Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/f1CTiEGWI6-NFN7K-AINHrKfv5E.roa
File: f1CTiEGWI6-NFN7K-AINHrKfv5E.roa (raw, json)
Hash identifier: LFzZCTEhdTcgTprZ61DebQ4fzkLVNpolmmJ+u777HOU=
Subject key identifier: 7F:50:93:88:41:96:23:AF:8D:14:DE:CA:F8:02:0D:1E:B2:9F:BF:91
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FC0407B2051B203079C1DDA4EA6CC
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/f1CTiEGWI6-NFN7K-AINHrKfv5E.roa
Signing time: Thu 02 Jan 2025 05:49:25 +0000
ROA not before: Thu 02 Jan 2025 05:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56428
IP address blocks: 93.171.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 10:22:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:c0:40:7b:20:51:b2:03:07:9c:1d:da:4e:a6:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f509388419623af8d14decaf8020d1eb29fbf91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3c:17:cc:61:84:60:ed:1a:de:ec:64:48:96:
cf:c3:ec:4a:30:43:8a:95:f9:3b:d6:a1:d0:f3:6b:
70:b4:71:ec:3a:ae:9a:b2:8f:e0:fa:af:78:79:aa:
c5:e9:52:0f:a1:7e:ba:06:80:20:f8:90:93:57:ae:
3c:0e:bf:e3:2f:44:55:eb:e0:f2:a7:0e:ef:e6:47:
db:c4:da:a7:20:78:1c:a1:9d:66:da:fb:39:69:29:
81:c7:34:ff:2b:05:f7:5e:e3:4b:b0:58:cd:fe:15:
4e:b4:f1:6d:94:bd:58:44:43:e9:50:1e:7e:d1:3e:
22:ca:09:1c:01:bf:bb:47:4f:43:95:48:94:b8:db:
1b:ac:c8:bc:5e:2a:c3:fe:9e:6c:02:a7:c8:40:6d:
15:bd:de:6d:53:b8:2a:fc:2a:00:d5:b1:0b:6f:46:
76:8a:54:e4:12:8b:5b:95:97:0a:ad:52:c7:1d:46:
ec:9c:8f:e3:60:c2:11:8e:67:61:1a:13:2f:43:14:
59:a1:56:eb:1e:2d:78:ba:b4:55:97:d2:3a:16:5b:
28:5f:ae:03:f7:04:7a:ea:24:40:54:b1:0f:06:b2:
55:5c:1a:35:85:72:69:9c:ae:88:5c:61:d0:3c:31:
4b:86:63:a8:1b:0f:ef:b7:c0:b6:07:f0:af:7f:82:
51:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:50:93:88:41:96:23:AF:8D:14:DE:CA:F8:02:0D:1E:B2:9F:BF:91
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/f1CTiEGWI6-NFN7K-AINHrKfv5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.137.0/24
Signature Algorithm: sha256WithRSAEncryption
13:7a:ca:95:1c:e6:79:5d:21:93:f8:c1:c8:06:45:b3:b9:be:
c6:13:91:01:0f:cb:fd:46:de:fc:a5:5e:36:e8:7b:5e:b1:d7:
fd:be:c1:38:e4:54:51:4a:85:25:c9:45:17:2c:64:e2:86:7d:
a8:97:c1:9a:a0:65:12:ec:c4:7a:dd:df:fd:f9:2e:6a:f1:b2:
bb:30:68:62:99:17:cd:c9:79:7d:05:2a:63:7b:4f:5a:32:0f:
84:cd:b6:76:5d:d0:46:7b:22:bb:28:e7:41:be:63:b8:08:c6:
c6:89:ff:28:0e:cd:7e:d3:5e:cf:2a:80:b9:f4:fa:6c:4b:8a:
47:64:40:be:ad:17:60:7f:12:68:ce:0b:9b:6c:b2:4c:6e:4f:
70:5a:d9:af:26:bf:c3:08:74:87:17:76:40:95:9c:c9:09:b5:
ec:2b:01:60:fc:ab:fd:fc:99:e6:b0:e5:c4:1c:bd:46:35:e9:
e4:86:53:eb:7f:2e:ef:03:26:8c:1c:a4:10:25:f6:20:3e:82:
7c:ac:d8:0c:44:89:1f:52:9f:02:3e:80:5d:6d:6e:1c:2a:a4:
2a:88:97:52:77:a9:60:7c:83:6e:92:bb:e9:71:9d:46:69:9b:
bf:33:b8:09:b0:8b:de:d1:14:f2:27:d7:48:04:58:f3:ef:13:
cf:54:de:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj8BAeyBRsgMHnB3aTqbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjUwOTM4ODQxOTYyM2FmOGQxNGRlY2FmODAyMGQxZWIyOWZiZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjwXzGGEYO0a3uxkSJbPw+xKMEOK
lfk71qHQ82twtHHsOq6aso/g+q94earF6VIPoX66BoAg+JCTV648Dr/jL0RV6+Dy
pw7v5kfbxNqnIHgcoZ1m2vs5aSmBxzT/KwX3XuNLsFjN/hVOtPFtlL1YREPpUB5+
0T4iygkcAb+7R09DlUiUuNsbrMi8XirD/p5sAqfIQG0Vvd5tU7gq/CoA1bELb0Z2
ilTkEotblZcKrVLHHUbsnI/jYMIRjmdhGhMvQxRZoVbrHi14urRVl9I6FlsoX64D
9wR66iRAVLEPBrJVXBo1hXJpnK6IXGHQPDFLhmOoGw/vt8C2B/Cvf4JRQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH9Qk4hBliOvjRTeyvgCDR6yn7+RMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvZjFDVGlFR1dJNi1ORk43Sy1BSU5IcktmdjVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXauJMA0G
CSqGSIb3DQEBCwUAA4IBAQATesqVHOZ5XSGT+MHIBkWzub7GE5EBD8v9Rt78pV42
6Htesdf9vsE45FRRSoUlyUUXLGTihn2ol8GaoGUS7MR63d/9+S5q8bK7MGhimRfN
yXl9BSpje09aMg+EzbZ2XdBGeyK7KOdBvmO4CMbGif8oDs1+017PKoC59PpsS4pH
ZEC+rRdgfxJozgubbLJMbk9wWtmvJr/DCHSHF3ZAlZzJCbXsKwFg/Kv9/JnmsOXE
HL1GNenkhlPrfy7vAyaMHKQQJfYgPoJ8rNgMRIkfUp8CPoBdbW4cKqQqiJdSd6lg
fINukrvpcZ1GaZu/M7gJsIve0RTyJ9dIBFjz7xPPVN76
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:29:47 2025 by rpki-client