Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/47788a-1609-407e-86d6-ec40e1da35d0/1/3qXgNlZtcDN4GRvkMblkVsZ6rtY.roa
File: 3qXgNlZtcDN4GRvkMblkVsZ6rtY.roa (raw, json)
Hash identifier: Jer/cOuYR7x9nhI5X1iSCrZQRyiscVw1erKM9fkc5Qw=
Subject key identifier: DE:A5:E0:36:56:6D:70:33:78:19:1B:E4:31:B9:64:56:C6:7A:AE:D6
Certificate issuer: /CN=a53c57b456f06bfeb4621c96a005eacf60c6f614
Certificate serial: 0193AED08A2F26A1838872A16216E0147A82
Authority key identifier: A5:3C:57:B4:56:F0:6B:FE:B4:62:1C:96:A0:05:EA:CF:60:C6:F6:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTxXtFbwa_60YhyWoAXqz2DG9hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/47788a-1609-407e-86d6-ec40e1da35d0/1/3qXgNlZtcDN4GRvkMblkVsZ6rtY.roa
Signing time: Tue 10 Dec 2024 04:25:22 +0000
ROA not before: Tue 10 Dec 2024 04:25:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48955
IP address blocks: 91.235.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ae:d0:8a:2f:26:a1:83:88:72:a1:62:16:e0:14:7a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a53c57b456f06bfeb4621c96a005eacf60c6f614
Validity
Not Before: Dec 10 04:25:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dea5e036566d703378191be431b96456c67aaed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:31:46:82:34:2f:ff:4f:7b:3e:a0:76:9e:8e:
d4:d2:c9:5d:7f:ad:7e:f9:72:5a:4c:6e:64:f5:28:
8e:80:20:33:39:8e:2b:6c:68:26:2a:a5:e1:55:20:
40:2e:c4:75:23:a1:bf:00:55:82:aa:10:8a:9d:d2:
44:88:f3:3d:8e:2c:89:e9:31:2b:90:8e:b6:0d:f8:
08:6a:ba:72:af:6d:88:2a:fe:2d:ac:22:a5:e5:06:
42:47:42:f8:c6:0b:de:c3:9a:8c:60:d2:b8:09:c6:
33:4f:31:9c:98:81:47:5c:28:e8:0e:7f:39:b7:07:
bd:e1:db:e7:eb:0e:ee:00:31:10:03:c5:73:b9:63:
40:cc:f3:b7:8d:52:ce:86:da:68:ac:af:1e:85:bb:
37:79:6d:d9:32:5e:de:bf:13:81:fb:cb:9a:e0:83:
2c:21:fd:bd:db:cf:45:98:de:5f:b5:60:f2:5a:38:
66:ba:59:82:3b:60:9d:49:7f:24:fb:8e:33:eb:e3:
d7:49:b1:7d:3e:30:bf:4c:6a:0c:6e:fc:44:be:0c:
8a:a5:4f:13:62:a1:5b:fc:5d:f6:dd:d0:4a:47:d1:
ee:83:dc:99:9a:0e:64:17:3b:85:42:95:62:3b:de:
ac:eb:74:36:81:93:e3:e3:18:05:f0:d5:f7:d0:6a:
76:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A5:E0:36:56:6D:70:33:78:19:1B:E4:31:B9:64:56:C6:7A:AE:D6
X509v3 Authority Key Identifier:
keyid:A5:3C:57:B4:56:F0:6B:FE:B4:62:1C:96:A0:05:EA:CF:60:C6:F6:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTxXtFbwa_60YhyWoAXqz2DG9hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/47788a-1609-407e-86d6-ec40e1da35d0/1/3qXgNlZtcDN4GRvkMblkVsZ6rtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/47788a-1609-407e-86d6-ec40e1da35d0/1/pTxXtFbwa_60YhyWoAXqz2DG9hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.207.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:5e:8c:bf:d8:6e:70:90:b2:ed:34:45:32:ea:e5:40:62:82:
72:ce:c4:e2:a8:55:34:46:e4:b8:f1:b6:2e:15:bb:c4:0c:ce:
80:5c:c5:f5:a8:df:be:40:31:c2:15:79:16:de:6e:e1:20:81:
b1:50:85:42:83:29:23:85:8e:c5:c3:5e:32:11:b1:f6:7a:ab:
34:9d:83:3d:61:1e:15:c3:d1:17:86:c6:8a:e6:46:35:5f:87:
56:1c:99:da:00:ee:14:6b:8e:10:7e:9e:3f:3a:11:d3:e3:a3:
74:46:a1:21:b9:ea:62:6f:ca:fa:2a:c0:68:c6:dd:dc:9a:15:
a2:b2:68:45:fb:6b:bb:50:17:d8:a1:8e:3e:65:51:3e:36:0a:
50:a5:bf:42:02:89:0c:24:f1:7c:dc:9f:39:ae:14:9c:a9:b9:
c2:0e:db:e0:1b:e5:16:96:45:e1:25:ad:6d:92:97:9c:50:48:
0f:97:16:32:1f:e4:15:11:54:0a:d3:af:ab:3b:a0:b8:2b:3c:
2e:56:0c:a8:5e:8e:58:24:84:50:87:e7:bb:9c:f9:87:a1:c4:
ca:19:96:10:26:d6:f5:5f:d6:4e:87:45:d8:36:2d:86:ec:e1:
76:bf:92:74:70:08:94:a2:0c:0a:21:a9:29:63:d0:f0:24:09:
a3:2c:fe:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOu0IovJqGDiHKhYhbgFHqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1M2M1N2I0NTZmMDZiZmViNDYyMWM5NmEwMDVlYWNmNjBj
NmY2MTQwHhcNMjQxMjEwMDQyNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWE1ZTAzNjU2NmQ3MDMzNzgxOTFiZTQzMWI5NjQ1NmM2N2FhZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTFGgjQv/097PqB2no7U0sldf61+
+XJaTG5k9SiOgCAzOY4rbGgmKqXhVSBALsR1I6G/AFWCqhCKndJEiPM9jiyJ6TEr
kI62DfgIarpyr22IKv4trCKl5QZCR0L4xgvew5qMYNK4CcYzTzGcmIFHXCjoDn85
twe94dvn6w7uADEQA8VzuWNAzPO3jVLOhtporK8ehbs3eW3ZMl7evxOB+8ua4IMs
If29289FmN5ftWDyWjhmulmCO2CdSX8k+44z6+PXSbF9PjC/TGoMbvxEvgyKpU8T
YqFb/F323dBKR9Hug9yZmg5kFzuFQpViO96s63Q2gZPj4xgF8NX30Gp2fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6l4DZWbXAzeBkb5DG5ZFbGeq7WMB8GA1UdIwQY
MBaAFKU8V7RW8Gv+tGIclqAF6s9gxvYUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFR4WHRGYndhXzYwWWh5V29BWHF6MkRHOWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80Nzc4OGEtMTYwOS00MDdlLTg2ZDYt
ZWM0MGUxZGEzNWQwLzEvM3FYZ05sWnRjRE40R1J2a01ibGtWc1o2cnRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80Nzc4OGEtMTYwOS00MDdlLTg2ZDYtZWM0MGUxZGEzNWQw
LzEvcFR4WHRGYndhXzYwWWh5V29BWHF6MkRHOWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+vPMA0G
CSqGSIb3DQEBCwUAA4IBAQAcXoy/2G5wkLLtNEUy6uVAYoJyzsTiqFU0RuS48bYu
FbvEDM6AXMX1qN++QDHCFXkW3m7hIIGxUIVCgykjhY7Fw14yEbH2eqs0nYM9YR4V
w9EXhsaK5kY1X4dWHJnaAO4Ua44Qfp4/OhHT46N0RqEhuepib8r6KsBoxt3cmhWi
smhF+2u7UBfYoY4+ZVE+NgpQpb9CAokMJPF83J85rhScqbnCDtvgG+UWlkXhJa1t
kpecUEgPlxYyH+QVEVQK06+rO6C4KzwuVgyoXo5YJIRQh+e7nPmHocTKGZYQJtb1
X9ZOh0XYNi2G7OF2v5J0cAiUogwKIakpY9DwJAmjLP5P
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:36:43 2025 by rpki-client