Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/sWR3hfhP6LmTz_pHts-b2TGQgqA.roa
File: sWR3hfhP6LmTz_pHts-b2TGQgqA.roa (raw, json)
Hash identifier: VQt95PvKFRHvIVwfYZIupZCHQcHQUhYlhFFsbzJyBS0=
Subject key identifier: B1:64:77:85:F8:4F:E8:B9:93:CF:FA:47:B6:CF:9B:D9:31:90:82:A0
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 01942445A0BE0A905A51A628C0DC87DCF976
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/sWR3hfhP6LmTz_pHts-b2TGQgqA.roa
Signing time: Wed 01 Jan 2025 23:48:50 +0000
ROA not before: Wed 01 Jan 2025 23:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 91.190.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 18:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:a0:be:0a:90:5a:51:a6:28:c0:dc:87:dc:f9:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Jan 1 23:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1647785f84fe8b993cffa47b6cf9bd9319082a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:42:a1:bc:e6:0c:cf:f1:5e:f0:77:bb:63:53:
82:49:8c:f4:60:5e:26:cc:5e:bc:12:c4:6e:35:0c:
25:2c:6d:74:82:6e:01:c3:62:83:26:fb:88:aa:83:
22:1b:a6:e1:93:a2:0e:95:b5:51:91:a0:24:03:d4:
f0:d5:91:92:29:44:7b:15:16:3d:ed:2a:eb:5c:52:
2f:11:91:83:b5:26:92:00:8b:2d:d1:60:f1:29:ac:
eb:51:14:99:6b:b4:97:66:14:85:ac:44:34:09:73:
d1:20:7d:85:32:6b:34:90:b4:32:63:78:13:04:89:
3a:5f:42:43:07:ad:9d:b0:2f:c4:33:85:2d:20:4c:
71:a4:24:1d:e6:38:c8:5c:84:a9:71:59:13:59:b1:
43:76:99:4b:df:77:17:47:4f:07:92:08:12:c0:a5:
5d:ba:c3:52:a4:a0:d7:23:ea:d5:62:00:13:bc:6f:
b9:3b:70:61:e9:d1:61:78:27:64:cb:a2:4b:75:5c:
1b:d4:a0:86:8e:c4:8d:d4:a0:28:86:04:e0:19:ac:
15:a1:6c:6c:9e:bd:f7:57:65:6e:91:96:6c:4f:20:
6c:35:00:04:d5:36:34:31:43:20:d5:3e:4a:68:53:
80:69:83:b0:ef:22:3b:35:8a:8e:fd:98:ae:b6:8a:
32:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:64:77:85:F8:4F:E8:B9:93:CF:FA:47:B6:CF:9B:D9:31:90:82:A0
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/sWR3hfhP6LmTz_pHts-b2TGQgqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.154.0/24
Signature Algorithm: sha256WithRSAEncryption
64:b3:32:5a:c3:7c:d9:f3:c6:d6:94:df:d9:9b:27:0a:04:d3:
7a:e5:90:2c:92:e3:99:be:e0:37:b2:67:42:87:6c:3f:75:fb:
3f:73:11:fc:a6:01:9e:a4:69:61:4f:54:aa:4c:6c:52:a8:f2:
50:16:03:db:8c:be:c7:b6:80:c3:ce:c3:de:02:24:2e:d1:7e:
6e:16:93:10:d8:81:dc:cc:8a:35:04:92:db:e7:13:7c:65:01:
a1:ab:5a:57:8c:36:1b:71:b7:ff:f5:f6:76:cd:ac:5c:5b:2d:
db:49:80:07:4b:e9:d0:22:a9:4a:1d:a3:d6:1a:9f:da:a3:ad:
6a:bb:7d:d9:72:6f:ec:b8:5b:98:37:c9:6f:80:dd:99:1b:ad:
9a:10:8e:3d:30:4b:06:85:8c:60:31:d2:37:d6:f0:5c:42:61:
d6:0f:ca:93:10:46:da:1b:cd:fe:4b:90:76:b7:e0:d8:fa:51:
17:1c:68:5a:73:12:e6:d7:10:f8:6c:60:f4:0d:20:c7:c9:83:
8d:68:c7:c2:fe:b7:75:77:8a:b8:9a:84:2d:67:16:3e:c0:bf:
27:5d:6b:8f:d8:9e:55:f2:92:27:51:3c:de:f7:83:a5:f2:62:
d4:35:e7:d5:d4:70:7f:de:12:c8:38:4b:c7:fc:26:58:c6:e5:
eb:b5:dc:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRaC+CpBaUaYowNyH3Pl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwMTAxMjM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTY0Nzc4NWY4NGZlOGI5OTNjZmZhNDdiNmNmOWJkOTMxOTA4MmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0KhvOYMz/Fe8He7Y1OCSYz0YF4m
zF68EsRuNQwlLG10gm4Bw2KDJvuIqoMiG6bhk6IOlbVRkaAkA9Tw1ZGSKUR7FRY9
7SrrXFIvEZGDtSaSAIst0WDxKazrURSZa7SXZhSFrEQ0CXPRIH2FMms0kLQyY3gT
BIk6X0JDB62dsC/EM4UtIExxpCQd5jjIXISpcVkTWbFDdplL33cXR08HkggSwKVd
usNSpKDXI+rVYgATvG+5O3Bh6dFheCdky6JLdVwb1KCGjsSN1KAohgTgGawVoWxs
nr33V2VukZZsTyBsNQAE1TY0MUMg1T5KaFOAaYOw7yI7NYqO/ZiutooyuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLFkd4X4T+i5k8/6R7bPm9kxkIKgMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvc1dSM2hmaFA2TG1Uel9wSHRzLWIyVEdRZ3FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW76aMA0G
CSqGSIb3DQEBCwUAA4IBAQBkszJaw3zZ88bWlN/ZmycKBNN65ZAskuOZvuA3smdC
h2w/dfs/cxH8pgGepGlhT1SqTGxSqPJQFgPbjL7HtoDDzsPeAiQu0X5uFpMQ2IHc
zIo1BJLb5xN8ZQGhq1pXjDYbcbf/9fZ2zaxcWy3bSYAHS+nQIqlKHaPWGp/ao61q
u33Zcm/suFuYN8lvgN2ZG62aEI49MEsGhYxgMdI31vBcQmHWD8qTEEbaG83+S5B2
t+DY+lEXHGhacxLm1xD4bGD0DSDHyYONaMfC/rd1d4q4moQtZxY+wL8nXWuP2J5V
8pInUTze94Ol8mLUNefV1HB/3hLIOEvH/CZYxuXrtdze
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:19:34 2025 by rpki-client