f:32:f8:b0:b0:13:9b:02:d8:1e:4b:91:
92:e5:40:14:ea:8f:66:af:a7:00:5f:24:e1:89:e1:dd:9f:ea:
60:47:69:d4:4d:34:ba:29:e2:f9:ad:7f:8e:d0:8d:5e:fa:7b:
d6:48:2f:e6:7a:1a:1c:59:44:3d:0c:16:36:ca:1c:b9:b9:70:
50:20:e2:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRKHT0Z2uT+0NZvkz2jyVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjOTZjNjZhZjMzMWM5ODViODU5ZDQwM2IzNjk3NGMwNjMy
ZTFlZjIwHhcNMjUwMTAxMjM0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmZkZTgzZmU2NjNiNDVjZjIxMTY0YTRiMjVlZDAxYzFkNTg3NjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kGMUXBS6ehPdRAdZe3rrjXyFj1h
TyWHEVBVqQ9O2jEpyobDji4PSLg05PcZMakZQRxHcWXvGTtrTFbLRj0OXYizoj44
Yh0IqBNr4i56UaK1M0+1gjX5kvrd9y3qtAvrSHFP+C0fchJvLkynUGE1vdyLsX4b
KMhASOg7ohpOcvL1Z0Ji3bIKtclK3/Qwk4ftDR16IXDK6erBrnVhLJST6M45WQg0
Y25I4K5LPguwHjp27uM2bCUDncgnaiSILERH/Uu0/tfp9j9Yov6K7mMu4uVWkTrP
2v6u0pHQeCb/T/iXdDJVXCq7pEZ/fqEplMDuKMnICFNaIV9vz6pdBnZy4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/96D/mY7Rc8hFkpLJe0BwdWHYmMB8GA1UdIwQY
MBaAFIyWxmrzMcmFuFnUA7NpdMBjLh7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakpiR2F2TXh5WVc0V2RRRHMybDB3R011SHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC85N2UwNTctMGY2MC00YWFmLTlhNDgt
ODNhNDQzMTBhOTY0LzEvN18zb1AtWmp0Rnp5RVdTa3NsN1FIQjFZZGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC85N2UwNTctMGY2MC00YWFmLTlhNDgtODNhNDQzMTBhOTY0
LzEvakpiR2F2TXh5WVc0V2RRRHMybDB3R011SHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+lDMA0G
CSqGSIb3DQEBCwUAA4IBAQAMK4YxNus7oVA89N4+yYwMdqhrSz1znqKFbL/JyRYC
omjtquNbNit4uE9qEC+mhlhDF1osUI0WJhXwK/3kuq4guBQ2NUy7V/AvMOdEqcCt
OUKncLEV19nYnUNPxg/PYrLC75Y5r+iPBg2T/GGtzcur36oIEET1g7zNFhbShxjh
9V3FheFPFnhpPXYne/SyB9ZSiOpcxWDsOTkPq76Mi7x0IW5XRlQ9PO4kpSTI2uaF
WZg+vc69L3FcHk1PMviwsBObAtgeS5GS5UAU6o9mr6cAXyThieHdn+pgR2nUTTS6
KeL5rX+O0I1e+nvWSC/mehocWUQ9DBY2yhy5uXBQIOJq
-----END CERTIFICATE-----
Generated at Mon Apr 14 00:07:45 2025 by rpki-client