Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/c3206a-9c16-4527-8b89-6e8dcbaeaf7f/1/IRiHWAFqS66xVUWPDeubVHTaDfE.roa
File: IRiHWAFqS66xVUWPDeubVHTaDfE.roa (raw, json)
Hash identifier: 6r+roefxNX7QQVmOqtWgBDBNXEH+wXTP3+D0iwRIIlI=
Subject key identifier: 21:18:87:58:01:6A:4B:AE:B1:55:45:8F:0D:EB:9B:54:74:DA:0D:F1
Certificate issuer: /CN=f95d39e5b6890a46c8ce5c9037e6d26365e857bc
Certificate serial: 018CC2DB3490885D1D5D5DFFE9185AF55641
Authority key identifier: F9:5D:39:E5:B6:89:0A:46:C8:CE:5C:90:37:E6:D2:63:65:E8:57:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-V055baJCkbIzlyQN-bSY2XoV7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/c3206a-9c16-4527-8b89-6e8dcbaeaf7f/1/IRiHWAFqS66xVUWPDeubVHTaDfE.roa
Signing time: Mon 01 Jan 2024 02:29:54 +0000
ROA not before: Mon 01 Jan 2024 02:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213027
IP address blocks: 91.203.106.0/24 maxlen: 24
2001:678:f70::/48 maxlen: 48
2001:678:f74::/48 maxlen: 48
2a11:a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:34:90:88:5d:1d:5d:5d:ff:e9:18:5a:f5:56:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f95d39e5b6890a46c8ce5c9037e6d26365e857bc
Validity
Not Before: Jan 1 02:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21188758016a4baeb155458f0deb9b5474da0df1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:44:74:7a:45:0e:ce:2a:32:f9:c5:ba:22:4e:
f9:c9:cb:23:20:d2:21:10:c3:08:90:c7:97:12:7d:
16:a6:86:0f:00:79:88:22:dc:b1:b4:79:69:ee:cf:
8f:3c:6e:55:cb:b1:c5:3f:4c:25:6c:d0:bf:23:71:
60:99:b3:08:8c:e2:48:fa:0d:08:c5:89:8c:71:3e:
fb:84:ec:74:67:4e:46:6c:be:27:51:96:fa:f5:bf:
eb:3e:ea:d1:8c:e8:04:72:b3:29:d8:35:a6:71:b6:
7e:2b:80:3a:dc:80:a4:46:d5:5b:15:ab:11:56:76:
7c:2f:9c:71:72:43:13:10:4d:8e:84:ad:42:1a:df:
81:35:56:4f:b6:4e:d7:db:e6:35:b6:7a:73:77:44:
60:f9:17:e5:ae:16:ba:b4:a7:e8:34:cb:41:06:b6:
95:d5:b1:7a:fa:3d:60:48:af:66:79:0d:65:63:da:
96:97:f4:8b:15:f7:6d:f1:c8:4b:d0:6a:b0:06:e8:
ce:f5:49:6c:82:e4:5b:a7:7d:b1:7a:fa:df:33:b2:
16:35:44:bd:56:28:0f:0b:1a:fd:2b:34:d9:95:88:
8e:5a:77:f3:39:ee:65:ea:74:6a:df:3d:7a:df:1b:
9a:ec:d8:cf:3c:be:f1:54:08:bc:07:09:21:08:58:
7b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:18:87:58:01:6A:4B:AE:B1:55:45:8F:0D:EB:9B:54:74:DA:0D:F1
X509v3 Authority Key Identifier:
keyid:F9:5D:39:E5:B6:89:0A:46:C8:CE:5C:90:37:E6:D2:63:65:E8:57:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-V055baJCkbIzlyQN-bSY2XoV7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c3206a-9c16-4527-8b89-6e8dcbaeaf7f/1/IRiHWAFqS66xVUWPDeubVHTaDfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c3206a-9c16-4527-8b89-6e8dcbaeaf7f/1/1-V055baJCkbIzlyQN-bSY2XoV7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.106.0/24
IPv6:
2001:678:f70::/48
2001:678:f74::/48
2a11:a00::/29
Signature Algorithm: sha256WithRSAEncryption
87:a2:a4:57:4b:c7:24:43:71:17:fa:83:9e:96:3f:1c:ed:87:
9c:f9:3b:99:b4:3f:69:34:54:db:1b:7d:bc:19:c5:b9:b7:0f:
64:c9:b2:42:ed:9e:a8:6a:8d:e6:b4:c5:63:58:d3:85:49:25:
35:59:33:c5:32:3d:dc:34:dc:ee:14:41:6d:90:fd:ca:8d:e7:
a6:f2:2d:e1:d8:f5:7d:b9:39:11:21:c0:73:a8:76:f3:93:9c:
19:4f:c5:d5:46:f8:d7:85:8f:82:bb:b9:e6:67:dd:0d:d8:12:
7f:6c:67:e2:00:aa:41:16:78:9d:b1:18:db:62:78:e6:35:4e:
8f:e9:5d:61:7c:c6:16:ac:a4:16:09:4e:b6:cb:ed:1d:bc:f4:
b5:60:63:5c:9d:d3:6a:62:fd:12:d2:bb:d2:bb:dc:9b:fa:70:
d4:28:8d:5a:f7:89:e4:57:bb:a4:4b:bc:cc:2f:6f:46:19:f0:
56:62:88:fe:53:c1:44:c7:8d:90:82:3a:23:8f:cf:00:29:1d:
0d:85:5f:2d:07:74:f7:64:c5:0a:83:3d:0a:a5:94:cc:c3:e0:
6b:f7:24:98:1f:d5:24:5e:23:b6:2b:46:df:3e:db:37:1f:e4:
95:d3:97:ab:a3:d0:14:76:b3:9f:00:bf:bd:5a:84:1e:37:7f:
d6:58:13:b6
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzC2zSQiF0dXV3/6Rha9VZBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NWQzOWU1YjY4OTBhNDZjOGNlNWM5MDM3ZTZkMjYzNjVl
ODU3YmMwHhcNMjQwMTAxMDIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTE4ODc1ODAxNmE0YmFlYjE1NTQ1OGYwZGViOWI1NDc0ZGEwZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUR0ekUOzioy+cW6Ik75ycsjINIh
EMMIkMeXEn0WpoYPAHmIItyxtHlp7s+PPG5Vy7HFP0wlbNC/I3FgmbMIjOJI+g0I
xYmMcT77hOx0Z05GbL4nUZb69b/rPurRjOgEcrMp2DWmcbZ+K4A63ICkRtVbFasR
VnZ8L5xxckMTEE2OhK1CGt+BNVZPtk7X2+Y1tnpzd0Rg+Rflrha6tKfoNMtBBraV
1bF6+j1gSK9meQ1lY9qWl/SLFfdt8chL0GqwBujO9UlsguRbp32xevrfM7IWNUS9
VigPCxr9KzTZlYiOWnfzOe5l6nRq3z163xua7NjPPL7xVAi8BwkhCFh7VwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFCEYh1gBakuusVVFjw3rm1R02g3xMB8GA1UdIwQY
MBaAFPldOeW2iQpGyM5ckDfm0mNl6Fe8MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1WMDU1YmFKQ2tiSXpseVFOLWJTWTJYb1Y3dy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcvYzMyMDZhLTljMTYtNDUyNy04Yjg5
LTZlOGRjYmFlYWY3Zi8xL0lSaUhXQUZxUzY2eFZVV1BEZXViVkhUYURmRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTcvYzMyMDZhLTljMTYtNDUyNy04Yjg5LTZlOGRjYmFlYWY3
Zi8xLzEtVjA1NWJhSkNrYkl6bHlRTi1iU1kyWG9WN3cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQAYIKwYBBQUHAQcBAf8EMTAvMAwEAgABMAYDBABby2ow
HwQCAAIwGQMHACABBngPcAMHACABBngPdAMFAyoRCgAwDQYJKoZIhvcNAQELBQAD
ggEBAIeipFdLxyRDcRf6g56WPxzth5z5O5m0P2k0VNsbfbwZxbm3D2TJskLtnqhq
jea0xWNY04VJJTVZM8UyPdw03O4UQW2Q/cqN56byLeHY9X25OREhwHOodvOTnBlP
xdVG+NeFj4K7ueZn3Q3YEn9sZ+IAqkEWeJ2xGNtieOY1To/pXWF8xhaspBYJTrbL
7R289LVgY1yd02pi/RLSu9K73Jv6cNQojVr3ieRXu6RLvMwvb0YZ8FZiiP5TwUTH
jZCCOiOPzwApHQ2FXy0HdPdkxQqDPQqllMzD4Gv3JJgf1SReI7YrRt8+2zcf5JXT
l6uj0BR2s58Av71ahB43f9ZYE7Y=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:05 2025 by rpki-client