Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/tJsIR3QVWewoPIVnAiJGdpIh0bo.roa
File: tJsIR3QVWewoPIVnAiJGdpIh0bo.roa (raw, json)
Hash identifier: N1O6s/ENqKIgRv4RRKFIWdE+q7fzJLFkvtrQvSjDZmE=
Subject key identifier: B4:9B:08:47:74:15:59:EC:28:3C:85:67:02:22:46:76:92:21:D1:BA
Certificate issuer: /CN=d58214cfa326611e9d494135a12ce8276f0f1784
Certificate serial: 0194228833DB67C2A2EAFAD029E91BE46FC4
Authority key identifier: D5:82:14:CF:A3:26:61:1E:9D:49:41:35:A1:2C:E8:27:6F:0F:17:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1YIUz6MmYR6dSUE1oSzoJ28PF4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/tJsIR3QVWewoPIVnAiJGdpIh0bo.roa
Signing time: Wed 01 Jan 2025 15:42:18 +0000
ROA not before: Wed 01 Jan 2025 15:42:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49791
IP address blocks: 91.217.10.0/23 maxlen: 23
91.217.10.0/24 maxlen: 24
91.217.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:88:33:db:67:c2:a2:ea:fa:d0:29:e9:1b:e4:6f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d58214cfa326611e9d494135a12ce8276f0f1784
Validity
Not Before: Jan 1 15:42:18 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b49b0847741559ec283c8567022246769221d1ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:12:d9:4b:b1:09:46:7b:6c:44:4a:b2:23:49:
af:66:4a:77:0c:7c:e7:91:0b:22:b3:32:30:e3:08:
4a:e4:63:23:3a:62:d1:6d:81:8b:cc:e9:a1:08:0b:
e1:50:82:5e:3d:0d:35:03:5a:da:f8:33:28:a4:3b:
f6:e7:65:d4:d7:b4:2c:8f:f2:b8:bf:87:4a:a1:03:
f6:67:dc:0a:5b:a3:3e:b8:26:76:24:c9:ce:aa:cd:
a3:8f:45:bc:5f:ee:23:86:dc:71:cb:43:e7:e3:9d:
ae:6d:49:1d:7c:6f:f0:de:d8:7c:9c:b5:bf:36:44:
d5:a4:4b:0b:80:81:3f:75:ca:d6:8c:a6:6c:45:da:
30:5d:a3:85:a3:01:87:58:9f:d8:2f:81:65:2c:36:
9f:e4:62:94:69:68:61:61:89:df:89:ec:91:22:e1:
93:01:96:38:2e:5e:7a:3f:f2:09:b8:0e:53:54:b7:
9d:05:a3:f5:76:ed:f8:d7:de:79:bc:6a:dc:a2:93:
2c:a9:87:85:7b:d0:7e:03:5a:b5:72:e1:05:70:e7:
fd:7c:ad:49:1d:51:e5:55:51:5e:5c:7f:bf:39:41:
40:d7:1a:33:a5:28:d4:f1:75:c3:ce:88:22:68:b3:
eb:e5:a9:95:7d:27:95:92:8e:18:f6:1a:50:59:ac:
39:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:9B:08:47:74:15:59:EC:28:3C:85:67:02:22:46:76:92:21:D1:BA
X509v3 Authority Key Identifier:
keyid:D5:82:14:CF:A3:26:61:1E:9D:49:41:35:A1:2C:E8:27:6F:0F:17:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1YIUz6MmYR6dSUE1oSzoJ28PF4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/tJsIR3QVWewoPIVnAiJGdpIh0bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/1YIUz6MmYR6dSUE1oSzoJ28PF4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.10.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:b6:08:02:66:76:70:1e:f0:e3:23:e1:ac:67:bd:da:8d:21:
46:23:89:17:fd:4d:c0:bc:57:ed:45:06:86:ed:e6:1c:c8:92:
27:7b:de:4e:eb:8d:ca:5e:23:a5:ae:18:71:2e:e1:a6:91:f0:
b2:75:b5:a9:0d:c8:89:ce:57:9c:ff:db:e1:a9:0d:08:7e:1b:
18:1e:f1:1f:70:00:8d:ad:fe:51:dc:d5:d0:f3:de:46:10:08:
36:fb:ef:da:47:b9:1a:dc:85:06:44:37:be:c2:72:cc:1b:86:
a8:6f:f4:c7:55:61:6a:a8:f6:7b:05:0b:42:a7:45:61:e1:ce:
62:75:2b:24:c1:4b:16:36:d1:c6:b8:a2:d6:fe:e4:59:e4:8c:
e9:ab:67:7d:b0:f5:84:a8:e6:f9:8e:df:f3:7e:26:76:8f:61:
b9:46:b1:66:e1:a8:f4:13:dd:32:ef:4f:e3:23:fb:4f:cc:d0:
a8:f4:4a:00:b2:f2:2c:f1:48:36:f3:6a:3b:a4:19:f9:c0:8b:
78:1c:a3:28:82:a7:e9:89:91:03:9f:19:19:c3:a2:69:cf:6e:
e3:03:9a:21:8f:02:13:4e:10:fc:41:ca:34:8c:ba:bf:4b:aa:
03:46:39:ff:83:51:c0:a7:89:f8:2d:42:47:18:cb:c6:d6:36:
4c:47:75:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiiDPbZ8Ki6vrQKekb5G/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ODIxNGNmYTMyNjYxMWU5ZDQ5NDEzNWExMmNlODI3NmYw
ZjE3ODQwHhcNMjUwMTAxMTU0MjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDliMDg0Nzc0MTU1OWVjMjgzYzg1NjcwMjIyNDY3NjkyMjFkMWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBLZS7EJRntsREqyI0mvZkp3DHzn
kQsiszIw4whK5GMjOmLRbYGLzOmhCAvhUIJePQ01A1ra+DMopDv252XU17Qsj/K4
v4dKoQP2Z9wKW6M+uCZ2JMnOqs2jj0W8X+4jhtxxy0Pn452ubUkdfG/w3th8nLW/
NkTVpEsLgIE/dcrWjKZsRdowXaOFowGHWJ/YL4FlLDaf5GKUaWhhYYnfieyRIuGT
AZY4Ll56P/IJuA5TVLedBaP1du341955vGrcopMsqYeFe9B+A1q1cuEFcOf9fK1J
HVHlVVFeXH+/OUFA1xozpSjU8XXDzogiaLPr5amVfSeVko4Y9hpQWaw55QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSbCEd0FVnsKDyFZwIiRnaSIdG6MB8GA1UdIwQY
MBaAFNWCFM+jJmEenUlBNaEs6CdvDxeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVlJVXo2TW1ZUjZkU1VFMW9Tem9KMjhQRjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83NzdlZWYtNGQwMi00ZDM5LWIxZTQt
MTA3OWQ1NWFlZTkxLzEvdEpzSVIzUVZXZXdvUElWbkFpSkdkcEloMGJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83NzdlZWYtNGQwMi00ZDM5LWIxZTQtMTA3OWQ1NWFlZTkx
LzEvMVlJVXo2TW1ZUjZkU1VFMW9Tem9KMjhQRjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9kKMA0G
CSqGSIb3DQEBCwUAA4IBAQB9tggCZnZwHvDjI+GsZ73ajSFGI4kX/U3AvFftRQaG
7eYcyJIne95O643KXiOlrhhxLuGmkfCydbWpDciJzlec/9vhqQ0IfhsYHvEfcACN
rf5R3NXQ895GEAg2++/aR7ka3IUGRDe+wnLMG4aob/THVWFqqPZ7BQtCp0Vh4c5i
dSskwUsWNtHGuKLW/uRZ5Izpq2d9sPWEqOb5jt/zfiZ2j2G5RrFm4aj0E90y70/j
I/tPzNCo9EoAsvIs8Ug282o7pBn5wIt4HKMogqfpiZEDnxkZw6Jpz27jA5ohjwIT
ThD8Qco0jLq/S6oDRjn/g1HAp4n4LUJHGMvG1jZMR3UP
-----END CERTIFICATE-----
Generated at Fri Apr 18 14:49:52 2025 by rpki-client