Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/74bf41-d6a7-4fb5-801c-33cc3adb1e78/1/9XOHJGI3enY-p3TF5oNvvkcVd8Q.roa
File: 9XOHJGI3enY-p3TF5oNvvkcVd8Q.roa (raw, json)
Hash identifier: VjcC/FKglYkaDFgOPFFLOfcIlgRxt5igH+VBHQSTPhM=
Subject key identifier: F5:73:87:24:62:37:7A:76:3E:A7:74:C5:E6:83:6F:BE:47:15:77:C4
Certificate issuer: /CN=61e6ea83926bc478c785471d805a5c1210a8c993
Certificate serial: 018CC3B71F24A452B65F477F8F37025FE10E
Authority key identifier: 61:E6:EA:83:92:6B:C4:78:C7:85:47:1D:80:5A:5C:12:10:A8:C9:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yebqg5JrxHjHhUcdgFpcEhCoyZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/74bf41-d6a7-4fb5-801c-33cc3adb1e78/1/9XOHJGI3enY-p3TF5oNvvkcVd8Q.roa
Signing time: Mon 01 Jan 2024 06:30:07 +0000
ROA not before: Mon 01 Jan 2024 06:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50204
IP address blocks: 91.196.60.0/22 maxlen: 22
195.69.248.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:1f:24:a4:52:b6:5f:47:7f:8f:37:02:5f:e1:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61e6ea83926bc478c785471d805a5c1210a8c993
Validity
Not Before: Jan 1 06:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f573872462377a763ea774c5e6836fbe471577c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6d:4f:65:6b:a0:9b:18:dc:79:58:7d:c3:0b:
82:70:4f:89:be:25:26:5f:86:b2:97:3b:a8:2d:ea:
c5:69:77:29:63:17:67:d5:54:12:1e:ce:61:bf:af:
4e:ff:df:91:ab:69:ba:39:31:b9:19:54:da:6f:f4:
19:33:c0:53:9f:e4:07:35:43:76:4e:e5:55:dd:42:
cf:fe:87:39:24:d6:91:8b:ee:06:82:e2:c1:35:2b:
f0:e9:12:fd:cf:65:52:2c:b6:bd:09:73:34:09:c9:
ce:f0:ac:aa:d1:0f:00:da:2b:59:fe:49:79:79:b9:
d1:c4:8b:d1:38:87:61:c9:b7:1b:3b:bb:1a:be:4e:
85:d5:3c:86:96:cd:69:89:da:a7:1c:a4:0c:c1:31:
7c:e2:b1:e6:15:44:9e:60:2e:42:68:84:0c:c0:12:
fa:9b:f2:a4:db:69:17:7a:df:5f:98:4f:22:5d:de:
04:aa:8f:0a:17:9c:c9:40:95:20:17:3b:ff:1f:19:
47:fb:7b:aa:09:0f:72:90:5e:c3:12:72:78:5d:dc:
aa:e4:77:b0:55:f6:08:c1:2a:a8:4e:2e:87:5d:8d:
14:a7:c9:68:e2:9e:60:66:5d:07:f8:99:81:f9:89:
88:be:48:df:c3:de:1b:ec:8b:22:51:a8:9f:ac:7e:
30:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:73:87:24:62:37:7A:76:3E:A7:74:C5:E6:83:6F:BE:47:15:77:C4
X509v3 Authority Key Identifier:
keyid:61:E6:EA:83:92:6B:C4:78:C7:85:47:1D:80:5A:5C:12:10:A8:C9:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yebqg5JrxHjHhUcdgFpcEhCoyZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/74bf41-d6a7-4fb5-801c-33cc3adb1e78/1/9XOHJGI3enY-p3TF5oNvvkcVd8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/74bf41-d6a7-4fb5-801c-33cc3adb1e78/1/Yebqg5JrxHjHhUcdgFpcEhCoyZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.60.0/22
195.69.248.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:43:ef:33:c3:b5:f6:d5:39:3f:3e:75:d0:f3:3b:39:0c:f7:
fa:2f:3a:98:a9:49:23:91:2a:49:78:7e:e6:4f:66:05:1e:b4:
b7:1b:72:20:75:64:ac:33:94:42:2a:b9:84:3a:27:3f:8a:14:
28:05:5a:db:c3:aa:63:c5:e7:8a:24:0f:90:ce:5f:6c:e2:94:
51:f7:37:73:8d:b5:68:00:b7:48:1a:ff:a7:62:e1:75:61:53:
13:bf:82:ca:60:7f:94:f1:27:b3:61:83:2e:61:e6:35:c4:dc:
63:45:71:ef:5a:bb:b8:2b:00:0c:74:7a:4d:c3:2c:df:c6:3a:
8e:01:80:66:c5:e3:58:14:39:6a:2e:5e:4b:4b:8e:06:83:72:
f7:9d:7f:c9:e5:37:1f:76:e0:eb:68:0e:70:a9:6e:af:61:26:
78:26:48:c6:9d:de:be:c6:1c:89:43:40:c5:d0:2c:4c:25:11:
86:ff:92:51:4c:aa:92:8a:e7:b6:52:11:e0:3f:3e:27:83:89:
f4:60:8a:ba:42:35:20:76:c8:c4:65:65:f6:54:91:1c:fe:a5:
cc:23:d9:5e:80:1a:2d:bf:1e:d3:d0:31:7a:06:77:90:5b:09:
1d:e2:ef:e2:50:4e:e2:08:aa:ce:7c:dd:de:5a:5a:b6:a1:41:
60:95:2b:e0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtx8kpFK2X0d/jzcCX+EOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZTZlYTgzOTI2YmM0NzhjNzg1NDcxZDgwNWE1YzEyMTBh
OGM5OTMwHhcNMjQwMTAxMDYzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTczODcyNDYyMzc3YTc2M2VhNzc0YzVlNjgzNmZiZTQ3MTU3N2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgm1PZWugmxjceVh9wwuCcE+JviUm
X4aylzuoLerFaXcpYxdn1VQSHs5hv69O/9+Rq2m6OTG5GVTab/QZM8BTn+QHNUN2
TuVV3ULP/oc5JNaRi+4GguLBNSvw6RL9z2VSLLa9CXM0CcnO8Kyq0Q8A2itZ/kl5
ebnRxIvROIdhybcbO7savk6F1TyGls1pidqnHKQMwTF84rHmFUSeYC5CaIQMwBL6
m/Kk22kXet9fmE8iXd4Eqo8KF5zJQJUgFzv/HxlH+3uqCQ9ykF7DEnJ4Xdyq5Hew
VfYIwSqoTi6HXY0Up8lo4p5gZl0H+JmB+YmIvkjfw94b7IsiUaifrH4wJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPVzhyRiN3p2Pqd0xeaDb75HFXfEMB8GA1UdIwQY
MBaAFGHm6oOSa8R4x4VHHYBaXBIQqMmTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWVicWc1SnJ4SGpIaFVjZGdGcGNFaENveVpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83NGJmNDEtZDZhNy00ZmI1LTgwMWMt
MzNjYzNhZGIxZTc4LzEvOVhPSEpHSTNlblktcDNURjVvTnZ2a2NWZDhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83NGJmNDEtZDZhNy00ZmI1LTgwMWMtMzNjYzNhZGIxZTc4
LzEvWWVicWc1SnJ4SGpIaFVjZGdGcGNFaENveVpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8Q8AwQC
w0X4MA0GCSqGSIb3DQEBCwUAA4IBAQAdQ+8zw7X21Tk/PnXQ8zs5DPf6LzqYqUkj
kSpJeH7mT2YFHrS3G3IgdWSsM5RCKrmEOic/ihQoBVrbw6pjxeeKJA+Qzl9s4pRR
9zdzjbVoALdIGv+nYuF1YVMTv4LKYH+U8SezYYMuYeY1xNxjRXHvWru4KwAMdHpN
wyzfxjqOAYBmxeNYFDlqLl5LS44Gg3L3nX/J5TcfduDraA5wqW6vYSZ4JkjGnd6+
xhyJQ0DF0CxMJRGG/5JRTKqSiue2UhHgPz4ng4n0YIq6QjUgdsjEZWX2VJEc/qXM
I9legBotvx7T0DF6BneQWwkd4u/iUE7iCKrOfN3eWlq2oUFglSvg
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:19:07 2025 by rpki-client