Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/65f8e2-f4ed-424d-9b91-47dd0c04b550/1/KQTpo0qE-IFQA85pgla_9DzvFCk.roa
File: KQTpo0qE-IFQA85pgla_9DzvFCk.roa (raw, json)
Hash identifier: qw2dGxe2PcZ0NsBh3x31pMpPn9hnQ6fFR/rhJ9Lf9EY=
Subject key identifier: 29:04:E9:A3:4A:84:F8:81:50:03:CE:69:82:56:BF:F4:3C:EF:14:29
Certificate issuer: /CN=2b3d5db900e081b213ea1f071ec5c00347a6fd95
Certificate serial: 0195A8A60F02FD2062C52E09C61413D0656B
Authority key identifier: 2B:3D:5D:B9:00:E0:81:B2:13:EA:1F:07:1E:C5:C0:03:47:A6:FD:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kz1duQDggbIT6h8HHsXAA0em_ZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/65f8e2-f4ed-424d-9b91-47dd0c04b550/1/KQTpo0qE-IFQA85pgla_9DzvFCk.roa
Signing time: Tue 18 Mar 2025 09:46:49 +0000
ROA not before: Tue 18 Mar 2025 09:46:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34309
IP address blocks: 91.198.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 05:03:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:a6:0f:02:fd:20:62:c5:2e:09:c6:14:13:d0:65:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b3d5db900e081b213ea1f071ec5c00347a6fd95
Validity
Not Before: Mar 18 09:46:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2904e9a34a84f8815003ce698256bff43cef1429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:13:79:ca:0e:b4:a5:1a:9d:8d:da:ab:70:05:
c2:68:61:c5:94:9f:f1:1d:c6:9c:23:b0:09:b1:53:
2e:35:81:d8:d1:2e:ee:4c:84:ed:93:a9:f9:e9:ac:
93:63:ac:18:38:8d:1c:85:34:8f:d8:fb:c9:42:72:
fc:25:a9:15:ca:ff:51:8e:ca:86:a3:8e:75:3e:bf:
cc:c6:05:fd:3e:81:ce:dd:e0:ae:60:e4:95:b4:63:
43:b6:93:f8:ca:8a:6d:44:15:ef:86:33:e8:23:28:
7e:80:24:d1:bb:0f:6a:2f:4c:d1:74:96:36:e7:11:
ab:02:9a:b8:28:e8:f1:c4:ca:0e:d0:cf:b3:b5:e5:
77:39:ad:ac:da:be:56:20:cc:8b:8a:f6:18:ce:48:
ec:4c:e6:6b:e9:c5:3e:5f:16:b8:ff:19:bc:38:1d:
f4:38:6f:d1:25:76:f1:2e:da:57:1e:2b:68:29:db:
4a:0e:82:3c:97:92:32:b3:fe:c5:d9:4c:30:b1:ad:
62:09:62:c7:6c:9c:f4:a7:cc:9f:20:76:59:f7:cd:
f4:68:21:28:ed:01:a7:fb:e7:39:75:63:c9:b4:8e:
a6:a4:f8:4e:f6:a8:1d:fa:2e:aa:e3:65:8b:9c:b4:
a7:35:12:90:5a:09:5a:e5:07:1f:55:8e:52:f5:29:
a2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:04:E9:A3:4A:84:F8:81:50:03:CE:69:82:56:BF:F4:3C:EF:14:29
X509v3 Authority Key Identifier:
keyid:2B:3D:5D:B9:00:E0:81:B2:13:EA:1F:07:1E:C5:C0:03:47:A6:FD:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kz1duQDggbIT6h8HHsXAA0em_ZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/65f8e2-f4ed-424d-9b91-47dd0c04b550/1/KQTpo0qE-IFQA85pgla_9DzvFCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/65f8e2-f4ed-424d-9b91-47dd0c04b550/1/Kz1duQDggbIT6h8HHsXAA0em_ZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.173.0/24
Signature Algorithm: sha256WithRSAEncryption
08:cd:ab:86:82:de:8e:2c:cf:96:78:da:6c:03:7e:e6:09:c2:
5c:7d:97:2a:92:b4:fc:f8:1f:48:6e:28:af:2d:94:e3:62:7e:
57:55:17:b1:8b:18:8f:48:0b:c3:04:30:b6:cf:bd:97:5a:14:
1d:6d:a3:1c:f8:d1:ba:b0:0e:39:ca:a7:6c:c0:3d:14:4b:84:
3b:28:34:42:46:20:66:95:99:3e:6d:b4:f6:a0:be:9e:b9:3b:
39:f6:7b:8b:72:1a:80:24:c6:f3:f4:ae:d8:77:60:17:56:cc:
67:c9:c3:b5:7a:2e:43:d6:7f:bc:e6:6b:26:0e:a4:09:ca:08:
e5:ef:2d:cf:c0:39:a5:fd:96:19:d1:65:dc:a6:d7:6c:d4:f9:
18:40:32:45:44:c3:0d:1f:fc:b5:e1:7a:e5:da:e5:1b:bf:92:
85:ec:5f:ce:82:90:3a:36:1b:b3:03:8d:08:45:83:a7:d8:df:
2a:b5:11:e4:1c:9f:28:54:62:73:d1:c6:9c:1c:b3:59:91:48:
be:1f:14:55:29:ea:fc:55:4f:e3:ef:d1:a8:82:44:4d:44:75:
48:19:c2:fa:07:e2:29:ce:c7:cc:2a:e6:33:27:67:98:7d:1f:
f8:0b:d3:b0:b0:66:e7:05:77:86:33:f1:f3:b9:6c:79:d7:a4:
88:56:9a:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWopg8C/SBixS4JxhQT0GVrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiM2Q1ZGI5MDBlMDgxYjIxM2VhMWYwNzFlYzVjMDAzNDdh
NmZkOTUwHhcNMjUwMzE4MDk0NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTA0ZTlhMzRhODRmODgxNTAwM2NlNjk4MjU2YmZmNDNjZWYxNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxN5yg60pRqdjdqrcAXCaGHFlJ/x
HcacI7AJsVMuNYHY0S7uTITtk6n56ayTY6wYOI0chTSP2PvJQnL8JakVyv9RjsqG
o451Pr/MxgX9PoHO3eCuYOSVtGNDtpP4yoptRBXvhjPoIyh+gCTRuw9qL0zRdJY2
5xGrApq4KOjxxMoO0M+zteV3Oa2s2r5WIMyLivYYzkjsTOZr6cU+Xxa4/xm8OB30
OG/RJXbxLtpXHitoKdtKDoI8l5Iys/7F2Uwwsa1iCWLHbJz0p8yfIHZZ9830aCEo
7QGn++c5dWPJtI6mpPhO9qgd+i6q42WLnLSnNRKQWgla5QcfVY5S9SmiMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCkE6aNKhPiBUAPOaYJWv/Q87xQpMB8GA1UdIwQY
MBaAFCs9XbkA4IGyE+ofBx7FwANHpv2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3oxZHVRRGdnYklUNmg4SEhzWEFBMGVtX1pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS82NWY4ZTItZjRlZC00MjRkLTliOTEt
NDdkZDBjMDRiNTUwLzEvS1FUcG8wcUUtSUZRQTg1cGdsYV85RHp2RkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS82NWY4ZTItZjRlZC00MjRkLTliOTEtNDdkZDBjMDRiNTUw
LzEvS3oxZHVRRGdnYklUNmg4SEhzWEFBMGVtX1pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8atMA0G
CSqGSIb3DQEBCwUAA4IBAQAIzauGgt6OLM+WeNpsA37mCcJcfZcqkrT8+B9Ibiiv
LZTjYn5XVRexixiPSAvDBDC2z72XWhQdbaMc+NG6sA45yqdswD0US4Q7KDRCRiBm
lZk+bbT2oL6euTs59nuLchqAJMbz9K7Yd2AXVsxnycO1ei5D1n+85msmDqQJygjl
7y3PwDml/ZYZ0WXcptds1PkYQDJFRMMNH/y14Xrl2uUbv5KF7F/OgpA6NhuzA40I
RYOn2N8qtRHkHJ8oVGJz0cacHLNZkUi+HxRVKer8VU/j79GogkRNRHVIGcL6B+Ip
zsfMKuYzJ2eYfR/4C9OwsGbnBXeGM/HzuWx516SIVppu
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:22:42 2025 by rpki-client