Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/a537c0-fd4b-43b6-8891-d57373bf5162/1/6Xtotq83bhxmhIZewQ-NmFHGbbQ.roa
File: 6Xtotq83bhxmhIZewQ-NmFHGbbQ.roa (raw, json)
Hash identifier: afXBLJTwYVfxNLCvCea95Fce/8bf05pDglpD0/FLo7U=
Subject key identifier: E9:7B:68:B6:AF:37:6E:1C:66:84:86:5E:C1:0F:8D:98:51:C6:6D:B4
Certificate issuer: /CN=96351c473a16ba38fab4d517059225e0f133c8bf
Certificate serial: 01930BF319EF4A1068FC7E4F0C54D2F8612F
Authority key identifier: 96:35:1C:47:3A:16:BA:38:FA:B4:D5:17:05:92:25:E0:F1:33:C8:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ljUcRzoWujj6tNUXBZIl4PEzyL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/a537c0-fd4b-43b6-8891-d57373bf5162/1/6Xtotq83bhxmhIZewQ-NmFHGbbQ.roa
Signing time: Fri 08 Nov 2024 13:25:01 +0000
ROA not before: Fri 08 Nov 2024 13:25:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5396
IP address blocks: 91.225.180.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0b:f3:19:ef:4a:10:68:fc:7e:4f:0c:54:d2:f8:61:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96351c473a16ba38fab4d517059225e0f133c8bf
Validity
Not Before: Nov 8 13:25:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e97b68b6af376e1c6684865ec10f8d9851c66db4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:bf:b9:71:b8:30:ba:50:fc:4e:cc:0b:67:2f:
fc:bd:87:5f:d2:50:83:46:19:31:74:8a:ac:fd:cc:
58:07:b7:88:53:79:d6:c6:15:ea:db:86:2f:5a:81:
1a:92:5d:48:f0:55:40:62:de:04:b3:cc:80:96:e2:
f5:cb:b7:ff:fa:d9:15:96:83:7c:f3:64:f0:b6:5e:
27:d5:5f:a1:9e:d8:cd:ee:b4:92:1c:5c:0b:bd:2e:
11:3b:66:d1:0b:16:1c:e1:b2:7d:57:0e:dc:c7:66:
e9:5f:54:e2:46:5a:a4:67:80:79:e3:03:9c:09:03:
b1:77:05:d0:e0:1d:73:81:37:2a:5c:dc:73:97:7d:
b1:cc:74:b0:e7:2a:6d:90:73:c1:a3:7b:8c:fe:c1:
57:53:ec:66:1b:30:3a:3b:50:1f:2a:7e:d8:3e:ac:
ed:4b:b5:f3:d3:b3:0e:c0:84:13:1b:9e:df:fb:ae:
0a:c4:61:48:21:c3:bd:3d:cb:e3:fd:5e:f0:e3:11:
7c:f8:45:d0:84:9c:29:16:10:bd:02:71:b6:e1:df:
70:7e:ee:9d:bb:0b:80:e6:f7:d6:a8:da:73:74:c9:
3b:67:2f:e9:e3:30:9d:da:32:bb:c2:91:8c:40:31:
1f:f0:fd:f3:44:d2:81:32:f1:02:c8:68:24:0b:52:
70:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:7B:68:B6:AF:37:6E:1C:66:84:86:5E:C1:0F:8D:98:51:C6:6D:B4
X509v3 Authority Key Identifier:
keyid:96:35:1C:47:3A:16:BA:38:FA:B4:D5:17:05:92:25:E0:F1:33:C8:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ljUcRzoWujj6tNUXBZIl4PEzyL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a537c0-fd4b-43b6-8891-d57373bf5162/1/6Xtotq83bhxmhIZewQ-NmFHGbbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a537c0-fd4b-43b6-8891-d57373bf5162/1/ljUcRzoWujj6tNUXBZIl4PEzyL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.180.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:a2:40:1d:71:c2:ee:5c:70:61:2e:9e:93:11:fb:15:c8:4d:
80:74:f9:c0:c8:66:53:d3:5f:7d:28:e0:63:4c:cf:c9:64:24:
28:ef:ef:3f:29:66:95:fb:3f:9c:c0:36:95:5a:34:85:87:1a:
94:9d:c8:29:cf:a9:b9:11:48:2e:4a:f6:0e:cc:73:cc:08:fe:
17:52:07:bf:49:68:29:13:5c:20:a6:6a:c7:0d:c0:65:9d:ec:
dd:e9:30:30:61:57:4d:3e:95:b9:df:be:2b:84:f9:c9:74:29:
8c:ae:75:32:67:38:fb:6a:5c:72:80:14:e4:88:69:bc:82:b5:
98:1e:1d:4b:4c:cf:aa:6a:4f:bc:24:9e:98:58:26:10:b7:cb:
4a:26:90:4b:8e:09:1e:15:3c:6c:6d:29:c8:ed:b7:92:f6:15:
4a:e0:47:53:a2:84:d3:5a:cb:ca:45:87:bf:42:1a:b1:1d:e5:
65:4b:e2:a0:e8:73:f1:5d:ec:86:be:d5:ff:83:cf:60:16:74:
c8:bf:a1:c4:4d:d9:d4:1f:35:70:8c:69:5b:f1:04:30:e8:2a:
f0:63:ff:8a:06:14:31:d7:93:8a:e3:f0:97:10:56:d4:85:55:
8e:3c:fc:7f:38:a9:49:aa:6b:ac:85:02:60:67:4a:f5:d8:d9:
4d:fe:a8:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZML8xnvShBo/H5PDFTS+GEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MzUxYzQ3M2ExNmJhMzhmYWI0ZDUxNzA1OTIyNWUwZjEz
M2M4YmYwHhcNMjQxMTA4MTMyNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTdiNjhiNmFmMzc2ZTFjNjY4NDg2NWVjMTBmOGQ5ODUxYzY2ZGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47+5cbgwulD8TswLZy/8vYdf0lCD
RhkxdIqs/cxYB7eIU3nWxhXq24YvWoEakl1I8FVAYt4Es8yAluL1y7f/+tkVloN8
82Twtl4n1V+hntjN7rSSHFwLvS4RO2bRCxYc4bJ9Vw7cx2bpX1TiRlqkZ4B54wOc
CQOxdwXQ4B1zgTcqXNxzl32xzHSw5yptkHPBo3uM/sFXU+xmGzA6O1AfKn7YPqzt
S7Xz07MOwIQTG57f+64KxGFIIcO9Pcvj/V7w4xF8+EXQhJwpFhC9AnG24d9wfu6d
uwuA5vfWqNpzdMk7Zy/p4zCd2jK7wpGMQDEf8P3zRNKBMvECyGgkC1JwawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOl7aLavN24cZoSGXsEPjZhRxm20MB8GA1UdIwQY
MBaAFJY1HEc6Fro4+rTVFwWSJeDxM8i/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGpVY1J6b1d1amo2dE5VWEJaSWw0UEV6eUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9hNTM3YzAtZmQ0Yi00M2I2LTg4OTEt
ZDU3MzczYmY1MTYyLzEvNlh0b3RxODNiaHhtaElaZXdRLU5tRkhHYmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9hNTM3YzAtZmQ0Yi00M2I2LTg4OTEtZDU3MzczYmY1MTYy
LzEvbGpVY1J6b1d1amo2dE5VWEJaSWw0UEV6eUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+G0MA0G
CSqGSIb3DQEBCwUAA4IBAQArokAdccLuXHBhLp6TEfsVyE2AdPnAyGZT0199KOBj
TM/JZCQo7+8/KWaV+z+cwDaVWjSFhxqUncgpz6m5EUguSvYOzHPMCP4XUge/SWgp
E1wgpmrHDcBlnezd6TAwYVdNPpW5374rhPnJdCmMrnUyZzj7alxygBTkiGm8grWY
Hh1LTM+qak+8JJ6YWCYQt8tKJpBLjgkeFTxsbSnI7beS9hVK4EdTooTTWsvKRYe/
QhqxHeVlS+Kg6HPxXeyGvtX/g89gFnTIv6HETdnUHzVwjGlb8QQw6CrwY/+KBhQx
15OK4/CXEFbUhVWOPPx/OKlJqmushQJgZ0r12NlN/qjg
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:36:02 2025 by rpki-client