Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/AO6KNPm3JqpHar5GNCwI83BKtXU.roa
File: AO6KNPm3JqpHar5GNCwI83BKtXU.roa (raw, json)
Hash identifier: Ea5tLZ/v2khySRJHB3RG/A94vBif+MO6zQ0ATp96dI8=
Subject key identifier: 00:EE:8A:34:F9:B7:26:AA:47:6A:BE:46:34:2C:08:F3:70:4A:B5:75
Certificate issuer: /CN=d58214cfa326611e9d494135a12ce8276f0f1784
Certificate serial: 019416D66EA09A009FB4E0845A35FADBD981
Authority key identifier: D5:82:14:CF:A3:26:61:1E:9D:49:41:35:A1:2C:E8:27:6F:0F:17:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1YIUz6MmYR6dSUE1oSzoJ28PF4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/AO6KNPm3JqpHar5GNCwI83BKtXU.roa
Signing time: Mon 30 Dec 2024 09:12:19 +0000
ROA not before: Mon 30 Dec 2024 09:12:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49791
IP address blocks: 91.217.10.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:41:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:16:d6:6e:a0:9a:00:9f:b4:e0:84:5a:35:fa:db:d9:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d58214cfa326611e9d494135a12ce8276f0f1784
Validity
Not Before: Dec 30 09:12:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00ee8a34f9b726aa476abe46342c08f3704ab575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:18:f5:b4:ef:27:9f:bf:b9:a7:6c:93:ff:ff:
0c:ad:a0:75:21:24:08:56:41:ce:0b:b7:45:da:de:
88:b0:7c:6c:84:c8:71:29:10:a2:d2:a4:09:b8:a8:
31:a0:4e:08:e8:de:6a:ab:5e:06:20:7d:4f:02:4c:
7e:e2:86:3a:9a:e9:7a:28:24:cf:39:82:01:a7:22:
a4:d3:39:ce:9d:06:6a:ac:93:bb:d4:3a:b7:82:ac:
bf:c5:8d:41:41:7b:aa:d9:27:45:d0:cb:c7:cd:af:
6e:6b:4d:78:e8:c0:35:db:97:bc:2c:ee:9e:1e:bc:
3f:07:0b:58:59:bd:60:e4:a1:02:e9:bd:3d:ca:98:
77:fc:d5:1f:3f:d1:c2:e6:04:6b:51:7c:9a:b4:b1:
39:21:03:05:7f:b9:aa:f5:59:3f:6b:3b:d4:aa:12:
73:d9:35:99:79:51:c0:ec:5e:2d:f5:f2:6f:76:35:
8e:2a:ac:04:26:ac:6e:a5:d1:1f:b1:ff:6d:da:91:
53:37:1b:fe:35:25:2c:3c:7f:1b:5d:b4:3c:96:51:
bf:41:db:ec:e9:f4:dc:96:70:05:81:c4:b9:b3:e4:
ea:20:57:5f:0b:af:fd:91:ec:13:ab:c4:bb:1f:89:
28:de:f9:ab:64:96:80:f7:cf:c7:b4:b6:13:35:d5:
1b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:EE:8A:34:F9:B7:26:AA:47:6A:BE:46:34:2C:08:F3:70:4A:B5:75
X509v3 Authority Key Identifier:
keyid:D5:82:14:CF:A3:26:61:1E:9D:49:41:35:A1:2C:E8:27:6F:0F:17:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1YIUz6MmYR6dSUE1oSzoJ28PF4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/AO6KNPm3JqpHar5GNCwI83BKtXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/1YIUz6MmYR6dSUE1oSzoJ28PF4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.10.0/23
Signature Algorithm: sha256WithRSAEncryption
73:ba:0c:4a:ca:f2:d6:ab:7b:07:f1:33:78:cb:43:bf:ee:3c:
17:83:cf:90:bb:33:87:03:ff:5d:51:7c:ea:21:57:32:28:88:
75:49:7d:0c:73:aa:10:1f:44:8e:4c:10:72:65:97:30:19:25:
cc:fb:84:7b:45:10:95:07:c3:81:82:87:d7:47:41:9a:12:23:
bf:78:13:8e:56:83:3b:5a:2c:9a:cc:4a:2e:86:af:b1:d0:6f:
dd:f5:9d:72:2a:23:ef:47:d2:fd:fa:6f:cf:61:08:04:3f:54:
be:27:3f:4a:90:5b:08:18:18:69:05:70:f1:c6:da:c9:7b:4e:
fe:5e:09:bc:18:cb:65:82:1f:8b:5e:1b:de:0c:e6:c8:08:8b:
23:79:2f:e3:05:c2:85:08:44:8f:78:e9:db:8f:ac:28:dc:ef:
38:d9:b0:5b:e3:c3:3b:6a:89:bb:ac:2f:e4:34:24:8f:df:51:
48:c5:97:10:ba:c9:ca:d0:49:fc:3c:cf:14:58:07:bf:8d:0f:
94:c4:07:49:f5:62:ab:19:3f:ca:9d:81:05:b8:22:6a:7f:ec:
51:b2:05:34:c4:a0:58:2f:74:e8:6a:4c:3d:4f:69:32:5e:a1:
5d:cc:fb:51:da:8c:db:08:5a:06:d1:6d:71:c3:52:14:42:11:
5f:2e:f5:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQW1m6gmgCftOCEWjX629mBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ODIxNGNmYTMyNjYxMWU5ZDQ5NDEzNWExMmNlODI3NmYw
ZjE3ODQwHhcNMjQxMjMwMDkxMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGVlOGEzNGY5YjcyNmFhNDc2YWJlNDYzNDJjMDhmMzcwNGFiNTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBj1tO8nn7+5p2yT//8MraB1ISQI
VkHOC7dF2t6IsHxshMhxKRCi0qQJuKgxoE4I6N5qq14GIH1PAkx+4oY6mul6KCTP
OYIBpyKk0znOnQZqrJO71Dq3gqy/xY1BQXuq2SdF0MvHza9ua0146MA125e8LO6e
Hrw/BwtYWb1g5KEC6b09yph3/NUfP9HC5gRrUXyatLE5IQMFf7mq9Vk/azvUqhJz
2TWZeVHA7F4t9fJvdjWOKqwEJqxupdEfsf9t2pFTNxv+NSUsPH8bXbQ8llG/Qdvs
6fTclnAFgcS5s+TqIFdfC6/9kewTq8S7H4ko3vmrZJaA98/HtLYTNdUbtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFADuijT5tyaqR2q+RjQsCPNwSrV1MB8GA1UdIwQY
MBaAFNWCFM+jJmEenUlBNaEs6CdvDxeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVlJVXo2TW1ZUjZkU1VFMW9Tem9KMjhQRjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83NzdlZWYtNGQwMi00ZDM5LWIxZTQt
MTA3OWQ1NWFlZTkxLzEvQU82S05QbTNKcXBIYXI1R05Dd0k4M0JLdFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83NzdlZWYtNGQwMi00ZDM5LWIxZTQtMTA3OWQ1NWFlZTkx
LzEvMVlJVXo2TW1ZUjZkU1VFMW9Tem9KMjhQRjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9kKMA0G
CSqGSIb3DQEBCwUAA4IBAQBzugxKyvLWq3sH8TN4y0O/7jwXg8+QuzOHA/9dUXzq
IVcyKIh1SX0Mc6oQH0SOTBByZZcwGSXM+4R7RRCVB8OBgofXR0GaEiO/eBOOVoM7
WiyazEouhq+x0G/d9Z1yKiPvR9L9+m/PYQgEP1S+Jz9KkFsIGBhpBXDxxtrJe07+
Xgm8GMtlgh+LXhveDObICIsjeS/jBcKFCESPeOnbj6wo3O842bBb48M7aom7rC/k
NCSP31FIxZcQusnK0En8PM8UWAe/jQ+UxAdJ9WKrGT/KnYEFuCJqf+xRsgU0xKBY
L3Toakw9T2kyXqFdzPtR2ozbCFoG0W1xw1IUQhFfLvVH
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:03:10 2025 by rpki-client