Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/4f7bb9-4d69-49de-9a49-a4d9dc76c2b8/1/s1PJwjPQfCEOnfuk1jMLxKKTbu0.roa
File: s1PJwjPQfCEOnfuk1jMLxKKTbu0.roa (raw, json)
Hash identifier: Wnvog3aKtNjppwjMcfOV65DZtD2bNoR8wOb8xKNXU5M=
Subject key identifier: B3:53:C9:C2:33:D0:7C:21:0E:9D:FB:A4:D6:33:0B:C4:A2:93:6E:ED
Certificate issuer: /CN=6da0ee9ff09c7cfc7ee9761f1a3c8f30efac5848
Certificate serial: 018EBE8023885B39D554020AE4406EB5B2E7
Authority key identifier: 6D:A0:EE:9F:F0:9C:7C:FC:7E:E9:76:1F:1A:3C:8F:30:EF:AC:58:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/baDun_CcfPx-6XYfGjyPMO-sWEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/4f7bb9-4d69-49de-9a49-a4d9dc76c2b8/1/s1PJwjPQfCEOnfuk1jMLxKKTbu0.roa
Signing time: Mon 08 Apr 2024 16:17:32 +0000
ROA not before: Mon 08 Apr 2024 16:17:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 91.207.19.0/24 maxlen: 24
2a13:55c0::/29 maxlen: 29
2a13:55c0::/32 maxlen: 32
2a13:55c1::/32 maxlen: 32
2a13:55c2::/32 maxlen: 32
2a13:55c3::/32 maxlen: 32
2a13:55c4::/32 maxlen: 32
2a13:55c5::/32 maxlen: 32
2a13:55c6::/32 maxlen: 32
2a13:55c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 12 Apr 2024 07:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:be:80:23:88:5b:39:d5:54:02:0a:e4:40:6e:b5:b2:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6da0ee9ff09c7cfc7ee9761f1a3c8f30efac5848
Validity
Not Before: Apr 8 16:17:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b353c9c233d07c210e9dfba4d6330bc4a2936eed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:08:44:8e:12:81:7c:c4:58:3d:fc:69:fb:2d:
77:ca:6c:66:6e:6e:6b:f7:0b:65:95:43:22:d8:c2:
80:29:54:55:b5:27:a8:31:f2:0c:2a:8e:a7:be:6b:
6a:06:13:92:72:dc:3f:86:df:e9:36:51:a1:9a:53:
4d:14:d9:39:7c:fa:4a:0e:eb:1c:97:e3:00:ea:3e:
9a:bd:26:75:18:9b:53:7a:fd:0b:f0:12:4b:16:ce:
82:64:1e:04:7c:a1:3f:0c:7f:d7:40:d9:55:f9:50:
c0:fc:ee:2c:68:d4:90:14:60:41:9a:59:08:b3:e4:
45:86:6b:96:c1:66:9f:2d:9d:f7:4a:3e:bb:fa:72:
bd:d8:94:c2:6e:9d:a7:7f:75:08:6e:9b:a4:f8:d3:
82:59:56:63:6a:75:23:7e:36:49:f4:18:76:ea:46:
f0:5d:2d:c0:84:17:5a:3e:dc:66:d0:f5:8b:e0:c8:
16:9b:57:54:0a:79:5f:18:df:a3:b9:85:ae:90:fc:
62:a6:01:58:68:73:20:c2:74:28:b2:92:35:d1:4d:
a0:0b:b3:55:be:e9:a2:7c:9a:de:2c:b6:1a:45:76:
fd:d2:50:30:fa:48:48:de:dc:3a:73:90:3d:23:cb:
97:e6:c3:9e:40:a9:4a:f9:68:a4:61:3d:a5:d9:15:
d9:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:53:C9:C2:33:D0:7C:21:0E:9D:FB:A4:D6:33:0B:C4:A2:93:6E:ED
X509v3 Authority Key Identifier:
keyid:6D:A0:EE:9F:F0:9C:7C:FC:7E:E9:76:1F:1A:3C:8F:30:EF:AC:58:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/baDun_CcfPx-6XYfGjyPMO-sWEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/4f7bb9-4d69-49de-9a49-a4d9dc76c2b8/1/s1PJwjPQfCEOnfuk1jMLxKKTbu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/4f7bb9-4d69-49de-9a49-a4d9dc76c2b8/1/baDun_CcfPx-6XYfGjyPMO-sWEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.19.0/24
IPv6:
2a13:55c0::/29
Signature Algorithm: sha256WithRSAEncryption
29:19:d2:7c:b4:a6:bd:d1:59:ff:37:bb:57:2b:bd:dd:a0:dd:
e0:41:0c:81:e2:e8:c9:1a:ce:a9:27:01:cf:c3:d6:1d:11:68:
b0:de:95:d8:68:bf:86:56:66:8f:5c:39:38:06:6a:9e:55:d6:
2a:75:61:99:20:c2:3a:ad:e9:cf:e5:09:16:3d:cb:0b:ab:26:
c2:e0:55:f5:3c:3d:ec:60:d1:ce:34:60:01:e3:95:82:ec:cd:
3e:de:8e:35:e2:e8:f8:e3:36:71:b0:7c:5b:a0:48:f4:ee:6b:
96:19:ea:9e:8e:bb:01:92:ff:cc:15:4a:15:81:de:0f:dd:91:
a7:59:9e:0d:df:7e:28:ba:87:dd:22:91:a4:13:8c:b2:e3:9f:
56:e1:6d:b0:46:5d:ea:cd:c2:a6:ee:9a:3e:c5:4f:46:07:40:
01:2b:4e:36:15:84:ae:07:ef:8b:1a:17:6d:37:13:20:08:44:
57:bd:e1:c0:86:1d:e0:ba:35:fa:e5:11:99:9c:28:a4:4e:10:
b6:31:c1:16:82:0a:75:f6:27:f1:fc:a3:99:9f:d2:37:96:99:
ea:59:fd:2c:e2:a5:df:29:be:85:76:b5:64:b7:1a:87:dc:f6:
25:70:c5:a7:4a:13:dc:38:e6:d7:c4:03:8f:90:e5:f2:16:08:
94:4b:e3:d2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY6+gCOIWznVVAIK5EButbLnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYTBlZTlmZjA5YzdjZmM3ZWU5NzYxZjFhM2M4ZjMwZWZh
YzU4NDgwHhcNMjQwNDA4MTYxNzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzUzYzljMjMzZDA3YzIxMGU5ZGZiYTRkNjMzMGJjNGEyOTM2ZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoghEjhKBfMRYPfxp+y13ymxmbm5r
9wtllUMi2MKAKVRVtSeoMfIMKo6nvmtqBhOSctw/ht/pNlGhmlNNFNk5fPpKDusc
l+MA6j6avSZ1GJtTev0L8BJLFs6CZB4EfKE/DH/XQNlV+VDA/O4saNSQFGBBmlkI
s+RFhmuWwWafLZ33Sj67+nK92JTCbp2nf3UIbpuk+NOCWVZjanUjfjZJ9Bh26kbw
XS3AhBdaPtxm0PWL4MgWm1dUCnlfGN+juYWukPxipgFYaHMgwnQospI10U2gC7NV
vumifJreLLYaRXb90lAw+khI3tw6c5A9I8uX5sOeQKlK+WikYT2l2RXZ8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLNTycIz0HwhDp37pNYzC8Sik27tMB8GA1UdIwQY
MBaAFG2g7p/wnHz8ful2Hxo8jzDvrFhIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmFEdW5fQ2NmUHgtNlhZZkdqeVBNTy1zV0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy80ZjdiYjktNGQ2OS00OWRlLTlhNDkt
YTRkOWRjNzZjMmI4LzEvczFQSndqUFFmQ0VPbmZ1azFqTUx4S0tUYnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy80ZjdiYjktNGQ2OS00OWRlLTlhNDktYTRkOWRjNzZjMmI4
LzEvYmFEdW5fQ2NmUHgtNlhZZkdqeVBNTy1zV0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW88TMA0E
AgACMAcDBQMqE1XAMA0GCSqGSIb3DQEBCwUAA4IBAQApGdJ8tKa90Vn/N7tXK73d
oN3gQQyB4ujJGs6pJwHPw9YdEWiw3pXYaL+GVmaPXDk4BmqeVdYqdWGZIMI6renP
5QkWPcsLqybC4FX1PD3sYNHONGAB45WC7M0+3o414uj44zZxsHxboEj07muWGeqe
jrsBkv/MFUoVgd4P3ZGnWZ4N334ouofdIpGkE4yy459W4W2wRl3qzcKm7po+xU9G
B0ABK042FYSuB++LGhdtNxMgCERXveHAhh3gujX65RGZnCikThC2McEWggp19ifx
/KOZn9I3lpnqWf0s4qXfKb6FdrVktxqH3PYlcMWnShPcOObXxAOPkOXyFgiUS+PS
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:48 2025 by rpki-client