Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/9i4BEk1bWPm1wf4KBlofXZYTsC4.roa
File: 9i4BEk1bWPm1wf4KBlofXZYTsC4.roa (raw, json)
Hash identifier: KRYnn0fIT/KOiIVghkUP2Zsazl3kBzGB5VgPCH63XZ0=
Subject key identifier: F6:2E:01:12:4D:5B:58:F9:B5:C1:FE:0A:06:5A:1F:5D:96:13:B0:2E
Certificate issuer: /CN=13d83b225dd33860c51dc44aa88db5f03dc15a74
Certificate serial: 0195ADF2DE5B3121038F4F958770EFB689C3
Authority key identifier: 13:D8:3B:22:5D:D3:38:60:C5:1D:C4:4A:A8:8D:B5:F0:3D:C1:5A:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E9g7Il3TOGDFHcRKqI218D3BWnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/9i4BEk1bWPm1wf4KBlofXZYTsC4.roa
Signing time: Wed 19 Mar 2025 10:28:49 +0000
ROA not before: Wed 19 Mar 2025 10:28:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43858
IP address blocks: 91.198.199.0/24 maxlen: 24
91.244.246.0/24 maxlen: 24
146.255.168.0/21 maxlen: 21
185.11.160.0/22 maxlen: 22
185.80.176.0/22 maxlen: 22
2a03:39c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 19 Mar 2025 17:08:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ad:f2:de:5b:31:21:03:8f:4f:95:87:70:ef:b6:89:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13d83b225dd33860c51dc44aa88db5f03dc15a74
Validity
Not Before: Mar 19 10:28:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f62e01124d5b58f9b5c1fe0a065a1f5d9613b02e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8d:06:4a:c7:e5:4b:dd:ac:24:df:7c:9e:6f:
0e:b5:4d:fb:6e:97:54:79:a3:26:fa:5a:6f:25:a9:
75:3e:5e:ee:bc:95:3f:12:b5:78:60:0b:83:d0:0b:
d0:68:1f:4a:f2:a0:a0:72:f9:3d:04:78:51:35:85:
1f:91:de:89:36:f3:74:50:04:98:44:a5:5b:d9:9d:
cf:95:55:0b:6e:e3:be:4d:ee:64:34:65:ca:64:00:
4b:ed:c0:5b:1f:59:cf:4a:a5:3e:77:77:86:2a:ff:
6b:7f:b0:6e:ab:b2:55:a3:ad:22:0e:72:02:7a:86:
f5:8b:08:3e:3f:d9:fd:25:86:2a:0f:98:0d:fa:b8:
66:16:de:28:9a:aa:c2:7e:02:81:17:51:e3:c5:66:
47:ff:24:0c:06:6b:62:7a:be:73:f1:d0:90:d6:61:
ed:81:b7:b2:2c:5e:22:00:94:92:00:af:9f:26:3d:
da:9c:a2:29:0a:fd:84:6b:d1:f4:75:d0:78:a2:ac:
b4:6d:26:09:7c:e0:c7:50:14:cc:5e:2e:13:8b:19:
2f:fd:6f:ea:bf:a0:35:a2:55:c7:57:11:3b:63:38:
a3:48:57:7c:99:d1:c0:30:50:04:fd:74:91:5f:25:
38:dc:6f:63:39:1e:0c:12:b4:83:52:bd:65:4a:14:
6b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:2E:01:12:4D:5B:58:F9:B5:C1:FE:0A:06:5A:1F:5D:96:13:B0:2E
X509v3 Authority Key Identifier:
keyid:13:D8:3B:22:5D:D3:38:60:C5:1D:C4:4A:A8:8D:B5:F0:3D:C1:5A:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E9g7Il3TOGDFHcRKqI218D3BWnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/9i4BEk1bWPm1wf4KBlofXZYTsC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/E9g7Il3TOGDFHcRKqI218D3BWnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.199.0/24
91.244.246.0/24
146.255.168.0/21
185.11.160.0/22
185.80.176.0/22
IPv6:
2a03:39c0::/29
Signature Algorithm: sha256WithRSAEncryption
65:45:32:81:69:cb:37:d4:09:02:ab:3e:f6:21:fb:fc:6f:94:
82:e6:3f:d2:0b:09:6b:7c:82:d8:3c:ad:d5:c2:16:dc:95:8b:
d8:76:65:a9:f3:1b:98:8a:ee:62:5c:4c:be:56:74:a1:4c:24:
d3:71:c3:0a:ac:cd:e9:9c:fd:57:31:a9:17:cd:15:1f:5f:4b:
4b:a9:2a:46:95:7a:28:f8:84:af:b4:3c:1f:25:38:47:d4:89:
ca:bd:33:47:8a:30:bc:0f:96:52:38:27:7f:35:86:1e:aa:4f:
1d:d1:d8:22:ad:4d:4b:9f:fb:7a:e4:85:43:5a:01:9b:05:0b:
71:bf:ca:bb:87:ab:2b:63:7c:8e:6b:f7:2e:52:f6:77:82:1a:
ec:ed:3b:4f:9e:19:b0:d3:9e:71:76:e7:5d:8a:a3:a4:e6:eb:
aa:05:f9:ec:3d:58:f6:39:86:f1:53:e8:81:a7:4c:a7:34:06:
b7:fa:77:8e:4f:7a:e9:d2:b5:6b:72:96:76:de:b7:73:a7:50:
21:4c:1a:90:c4:15:00:b4:d0:10:ff:d5:86:4e:00:fd:25:95:
eb:39:08:dc:dd:b8:65:6b:ed:5c:ff:b5:e6:aa:af:7c:07:92:
ac:e0:86:92:a3:14:74:14:18:f9:47:5a:65:54:67:dc:3a:77:
a9:df:a7:65
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZWt8t5bMSEDj0+Vh3DvtonDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZDgzYjIyNWRkMzM4NjBjNTFkYzQ0YWE4OGRiNWYwM2Rj
MTVhNzQwHhcNMjUwMzE5MTAyODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjJlMDExMjRkNWI1OGY5YjVjMWZlMGEwNjVhMWY1ZDk2MTNiMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy40GSsflS92sJN98nm8OtU37bpdU
eaMm+lpvJal1Pl7uvJU/ErV4YAuD0AvQaB9K8qCgcvk9BHhRNYUfkd6JNvN0UASY
RKVb2Z3PlVULbuO+Te5kNGXKZABL7cBbH1nPSqU+d3eGKv9rf7Buq7JVo60iDnIC
eob1iwg+P9n9JYYqD5gN+rhmFt4omqrCfgKBF1HjxWZH/yQMBmtier5z8dCQ1mHt
gbeyLF4iAJSSAK+fJj3anKIpCv2Ea9H0ddB4oqy0bSYJfODHUBTMXi4Tixkv/W/q
v6A1olXHVxE7YzijSFd8mdHAMFAE/XSRXyU43G9jOR4MErSDUr1lShRrvQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPYuARJNW1j5tcH+CgZaH12WE7AuMB8GA1UdIwQY
MBaAFBPYOyJd0zhgxR3ESqiNtfA9wVp0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTlnN0lsM1RPR0RGSGNSS3FJMjE4RDNCV25RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9mMjExMWEtM2Y0Ny00ZmYwLWE1MWQt
YjI1MTM3N2FkZDg2LzEvOWk0QkVrMWJXUG0xd2Y0S0Jsb2ZYWllUc0M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9mMjExMWEtM2Y0Ny00ZmYwLWE1MWQtYjI1MTM3N2FkZDg2
LzEvRTlnN0lsM1RPR0RGSGNSS3FJMjE4RDNCV25RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW8bHAwQA
W/T2AwQDkv+oAwQCuQugAwQCuVCwMA0EAgACMAcDBQMqAznAMA0GCSqGSIb3DQEB
CwUAA4IBAQBlRTKBacs31AkCqz72Ifv8b5SC5j/SCwlrfILYPK3VwhbclYvYdmWp
8xuYiu5iXEy+VnShTCTTccMKrM3pnP1XMakXzRUfX0tLqSpGlXoo+ISvtDwfJThH
1InKvTNHijC8D5ZSOCd/NYYeqk8d0dgirU1Ln/t65IVDWgGbBQtxv8q7h6srY3yO
a/cuUvZ3ghrs7TtPnhmw055xduddiqOk5uuqBfnsPVj2OYbxU+iBp0ynNAa3+neO
T3rp0rVrcpZ23rdzp1AhTBqQxBUAtNAQ/9WGTgD9JZXrOQjc3bhla+1c/7Xmqq98
B5Ks4IaSoxR0FBj5R1plVGfcOnep36dl
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:20:21 2025 by rpki-client