Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/4641f6-87c0-4d17-a58a-6163564d9704/1/CiwdFv8xg9k1yxGNW47TunwPBWg.roa
File: CiwdFv8xg9k1yxGNW47TunwPBWg.roa (raw, json)
Hash identifier: 5Htn2CyZ0d0i/r5+jgBEsvY5P+8qztMIPtF6+/CmtHg=
Subject key identifier: 0A:2C:1D:16:FF:31:83:D9:35:CB:11:8D:5B:8E:D3:BA:7C:0F:05:68
Certificate issuer: /CN=0e51516767d9a8508c6e14d58deeffbfab8080dd
Certificate serial: 01942369C91B02C68ADC4A9076249AE9EDBA
Authority key identifier: 0E:51:51:67:67:D9:A8:50:8C:6E:14:D5:8D:EE:FF:BF:AB:80:80:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DlFRZ2fZqFCMbhTVje7_v6uAgN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/4641f6-87c0-4d17-a58a-6163564d9704/1/CiwdFv8xg9k1yxGNW47TunwPBWg.roa
Signing time: Wed 01 Jan 2025 19:48:42 +0000
ROA not before: Wed 01 Jan 2025 19:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61999
IP address blocks: 91.224.122.0/23 maxlen: 23
91.224.122.0/24 maxlen: 24
91.224.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Mar 2025 10:25:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:c9:1b:02:c6:8a:dc:4a:90:76:24:9a:e9:ed:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e51516767d9a8508c6e14d58deeffbfab8080dd
Validity
Not Before: Jan 1 19:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a2c1d16ff3183d935cb118d5b8ed3ba7c0f0568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:01:01:50:ec:10:14:88:0b:ee:dd:cf:61:66:
46:20:c6:5f:45:de:e8:19:ab:22:c4:25:a7:3c:7c:
fb:09:5a:a2:b5:10:51:dc:d9:cf:1f:a3:ae:8c:f1:
65:dd:83:10:fb:52:9a:89:8a:6f:06:ee:d7:0a:e5:
86:a2:1e:39:b1:5e:8f:35:55:e4:f2:aa:b5:b3:c4:
70:b4:65:af:46:2c:84:36:f1:1b:d1:a6:6d:42:0f:
c9:43:ed:a9:fe:1b:a9:74:7c:22:66:40:56:3b:46:
da:ca:3e:58:45:56:1d:17:13:3f:dd:da:4e:80:20:
73:e5:93:9d:7d:f0:17:13:13:5c:04:18:52:8d:2a:
fa:11:89:de:f0:42:c0:0c:4c:0d:c0:e1:29:88:e7:
ca:c8:fc:0c:df:35:8a:93:ca:01:db:24:84:97:ba:
65:b5:f7:df:93:3c:94:6f:bd:54:e1:76:98:66:5f:
11:fa:b1:07:d6:06:2a:62:dd:02:47:cc:13:1f:fb:
bc:9c:d4:bd:a1:f8:6a:c6:f0:1b:24:ca:2d:83:e9:
80:4c:a7:a8:59:d7:c5:87:e6:3a:0e:e1:f2:42:d3:
fe:90:74:b3:e4:c2:d8:77:bc:92:00:0e:d8:ac:a5:
ee:a7:d2:0d:8a:7b:15:86:f9:aa:27:bf:09:9d:aa:
9a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:2C:1D:16:FF:31:83:D9:35:CB:11:8D:5B:8E:D3:BA:7C:0F:05:68
X509v3 Authority Key Identifier:
keyid:0E:51:51:67:67:D9:A8:50:8C:6E:14:D5:8D:EE:FF:BF:AB:80:80:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DlFRZ2fZqFCMbhTVje7_v6uAgN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4641f6-87c0-4d17-a58a-6163564d9704/1/CiwdFv8xg9k1yxGNW47TunwPBWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4641f6-87c0-4d17-a58a-6163564d9704/1/DlFRZ2fZqFCMbhTVje7_v6uAgN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.122.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:a8:52:49:bc:2d:e6:cf:bf:6f:80:ee:a1:13:df:a7:c5:d5:
77:df:cb:5e:c5:a5:d6:ae:10:f6:b4:80:5d:43:39:c4:4b:f3:
c6:31:04:b9:b6:3c:2a:87:5b:1c:6a:9e:37:56:bb:15:7d:01:
23:36:c9:ff:91:34:19:a3:58:01:73:38:e0:60:bf:21:fb:d0:
61:71:3b:85:88:58:54:a4:97:03:43:d9:a7:ed:94:95:53:41:
35:96:f3:41:e8:05:bc:c4:21:d3:53:f0:b4:c2:3f:cb:50:86:
8a:37:07:2b:bb:a2:4a:bb:74:16:29:91:65:2f:1c:1a:33:e8:
06:e1:04:eb:f0:0b:05:40:a5:88:ee:0d:1f:59:1b:0a:58:7c:
cd:a4:14:57:52:40:3f:28:42:97:4c:9f:80:c8:05:a2:73:51:
65:88:c2:7c:92:df:9f:18:46:32:3c:0e:ab:90:91:6a:02:ea:
d3:16:95:4a:a7:78:d0:84:79:88:70:36:23:d5:e9:e7:f6:1d:
37:6c:55:d4:8b:13:16:1a:10:70:fb:7f:4f:47:d8:d3:31:49:
d2:ab:e1:fd:de:41:1b:45:74:d4:5a:0d:d9:09:73:f7:b3:f0:
94:b1:27:bb:6c:80:af:95:27:1f:57:f4:13:1a:fb:40:61:e4:
e0:79:72:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjackbAsaK3EqQdiSa6e26MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNTE1MTY3NjdkOWE4NTA4YzZlMTRkNThkZWVmZmJmYWI4
MDgwZGQwHhcNMjUwMTAxMTk0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTJjMWQxNmZmMzE4M2Q5MzVjYjExOGQ1YjhlZDNiYTdjMGYwNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQEBUOwQFIgL7t3PYWZGIMZfRd7o
GasixCWnPHz7CVqitRBR3NnPH6OujPFl3YMQ+1KaiYpvBu7XCuWGoh45sV6PNVXk
8qq1s8RwtGWvRiyENvEb0aZtQg/JQ+2p/hupdHwiZkBWO0bayj5YRVYdFxM/3dpO
gCBz5ZOdffAXExNcBBhSjSr6EYne8ELADEwNwOEpiOfKyPwM3zWKk8oB2ySEl7pl
tfffkzyUb71U4XaYZl8R+rEH1gYqYt0CR8wTH/u8nNS9ofhqxvAbJMotg+mATKeo
WdfFh+Y6DuHyQtP+kHSz5MLYd7ySAA7YrKXup9INinsVhvmqJ78JnaqapQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAosHRb/MYPZNcsRjVuO07p8DwVoMB8GA1UdIwQY
MBaAFA5RUWdn2ahQjG4U1Y3u/7+rgIDdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGxGUloyZlpxRkNNYmhUVmplN192NnVBZ04wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny80NjQxZjYtODdjMC00ZDE3LWE1OGEt
NjE2MzU2NGQ5NzA0LzEvQ2l3ZEZ2OHhnOWsxeXhHTlc0N1R1bndQQldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny80NjQxZjYtODdjMC00ZDE3LWE1OGEtNjE2MzU2NGQ5NzA0
LzEvRGxGUloyZlpxRkNNYmhUVmplN192NnVBZ04wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+B6MA0G
CSqGSIb3DQEBCwUAA4IBAQBaqFJJvC3mz79vgO6hE9+nxdV338texaXWrhD2tIBd
QznES/PGMQS5tjwqh1scap43VrsVfQEjNsn/kTQZo1gBczjgYL8h+9BhcTuFiFhU
pJcDQ9mn7ZSVU0E1lvNB6AW8xCHTU/C0wj/LUIaKNwcru6JKu3QWKZFlLxwaM+gG
4QTr8AsFQKWI7g0fWRsKWHzNpBRXUkA/KEKXTJ+AyAWic1FliMJ8kt+fGEYyPA6r
kJFqAurTFpVKp3jQhHmIcDYj1enn9h03bFXUixMWGhBw+39PR9jTMUnSq+H93kEb
RXTUWg3ZCXP3s/CUsSe7bICvlScfV/QTGvtAYeTgeXL6
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:35 2025 by rpki-client