Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ba7219-ad7c-48b0-9c96-17228cef0049/1/63DNAQVLo2qX4564pxBB4IcLgw8.roa
File: 63DNAQVLo2qX4564pxBB4IcLgw8.roa (raw, json)
Hash identifier: 6rBtI9VthwFAoyNh1cJOdc1p8+eFjSXv3JCyK9mlpis=
Subject key identifier: EB:70:CD:01:05:4B:A3:6A:97:E3:9E:B8:A7:10:41:E0:87:0B:83:0F
Certificate issuer: /CN=a77720c7dc1dc3edd1d0d47f923bcd833f06af36
Certificate serial: 0193F00ACE99685838891FEAA614B5FC3B13
Authority key identifier: A7:77:20:C7:DC:1D:C3:ED:D1:D0:D4:7F:92:3B:CD:83:3F:06:AF:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p3cgx9wdw-3R0NR_kjvNgz8GrzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ba7219-ad7c-48b0-9c96-17228cef0049/1/63DNAQVLo2qX4564pxBB4IcLgw8.roa
Signing time: Sun 22 Dec 2024 20:24:20 +0000
ROA not before: Sun 22 Dec 2024 20:24:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44655
IP address blocks: 91.202.124.0/22 maxlen: 22
2001:67c:740::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f0:0a:ce:99:68:58:38:89:1f:ea:a6:14:b5:fc:3b:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a77720c7dc1dc3edd1d0d47f923bcd833f06af36
Validity
Not Before: Dec 22 20:24:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb70cd01054ba36a97e39eb8a71041e0870b830f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a3:d3:67:77:0e:a6:21:34:e4:12:20:fc:86:
0d:c3:c2:a0:cc:5a:5d:41:a2:cf:f9:b4:d5:e5:1c:
f0:0a:ad:a2:15:ee:bb:29:7b:b4:31:1b:c9:ac:3b:
6d:0d:07:18:eb:b4:a3:6b:d1:f8:f2:0a:49:1d:d4:
da:a4:21:33:c2:96:d4:27:ee:47:f2:8c:0b:29:1f:
36:d7:c3:e6:62:c2:cc:13:3c:8b:92:a6:c2:1c:e9:
2a:8d:97:6d:de:dc:27:fd:41:9c:26:4c:23:20:44:
15:be:a9:34:dd:b8:e4:60:06:a8:51:89:78:03:9f:
39:37:1f:16:a9:0e:d1:44:bc:06:07:47:78:7d:27:
19:92:b2:de:84:19:95:d6:7e:32:de:b8:70:c3:1c:
54:b1:c2:23:00:f6:26:d2:a5:fd:c6:eb:32:06:0e:
20:d5:7d:3b:dc:86:bb:8e:eb:e8:45:f6:c9:f5:f1:
a9:f0:da:fd:1c:97:ef:7d:37:2a:e0:94:db:b0:a0:
e8:75:57:92:16:b8:74:c7:fc:ac:06:a9:53:f5:2a:
35:74:75:b5:39:d4:88:45:b6:6d:96:1d:fd:3b:68:
a0:36:26:a6:f4:0b:35:f2:d1:bd:43:6b:9a:dc:e6:
d4:c3:9e:80:c9:bf:44:e5:ff:86:66:ed:6f:3e:8e:
99:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:70:CD:01:05:4B:A3:6A:97:E3:9E:B8:A7:10:41:E0:87:0B:83:0F
X509v3 Authority Key Identifier:
keyid:A7:77:20:C7:DC:1D:C3:ED:D1:D0:D4:7F:92:3B:CD:83:3F:06:AF:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p3cgx9wdw-3R0NR_kjvNgz8GrzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ba7219-ad7c-48b0-9c96-17228cef0049/1/63DNAQVLo2qX4564pxBB4IcLgw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ba7219-ad7c-48b0-9c96-17228cef0049/1/p3cgx9wdw-3R0NR_kjvNgz8GrzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.124.0/22
IPv6:
2001:67c:740::/48
Signature Algorithm: sha256WithRSAEncryption
18:8a:18:f6:71:07:0a:42:fa:6e:c2:46:b3:a8:f7:58:30:59:
f0:2e:bb:18:2d:09:fb:97:53:a3:bc:4e:2e:9e:7d:79:42:b3:
5c:a8:af:10:4b:72:91:78:5e:1f:53:71:59:c2:3f:a9:47:5b:
7e:bf:73:19:e2:c3:74:30:ce:10:8c:cb:cd:fc:8b:48:3c:c7:
1b:6f:bd:b9:c3:71:eb:92:d9:1d:5f:77:4f:5c:76:3e:20:e5:
76:f0:1a:85:76:88:9c:f5:d9:2e:f3:07:82:c8:f0:a6:d1:7c:
b4:50:9e:93:7b:4f:24:27:fb:ec:9f:3c:0d:24:bc:dd:ad:64:
9f:63:63:38:b9:0c:48:01:50:f2:bf:68:16:9e:9a:df:7c:6e:
57:a6:e3:b1:13:9f:fd:72:17:1e:bc:23:47:3a:29:03:6e:49:
45:87:9f:56:6b:f0:de:0a:35:a9:39:99:68:09:ce:c3:dd:fa:
e3:b7:ed:b8:d6:7c:7f:e5:c3:25:61:6b:db:e4:2e:73:dd:24:
71:11:c7:2c:ec:a4:38:63:0d:48:38:2d:fa:ca:dd:c3:70:12:
3e:74:7d:f3:89:c1:fb:9a:3f:3e:7c:ad:82:77:d5:25:49:d3:
8b:a2:a4:2a:0a:e7:b3:fb:b2:8b:95:87:47:0e:d6:91:2d:d1:
70:c5:65:5b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZPwCs6ZaFg4iR/qphS1/DsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NzcyMGM3ZGMxZGMzZWRkMWQwZDQ3ZjkyM2JjZDgzM2Yw
NmFmMzYwHhcNMjQxMjIyMjAyNDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjcwY2QwMTA1NGJhMzZhOTdlMzllYjhhNzEwNDFlMDg3MGI4MzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5aPTZ3cOpiE05BIg/IYNw8KgzFpd
QaLP+bTV5RzwCq2iFe67KXu0MRvJrDttDQcY67Sja9H48gpJHdTapCEzwpbUJ+5H
8owLKR8218PmYsLMEzyLkqbCHOkqjZdt3twn/UGcJkwjIEQVvqk03bjkYAaoUYl4
A585Nx8WqQ7RRLwGB0d4fScZkrLehBmV1n4y3rhwwxxUscIjAPYm0qX9xusyBg4g
1X073Ia7juvoRfbJ9fGp8Nr9HJfvfTcq4JTbsKDodVeSFrh0x/ysBqlT9So1dHW1
OdSIRbZtlh39O2igNiam9As18tG9Q2ua3ObUw56Ayb9E5f+GZu1vPo6ZtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOtwzQEFS6Nql+OeuKcQQeCHC4MPMB8GA1UdIwQY
MBaAFKd3IMfcHcPt0dDUf5I7zYM/Bq82MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDNjZ3g5d2R3LTNSME5SX2tqdk5nejhHcnpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iYTcyMTktYWQ3Yy00OGIwLTljOTYt
MTcyMjhjZWYwMDQ5LzEvNjNETkFRVkxvMnFYNDU2NHB4QkI0SWNMZ3c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iYTcyMTktYWQ3Yy00OGIwLTljOTYtMTcyMjhjZWYwMDQ5
LzEvcDNjZ3g5d2R3LTNSME5SX2tqdk5nejhHcnpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW8p8MA8E
AgACMAkDBwAgAQZ8B0AwDQYJKoZIhvcNAQELBQADggEBABiKGPZxBwpC+m7CRrOo
91gwWfAuuxgtCfuXU6O8Ti6efXlCs1yorxBLcpF4Xh9TcVnCP6lHW36/cxniw3Qw
zhCMy838i0g8xxtvvbnDceuS2R1fd09cdj4g5XbwGoV2iJz12S7zB4LI8KbRfLRQ
npN7TyQn++yfPA0kvN2tZJ9jYzi5DEgBUPK/aBaemt98blem47ETn/1yFx68I0c6
KQNuSUWHn1Zr8N4KNak5mWgJzsPd+uO37bjWfH/lwyVha9vkLnPdJHERxyzspDhj
DUg4LfrK3cNwEj50ffOJwfuaPz58rYJ31SVJ04uipCoK57P7souVh0cO1pEt0XDF
ZVs=
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:23:49 2025 by rpki-client