Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/9FIrAlPtNpupbtCnkh9TLPuCrY0.roa
File: 9FIrAlPtNpupbtCnkh9TLPuCrY0.roa (raw, json)
Hash identifier: KuHcCer+s6utgvn1gaXCeTdd2+/5Sjow6jRwnUDbJUA=
Subject key identifier: F4:52:2B:02:53:ED:36:9B:A9:6E:D0:A7:92:1F:53:2C:FB:82:AD:8D
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 01943C68F50D5DC9F543C13388677230B3D9
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/9FIrAlPtNpupbtCnkh9TLPuCrY0.roa
Signing time: Mon 06 Jan 2025 16:18:18 +0000
ROA not before: Mon 06 Jan 2025 16:18:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210574
IP address blocks: 91.151.90.0/24 maxlen: 32
91.151.93.0/24 maxlen: 32
213.142.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 22:08:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3c:68:f5:0d:5d:c9:f5:43:c1:33:88:67:72:30:b3:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 6 16:18:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4522b0253ed369ba96ed0a7921f532cfb82ad8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:75:ea:71:c8:48:6b:ca:9c:58:a4:54:1b:7b:
6a:c8:cc:57:28:eb:40:a6:ee:c0:ea:c2:16:6e:8f:
1b:b0:0b:56:44:01:24:50:09:15:75:2c:43:3f:c7:
cf:f2:93:bc:93:72:37:a4:86:93:f9:d1:48:6c:16:
ec:46:e8:0b:dd:c7:69:3e:7c:9f:e2:39:51:89:7e:
8e:9b:6b:d6:c2:84:dd:2d:a1:a1:fb:0f:ad:b0:04:
16:dd:a8:06:1c:f0:ef:5d:be:a6:cd:5b:a8:11:ce:
d4:c5:0e:f9:e0:c9:06:39:94:eb:f6:ca:13:f0:52:
b4:fb:ee:29:0a:35:e4:7f:ad:7d:ea:0f:cb:f0:9f:
fb:7e:46:c9:5d:fc:40:f2:53:91:5b:67:11:5f:ce:
a3:e5:d8:46:6e:c9:48:87:25:0d:79:10:af:b4:fd:
aa:d8:bc:b5:4d:25:09:15:53:f9:12:a1:d0:fd:bb:
8a:45:c8:67:bf:c9:32:56:8a:c4:a4:67:60:54:6b:
f1:b9:32:02:67:2d:b0:4b:28:dc:ff:bd:57:48:13:
8b:65:69:bf:79:8f:ca:4c:bb:90:41:9e:1f:36:9d:
8b:cf:bd:f5:6e:1f:3a:ce:d5:53:fc:cd:fd:48:ce:
13:4e:d8:b5:30:83:2b:55:27:fa:85:3d:19:e3:99:
60:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:52:2B:02:53:ED:36:9B:A9:6E:D0:A7:92:1F:53:2C:FB:82:AD:8D
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/9FIrAlPtNpupbtCnkh9TLPuCrY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.90.0/24
91.151.93.0/24
213.142.157.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:4f:4c:9d:8c:6e:52:c3:fa:23:a8:9e:c1:aa:b8:8f:22:f3:
41:0b:da:5d:98:8c:03:2f:63:f1:c3:be:92:15:60:2a:4a:16:
ef:a0:aa:7c:f7:ff:d1:c0:7a:db:0b:fc:e0:2d:08:ff:bf:a8:
0c:93:63:71:25:0a:c2:fa:6d:2c:00:18:c6:d2:fe:59:3e:8a:
4c:e4:d1:ab:ce:41:5c:fe:62:ba:35:67:a1:cd:9f:79:d4:63:
db:bf:ec:f5:50:33:c8:2b:8e:0c:cb:85:42:6a:c0:96:8e:a5:
45:18:45:a7:c6:cb:a3:70:45:9d:cb:1d:82:9c:a1:41:47:9a:
38:f3:fd:7e:bd:b8:62:55:69:43:a3:10:4f:e4:cb:70:65:fd:
27:7f:dd:b3:c5:3f:82:66:59:f2:bc:fc:51:de:3c:c7:ea:c3:
3a:d8:b4:fb:03:bc:d7:be:d1:7e:d7:30:ed:56:58:cf:42:29:
91:ce:2d:6b:ba:79:e4:46:c2:52:db:ab:b1:34:79:ae:1d:f4:
59:1a:97:ff:f4:a5:f5:97:c3:ab:9c:56:8d:2e:bf:a9:69:28:
83:79:8c:06:48:09:85:2c:dd:51:95:e3:12:b1:ae:16:91:d4:
a6:ac:27:0b:03:c5:97:e6:48:5d:dc:a9:9a:8e:7c:0a:5d:04:
72:51:0d:24
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQ8aPUNXcn1Q8EziGdyMLPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjUwMTA2MTYxODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDUyMmIwMjUzZWQzNjliYTk2ZWQwYTc5MjFmNTMyY2ZiODJhZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7HXqcchIa8qcWKRUG3tqyMxXKOtA
pu7A6sIWbo8bsAtWRAEkUAkVdSxDP8fP8pO8k3I3pIaT+dFIbBbsRugL3cdpPnyf
4jlRiX6Om2vWwoTdLaGh+w+tsAQW3agGHPDvXb6mzVuoEc7UxQ754MkGOZTr9soT
8FK0++4pCjXkf6196g/L8J/7fkbJXfxA8lORW2cRX86j5dhGbslIhyUNeRCvtP2q
2Ly1TSUJFVP5EqHQ/buKRchnv8kyVorEpGdgVGvxuTICZy2wSyjc/71XSBOLZWm/
eY/KTLuQQZ4fNp2Lz731bh86ztVT/M39SM4TTti1MIMrVSf6hT0Z45lg/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPRSKwJT7TabqW7Qp5IfUyz7gq2NMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvOUZJckFsUHROcHVwYnRDbmtoOVRMUHVDclkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW5daAwQA
W5ddAwQA1Y6dMA0GCSqGSIb3DQEBCwUAA4IBAQCtT0ydjG5Sw/ojqJ7BqriPIvNB
C9pdmIwDL2Pxw76SFWAqShbvoKp89//RwHrbC/zgLQj/v6gMk2NxJQrC+m0sABjG
0v5ZPopM5NGrzkFc/mK6NWehzZ951GPbv+z1UDPIK44My4VCasCWjqVFGEWnxsuj
cEWdyx2CnKFBR5o48/1+vbhiVWlDoxBP5MtwZf0nf92zxT+CZlnyvPxR3jzH6sM6
2LT7A7zXvtF+1zDtVljPQimRzi1runnkRsJS26uxNHmuHfRZGpf/9KX1l8OrnFaN
Lr+paSiDeYwGSAmFLN1RleMSsa4WkdSmrCcLA8WX5khd3KmajnwKXQRyUQ0k
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:13:04 2025 by rpki-client