Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/02610f-6913-4049-97f0-a2eda946ed29/1/XlkfchODh7njLLdpOqwc0UspWFo.roa
File: XlkfchODh7njLLdpOqwc0UspWFo.roa (raw, json)
Hash identifier: UFtKf1mtw0u0/3JnXOK2pP6VBQh9rjw5zHQYfmNZTPo=
Subject key identifier: 5E:59:1F:72:13:83:87:B9:E3:2C:B7:69:3A:AC:1C:D1:4B:29:58:5A
Certificate issuer: /CN=6951d4551d26a51c0f92b77c2d378fb34758b877
Certificate serial: 0191C7771112AC4681B04F05CD32633DD06E
Authority key identifier: 69:51:D4:55:1D:26:A5:1C:0F:92:B7:7C:2D:37:8F:B3:47:58:B8:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aVHUVR0mpRwPkrd8LTePs0dYuHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/02610f-6913-4049-97f0-a2eda946ed29/1/XlkfchODh7njLLdpOqwc0UspWFo.roa
Signing time: Fri 06 Sep 2024 13:12:34 +0000
ROA not before: Fri 06 Sep 2024 13:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196658
IP address blocks: 91.213.102.0/24 maxlen: 24
146.0.88.0/21 maxlen: 21
185.195.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c7:77:11:12:ac:46:81:b0:4f:05:cd:32:63:3d:d0:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6951d4551d26a51c0f92b77c2d378fb34758b877
Validity
Not Before: Sep 6 13:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e591f72138387b9e32cb7693aac1cd14b29585a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:13:e9:aa:90:43:d0:b5:d6:a4:4e:f9:2f:f9:
a8:de:b6:dd:68:bc:9d:6f:47:71:31:5e:82:5f:d1:
bf:67:90:12:c1:41:33:20:ce:b3:3d:91:19:a9:b6:
05:52:c5:9d:bd:07:5d:2a:0b:44:a1:4d:fd:28:44:
9c:64:72:c9:08:73:99:54:b0:40:1f:b5:95:16:18:
29:32:2f:13:86:b9:1a:7f:83:52:b9:d1:46:8e:67:
de:73:d5:55:f1:17:ab:dc:b7:38:d9:1a:52:3c:fe:
bf:34:d9:94:bb:0b:7b:57:d8:a9:b0:f6:29:81:37:
5c:f3:86:b5:f1:59:9b:a8:46:37:bd:1f:90:e4:cb:
47:95:0c:57:81:99:93:4b:f8:bd:5e:f9:00:a0:16:
94:3a:31:d8:d2:47:c5:6e:85:33:62:0c:0b:9f:eb:
19:0e:db:d5:20:dd:bb:84:02:27:73:b9:66:97:b5:
66:d6:3c:3e:b3:7a:cd:e1:15:01:de:b0:d8:51:c4:
d4:e5:35:91:93:c8:44:59:a4:98:e8:b1:4e:b6:ec:
12:52:03:4e:26:c9:b6:fb:aa:c0:5f:e0:f2:7c:c8:
bb:df:8a:e9:40:19:de:92:94:84:c5:b9:79:c4:0c:
71:b4:0e:ce:32:7f:1c:8d:2c:1a:bc:09:d1:03:34:
70:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:59:1F:72:13:83:87:B9:E3:2C:B7:69:3A:AC:1C:D1:4B:29:58:5A
X509v3 Authority Key Identifier:
keyid:69:51:D4:55:1D:26:A5:1C:0F:92:B7:7C:2D:37:8F:B3:47:58:B8:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVHUVR0mpRwPkrd8LTePs0dYuHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/02610f-6913-4049-97f0-a2eda946ed29/1/XlkfchODh7njLLdpOqwc0UspWFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/02610f-6913-4049-97f0-a2eda946ed29/1/aVHUVR0mpRwPkrd8LTePs0dYuHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.102.0/24
146.0.88.0/21
185.195.88.0/22
Signature Algorithm: sha256WithRSAEncryption
13:47:5e:0d:66:3a:30:c1:4f:15:08:ca:43:8d:c8:cd:c2:83:
b5:3b:35:c4:3b:b4:7c:1d:05:10:10:7d:b3:98:a5:45:2f:26:
18:a5:33:a4:b7:f0:21:93:6b:17:ad:6f:8c:67:e4:d9:16:25:
11:34:5c:b4:8a:c8:9c:70:f5:e2:0b:fa:f7:0d:40:8d:ec:31:
5e:11:40:21:0c:b2:f7:28:6f:2a:b3:f4:0d:d9:9e:6a:e2:0a:
49:c9:75:b2:c0:97:f3:b3:e7:34:c5:32:43:e9:62:99:cc:50:
82:ee:35:b3:09:5a:dd:3e:03:3c:2b:cf:86:c1:da:4d:30:3a:
3f:b3:f0:00:fa:85:62:87:03:95:1b:24:38:95:bb:02:a5:7b:
a5:11:2c:c7:d8:3c:5f:0e:d7:05:7b:a4:67:c0:78:73:4a:8e:
eb:9c:98:2a:ad:eb:cc:50:e5:0e:60:c6:39:dc:9a:2f:84:7f:
93:4a:1b:1e:7e:d1:be:e3:1a:4c:df:c3:75:52:26:a1:a3:11:
c9:4e:d2:27:5b:9a:2f:40:bc:e3:d0:83:41:59:a5:74:1f:50:
f7:f5:79:f9:97:c2:6b:c1:5b:83:c4:5c:88:8e:5c:97:69:30:
dc:af:af:aa:60:1d:ab:f3:08:61:ac:79:c7:ab:52:4e:5f:1c:
0a:96:31:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHHdxESrEaBsE8FzTJjPdBuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTFkNDU1MWQyNmE1MWMwZjkyYjc3YzJkMzc4ZmIzNDc1
OGI4NzcwHhcNMjQwOTA2MTMxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTU5MWY3MjEzODM4N2I5ZTMyY2I3NjkzYWFjMWNkMTRiMjk1ODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxPpqpBD0LXWpE75L/mo3rbdaLyd
b0dxMV6CX9G/Z5ASwUEzIM6zPZEZqbYFUsWdvQddKgtEoU39KEScZHLJCHOZVLBA
H7WVFhgpMi8Thrkaf4NSudFGjmfec9VV8Rer3Lc42RpSPP6/NNmUuwt7V9ipsPYp
gTdc84a18VmbqEY3vR+Q5MtHlQxXgZmTS/i9XvkAoBaUOjHY0kfFboUzYgwLn+sZ
DtvVIN27hAInc7lml7Vm1jw+s3rN4RUB3rDYUcTU5TWRk8hEWaSY6LFOtuwSUgNO
Jsm2+6rAX+DyfMi734rpQBnekpSExbl5xAxxtA7OMn8cjSwavAnRAzRwEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF5ZH3ITg4e54yy3aTqsHNFLKVhaMB8GA1UdIwQY
MBaAFGlR1FUdJqUcD5K3fC03j7NHWLh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZIVVZSMG1wUndQa3JkOExUZVBzMGRZdUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wMjYxMGYtNjkxMy00MDQ5LTk3ZjAt
YTJlZGE5NDZlZDI5LzEvWGxrZmNoT0RoN25qTExkcE9xd2MwVXNwV0ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wMjYxMGYtNjkxMy00MDQ5LTk3ZjAtYTJlZGE5NDZlZDI5
LzEvYVZIVVZSMG1wUndQa3JkOExUZVBzMGRZdUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9VmAwQD
kgBYAwQCucNYMA0GCSqGSIb3DQEBCwUAA4IBAQATR14NZjowwU8VCMpDjcjNwoO1
OzXEO7R8HQUQEH2zmKVFLyYYpTOkt/Ahk2sXrW+MZ+TZFiURNFy0isiccPXiC/r3
DUCN7DFeEUAhDLL3KG8qs/QN2Z5q4gpJyXWywJfzs+c0xTJD6WKZzFCC7jWzCVrd
PgM8K8+GwdpNMDo/s/AA+oVihwOVGyQ4lbsCpXulESzH2DxfDtcFe6RnwHhzSo7r
nJgqrevMUOUOYMY53JovhH+TShseftG+4xpM38N1UiahoxHJTtInW5ovQLzj0INB
WaV0H1D39Xn5l8JrwVuDxFyIjlyXaTDcr6+qYB2r8whhrHnHq1JOXxwKljE4
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:45 2025 by rpki-client