Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/125959-746b-4a0f-96d3-c3e8eadd00ba/1/IAlTdnI4Y1pgovV6BlSTPMRE4Xo.roa
File: IAlTdnI4Y1pgovV6BlSTPMRE4Xo.roa (raw, json)
Hash identifier: r78lkImJ9/wXfyRBwYXsAmsBnKBGnVOt6aGA+CGIyQU=
Subject key identifier: 20:09:53:76:72:38:63:5A:60:A2:F5:7A:06:54:93:3C:C4:44:E1:7A
Certificate issuer: /CN=6d840bf8f2ea446a47db6c633906667c63ed886e
Certificate serial: 018CC56DF3CA50BF59B252D6C9B24A1D3B00
Authority key identifier: 6D:84:0B:F8:F2:EA:44:6A:47:DB:6C:63:39:06:66:7C:63:ED:88:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bYQL-PLqRGpH22xjOQZmfGPtiG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/125959-746b-4a0f-96d3-c3e8eadd00ba/1/IAlTdnI4Y1pgovV6BlSTPMRE4Xo.roa
Signing time: Mon 01 Jan 2024 14:29:26 +0000
ROA not before: Mon 01 Jan 2024 14:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213206
IP address blocks: 91.239.145.0/24 maxlen: 24
2a07:e0c0:1::/48 maxlen: 48
2a07:e0c0:4::/48 maxlen: 48
2a07:e0c0:2::/48 maxlen: 48
2a07:e0c0::/30 maxlen: 30
2a07:e0c0:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f3:ca:50:bf:59:b2:52:d6:c9:b2:4a:1d:3b:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d840bf8f2ea446a47db6c633906667c63ed886e
Validity
Not Before: Jan 1 14:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=200953767238635a60a2f57a0654933cc444e17a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c6:9b:32:31:7d:e6:a7:e6:cb:eb:9a:f4:3a:
0c:26:c0:c9:45:1d:33:60:82:55:b0:39:c4:de:7a:
02:1e:c4:5b:7c:e3:29:98:e3:c9:c0:92:cf:89:87:
98:49:32:1a:41:1a:dc:da:67:fd:d5:5f:cb:93:84:
80:df:03:9a:e0:01:69:22:dd:4d:a5:59:b2:6a:ec:
b4:11:b7:3e:41:f2:b1:8d:54:7e:a0:3e:24:3a:1b:
58:0c:7f:13:b3:a8:f9:08:cc:7b:29:7d:a5:ff:84:
4c:80:b4:55:68:41:1b:61:ab:06:64:0e:79:52:dd:
8d:45:46:7d:29:00:54:c4:89:63:42:8c:a5:ee:06:
d2:80:e8:85:e1:21:7d:a5:5c:6f:7b:41:f8:58:75:
3c:86:4b:db:49:ec:34:31:d0:94:36:a7:82:2d:73:
75:ad:f4:17:6e:b3:64:32:be:2c:4d:5b:34:4d:8f:
89:d0:54:72:28:a2:51:7a:05:fd:ea:c2:54:86:25:
16:b1:ef:09:16:1b:fa:7f:50:5b:85:e0:3c:a0:d6:
d7:4d:b0:33:38:bf:24:e0:64:db:f8:d4:a5:47:cf:
72:83:99:41:e7:cd:60:91:49:b2:36:ea:9a:12:68:
5f:a9:d0:10:5f:2f:aa:10:7a:0f:fe:f1:fc:04:cc:
28:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:09:53:76:72:38:63:5A:60:A2:F5:7A:06:54:93:3C:C4:44:E1:7A
X509v3 Authority Key Identifier:
keyid:6D:84:0B:F8:F2:EA:44:6A:47:DB:6C:63:39:06:66:7C:63:ED:88:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bYQL-PLqRGpH22xjOQZmfGPtiG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/125959-746b-4a0f-96d3-c3e8eadd00ba/1/IAlTdnI4Y1pgovV6BlSTPMRE4Xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/125959-746b-4a0f-96d3-c3e8eadd00ba/1/bYQL-PLqRGpH22xjOQZmfGPtiG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.145.0/24
IPv6:
2a07:e0c0::/30
Signature Algorithm: sha256WithRSAEncryption
26:74:fe:76:39:52:8e:04:9e:85:cc:2e:4b:a1:0c:97:10:4d:
a5:4d:57:d0:df:5d:2f:27:27:e4:f3:30:34:9f:d6:99:2e:b0:
03:36:84:58:17:74:76:ae:90:ca:f1:28:b8:75:a6:42:02:e7:
b4:cf:fa:31:b3:1f:b9:13:11:f6:c4:ac:bb:9a:48:0d:4e:6c:
72:4c:71:48:1e:4b:48:5b:2c:7a:1d:00:90:1f:7f:12:54:e5:
ae:ac:89:cb:bf:29:47:e5:d2:9f:ba:15:ca:f0:ed:b9:da:1c:
70:9e:5b:74:95:db:13:ff:36:ba:f0:79:4e:1d:13:da:81:58:
12:08:14:3f:ec:4d:f1:a8:fa:72:e3:0c:5e:25:1a:b5:15:cb:
b6:2d:3c:44:c1:bf:c6:58:a6:c9:83:08:72:20:5e:69:1c:93:
53:9d:fd:2a:ad:cc:7b:99:01:b8:2c:f5:c2:23:24:31:be:1e:
60:2e:ce:0a:31:54:60:b3:db:5b:77:ae:61:94:4b:db:50:52:
ec:69:61:c1:23:b5:a6:0c:94:e7:f5:f0:27:12:26:a9:72:b0:
21:de:de:bb:d1:03:d3:60:bb:7f:b6:02:b3:d1:1f:16:4b:c8:
5f:06:17:84:90:8c:6b:b0:14:8d:9a:bc:ef:74:fe:d8:2f:8f:
f3:f5:d3:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbfPKUL9ZslLWybJKHTsAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkODQwYmY4ZjJlYTQ0NmE0N2RiNmM2MzM5MDY2NjdjNjNl
ZDg4NmUwHhcNMjQwMTAxMTQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDA5NTM3NjcyMzg2MzVhNjBhMmY1N2EwNjU0OTMzY2M0NDRlMTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsabMjF95qfmy+ua9DoMJsDJRR0z
YIJVsDnE3noCHsRbfOMpmOPJwJLPiYeYSTIaQRrc2mf91V/Lk4SA3wOa4AFpIt1N
pVmyauy0Ebc+QfKxjVR+oD4kOhtYDH8Ts6j5CMx7KX2l/4RMgLRVaEEbYasGZA55
Ut2NRUZ9KQBUxIljQoyl7gbSgOiF4SF9pVxve0H4WHU8hkvbSew0MdCUNqeCLXN1
rfQXbrNkMr4sTVs0TY+J0FRyKKJRegX96sJUhiUWse8JFhv6f1BbheA8oNbXTbAz
OL8k4GTb+NSlR89yg5lB581gkUmyNuqaEmhfqdAQXy+qEHoP/vH8BMwoPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCAJU3ZyOGNaYKL1egZUkzzEROF6MB8GA1UdIwQY
MBaAFG2EC/jy6kRqR9tsYzkGZnxj7YhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYllRTC1QTHFSR3BIMjJ4ak9RWm1mR1B0aUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8xMjU5NTktNzQ2Yi00YTBmLTk2ZDMt
YzNlOGVhZGQwMGJhLzEvSUFsVGRuSTRZMXBnb3ZWNkJsU1RQTVJFNFhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8xMjU5NTktNzQ2Yi00YTBmLTk2ZDMtYzNlOGVhZGQwMGJh
LzEvYllRTC1QTHFSR3BIMjJ4ak9RWm1mR1B0aUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW++RMA0E
AgACMAcDBQIqB+DAMA0GCSqGSIb3DQEBCwUAA4IBAQAmdP52OVKOBJ6FzC5LoQyX
EE2lTVfQ310vJyfk8zA0n9aZLrADNoRYF3R2rpDK8Si4daZCAue0z/oxsx+5ExH2
xKy7mkgNTmxyTHFIHktIWyx6HQCQH38SVOWurInLvylH5dKfuhXK8O252hxwnlt0
ldsT/za68HlOHRPagVgSCBQ/7E3xqPpy4wxeJRq1Fcu2LTxEwb/GWKbJgwhyIF5p
HJNTnf0qrcx7mQG4LPXCIyQxvh5gLs4KMVRgs9tbd65hlEvbUFLsaWHBI7WmDJTn
9fAnEiapcrAh3t670QPTYLt/tgKz0R8WS8hfBheEkIxrsBSNmrzvdP7YL4/z9dOP
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:50:05 2025 by rpki-client