Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/94WhkyhS9pDoiaRSdvc8mXT8NHY.roa
File: 94WhkyhS9pDoiaRSdvc8mXT8NHY.roa (raw, json)
Hash identifier: XSjBmzU13NAmJernGZMsLWZo95PnFv5OFo41tdoTGHg=
Subject key identifier: F7:85:A1:93:28:52:F6:90:E8:89:A4:52:76:F7:3C:99:74:FC:34:76
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0194206848C52D7F83D95D1F2CF0B786FAB6
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/94WhkyhS9pDoiaRSdvc8mXT8NHY.roa
Signing time: Wed 01 Jan 2025 05:48:12 +0000
ROA not before: Wed 01 Jan 2025 05:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61135
IP address blocks: 91.151.90.0/24 maxlen: 32
91.151.93.0/24 maxlen: 32
Validation: Failed, certificate revoked on Tue 07 Jan 2025 22:08:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:48:c5:2d:7f:83:d9:5d:1f:2c:f0:b7:86:fa:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 1 05:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f785a1932852f690e889a45276f73c9974fc3476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:41:1d:81:35:06:3a:a8:bf:e2:0a:e3:de:12:
91:cf:2b:1f:52:e1:55:e1:68:83:e1:d8:c9:ca:39:
b1:c8:6f:a8:e8:32:4d:9f:6e:39:9c:f7:08:7b:8c:
03:93:7e:5d:4d:95:4e:06:ee:55:a8:ba:90:bf:d5:
6c:f7:4a:a0:bf:10:dd:0e:f5:eb:d6:ea:14:74:fb:
54:85:1c:48:f9:48:cc:0c:d7:a5:53:68:ab:e9:8d:
ac:e4:ab:05:37:22:3a:4d:a3:84:8d:41:19:af:ba:
0d:80:9f:4f:61:7c:0a:79:6a:1b:5f:76:81:b3:e8:
e0:99:dc:b4:aa:82:e7:8b:53:10:be:82:64:3a:56:
21:d2:ab:21:1a:a6:29:cf:a4:24:ab:92:e7:f6:f1:
96:9c:cc:32:f4:ef:9b:11:98:bd:f7:d6:3f:8c:16:
21:92:20:24:70:ca:23:d6:5b:19:a5:19:eb:98:65:
b9:05:48:7d:d7:de:1d:b6:e6:b2:d2:80:ec:f3:cc:
6a:64:65:cd:48:30:06:a1:16:19:12:54:e6:7c:35:
c8:8c:44:ad:e4:17:bf:e5:de:6b:a4:d0:89:cf:78:
48:49:ae:23:a9:e7:e6:01:5d:1f:4c:c5:72:4d:85:
4f:fb:78:d4:d4:bd:d5:e5:de:d1:15:73:0c:db:0b:
0f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:85:A1:93:28:52:F6:90:E8:89:A4:52:76:F7:3C:99:74:FC:34:76
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/94WhkyhS9pDoiaRSdvc8mXT8NHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.90.0/24
91.151.93.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:16:82:d3:d8:2c:14:ba:49:9b:f2:78:95:a6:83:e2:5b:f6:
f3:58:c6:61:b0:88:d7:72:97:cd:cf:a4:09:ae:2a:bb:92:9a:
42:3c:fb:23:6c:a1:e5:19:a5:0f:13:d1:d2:30:fe:ea:a6:bc:
36:cb:c5:36:a1:53:61:8a:8f:3b:78:f5:74:d2:be:b4:e6:9e:
ee:4f:31:d5:6d:98:81:1a:ce:7a:25:9c:ce:dd:74:05:c4:48:
92:56:86:e7:21:8f:13:c3:36:a9:4c:16:3c:d9:d8:ca:c4:8f:
e1:94:b2:92:ca:75:28:8f:03:4d:15:af:0d:95:3e:bf:bc:54:
bb:94:f0:a1:c6:5c:49:17:d0:26:c3:67:6f:32:80:32:35:5f:
94:66:3d:19:31:8b:ba:51:32:ce:9a:cc:d7:f6:67:8c:ea:da:
24:c2:72:1b:e7:8b:be:2a:af:9c:98:8b:36:0f:07:ca:b3:94:
6a:dc:d0:03:2b:6a:b2:b3:c6:de:b0:01:77:ff:e9:19:83:f7:
ae:8d:b1:8f:9b:83:59:2d:0e:c0:95:f6:d7:93:61:b9:db:96:
0d:23:0d:f3:80:e8:d7:7e:ca:aa:8f:d3:b6:89:16:54:f1:a4:
a3:6d:5b:21:67:f2:5e:c4:16:59:79:29:f5:38:c7:82:f0:12:
4f:73:12:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgaEjFLX+D2V0fLPC3hvq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjUwMTAxMDU0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzg1YTE5MzI4NTJmNjkwZTg4OWE0NTI3NmY3M2M5OTc0ZmMzNDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEEdgTUGOqi/4grj3hKRzysfUuFV
4WiD4djJyjmxyG+o6DJNn245nPcIe4wDk35dTZVOBu5VqLqQv9Vs90qgvxDdDvXr
1uoUdPtUhRxI+UjMDNelU2ir6Y2s5KsFNyI6TaOEjUEZr7oNgJ9PYXwKeWobX3aB
s+jgmdy0qoLni1MQvoJkOlYh0qshGqYpz6Qkq5Ln9vGWnMwy9O+bEZi999Y/jBYh
kiAkcMoj1lsZpRnrmGW5BUh9194dtuay0oDs88xqZGXNSDAGoRYZElTmfDXIjESt
5Be/5d5rpNCJz3hISa4jqefmAV0fTMVyTYVP+3jU1L3V5d7RFXMM2wsPTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPeFoZMoUvaQ6ImkUnb3PJl0/DR2MB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvOTRXaGt5aFM5cERvaWFSU2R2YzhtWFQ4TkhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW5daAwQA
W5ddMA0GCSqGSIb3DQEBCwUAA4IBAQCyFoLT2CwUukmb8niVpoPiW/bzWMZhsIjX
cpfNz6QJriq7kppCPPsjbKHlGaUPE9HSMP7qprw2y8U2oVNhio87ePV00r605p7u
TzHVbZiBGs56JZzO3XQFxEiSVobnIY8TwzapTBY82djKxI/hlLKSynUojwNNFa8N
lT6/vFS7lPChxlxJF9Amw2dvMoAyNV+UZj0ZMYu6UTLOmszX9meM6tokwnIb54u+
Kq+cmIs2DwfKs5Rq3NADK2qys8besAF3/+kZg/eujbGPm4NZLQ7AlfbXk2G525YN
Iw3zgOjXfsqqj9O2iRZU8aSjbVshZ/JexBZZeSn1OMeC8BJPcxL0
-----END CERTIFICATE-----
Generated at Sun Jun 8 21:08:43 2025 by rpki-client