Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/066da9-995e-48f2-b9f1-801cab720edb/1/FhQ69VG90KjPVyq5OYmdevUMLmU.roa
File: FhQ69VG90KjPVyq5OYmdevUMLmU.roa (raw, json)
Hash identifier: DKdVxBbgXUFZU/obDvqJi889ocbcD7Q2TSWC/kx0zGg=
Subject key identifier: 16:14:3A:F5:51:BD:D0:A8:CF:57:2A:B9:39:89:9D:7A:F5:0C:2E:65
Certificate issuer: /CN=efa4772463cdbe12b73b16ad0d2516f07d63830d
Certificate serial: 018CC8DF4C8DDB69B6C9ECC88EDB328AB6D4
Authority key identifier: EF:A4:77:24:63:CD:BE:12:B7:3B:16:AD:0D:25:16:F0:7D:63:83:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76R3JGPNvhK3OxatDSUW8H1jgw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/066da9-995e-48f2-b9f1-801cab720edb/1/FhQ69VG90KjPVyq5OYmdevUMLmU.roa
Signing time: Tue 02 Jan 2024 06:32:06 +0000
ROA not before: Tue 02 Jan 2024 06:32:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 91.213.91.0/24 maxlen: 24
2001:67c:2ea0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:4c:8d:db:69:b6:c9:ec:c8:8e:db:32:8a:b6:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa4772463cdbe12b73b16ad0d2516f07d63830d
Validity
Not Before: Jan 2 06:32:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16143af551bdd0a8cf572ab939899d7af50c2e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:01:f8:aa:8e:8d:96:52:99:40:53:f3:72:4c:
e2:b6:31:7c:a3:75:e9:dd:b8:bc:40:51:b5:24:e8:
1d:48:f6:85:24:f6:9b:d9:e0:fe:ca:43:95:3d:fe:
ef:83:3a:db:d9:c0:4d:e4:10:41:a0:25:aa:a8:ff:
05:6c:f4:75:1a:4d:52:69:77:6d:2d:1b:65:ab:29:
f8:7d:49:6a:ce:f9:e6:d9:5d:6e:dc:fe:02:ad:60:
49:37:74:d4:d2:1b:c5:4d:e6:ca:d5:a1:24:ee:71:
44:9a:fd:ad:fd:d8:8a:9e:ee:6c:b1:1e:95:11:a1:
0b:20:75:4e:9b:b1:c4:17:ff:43:bd:ab:08:76:e7:
fc:65:b3:05:4c:50:58:3f:d7:5f:d5:13:31:ec:55:
eb:f2:61:ee:ea:6a:e3:c1:22:3e:1f:80:9c:bc:b9:
45:a5:48:2a:a5:90:f5:32:a5:10:5c:b0:2f:da:ac:
47:73:e6:74:a5:08:28:44:49:a8:8e:c7:6a:c5:f9:
99:62:68:16:b6:3c:95:89:54:51:33:e2:3f:8d:90:
a8:39:c7:d5:df:77:76:66:3d:53:d3:36:76:83:16:
f1:6c:04:45:22:e9:44:b1:84:31:39:c2:22:1b:dc:
28:c3:a4:f1:66:e6:68:d7:05:af:a9:6d:81:c3:db:
7e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:14:3A:F5:51:BD:D0:A8:CF:57:2A:B9:39:89:9D:7A:F5:0C:2E:65
X509v3 Authority Key Identifier:
keyid:EF:A4:77:24:63:CD:BE:12:B7:3B:16:AD:0D:25:16:F0:7D:63:83:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76R3JGPNvhK3OxatDSUW8H1jgw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/066da9-995e-48f2-b9f1-801cab720edb/1/FhQ69VG90KjPVyq5OYmdevUMLmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/066da9-995e-48f2-b9f1-801cab720edb/1/76R3JGPNvhK3OxatDSUW8H1jgw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.91.0/24
IPv6:
2001:67c:2ea0::/48
Signature Algorithm: sha256WithRSAEncryption
9d:a1:71:87:94:9c:80:79:06:38:ad:0d:37:d1:3b:16:46:92:
5e:f7:88:d0:8e:eb:54:77:81:59:c6:c5:10:86:62:ba:7f:ea:
0d:34:e2:7a:62:26:6c:c7:23:70:e4:05:5a:94:f2:93:e6:47:
eb:14:95:7a:42:82:9b:ad:f8:b0:17:7b:c8:25:ae:3a:86:31:
f4:b2:2c:70:af:f1:8f:6b:25:e8:fc:09:64:62:7a:b2:df:d8:
af:4c:ac:c6:4e:1a:a0:83:a6:58:e3:d8:d6:65:ef:95:1e:10:
d1:2c:86:ff:d9:17:83:b1:23:77:1f:eb:fa:83:12:53:26:24:
90:27:7b:61:89:7c:b5:39:4d:ff:3b:f2:3b:20:da:db:3e:19:
cc:d5:ab:b6:77:84:f5:73:2a:50:eb:e9:98:3d:56:f5:26:42:
82:89:ac:d8:6e:e3:48:11:09:5a:c3:c1:4e:d8:d1:bb:99:89:
a4:eb:54:85:e5:00:09:50:75:12:56:2f:28:b7:b0:51:33:72:
12:23:b6:6f:b2:78:8f:25:21:3a:e7:ab:a3:12:e0:ef:66:4e:
fa:74:87:13:48:d8:67:af:2f:4f:09:13:0b:58:cd:a2:fb:e3:
21:e8:7f:7b:a3:ba:5f:bf:09:14:f4:1f:e5:fb:e1:ac:c4:74:
88:64:40:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI30yN22m2yezIjtsyirbUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTQ3NzI0NjNjZGJlMTJiNzNiMTZhZDBkMjUxNmYwN2Q2
MzgzMGQwHhcNMjQwMTAyMDYzMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjE0M2FmNTUxYmRkMGE4Y2Y1NzJhYjkzOTg5OWQ3YWY1MGMyZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgH4qo6NllKZQFPzckzitjF8o3Xp
3bi8QFG1JOgdSPaFJPab2eD+ykOVPf7vgzrb2cBN5BBBoCWqqP8FbPR1Gk1SaXdt
LRtlqyn4fUlqzvnm2V1u3P4CrWBJN3TU0hvFTebK1aEk7nFEmv2t/diKnu5ssR6V
EaELIHVOm7HEF/9DvasIduf8ZbMFTFBYP9df1RMx7FXr8mHu6mrjwSI+H4CcvLlF
pUgqpZD1MqUQXLAv2qxHc+Z0pQgoREmojsdqxfmZYmgWtjyViVRRM+I/jZCoOcfV
33d2Zj1T0zZ2gxbxbARFIulEsYQxOcIiG9wow6TxZuZo1wWvqW2Bw9t+lQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBYUOvVRvdCoz1cquTmJnXr1DC5lMB8GA1UdIwQY
MBaAFO+kdyRjzb4StzsWrQ0lFvB9Y4MNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZSM0pHUE52aEszT3hhdERTVVc4SDFqZ3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wNjZkYTktOTk1ZS00OGYyLWI5ZjEt
ODAxY2FiNzIwZWRiLzEvRmhRNjlWRzkwS2pQVnlxNU9ZbWRldlVNTG1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wNjZkYTktOTk1ZS00OGYyLWI5ZjEtODAxY2FiNzIwZWRi
LzEvNzZSM0pHUE52aEszT3hhdERTVVc4SDFqZ3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9VbMA8E
AgACMAkDBwAgAQZ8LqAwDQYJKoZIhvcNAQELBQADggEBAJ2hcYeUnIB5BjitDTfR
OxZGkl73iNCO61R3gVnGxRCGYrp/6g004npiJmzHI3DkBVqU8pPmR+sUlXpCgput
+LAXe8glrjqGMfSyLHCv8Y9rJej8CWRierLf2K9MrMZOGqCDpljj2NZl75UeENEs
hv/ZF4OxI3cf6/qDElMmJJAne2GJfLU5Tf878jsg2ts+GczVq7Z3hPVzKlDr6Zg9
VvUmQoKJrNhu40gRCVrDwU7Y0buZiaTrVIXlAAlQdRJWLyi3sFEzchIjtm+yeI8l
ITrnq6MS4O9mTvp0hxNI2GevL08JEwtYzaL74yHof3ujul+/CRT0H+X74azEdIhk
QBg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:55:39 2025 by rpki-client