Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/ac9e_nqorTDs2nn4QJmy3LQvVVM.roa
File: ac9e_nqorTDs2nn4QJmy3LQvVVM.roa (raw, json)
Hash identifier: lLHDIsMfd+QE0sJ71d2JPv7bPMTYP6IMOnVWsON8qzo=
Subject key identifier: 69:CF:5E:FE:7A:A8:AD:30:EC:DA:79:F8:40:99:B2:DC:B4:2F:55:53
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 01942068494B42B1AC214C206CA5922F6E69
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/ac9e_nqorTDs2nn4QJmy3LQvVVM.roa
Signing time: Wed 01 Jan 2025 05:48:12 +0000
ROA not before: Wed 01 Jan 2025 05:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207459
IP address blocks: 91.151.90.0/24 maxlen: 32
91.151.93.0/24 maxlen: 32
Validation: Failed, certificate revoked on Tue 07 Jan 2025 22:08:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:49:4b:42:b1:ac:21:4c:20:6c:a5:92:2f:6e:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 1 05:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69cf5efe7aa8ad30ecda79f84099b2dcb42f5553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3d:4e:ef:91:f7:d1:6d:70:11:a3:83:c8:ab:
bd:f0:5c:55:9b:08:14:87:23:c3:01:60:1f:0b:7c:
77:ee:90:3c:31:a8:13:42:ff:14:dc:f3:e3:11:54:
05:3c:79:fb:6a:62:31:fe:27:bb:6f:39:23:c3:7c:
98:81:e7:20:7c:88:a0:98:d8:99:1f:b6:fd:fe:a9:
7e:ff:4e:db:40:73:01:ec:f1:0e:28:25:34:66:ab:
2b:3e:82:fe:24:b2:01:47:17:44:27:5f:85:39:16:
30:c5:f8:d2:e0:4e:a0:1e:07:c2:83:a7:d2:95:0d:
ab:2f:6e:07:36:17:3e:a3:29:4d:4f:aa:fc:78:2d:
e7:be:67:b7:ff:08:42:f7:11:d4:b9:c0:23:ec:7d:
10:e5:48:53:30:87:82:d6:2d:3a:67:f2:3b:2d:04:
b5:47:ce:3e:79:7d:fd:42:63:af:4e:cf:bf:78:0d:
92:8c:27:e2:ae:5a:ec:39:8b:d7:bb:72:0f:87:fb:
11:27:28:90:30:13:ee:66:a3:a8:41:80:3b:8c:5f:
29:54:97:70:3e:a0:a9:97:d5:f9:aa:65:e5:8c:23:
cc:ab:4a:cd:1b:31:1a:f5:0a:ce:e1:1d:06:43:0a:
c2:99:c0:c2:76:14:59:04:09:72:ff:f0:eb:ac:bf:
f5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CF:5E:FE:7A:A8:AD:30:EC:DA:79:F8:40:99:B2:DC:B4:2F:55:53
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/ac9e_nqorTDs2nn4QJmy3LQvVVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.90.0/24
91.151.93.0/24
Signature Algorithm: sha256WithRSAEncryption
d9:b8:be:18:d2:69:26:fe:69:1c:92:32:d4:63:a9:05:61:a5:
dd:94:96:f9:94:13:b8:f7:c4:e3:ee:c0:82:f2:eb:79:db:c9:
46:a9:d3:50:06:cc:e4:11:27:2b:44:c8:33:9c:a6:4c:d4:03:
dd:35:ce:80:1f:3e:96:45:53:ba:ac:d0:54:5b:6c:c8:71:b8:
45:71:fb:c4:b9:34:60:70:01:32:03:0c:a8:de:a3:37:08:74:
01:cd:d8:13:99:8a:00:a2:69:6f:38:3a:ef:63:c0:42:2e:a9:
40:3f:eb:d0:82:4a:32:5a:52:9b:5d:9a:ef:fa:78:64:2a:d9:
4b:9d:2b:75:1d:21:e0:03:e6:79:88:81:21:30:78:f3:e6:02:
ef:dc:b9:b7:2c:0a:27:c6:fd:4e:c7:10:93:a2:f2:a8:ea:1c:
6b:ab:12:90:31:f7:eb:b3:a6:4f:0c:95:99:b6:1a:b7:d3:e4:
20:83:94:20:57:3f:a3:c6:42:7d:16:18:1a:40:be:5a:ca:29:
0a:66:db:9e:88:39:b2:fa:55:7c:05:45:36:5a:e9:a5:31:2a:
4e:e3:3d:29:b3:a0:9b:2a:85:dd:2a:64:91:7c:68:a2:9b:51:
ea:2c:6e:a5:bd:0b:3f:6d:df:2c:58:b4:b9:af:5a:01:2a:dc:
45:f3:1a:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgaElLQrGsIUwgbKWSL25pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjUwMTAxMDU0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWNmNWVmZTdhYThhZDMwZWNkYTc5Zjg0MDk5YjJkY2I0MmY1NTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkz1O75H30W1wEaODyKu98FxVmwgU
hyPDAWAfC3x37pA8MagTQv8U3PPjEVQFPHn7amIx/ie7bzkjw3yYgecgfIigmNiZ
H7b9/ql+/07bQHMB7PEOKCU0ZqsrPoL+JLIBRxdEJ1+FORYwxfjS4E6gHgfCg6fS
lQ2rL24HNhc+oylNT6r8eC3nvme3/whC9xHUucAj7H0Q5UhTMIeC1i06Z/I7LQS1
R84+eX39QmOvTs+/eA2SjCfirlrsOYvXu3IPh/sRJyiQMBPuZqOoQYA7jF8pVJdw
PqCpl9X5qmXljCPMq0rNGzEa9QrO4R0GQwrCmcDCdhRZBAly//DrrL/1QQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGnPXv56qK0w7Np5+ECZsty0L1VTMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvYWM5ZV9ucW9yVERzMm5uNFFKbXkzTFF2VlZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW5daAwQA
W5ddMA0GCSqGSIb3DQEBCwUAA4IBAQDZuL4Y0mkm/mkckjLUY6kFYaXdlJb5lBO4
98Tj7sCC8ut528lGqdNQBszkEScrRMgznKZM1APdNc6AHz6WRVO6rNBUW2zIcbhF
cfvEuTRgcAEyAwyo3qM3CHQBzdgTmYoAomlvODrvY8BCLqlAP+vQgkoyWlKbXZrv
+nhkKtlLnSt1HSHgA+Z5iIEhMHjz5gLv3Lm3LAonxv1OxxCTovKo6hxrqxKQMffr
s6ZPDJWZthq30+Qgg5QgVz+jxkJ9FhgaQL5ayikKZtueiDmy+lV8BUU2WumlMSpO
4z0ps6CbKoXdKmSRfGiim1HqLG6lvQs/bd8sWLS5r1oBKtxF8xrO
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:11:04 2025 by rpki-client