Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/mDOAiYPn4DBt3mk1yAdAG5o6VQE.roa
File: mDOAiYPn4DBt3mk1yAdAG5o6VQE.roa (raw, json)
Hash identifier: ILQ8mdArrK+fpSnRLefKj8ZzvgCXalDc6sm12PITlXM=
Subject key identifier: 98:33:80:89:83:E7:E0:30:6D:DE:69:35:C8:07:40:1B:9A:3A:55:01
Certificate issuer: /CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Certificate serial: 018CC94D4C6FA0562B9F6548F915994A82AC
Authority key identifier: 0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/mDOAiYPn4DBt3mk1yAdAG5o6VQE.roa
Signing time: Tue 02 Jan 2024 08:32:15 +0000
ROA not before: Tue 02 Jan 2024 08:32:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42830
IP address blocks: 91.236.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:4c:6f:a0:56:2b:9f:65:48:f9:15:99:4a:82:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Validity
Not Before: Jan 2 08:32:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9833808983e7e0306dde6935c807401b9a3a5501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:13:89:c9:05:12:64:7c:04:11:5c:d8:73:40:
23:ac:d5:36:04:74:94:a9:10:7f:7e:0d:b3:e4:39:
17:99:5d:6e:5a:da:a7:97:af:04:41:aa:1c:76:d7:
1f:5e:af:2f:b4:c6:f4:5c:57:44:51:a0:a9:25:f0:
b6:1a:21:88:bf:f6:2b:90:46:2c:54:ed:f2:93:37:
2e:73:65:f0:66:ba:e9:37:8f:98:45:27:17:42:39:
9b:12:e9:cb:02:df:2a:92:13:e1:fb:06:d2:58:5a:
87:25:5c:8d:36:ae:19:74:09:50:89:2e:2e:91:34:
e2:5f:1b:a5:77:2e:ae:94:06:00:31:68:13:76:63:
aa:0d:54:eb:b4:f1:a4:f4:04:7d:1b:c4:ef:51:48:
57:f0:43:68:4c:10:d9:52:af:d7:1a:4c:49:ff:a4:
14:b5:0b:b9:06:a8:f2:29:24:68:86:bf:87:9e:2f:
dd:a7:8a:f7:32:86:8e:9b:43:17:34:4a:a9:c1:44:
a1:d5:cc:37:20:ca:91:bd:2d:3f:ef:07:d5:b3:56:
a6:3e:0d:90:37:c0:77:5b:b4:e0:ea:1b:41:c2:da:
f7:11:ca:22:63:cc:9d:27:9c:54:50:a4:86:ac:7b:
e0:a2:22:49:7e:07:67:79:5a:54:65:82:b8:fa:7c:
29:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:33:80:89:83:E7:E0:30:6D:DE:69:35:C8:07:40:1B:9A:3A:55:01
X509v3 Authority Key Identifier:
keyid:0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/mDOAiYPn4DBt3mk1yAdAG5o6VQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.129.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:48:c7:96:35:87:4b:03:84:c5:2f:3b:75:6d:e4:ad:1c:f1:
6d:2c:31:56:64:fd:43:af:9b:65:be:f6:37:af:c4:70:8e:49:
f5:d9:90:38:8d:74:97:9d:23:37:c4:13:01:2e:06:dd:ec:5b:
76:a6:02:2a:64:20:75:d0:e1:26:a5:8e:53:cf:8c:e1:68:40:
e2:8a:ca:8a:a3:34:ef:66:c9:aa:aa:6a:f0:e7:c0:c8:7a:c9:
a3:90:37:29:1c:da:4d:b4:3e:9b:25:ae:3d:8a:b4:1a:67:d2:
bf:04:6e:2a:5f:39:d0:ad:f3:21:25:94:81:d8:75:aa:8c:62:
03:40:2a:f3:36:08:48:21:61:63:a2:a4:b7:4f:68:69:40:db:
7f:58:0c:a9:c3:76:a1:e5:9f:1c:3d:e8:c1:f0:5f:6c:f1:c8:
c7:7b:c9:35:e8:44:a1:51:e1:12:8e:80:b7:b0:45:b8:66:05:
9f:5b:74:e2:e1:e4:e9:4d:c8:8e:44:20:84:12:94:82:c5:a0:
3f:8b:d2:ba:8a:67:29:ff:e7:a3:65:d8:9c:8d:71:75:b1:fa:
11:87:01:91:62:ef:e5:a5:19:fd:f6:43:b7:72:76:a5:6d:10:
ad:eb:16:b7:ec:e8:29:5b:da:4e:0d:d3:14:b5:17:19:8d:a9:
8a:b6:8f:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTUxvoFYrn2VI+RWZSoKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODFmZTkwNTlmNjgyMGJjMThhZDU4MDJmMmYxZmNhNzdk
MjU0YjcwHhcNMjQwMTAyMDgzMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODMzODA4OTgzZTdlMDMwNmRkZTY5MzVjODA3NDAxYjlhM2E1NTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhOJyQUSZHwEEVzYc0AjrNU2BHSU
qRB/fg2z5DkXmV1uWtqnl68EQaocdtcfXq8vtMb0XFdEUaCpJfC2GiGIv/YrkEYs
VO3ykzcuc2XwZrrpN4+YRScXQjmbEunLAt8qkhPh+wbSWFqHJVyNNq4ZdAlQiS4u
kTTiXxuldy6ulAYAMWgTdmOqDVTrtPGk9AR9G8TvUUhX8ENoTBDZUq/XGkxJ/6QU
tQu5BqjyKSRohr+Hni/dp4r3MoaOm0MXNEqpwUSh1cw3IMqRvS0/7wfVs1amPg2Q
N8B3W7Tg6htBwtr3EcoiY8ydJ5xUUKSGrHvgoiJJfgdneVpUZYK4+nwpiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJgzgImD5+Awbd5pNcgHQBuaOlUBMB8GA1UdIwQY
MBaAFAqB/pBZ9oILwYrVgC8vH8p30lS3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgt
YmYwNWFjYzgyYmQxLzEvbURPQWlZUG40REJ0M21rMXlBZEFHNW82VlFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgtYmYwNWFjYzgyYmQx
LzEvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+yBMA0G
CSqGSIb3DQEBCwUAA4IBAQCeSMeWNYdLA4TFLzt1beStHPFtLDFWZP1Dr5tlvvY3
r8Rwjkn12ZA4jXSXnSM3xBMBLgbd7Ft2pgIqZCB10OEmpY5Tz4zhaEDiisqKozTv
Zsmqqmrw58DIesmjkDcpHNpNtD6bJa49irQaZ9K/BG4qXznQrfMhJZSB2HWqjGID
QCrzNghIIWFjoqS3T2hpQNt/WAypw3ah5Z8cPejB8F9s8cjHe8k16EShUeESjoC3
sEW4ZgWfW3Ti4eTpTciORCCEEpSCxaA/i9K6imcp/+ejZdicjXF1sfoRhwGRYu/l
pRn99kO3cnalbRCt6xa37OgpW9pODdMUtRcZjamKto/8
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:29:36 2025 by rpki-client