Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/db63b5-1f96-4f00-865a-9ff5c1a3b0e0/1/elQXxyKIBXSROmjTD_K440RFpEM.roa
File: elQXxyKIBXSROmjTD_K440RFpEM.roa (raw, json)
Hash identifier: fTcsy5drc/BBlk3OWcUBuyUGWaoGw2ptsPnma4fUB1c=
Subject key identifier: 7A:54:17:C7:22:88:05:74:91:3A:68:D3:0F:F2:B8:E3:44:45:A4:43
Certificate issuer: /CN=c5ba51c07148843d400805b40335e72d324265f1
Certificate serial: 01941193AFABF3817E1FC5A42BFAF9F54C58
Authority key identifier: C5:BA:51:C0:71:48:84:3D:40:08:05:B4:03:35:E7:2D:32:42:65:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xbpRwHFIhD1ACAW0AzXnLTJCZfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/db63b5-1f96-4f00-865a-9ff5c1a3b0e0/1/elQXxyKIBXSROmjTD_K440RFpEM.roa
Signing time: Sun 29 Dec 2024 08:41:18 +0000
ROA not before: Sun 29 Dec 2024 08:41:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205547
IP address blocks: 91.209.225.0/24 maxlen: 24
185.40.35.0/24 maxlen: 24
2a12:d1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:11:93:af:ab:f3:81:7e:1f:c5:a4:2b:fa:f9:f5:4c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5ba51c07148843d400805b40335e72d324265f1
Validity
Not Before: Dec 29 08:41:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a5417c722880574913a68d30ff2b8e34445a443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ec:46:b1:f9:4a:6f:c2:1b:f5:9d:14:de:92:
38:27:63:7e:a3:a1:03:ab:cb:36:7e:59:ee:33:9f:
ae:be:09:3e:32:0b:b8:64:9d:bf:4a:67:bf:b1:f9:
d5:62:60:6a:a1:e1:a7:4d:0e:84:ef:00:a9:7f:d4:
f0:a6:62:90:d7:88:11:89:c5:6f:74:ef:18:db:d3:
73:b2:65:cc:ce:7e:96:48:68:5d:4d:e7:a8:1b:e0:
c7:27:46:57:9f:2e:3e:2d:91:c0:23:58:a5:2e:bb:
72:b0:46:fe:a9:90:72:47:b2:0c:a8:55:d8:06:48:
39:fd:73:84:13:01:4a:e1:78:bf:26:c9:a4:66:96:
0d:24:81:82:e3:28:aa:51:ac:a0:ee:b1:24:6a:c3:
20:2e:77:8c:c1:cb:8d:90:f5:43:7f:bc:3c:2a:37:
d5:6c:92:dc:d3:ee:93:31:77:8c:00:33:60:b8:dd:
aa:be:06:e7:77:a0:c1:08:ab:64:af:ef:dd:c0:09:
91:57:92:06:0f:ae:b3:31:8b:1a:60:f6:31:29:7c:
15:99:57:85:b7:da:50:4c:40:ba:83:be:0f:10:47:
96:c7:01:6a:36:c9:5e:47:fd:1b:e5:8c:ab:a4:e3:
e3:b2:5a:9c:e1:ac:27:6c:0f:f1:36:09:03:cd:9b:
22:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:54:17:C7:22:88:05:74:91:3A:68:D3:0F:F2:B8:E3:44:45:A4:43
X509v3 Authority Key Identifier:
keyid:C5:BA:51:C0:71:48:84:3D:40:08:05:B4:03:35:E7:2D:32:42:65:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xbpRwHFIhD1ACAW0AzXnLTJCZfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/db63b5-1f96-4f00-865a-9ff5c1a3b0e0/1/elQXxyKIBXSROmjTD_K440RFpEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/db63b5-1f96-4f00-865a-9ff5c1a3b0e0/1/xbpRwHFIhD1ACAW0AzXnLTJCZfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.225.0/24
185.40.35.0/24
IPv6:
2a12:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
62:8a:a4:aa:a0:af:88:0d:88:0d:af:74:3a:3c:cc:0b:7f:1e:
b9:d6:75:23:48:06:ee:84:3d:97:8c:c0:9a:53:32:36:06:35:
89:7f:ea:ce:76:1c:98:5a:03:0f:15:8b:03:e0:3c:8f:c8:a9:
e7:e4:d4:d6:11:66:e5:e9:07:e9:63:c5:94:e2:cc:8b:91:0b:
cb:50:4d:19:c6:8a:a7:5a:c6:17:31:eb:bb:c8:4e:3e:f1:f2:
5b:76:2e:62:b8:62:66:2f:b4:bb:9f:b2:fe:96:4a:bb:2a:cd:
43:0c:e4:cf:ac:f7:36:83:3a:d8:7b:7a:aa:f3:ff:f6:33:6d:
ad:bd:c9:46:05:ae:20:92:99:39:7e:f0:50:58:27:e2:dc:82:
59:d2:69:eb:ed:fa:12:cb:b5:66:8f:22:fe:fa:33:78:a9:c8:
95:eb:f7:91:9e:09:5d:5f:37:dd:9c:c1:63:fc:7d:2d:90:db:
04:29:54:e8:35:50:84:31:7c:0d:04:00:ee:69:ab:a9:c7:35:
77:f0:e0:b8:ba:17:40:be:1d:73:f0:38:dc:0d:fb:17:7c:fc:
f6:c3:3c:3f:11:10:f6:50:e6:a5:7c:94:80:a1:2e:14:07:bb:
33:e6:db:b4:e4:d2:c3:50:ab:72:8f:9f:6a:57:72:2a:97:d1:
4d:5a:95:09
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQRk6+r84F+H8WkK/r59UxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YmE1MWMwNzE0ODg0M2Q0MDA4MDViNDAzMzVlNzJkMzI0
MjY1ZjEwHhcNMjQxMjI5MDg0MTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTU0MTdjNzIyODgwNTc0OTEzYTY4ZDMwZmYyYjhlMzQ0NDVhNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+xGsflKb8Ib9Z0U3pI4J2N+o6ED
q8s2flnuM5+uvgk+Mgu4ZJ2/Sme/sfnVYmBqoeGnTQ6E7wCpf9TwpmKQ14gRicVv
dO8Y29NzsmXMzn6WSGhdTeeoG+DHJ0ZXny4+LZHAI1ilLrtysEb+qZByR7IMqFXY
Bkg5/XOEEwFK4Xi/JsmkZpYNJIGC4yiqUayg7rEkasMgLneMwcuNkPVDf7w8KjfV
bJLc0+6TMXeMADNguN2qvgbnd6DBCKtkr+/dwAmRV5IGD66zMYsaYPYxKXwVmVeF
t9pQTEC6g74PEEeWxwFqNsleR/0b5YyrpOPjslqc4awnbA/xNgkDzZsiFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHpUF8ciiAV0kTpo0w/yuONERaRDMB8GA1UdIwQY
MBaAFMW6UcBxSIQ9QAgFtAM15y0yQmXxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGJwUndIRkloRDFBQ0FXMEF6WG5MVEpDWmZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kYjYzYjUtMWY5Ni00ZjAwLTg2NWEt
OWZmNWMxYTNiMGUwLzEvZWxRWHh5S0lCWFNST21qVERfSzQ0MFJGcEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kYjYzYjUtMWY5Ni00ZjAwLTg2NWEtOWZmNWMxYTNiMGUw
LzEveGJwUndIRkloRDFBQ0FXMEF6WG5MVEpDWmZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9HhAwQA
uSgjMA0EAgACMAcDBQMqEtHAMA0GCSqGSIb3DQEBCwUAA4IBAQBiiqSqoK+IDYgN
r3Q6PMwLfx651nUjSAbuhD2XjMCaUzI2BjWJf+rOdhyYWgMPFYsD4DyPyKnn5NTW
EWbl6QfpY8WU4syLkQvLUE0ZxoqnWsYXMeu7yE4+8fJbdi5iuGJmL7S7n7L+lkq7
Ks1DDOTPrPc2gzrYe3qq8//2M22tvclGBa4gkpk5fvBQWCfi3IJZ0mnr7foSy7Vm
jyL++jN4qciV6/eRngldXzfdnMFj/H0tkNsEKVToNVCEMXwNBADuaaupxzV38OC4
uhdAvh1z8DjcDfsXfPz2wzw/ERD2UOalfJSAoS4UB7sz5tu05NLDUKtyj59qV3Iq
l9FNWpUJ
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:07:29 2025 by rpki-client