Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/9fb1d7-8424-4c84-b0cb-2f51ecd1aa0e/1/pN06ABqJrRAOUU9S85twP_8uWGk.roa
File: pN06ABqJrRAOUU9S85twP_8uWGk.roa (raw, json)
Hash identifier: u+hxRM1SZNiBsTMEqMpfk702PzVDULnyyono0kbLeX8=
Subject key identifier: A4:DD:3A:00:1A:89:AD:10:0E:51:4F:52:F3:9B:70:3F:FF:2E:58:69
Certificate issuer: /CN=5134d1320645644e2eaf3685879d693f72522c76
Certificate serial: 018CC4930FD270252ECB807C043ABD8F2AB1
Authority key identifier: 51:34:D1:32:06:45:64:4E:2E:AF:36:85:87:9D:69:3F:72:52:2C:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UTTRMgZFZE4urzaFh51pP3JSLHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/9fb1d7-8424-4c84-b0cb-2f51ecd1aa0e/1/pN06ABqJrRAOUU9S85twP_8uWGk.roa
Signing time: Mon 01 Jan 2024 10:30:21 +0000
ROA not before: Mon 01 Jan 2024 10:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 91.194.104.0/23 maxlen: 24
91.194.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:0f:d2:70:25:2e:cb:80:7c:04:3a:bd:8f:2a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5134d1320645644e2eaf3685879d693f72522c76
Validity
Not Before: Jan 1 10:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4dd3a001a89ad100e514f52f39b703fff2e5869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ec:f4:e7:bc:fb:f7:61:fe:fd:ff:05:6a:6c:
36:2f:f6:20:14:a7:0e:3e:c1:85:07:6b:8f:67:93:
e7:34:bf:b0:f5:08:59:1a:ec:08:5a:a3:17:ae:27:
b2:d4:9c:a6:47:bd:55:15:27:cc:41:95:f2:27:79:
cf:5b:36:19:eb:f8:1b:a8:6a:7b:a8:3b:5e:94:ea:
26:de:36:cd:28:53:b2:5e:3e:74:42:f2:ef:7d:25:
6e:78:5f:13:8a:3b:95:4e:bd:ef:71:f6:3e:b3:75:
08:84:a5:6f:05:a8:cf:07:30:02:65:6d:a6:d7:38:
65:6c:55:6f:a0:52:1a:14:3e:2e:30:3b:ec:48:93:
c5:4c:41:da:9f:72:33:fb:35:7e:45:90:69:7e:b6:
1d:ad:94:f9:36:7f:9a:e2:70:31:8e:4b:e1:6c:66:
06:32:8e:9b:38:18:a3:d3:47:d5:58:11:d9:ae:27:
50:cf:78:d9:be:ee:07:18:2b:a3:6e:b0:2d:0a:af:
16:64:99:6d:bc:88:d1:91:b4:58:07:6c:22:2b:90:
e3:28:67:28:59:f4:b3:f0:48:ab:e6:ba:32:d5:fc:
55:1f:91:46:c6:3c:53:44:24:c6:65:19:a6:0c:3f:
ac:5c:6d:79:d0:47:a7:00:df:e5:f7:36:cf:45:eb:
c8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DD:3A:00:1A:89:AD:10:0E:51:4F:52:F3:9B:70:3F:FF:2E:58:69
X509v3 Authority Key Identifier:
keyid:51:34:D1:32:06:45:64:4E:2E:AF:36:85:87:9D:69:3F:72:52:2C:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UTTRMgZFZE4urzaFh51pP3JSLHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/9fb1d7-8424-4c84-b0cb-2f51ecd1aa0e/1/pN06ABqJrRAOUU9S85twP_8uWGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/9fb1d7-8424-4c84-b0cb-2f51ecd1aa0e/1/UTTRMgZFZE4urzaFh51pP3JSLHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.25.0/24
91.194.104.0/23
Signature Algorithm: sha256WithRSAEncryption
79:75:d3:47:22:70:c1:8f:86:50:e6:d3:2e:15:34:b5:24:69:
4f:bd:0b:76:27:4e:94:92:2e:a6:6c:90:14:a9:c1:2b:d8:5d:
2d:e2:32:ed:76:89:2d:37:f6:d9:ac:d1:13:da:15:f1:d2:85:
c2:7a:ad:9d:8d:ac:a1:f0:4c:ec:63:dd:fe:12:ed:82:7a:98:
74:78:53:c9:25:83:0e:8a:58:5f:6b:97:da:5e:74:e6:72:f9:
b8:31:b4:d3:09:e0:00:21:3a:f4:8f:96:60:4a:a4:88:59:77:
8f:04:55:5f:15:99:ee:5c:5d:5e:46:f6:bd:e3:65:88:fa:58:
3a:70:bc:d1:56:ef:0e:8a:58:2b:ba:06:84:08:39:12:c3:a6:
98:3c:dc:1e:27:e4:a8:48:c1:79:17:0a:7b:0d:cf:6c:0d:8a:
df:39:ef:f5:75:9e:97:1e:0b:e7:cb:43:da:60:82:36:ee:74:
61:fe:be:ec:19:21:a5:06:59:f0:ce:3c:7b:e1:5a:59:44:64:
81:9a:d2:d1:c4:54:92:ac:4b:65:39:dc:b2:05:d8:4d:80:ad:
2d:73:09:3a:f8:a3:b4:df:c7:d2:31:90:10:f3:5b:a3:ef:1b:
de:da:91:90:fa:0c:fa:11:c9:be:c9:6b:81:35:30:ac:ce:3b:
fb:19:57:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkw/ScCUuy4B8BDq9jyqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMzRkMTMyMDY0NTY0NGUyZWFmMzY4NTg3OWQ2OTNmNzI1
MjJjNzYwHhcNMjQwMTAxMTAzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGRkM2EwMDFhODlhZDEwMGU1MTRmNTJmMzliNzAzZmZmMmU1ODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uz057z792H+/f8Famw2L/YgFKcO
PsGFB2uPZ5PnNL+w9QhZGuwIWqMXriey1JymR71VFSfMQZXyJ3nPWzYZ6/gbqGp7
qDtelOom3jbNKFOyXj50QvLvfSVueF8TijuVTr3vcfY+s3UIhKVvBajPBzACZW2m
1zhlbFVvoFIaFD4uMDvsSJPFTEHan3Iz+zV+RZBpfrYdrZT5Nn+a4nAxjkvhbGYG
Mo6bOBij00fVWBHZridQz3jZvu4HGCujbrAtCq8WZJltvIjRkbRYB2wiK5DjKGco
WfSz8Eir5roy1fxVH5FGxjxTRCTGZRmmDD+sXG150EenAN/l9zbPRevIYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKTdOgAaia0QDlFPUvObcD//LlhpMB8GA1UdIwQY
MBaAFFE00TIGRWROLq82hYedaT9yUix2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVRUUk1nWkZaRTR1cnphRmg1MXBQM0pTTEhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS85ZmIxZDctODQyNC00Yzg0LWIwY2It
MmY1MWVjZDFhYTBlLzEvcE4wNkFCcUpyUkFPVVU5Uzg1dHdQXzh1V0drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS85ZmIxZDctODQyNC00Yzg0LWIwY2ItMmY1MWVjZDFhYTBl
LzEvVVRUUk1nWkZaRTR1cnphRmg1MXBQM0pTTEhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8IZAwQB
W8JoMA0GCSqGSIb3DQEBCwUAA4IBAQB5ddNHInDBj4ZQ5tMuFTS1JGlPvQt2J06U
ki6mbJAUqcEr2F0t4jLtdoktN/bZrNET2hXx0oXCeq2djayh8EzsY93+Eu2Ceph0
eFPJJYMOilhfa5faXnTmcvm4MbTTCeAAITr0j5ZgSqSIWXePBFVfFZnuXF1eRva9
42WI+lg6cLzRVu8OilgrugaECDkSw6aYPNweJ+SoSMF5Fwp7Dc9sDYrfOe/1dZ6X
Hgvny0PaYII27nRh/r7sGSGlBlnwzjx74VpZRGSBmtLRxFSSrEtlOdyyBdhNgK0t
cwk6+KO038fSMZAQ81uj7xve2pGQ+gz6Ecm+yWuBNTCszjv7GVeM
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:06:29 2025 by rpki-client