Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/55ae2d-37a2-4f67-9516-9081545f5691/1/xt47wHkM35P6tMvJpmpsr99vda8.roa
File: xt47wHkM35P6tMvJpmpsr99vda8.roa (raw, json)
Hash identifier: 15WXc4Wcbd2cJFDZb+aW9fAQE6Ww2ST6pgXU2xtKE9k=
Subject key identifier: C6:DE:3B:C0:79:0C:DF:93:FA:B4:CB:C9:A6:6A:6C:AF:DF:6F:75:AF
Certificate issuer: /CN=e3ce069dfc5b608876d6424a32e783a98a92eff2
Certificate serial: 018CC94D97D8E19DD9F6BA162A914B8A28C5
Authority key identifier: E3:CE:06:9D:FC:5B:60:88:76:D6:42:4A:32:E7:83:A9:8A:92:EF:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/484GnfxbYIh21kJKMueDqYqS7_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/55ae2d-37a2-4f67-9516-9081545f5691/1/xt47wHkM35P6tMvJpmpsr99vda8.roa
Signing time: Tue 02 Jan 2024 08:32:34 +0000
ROA not before: Tue 02 Jan 2024 08:32:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57130
IP address blocks: 91.230.241.0/24 maxlen: 24
194.9.22.0/24 maxlen: 24
194.9.23.0/24 maxlen: 24
91.230.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:97:d8:e1:9d:d9:f6:ba:16:2a:91:4b:8a:28:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3ce069dfc5b608876d6424a32e783a98a92eff2
Validity
Not Before: Jan 2 08:32:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6de3bc0790cdf93fab4cbc9a66a6cafdf6f75af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5c:ff:cf:af:20:a9:32:aa:4f:db:93:1a:09:
e0:1c:21:c0:7b:b7:e7:1c:1c:f1:89:6b:c5:2f:cc:
9f:c4:43:d4:8c:7a:7f:f9:87:be:94:53:f1:3b:53:
66:ce:12:22:d9:7b:54:e5:6d:29:d7:ad:96:2c:6f:
7d:7e:6e:08:3e:96:06:df:5d:28:60:c3:f5:5f:07:
05:c7:31:f4:6b:4c:65:dd:27:11:9e:aa:cf:9a:0e:
37:cd:c5:4a:94:c6:6c:08:da:bc:1d:0a:1e:7a:80:
e0:de:83:ba:62:8c:6f:65:d6:28:2c:a7:11:8e:f4:
82:c6:7d:4c:29:82:ad:1f:f3:60:56:a1:71:0e:a9:
52:30:3c:f3:bf:8d:8e:86:d1:c2:b2:e2:4c:46:74:
a5:11:e6:3c:cb:6e:1d:4a:8a:07:3f:14:dc:10:73:
58:55:83:6e:87:b6:f0:0c:7a:02:27:c8:27:25:24:
c7:fd:bc:53:df:65:c0:97:22:11:e7:59:e1:25:76:
8d:9b:4a:a7:30:59:ce:14:6f:f0:6b:24:80:ac:a3:
20:81:4f:22:b7:aa:98:7d:73:27:1f:65:4e:b5:6f:
cb:16:55:b9:db:a9:6f:05:84:32:ea:dc:07:95:37:
92:9e:e3:82:18:58:36:0e:e6:ff:64:97:ba:80:e8:
71:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:DE:3B:C0:79:0C:DF:93:FA:B4:CB:C9:A6:6A:6C:AF:DF:6F:75:AF
X509v3 Authority Key Identifier:
keyid:E3:CE:06:9D:FC:5B:60:88:76:D6:42:4A:32:E7:83:A9:8A:92:EF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/484GnfxbYIh21kJKMueDqYqS7_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/55ae2d-37a2-4f67-9516-9081545f5691/1/xt47wHkM35P6tMvJpmpsr99vda8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/55ae2d-37a2-4f67-9516-9081545f5691/1/484GnfxbYIh21kJKMueDqYqS7_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.240.0/23
194.9.22.0/23
Signature Algorithm: sha256WithRSAEncryption
19:c2:d7:1d:40:64:0e:f9:69:37:80:eb:c9:ad:ba:c7:36:e7:
64:d3:90:16:3d:2f:56:8b:93:02:4b:00:a4:32:6d:b6:39:73:
45:d3:57:7f:db:c6:ae:54:48:03:8a:d4:b5:61:97:41:d3:74:
65:30:54:ba:57:1d:45:a5:49:4b:44:3f:62:ca:5f:36:49:17:
03:1d:3c:8d:16:1d:ec:f8:af:39:28:b0:c7:9c:e7:c3:60:96:
08:6d:fd:69:80:9c:3c:40:86:00:ec:2d:6b:33:2e:35:92:96:
1e:00:40:14:a5:31:2e:ba:47:64:a7:33:61:d1:ea:fa:2d:15:
29:6d:b9:3a:6a:ca:31:f7:d5:ce:87:9a:67:1c:60:f0:94:e5:
3d:03:66:e5:d6:6b:e5:7b:92:59:c7:9a:65:42:9f:a5:d6:7b:
3a:a2:1f:c7:ee:77:bc:54:64:a9:3d:60:a5:45:1a:df:da:57:
95:b9:46:30:4a:46:b7:10:9c:5f:11:b4:e1:35:2d:c3:98:cc:
14:6d:7a:65:28:4d:02:0a:31:6e:c5:28:5d:11:f5:13:14:37:
2b:a1:24:85:25:79:c0:27:7f:be:03:b8:60:1d:2b:3b:1d:57:
64:98:48:05:82:57:ab:c3:57:de:02:dd:74:ea:3a:83:33:ef:
16:35:29:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTZfY4Z3Z9roWKpFLiijFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzY2UwNjlkZmM1YjYwODg3NmQ2NDI0YTMyZTc4M2E5OGE5
MmVmZjIwHhcNMjQwMTAyMDgzMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmRlM2JjMDc5MGNkZjkzZmFiNGNiYzlhNjZhNmNhZmRmNmY3NWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFz/z68gqTKqT9uTGgngHCHAe7fn
HBzxiWvFL8yfxEPUjHp/+Ye+lFPxO1NmzhIi2XtU5W0p162WLG99fm4IPpYG310o
YMP1XwcFxzH0a0xl3ScRnqrPmg43zcVKlMZsCNq8HQoeeoDg3oO6YoxvZdYoLKcR
jvSCxn1MKYKtH/NgVqFxDqlSMDzzv42OhtHCsuJMRnSlEeY8y24dSooHPxTcEHNY
VYNuh7bwDHoCJ8gnJSTH/bxT32XAlyIR51nhJXaNm0qnMFnOFG/waySArKMggU8i
t6qYfXMnH2VOtW/LFlW526lvBYQy6twHlTeSnuOCGFg2Dub/ZJe6gOhxMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMbeO8B5DN+T+rTLyaZqbK/fb3WvMB8GA1UdIwQY
MBaAFOPOBp38W2CIdtZCSjLng6mKku/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDg0R25meGJZSWgyMWtKS011ZURxWXFTN19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS81NWFlMmQtMzdhMi00ZjY3LTk1MTYt
OTA4MTU0NWY1NjkxLzEveHQ0N3dIa00zNVA2dE12SnBtcHNyOTl2ZGE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS81NWFlMmQtMzdhMi00ZjY3LTk1MTYtOTA4MTU0NWY1Njkx
LzEvNDg0R25meGJZSWgyMWtKS011ZURxWXFTN19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+bwAwQB
wgkWMA0GCSqGSIb3DQEBCwUAA4IBAQAZwtcdQGQO+Wk3gOvJrbrHNudk05AWPS9W
i5MCSwCkMm22OXNF01d/28auVEgDitS1YZdB03RlMFS6Vx1FpUlLRD9iyl82SRcD
HTyNFh3s+K85KLDHnOfDYJYIbf1pgJw8QIYA7C1rMy41kpYeAEAUpTEuukdkpzNh
0er6LRUpbbk6asox99XOh5pnHGDwlOU9A2bl1mvle5JZx5plQp+l1ns6oh/H7ne8
VGSpPWClRRrf2leVuUYwSka3EJxfEbThNS3DmMwUbXplKE0CCjFuxShdEfUTFDcr
oSSFJXnAJ3++A7hgHSs7HVdkmEgFglerw1feAt106jqDM+8WNSl9
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:56 2025 by rpki-client