Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/7a7ce6-06a6-41d3-b5fa-97174a96e815/1/pqtwPrg1B01rINPAyyRohqIfJFk.roa
File: pqtwPrg1B01rINPAyyRohqIfJFk.roa (raw, json)
Hash identifier: ytSymUugKzS/jCGAGyBfSEjyF9vVXyEq04+8JyOGgFg=
Subject key identifier: A6:AB:70:3E:B8:35:07:4D:6B:20:D3:C0:CB:24:68:86:A2:1F:24:59
Certificate issuer: /CN=bb4bbd334581ddcdd935bcef47d9a04cbce5fded
Certificate serial: 018CC3489FE1897005E1D201DD2E657334E0
Authority key identifier: BB:4B:BD:33:45:81:DD:CD:D9:35:BC:EF:47:D9:A0:4C:BC:E5:FD:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0u9M0WB3c3ZNbzvR9mgTLzl_e0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/7a7ce6-06a6-41d3-b5fa-97174a96e815/1/pqtwPrg1B01rINPAyyRohqIfJFk.roa
Signing time: Mon 01 Jan 2024 04:29:25 +0000
ROA not before: Mon 01 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199408
IP address blocks: 185.14.168.0/22 maxlen: 22
91.195.1.0/24 maxlen: 24
91.195.0.0/23 maxlen: 23
2a03:aec0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:9f:e1:89:70:05:e1:d2:01:dd:2e:65:73:34:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb4bbd334581ddcdd935bcef47d9a04cbce5fded
Validity
Not Before: Jan 1 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6ab703eb835074d6b20d3c0cb246886a21f2459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c5:4b:cb:73:2b:e8:06:83:3b:85:ff:dc:8d:
65:3a:4c:6e:99:53:e3:2d:ac:57:43:ae:3a:e6:54:
46:8a:78:40:54:f5:5c:4d:fa:c2:59:42:ff:15:bf:
e4:c2:a6:92:16:d6:ff:67:5d:19:83:eb:6e:95:79:
90:ab:a4:c7:8b:65:31:15:cd:2b:d6:74:0f:b3:c8:
9f:33:4e:33:b7:98:ab:6a:72:bd:4a:8f:a7:6f:01:
8b:11:a4:92:88:c7:41:65:91:a7:a9:9c:b3:3c:aa:
7a:72:9d:75:e2:f9:c7:c9:4a:e8:8c:7e:9e:16:19:
5e:22:38:87:06:20:f1:4f:d9:c1:21:56:0c:c6:9f:
31:63:96:8c:4c:10:f0:72:84:b7:f1:b7:0d:ba:b0:
ea:7b:c2:dd:30:85:1b:a0:92:5b:2d:3e:86:34:d0:
d0:63:bb:da:a1:59:60:12:32:fa:cf:4f:1c:86:8c:
06:db:87:08:27:3d:72:7b:79:8a:53:86:c5:50:87:
af:3f:cb:e8:41:a9:c5:dc:27:ab:de:d7:d0:19:ad:
da:72:b0:c3:2c:dd:fb:62:0a:bf:bb:5b:ca:07:78:
4f:7f:e1:84:b9:a7:81:58:b3:3a:fd:80:a5:41:86:
44:e5:ef:c6:cf:09:c6:2b:51:6a:b1:93:6e:a8:41:
6a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:AB:70:3E:B8:35:07:4D:6B:20:D3:C0:CB:24:68:86:A2:1F:24:59
X509v3 Authority Key Identifier:
keyid:BB:4B:BD:33:45:81:DD:CD:D9:35:BC:EF:47:D9:A0:4C:BC:E5:FD:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0u9M0WB3c3ZNbzvR9mgTLzl_e0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/7a7ce6-06a6-41d3-b5fa-97174a96e815/1/pqtwPrg1B01rINPAyyRohqIfJFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/7a7ce6-06a6-41d3-b5fa-97174a96e815/1/u0u9M0WB3c3ZNbzvR9mgTLzl_e0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.0.0/23
185.14.168.0/22
IPv6:
2a03:aec0::/32
Signature Algorithm: sha256WithRSAEncryption
ac:6d:1e:69:a6:e1:d9:55:39:bd:a4:90:6b:48:55:98:ed:f0:
13:2e:a1:70:34:9d:06:c1:c8:9f:28:f4:d9:c3:d1:9c:ac:9f:
47:02:6a:fa:0e:22:c4:64:83:72:b0:8d:46:a2:67:f5:b4:c3:
fb:d7:2a:45:1a:84:6b:86:55:9e:79:06:42:c2:7d:6e:67:17:
40:c3:41:ee:62:51:2e:1a:b1:de:64:48:d3:52:91:99:ee:f8:
54:f5:e3:1f:a7:cf:26:bf:2d:e9:cd:e6:63:20:9e:de:9f:13:
4b:0f:49:2f:45:32:13:54:36:34:4b:ab:2b:7f:f2:d3:df:d8:
d0:26:43:5d:b5:8d:23:7e:5b:d9:59:22:b7:24:b9:4d:f7:e7:
01:3b:cc:1c:2d:97:a9:59:b6:19:68:fb:02:2a:a4:c9:10:08:
d4:9f:56:8b:11:90:07:e9:02:ca:ed:e1:bd:16:a7:90:00:f7:
3e:26:d4:e2:e9:ee:b5:dc:46:59:a6:13:cb:d3:d5:83:f7:ff:
ca:3c:5a:64:a4:78:79:0c:52:93:40:ea:3f:c1:eb:ba:1b:88:
1c:92:a4:bb:7e:49:58:27:ac:1f:14:94:89:e3:ee:18:91:7f:
71:c5:06:6d:93:6c:a5:a5:2c:20:82:34:a5:05:4a:29:cb:02:
e0:9a:a4:28
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSJ/hiXAF4dIB3S5lczTgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNGJiZDMzNDU4MWRkY2RkOTM1YmNlZjQ3ZDlhMDRjYmNl
NWZkZWQwHhcNMjQwMTAxMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmFiNzAzZWI4MzUwNzRkNmIyMGQzYzBjYjI0Njg4NmEyMWYyNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMVLy3Mr6AaDO4X/3I1lOkxumVPj
LaxXQ6465lRGinhAVPVcTfrCWUL/Fb/kwqaSFtb/Z10Zg+tulXmQq6THi2UxFc0r
1nQPs8ifM04zt5iranK9So+nbwGLEaSSiMdBZZGnqZyzPKp6cp114vnHyUrojH6e
FhleIjiHBiDxT9nBIVYMxp8xY5aMTBDwcoS38bcNurDqe8LdMIUboJJbLT6GNNDQ
Y7vaoVlgEjL6z08chowG24cIJz1ye3mKU4bFUIevP8voQanF3Cer3tfQGa3acrDD
LN37Ygq/u1vKB3hPf+GEuaeBWLM6/YClQYZE5e/GzwnGK1FqsZNuqEFq8QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKarcD64NQdNayDTwMskaIaiHyRZMB8GA1UdIwQY
MBaAFLtLvTNFgd3N2TW870fZoEy85f3tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTB1OU0wV0IzYzNaTmJ6dlI5bWdUTHpsX2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83YTdjZTYtMDZhNi00MWQzLWI1ZmEt
OTcxNzRhOTZlODE1LzEvcHF0d1ByZzFCMDFySU5QQXl5Um9ocUlmSkZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83YTdjZTYtMDZhNi00MWQzLWI1ZmEtOTcxNzRhOTZlODE1
LzEvdTB1OU0wV0IzYzNaTmJ6dlI5bWdUTHpsX2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW8MAAwQC
uQ6oMA0EAgACMAcDBQAqA67AMA0GCSqGSIb3DQEBCwUAA4IBAQCsbR5ppuHZVTm9
pJBrSFWY7fATLqFwNJ0GwcifKPTZw9GcrJ9HAmr6DiLEZINysI1Gomf1tMP71ypF
GoRrhlWeeQZCwn1uZxdAw0HuYlEuGrHeZEjTUpGZ7vhU9eMfp88mvy3pzeZjIJ7e
nxNLD0kvRTITVDY0S6srf/LT39jQJkNdtY0jflvZWSK3JLlN9+cBO8wcLZepWbYZ
aPsCKqTJEAjUn1aLEZAH6QLK7eG9FqeQAPc+JtTi6e613EZZphPL09WD9//KPFpk
pHh5DFKTQOo/weu6G4gckqS7fklYJ6wfFJSJ4+4YkX9xxQZtk2ylpSwggjSlBUop
ywLgmqQo
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:54 2025 by rpki-client