Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/M6cx6vA3Vvi1DYeMk8pMaoNbGZE.roa
File: M6cx6vA3Vvi1DYeMk8pMaoNbGZE.roa (raw, json)
Hash identifier: yL+xveRZpdlMecfZ8jcFKnC3PHXZUE204yea1a2d05U=
Subject key identifier: 33:A7:31:EA:F0:37:56:F8:B5:0D:87:8C:93:CA:4C:6A:83:5B:19:91
Certificate issuer: /CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a
Certificate serial: 01950179EDF78459806CF39BA1D94551D840
Authority key identifier: 8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/M6cx6vA3Vvi1DYeMk8pMaoNbGZE.roa
Signing time: Thu 13 Feb 2025 22:42:02 +0000
ROA not before: Thu 13 Feb 2025 22:42:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202885
IP address blocks: 91.221.208.0/24 maxlen: 24
2a0e:6b00::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 25 Mar 2025 09:15:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:01:79:ed:f7:84:59:80:6c:f3:9b:a1:d9:45:51:d8:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a
Validity
Not Before: Feb 13 22:42:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33a731eaf03756f8b50d878c93ca4c6a835b1991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:55:c8:bf:e3:e9:d1:f6:1c:9c:ce:88:8c:fa:
c3:2c:97:ea:f0:3a:11:5b:01:10:32:2e:09:e5:cc:
4b:c1:99:83:c1:33:19:0d:5e:b5:ad:8c:8c:2b:58:
c5:22:7c:d9:a5:52:e9:1e:1a:b9:ab:c3:6a:1c:b6:
f5:16:eb:ba:3a:a1:2b:42:eb:aa:85:0f:6a:d6:49:
e1:72:10:4c:8a:2d:e8:87:1e:c9:24:08:9e:cf:74:
ad:b0:5e:2d:2f:44:71:2d:b0:c6:44:10:27:1b:8a:
5e:d2:2c:6d:f5:ed:b5:a9:f1:7c:84:24:d5:73:3f:
7c:b1:09:08:40:5d:e2:18:06:03:5c:a3:f6:1f:8f:
c2:a7:32:9f:86:a3:0f:d3:fd:2b:00:ed:40:bf:75:
10:f7:f7:c5:2f:ff:ec:12:95:36:d6:6d:b6:fb:5b:
6d:12:c7:b2:d4:1d:74:af:41:8a:64:54:64:90:99:
73:93:45:a4:76:ac:e4:21:a0:26:c4:89:43:85:4e:
8c:c1:4b:18:98:28:8a:0c:47:d3:8d:37:66:16:82:
b7:dd:e4:74:cf:34:fa:40:b8:05:52:67:00:76:62:
67:03:b2:d6:d8:84:5c:20:13:8e:d8:55:80:77:d1:
32:d1:f1:c9:eb:01:e1:2c:47:50:63:f3:ef:10:53:
10:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:A7:31:EA:F0:37:56:F8:B5:0D:87:8C:93:CA:4C:6A:83:5B:19:91
X509v3 Authority Key Identifier:
keyid:8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/M6cx6vA3Vvi1DYeMk8pMaoNbGZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.208.0/24
IPv6:
2a0e:6b00::/48
Signature Algorithm: sha256WithRSAEncryption
80:28:f1:af:19:31:55:d8:21:81:51:68:f9:aa:ec:a8:89:24:
38:e6:d8:1f:ed:c9:c4:b5:88:ce:5d:16:c1:d2:10:51:5d:58:
be:a3:35:e0:5d:20:52:b2:89:6c:5f:7f:61:be:18:dc:cb:a8:
34:b1:ba:29:0e:d4:47:57:0c:83:21:ee:9e:2d:af:85:28:6e:
cf:46:01:47:3f:f1:2c:e2:06:9b:cb:56:5c:46:cc:e9:72:c6:
7e:25:11:32:dd:c7:d4:8d:c0:a6:90:c2:8d:39:1f:8a:fe:6c:
09:a6:3b:aa:00:da:98:1a:b1:92:3d:bf:69:a5:e6:1c:45:ab:
bc:97:ab:f7:08:bf:a1:39:7a:f4:08:70:e4:ed:37:a6:0b:ee:
83:b9:4f:b0:3e:5f:7e:6f:a0:e4:93:3c:ef:7c:37:f2:a1:07:
1a:d8:11:42:ed:e2:87:82:6d:6f:b9:63:70:19:5c:72:b1:eb:
4d:ca:31:df:bb:77:d5:e7:13:6f:45:0e:eb:b3:2c:65:dd:20:
18:60:05:b6:66:bb:ab:d5:b0:82:e6:2d:4d:6e:ce:72:7b:4b:
fc:80:db:a7:39:c8:41:d8:f0:38:95:b2:17:30:a8:75:69:18:
6b:02:2d:b6:8a:6b:71:42:8a:5b:84:0e:4e:e5:1c:65:81:f5:
e7:c1:34:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZUBee33hFmAbPObodlFUdhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWI0YzBjZjIxYzFhM2Q2ZWE0MTA2OGNiZTkwOGJlMzg4
ZTQ1MGEwHhcNMjUwMjEzMjI0MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2E3MzFlYWYwMzc1NmY4YjUwZDg3OGM5M2NhNGM2YTgzNWIxOTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFXIv+Pp0fYcnM6IjPrDLJfq8DoR
WwEQMi4J5cxLwZmDwTMZDV61rYyMK1jFInzZpVLpHhq5q8NqHLb1Fuu6OqErQuuq
hQ9q1knhchBMii3ohx7JJAiez3StsF4tL0RxLbDGRBAnG4pe0ixt9e21qfF8hCTV
cz98sQkIQF3iGAYDXKP2H4/CpzKfhqMP0/0rAO1Av3UQ9/fFL//sEpU21m22+1tt
Esey1B10r0GKZFRkkJlzk0WkdqzkIaAmxIlDhU6MwUsYmCiKDEfTjTdmFoK33eR0
zzT6QLgFUmcAdmJnA7LW2IRcIBOO2FWAd9Ey0fHJ6wHhLEdQY/PvEFMQrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDOnMerwN1b4tQ2HjJPKTGqDWxmRMB8GA1UdIwQY
MBaAFIqrTAzyHBo9bqQQaMvpCL44jkUKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMt
NTM3YjFiNDlkZmU3LzEvTTZjeDZ2QTNWdmkxRFllTWs4cE1hb05iR1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMtNTM3YjFiNDlkZmU3
LzEvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW93QMA8E
AgACMAkDBwAqDmsAAAAwDQYJKoZIhvcNAQELBQADggEBAIAo8a8ZMVXYIYFRaPmq
7KiJJDjm2B/tycS1iM5dFsHSEFFdWL6jNeBdIFKyiWxff2G+GNzLqDSxuikO1EdX
DIMh7p4tr4Uobs9GAUc/8SziBpvLVlxGzOlyxn4lETLdx9SNwKaQwo05H4r+bAmm
O6oA2pgasZI9v2ml5hxFq7yXq/cIv6E5evQIcOTtN6YL7oO5T7A+X35voOSTPO98
N/KhBxrYEULt4oeCbW+5Y3AZXHKx603KMd+7d9XnE29FDuuzLGXdIBhgBbZmu6vV
sILmLU1uznJ7S/yA26c5yEHY8DiVshcwqHVpGGsCLbaKa3FCiluEDk7lHGWB9efB
NEY=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:00:25 2025 by rpki-client