Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/96AJQMf69FFoKpyoNUVK_h_GyFs.roa
File: 96AJQMf69FFoKpyoNUVK_h_GyFs.roa (raw, json)
Hash identifier: E6OKuL1I5M8UZPM9gZzYATutv49iuVvK5XicfM6/FpI=
Subject key identifier: F7:A0:09:40:C7:FA:F4:51:68:2A:9C:A8:35:45:4A:FE:1F:C6:C8:5B
Certificate issuer: /CN=50980fb6ade858f2652e736993126c85759f06d9
Certificate serial: 0195813095DAACBD8B1BD6CB45CDC75E6AF3
Authority key identifier: 50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/96AJQMf69FFoKpyoNUVK_h_GyFs.roa
Signing time: Mon 10 Mar 2025 17:53:19 +0000
ROA not before: Mon 10 Mar 2025 17:53:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213541
IP address blocks: 91.204.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 16:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:81:30:95:da:ac:bd:8b:1b:d6:cb:45:cd:c7:5e:6a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50980fb6ade858f2652e736993126c85759f06d9
Validity
Not Before: Mar 10 17:53:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7a00940c7faf451682a9ca835454afe1fc6c85b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:09:08:0b:2c:d3:e0:8d:82:4f:6a:8f:4b:d9:
2f:d5:dc:1e:ca:7b:e4:18:92:f3:0f:7a:d7:51:58:
ea:66:73:69:d1:fe:eb:50:23:f1:49:56:1f:d8:29:
6a:8c:8b:33:2a:37:0c:36:f0:84:2a:97:2e:52:4b:
7a:dc:d3:6f:b6:38:02:9a:7c:30:d2:f3:6f:32:0b:
03:4a:17:1c:57:15:8a:90:c5:17:f9:ee:c4:83:a8:
96:96:43:20:86:d6:ee:84:1c:c9:c8:f0:f0:5b:fa:
75:d4:71:26:3c:a9:88:ab:1a:2d:40:1e:61:40:80:
7f:cb:d4:2d:08:6f:78:2d:5c:27:f4:e7:61:9a:34:
05:e9:26:d0:ff:f6:43:ef:fc:71:99:9c:a1:8a:34:
4f:7e:38:04:d2:6f:38:11:7c:c2:91:ec:ae:38:47:
61:2e:3b:c8:bb:bd:b9:66:b4:27:b0:91:fd:78:37:
46:79:04:66:6a:cc:63:75:ad:5c:41:03:34:86:66:
1a:78:46:d6:3c:75:f1:cd:3d:9d:39:27:6d:c1:c2:
5c:f4:cb:61:46:11:3d:cc:cd:00:14:d9:63:e5:7a:
a5:ee:8d:e4:2e:f6:ef:cd:6d:2a:1a:e7:f1:c1:01:
62:23:1a:b9:15:69:42:24:a0:7c:e7:8e:85:70:03:
6c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:A0:09:40:C7:FA:F4:51:68:2A:9C:A8:35:45:4A:FE:1F:C6:C8:5B
X509v3 Authority Key Identifier:
keyid:50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/96AJQMf69FFoKpyoNUVK_h_GyFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.181.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:c6:ce:1a:0c:72:2b:16:ef:b2:56:d1:e2:ed:ca:30:af:47:
ee:7e:96:0e:5c:0e:d2:32:ec:f7:fc:85:d3:5d:66:c8:97:82:
d5:ba:49:ec:e9:86:2c:ad:3d:1c:e3:8b:a0:fb:95:9b:70:9f:
ea:89:45:41:3b:d1:5b:0a:aa:b6:f9:73:3f:99:f1:f6:bd:f4:
24:84:ab:31:26:b6:98:f8:4c:5c:7a:98:fe:95:4c:1a:0b:f6:
ca:a3:80:49:4a:34:64:27:3d:59:36:6b:43:8c:c3:1b:74:8b:
ef:bb:89:2c:df:bb:be:a0:a3:ed:17:c3:6c:4e:e8:36:53:72:
17:c8:3d:15:9a:60:05:9f:5e:e7:f6:ea:f4:4a:25:c5:6e:b5:
95:35:98:31:5b:cf:ab:cc:04:36:e3:5b:ba:99:e4:9d:5a:56:
ac:15:e4:99:e3:61:57:8f:0d:47:9c:02:85:fe:e7:1a:98:a7:
29:f9:38:08:7a:2a:73:34:a5:0a:3c:bb:81:18:50:93:ab:6a:
4e:34:6e:9f:2c:69:4b:f0:1d:35:e5:0e:b9:1b:2d:bf:8b:49:
83:db:95:ba:72:65:de:2d:0f:7b:18:b8:72:6e:0b:6c:1b:43:
cf:4f:da:91:1a:05:2c:8b:1e:dc:69:5d:58:18:3b:0a:9c:55:
fc:17:4b:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWBMJXarL2LG9bLRc3HXmrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTgwZmI2YWRlODU4ZjI2NTJlNzM2OTkzMTI2Yzg1NzU5
ZjA2ZDkwHhcNMjUwMzEwMTc1MzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2EwMDk0MGM3ZmFmNDUxNjgyYTljYTgzNTQ1NGFmZTFmYzZjODViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9QkICyzT4I2CT2qPS9kv1dweynvk
GJLzD3rXUVjqZnNp0f7rUCPxSVYf2ClqjIszKjcMNvCEKpcuUkt63NNvtjgCmnww
0vNvMgsDShccVxWKkMUX+e7Eg6iWlkMghtbuhBzJyPDwW/p11HEmPKmIqxotQB5h
QIB/y9QtCG94LVwn9OdhmjQF6SbQ//ZD7/xxmZyhijRPfjgE0m84EXzCkeyuOEdh
LjvIu725ZrQnsJH9eDdGeQRmasxjda1cQQM0hmYaeEbWPHXxzT2dOSdtwcJc9Mth
RhE9zM0AFNlj5Xql7o3kLvbvzW0qGufxwQFiIxq5FWlCJKB8546FcANsbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPegCUDH+vRRaCqcqDVFSv4fxshbMB8GA1UdIwQY
MBaAFFCYD7at6FjyZS5zaZMSbIV1nwbZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEt
Y2NhNzlhNjk4MjBhLzEvOTZBSlFNZjY5RkZvS3B5b05VVktfaF9HeUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEtY2NhNzlhNjk4MjBh
LzEvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8y1MA0G
CSqGSIb3DQEBCwUAA4IBAQB9xs4aDHIrFu+yVtHi7cowr0fufpYOXA7SMuz3/IXT
XWbIl4LVukns6YYsrT0c44ug+5WbcJ/qiUVBO9FbCqq2+XM/mfH2vfQkhKsxJraY
+Excepj+lUwaC/bKo4BJSjRkJz1ZNmtDjMMbdIvvu4ks37u+oKPtF8NsTug2U3IX
yD0VmmAFn17n9ur0SiXFbrWVNZgxW8+rzAQ241u6meSdWlasFeSZ42FXjw1HnAKF
/ucamKcp+TgIeipzNKUKPLuBGFCTq2pONG6fLGlL8B015Q65Gy2/i0mD25W6cmXe
LQ97GLhybgtsG0PPT9qRGgUsix7caV1YGDsKnFX8F0vs
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:40:05 2025 by rpki-client