Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/8e7e1d-158f-4c6e-aba3-39f13e76afa3/1/PTYEV-nQj_TirheSpkI-SkU7jnI.roa
File: PTYEV-nQj_TirheSpkI-SkU7jnI.roa (raw, json)
Hash identifier: Pi2be4jAhKkdB3PDBv/+QJxZlTIJwkoaB2qFJbZ2dzw=
Subject key identifier: 3D:36:04:57:E9:D0:8F:F4:E2:AE:17:92:A6:42:3E:4A:45:3B:8E:72
Certificate issuer: /CN=ea2c4ea79ddb7b003de01f1d05f6dbf716b11336
Certificate serial: 018CC870895FE13E5B9D44C17CADD55127FE
Authority key identifier: EA:2C:4E:A7:9D:DB:7B:00:3D:E0:1F:1D:05:F6:DB:F7:16:B1:13:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6ixOp53bewA94B8dBfbb9xaxEzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/8e7e1d-158f-4c6e-aba3-39f13e76afa3/1/PTYEV-nQj_TirheSpkI-SkU7jnI.roa
Signing time: Tue 02 Jan 2024 04:31:07 +0000
ROA not before: Tue 02 Jan 2024 04:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206314
IP address blocks: 91.241.24.0/22 maxlen: 22
91.238.172.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:89:5f:e1:3e:5b:9d:44:c1:7c:ad:d5:51:27:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea2c4ea79ddb7b003de01f1d05f6dbf716b11336
Validity
Not Before: Jan 2 04:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d360457e9d08ff4e2ae1792a6423e4a453b8e72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f9:62:52:2c:03:87:9c:d0:b7:5e:b3:32:4c:
f5:04:18:03:3e:cb:76:6b:21:5b:a4:7f:66:df:12:
17:8c:48:aa:7a:5f:0f:c4:5c:f5:02:be:7f:b9:88:
17:b9:92:fa:cd:db:2e:99:62:6d:c5:9f:2e:e3:04:
03:d0:d4:1e:c5:d1:58:fe:f6:c1:b8:0d:c8:f8:58:
c6:01:94:c4:0f:75:6b:b3:42:72:2e:26:ed:32:5f:
9d:82:ed:32:f0:e0:d6:ff:8b:b3:9c:51:05:e0:05:
35:6a:af:74:c9:ca:0c:b7:f5:23:bb:c5:02:bc:e6:
f6:11:6e:dc:e7:9d:75:16:f9:62:18:c4:cb:71:cf:
5a:28:89:f3:83:aa:29:3b:7d:61:03:b6:57:8c:37:
6d:a8:d2:6e:40:26:e3:4a:d8:2c:4e:ce:70:92:69:
1a:0e:34:ac:34:09:7c:c6:58:92:a7:78:20:29:d0:
c8:b0:2e:4a:4c:db:f9:c7:9d:a2:f8:25:d3:da:07:
6d:e3:3f:9c:71:27:1a:03:0c:3c:19:d6:e1:c8:7a:
75:5e:4c:f1:44:7a:17:00:8b:9e:6a:8d:86:2b:15:
6a:86:b9:c8:3b:b2:13:55:9d:34:30:6d:7c:6e:d1:
61:9a:df:40:c7:53:62:bb:f8:70:68:6c:2b:99:6a:
be:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:36:04:57:E9:D0:8F:F4:E2:AE:17:92:A6:42:3E:4A:45:3B:8E:72
X509v3 Authority Key Identifier:
keyid:EA:2C:4E:A7:9D:DB:7B:00:3D:E0:1F:1D:05:F6:DB:F7:16:B1:13:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6ixOp53bewA94B8dBfbb9xaxEzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8e7e1d-158f-4c6e-aba3-39f13e76afa3/1/PTYEV-nQj_TirheSpkI-SkU7jnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8e7e1d-158f-4c6e-aba3-39f13e76afa3/1/6ixOp53bewA94B8dBfbb9xaxEzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.172.0/22
91.241.24.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:6d:34:21:f2:9b:c6:dd:94:42:72:1a:b6:f6:84:f8:64:01:
3e:52:d9:65:49:01:cc:0c:54:67:cf:9c:6a:fe:f0:0c:c3:8c:
ed:38:13:73:10:1d:6d:6a:c7:f5:c7:90:29:06:7e:04:3f:75:
94:6d:bd:55:5b:8a:f0:72:46:52:5b:c0:5d:58:0e:b6:1f:ba:
02:94:07:dd:a6:d5:89:d5:97:0a:3c:91:c0:59:49:7f:4e:20:
56:88:1e:55:e9:1b:7d:d6:85:86:c1:35:80:c5:bf:41:26:b5:
63:80:35:bc:51:2d:06:5e:d4:ba:04:29:66:00:fb:dd:10:7b:
5d:ef:f3:0d:70:69:51:b1:2c:2f:27:04:86:d6:09:37:bc:d5:
b4:5f:f1:2d:db:e3:bb:eb:ea:99:54:33:49:e2:7d:cb:aa:a2:
01:68:e8:a2:cb:60:25:00:65:3c:d7:3d:45:48:6b:45:9a:45:
f3:f2:2c:e8:b8:e2:35:6a:91:86:4a:c3:37:c0:7a:25:e9:e2:
bc:c5:1f:84:1d:fd:30:21:d9:ae:55:3a:27:23:89:11:58:45:
36:32:14:82:a3:d0:4a:20:a1:61:8b:8c:fc:80:e0:b9:ef:6c:
8a:fa:5c:83:53:d9:5f:02:fe:85:05:7c:a9:3a:0b:06:71:08:
6e:db:12:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIcIlf4T5bnUTBfK3VUSf+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMmM0ZWE3OWRkYjdiMDAzZGUwMWYxZDA1ZjZkYmY3MTZi
MTEzMzYwHhcNMjQwMTAyMDQzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDM2MDQ1N2U5ZDA4ZmY0ZTJhZTE3OTJhNjQyM2U0YTQ1M2I4ZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifliUiwDh5zQt16zMkz1BBgDPst2
ayFbpH9m3xIXjEiqel8PxFz1Ar5/uYgXuZL6zdsumWJtxZ8u4wQD0NQexdFY/vbB
uA3I+FjGAZTED3Vrs0JyLibtMl+dgu0y8ODW/4uznFEF4AU1aq90ycoMt/Uju8UC
vOb2EW7c5511FvliGMTLcc9aKInzg6opO31hA7ZXjDdtqNJuQCbjStgsTs5wkmka
DjSsNAl8xliSp3ggKdDIsC5KTNv5x52i+CXT2gdt4z+ccScaAww8GdbhyHp1Xkzx
RHoXAIueao2GKxVqhrnIO7ITVZ00MG18btFhmt9Ax1Niu/hwaGwrmWq+EwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD02BFfp0I/04q4XkqZCPkpFO45yMB8GA1UdIwQY
MBaAFOosTqed23sAPeAfHQX22/cWsRM2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNml4T3A1M2Jld0E5NEI4ZEJmYmI5eGF4RXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC84ZTdlMWQtMTU4Zi00YzZlLWFiYTMt
MzlmMTNlNzZhZmEzLzEvUFRZRVYtblFqX1RpcmhlU3BrSS1Ta1U3am5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC84ZTdlMWQtMTU4Zi00YzZlLWFiYTMtMzlmMTNlNzZhZmEz
LzEvNml4T3A1M2Jld0E5NEI4ZEJmYmI5eGF4RXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+6sAwQC
W/EYMA0GCSqGSIb3DQEBCwUAA4IBAQDNbTQh8pvG3ZRCchq29oT4ZAE+UtllSQHM
DFRnz5xq/vAMw4ztOBNzEB1tasf1x5ApBn4EP3WUbb1VW4rwckZSW8BdWA62H7oC
lAfdptWJ1ZcKPJHAWUl/TiBWiB5V6Rt91oWGwTWAxb9BJrVjgDW8US0GXtS6BClm
APvdEHtd7/MNcGlRsSwvJwSG1gk3vNW0X/Et2+O76+qZVDNJ4n3LqqIBaOiiy2Al
AGU81z1FSGtFmkXz8izouOI1apGGSsM3wHol6eK8xR+EHf0wIdmuVTonI4kRWEU2
MhSCo9BKIKFhi4z8gOC572yK+lyDU9lfAv6FBXypOgsGcQhu2xKx
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:29:52 2025 by rpki-client