Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/1lbQxZeDCvmWR6y8R9wZDozZjws.roa
File: 1lbQxZeDCvmWR6y8R9wZDozZjws.roa (raw, json)
Hash identifier: rmVWGzLaRDolyDHt0dgqhfqFMxnyhAzK+aSqtESJvAo=
Subject key identifier: D6:56:D0:C5:97:83:0A:F9:96:47:AC:BC:47:DC:19:0E:8C:D9:8F:0B
Certificate issuer: /CN=27c8b427c313598a92e8d8ec60e2950da39fc2c9
Certificate serial: 0196D92B8625395808AEF166391F998C2D33
Authority key identifier: 27:C8:B4:27:C3:13:59:8A:92:E8:D8:EC:60:E2:95:0D:A3:9F:C2:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/1lbQxZeDCvmWR6y8R9wZDozZjws.roa
Signing time: Fri 16 May 2025 12:57:10 +0000
ROA not before: Fri 16 May 2025 12:57:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56582
IP address blocks: 91.102.160.0/23 maxlen: 23
91.102.164.0/24 maxlen: 24
91.102.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 May 2025 13:17:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d9:2b:86:25:39:58:08:ae:f1:66:39:1f:99:8c:2d:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27c8b427c313598a92e8d8ec60e2950da39fc2c9
Validity
Not Before: May 16 12:57:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d656d0c597830af99647acbc47dc190e8cd98f0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:20:b4:67:b4:5a:cb:f4:ca:4f:3c:a0:b0:63:
29:52:f7:e5:4f:c1:4a:4c:79:e1:a2:2c:01:84:88:
45:a2:d4:a6:76:2e:c0:45:77:22:51:7b:dc:24:97:
1b:85:6c:7c:0a:f1:65:c8:75:73:ac:8d:8d:d1:12:
ca:a6:05:dd:33:22:28:a3:69:f8:2e:a6:c7:9f:59:
6f:df:cc:bd:7a:ec:51:76:93:05:df:9c:ff:c9:b8:
a4:80:1c:f6:59:ca:5f:24:d5:b3:d7:ca:dd:cb:0c:
41:0c:85:fc:6a:f0:df:00:aa:23:ed:df:18:b0:af:
65:67:1c:1b:6e:50:74:9d:37:45:25:6a:d5:a0:d4:
81:31:d5:79:f7:c1:e5:40:83:6c:0f:3d:0e:62:8f:
8c:26:75:15:7f:af:49:04:ae:9e:ae:76:f2:f9:cb:
68:7d:6b:0b:f4:da:f8:af:f2:6b:5f:7f:e9:6c:5a:
43:73:8e:76:89:df:7b:9b:f8:11:93:b2:68:b0:5f:
d3:b7:fd:f2:6d:a4:61:e2:d2:ed:f7:af:92:50:a7:
8b:d8:70:f5:41:c7:4b:bb:0a:11:5b:bc:aa:6b:5d:
ae:ab:6d:19:69:d3:22:0c:75:93:0d:47:16:27:3a:
90:9a:53:43:19:a4:55:28:e0:1a:5e:70:b3:5f:29:
1e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:56:D0:C5:97:83:0A:F9:96:47:AC:BC:47:DC:19:0E:8C:D9:8F:0B
X509v3 Authority Key Identifier:
keyid:27:C8:B4:27:C3:13:59:8A:92:E8:D8:EC:60:E2:95:0D:A3:9F:C2:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/1lbQxZeDCvmWR6y8R9wZDozZjws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/J8i0J8MTWYqS6NjsYOKVDaOfwsk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.160.0/23
91.102.164.0/24
91.102.167.0/24
Signature Algorithm: sha256WithRSAEncryption
63:74:27:a8:65:f7:b4:27:28:0b:32:07:fa:98:c9:65:da:32:
94:7a:58:31:dc:6d:f5:f2:8b:fe:0e:af:4e:2e:54:83:3b:ec:
60:f2:03:fe:52:e4:50:82:9d:44:3e:07:e4:6f:b1:91:a6:f5:
05:2c:fe:f8:f0:7a:cd:ee:23:de:79:62:08:fc:1f:59:6f:09:
59:7b:71:ee:be:9b:d1:9b:db:5b:dc:30:ae:db:35:fc:aa:9f:
d0:d9:98:30:5c:51:82:be:96:4d:c4:d5:cf:0c:1b:23:7a:4b:
ec:df:44:d7:f5:8f:7f:fd:6f:03:b6:45:c8:b0:46:ac:58:9a:
7c:92:3e:0b:20:f7:06:45:fc:14:75:5d:95:18:e1:64:89:33:
ae:82:b3:7a:dc:84:0e:0f:72:54:cd:69:96:84:3e:8c:d8:6d:
fc:90:6e:a8:b4:a0:17:13:2f:25:1a:35:0d:64:f1:df:60:58:
eb:1e:8b:53:0e:3b:94:55:11:30:a3:53:69:45:8c:27:4c:23:
a3:05:1c:02:d9:52:66:53:41:c1:7e:a8:49:99:bc:43:40:4c:
fd:62:7c:a7:ed:11:d3:57:02:71:a7:c1:af:30:74:e6:26:46:
fa:71:3d:1d:8c:ca:35:d5:f4:3e:7e:f7:d0:d9:24:b4:f7:6d:
9f:0d:65:aa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZbZK4YlOVgIrvFmOR+ZjC0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzhiNDI3YzMxMzU5OGE5MmU4ZDhlYzYwZTI5NTBkYTM5
ZmMyYzkwHhcNMjUwNTE2MTI1NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjU2ZDBjNTk3ODMwYWY5OTY0N2FjYmM0N2RjMTkwZThjZDk4ZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiC0Z7Ray/TKTzygsGMpUvflT8FK
THnhoiwBhIhFotSmdi7ARXciUXvcJJcbhWx8CvFlyHVzrI2N0RLKpgXdMyIoo2n4
LqbHn1lv38y9euxRdpMF35z/ybikgBz2WcpfJNWz18rdywxBDIX8avDfAKoj7d8Y
sK9lZxwbblB0nTdFJWrVoNSBMdV598HlQINsDz0OYo+MJnUVf69JBK6ernby+cto
fWsL9Nr4r/JrX3/pbFpDc452id97m/gRk7JosF/Tt/3ybaRh4tLt96+SUKeL2HD1
QcdLuwoRW7yqa12uq20ZadMiDHWTDUcWJzqQmlNDGaRVKOAaXnCzXykeiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNZW0MWXgwr5lkesvEfcGQ6M2Y8LMB8GA1UdIwQY
MBaAFCfItCfDE1mKkujY7GDilQ2jn8LJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhpMEo4TVRXWXFTNk5qc1lPS1ZEYU9md3NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9hN2NkYmYtZGE4ZS00ZDQzLWJkYzct
MWM2ZWU0NGUxMWFkLzEvMWxiUXhaZURDdm1XUjZ5OFI5d1pEb3paandzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9hN2NkYmYtZGE4ZS00ZDQzLWJkYzctMWM2ZWU0NGUxMWFk
LzEvSjhpMEo4TVRXWXFTNk5qc1lPS1ZEYU9md3NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW2agAwQA
W2akAwQAW2anMA0GCSqGSIb3DQEBCwUAA4IBAQBjdCeoZfe0JygLMgf6mMll2jKU
elgx3G318ov+Dq9OLlSDO+xg8gP+UuRQgp1EPgfkb7GRpvUFLP748HrN7iPeeWII
/B9ZbwlZe3HuvpvRm9tb3DCu2zX8qp/Q2ZgwXFGCvpZNxNXPDBsjekvs30TX9Y9/
/W8DtkXIsEasWJp8kj4LIPcGRfwUdV2VGOFkiTOugrN63IQOD3JUzWmWhD6M2G38
kG6otKAXEy8lGjUNZPHfYFjrHotTDjuUVREwo1NpRYwnTCOjBRwC2VJmU0HBfqhJ
mbxDQEz9Ynyn7RHTVwJxp8GvMHTmJkb6cT0djMo11fQ+fvfQ2SS0922fDWWq
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:37:51 2025 by rpki-client