Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/9d4bef-8ebd-4fdb-aaf0-e09bc4eae189/1/jU3ZzCpmUYFdQO8lBsVR-TR-A2w.roa
File: jU3ZzCpmUYFdQO8lBsVR-TR-A2w.roa (raw, json)
Hash identifier: xLl+5Pz0cEQbLB/43uZT99BaHUOtJfniOiG2ZjiXQ04=
Subject key identifier: 8D:4D:D9:CC:2A:66:51:81:5D:40:EF:25:06:C5:51:F9:34:7E:03:6C
Certificate issuer: /CN=0f34477aa0f0123138c0472f5b3528e4d2193e68
Certificate serial: 0194244583A1727ACA45D06134032A66D878
Authority key identifier: 0F:34:47:7A:A0:F0:12:31:38:C0:47:2F:5B:35:28:E4:D2:19:3E:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DzRHeqDwEjE4wEcvWzUo5NIZPmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/9d4bef-8ebd-4fdb-aaf0-e09bc4eae189/1/jU3ZzCpmUYFdQO8lBsVR-TR-A2w.roa
Signing time: Wed 01 Jan 2025 23:48:42 +0000
ROA not before: Wed 01 Jan 2025 23:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198108
IP address blocks: 91.216.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 13:39:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:83:a1:72:7a:ca:45:d0:61:34:03:2a:66:d8:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f34477aa0f0123138c0472f5b3528e4d2193e68
Validity
Not Before: Jan 1 23:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d4dd9cc2a6651815d40ef2506c551f9347e036c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:50:df:6a:be:c9:62:54:38:e3:0e:c1:53:f7:
c6:25:00:b8:0e:28:f3:10:0b:2e:93:98:9e:1f:1b:
5a:bc:1a:14:b7:71:b9:43:5c:27:d8:80:52:87:d4:
35:e7:34:90:68:c4:30:0b:31:77:8b:56:97:0d:d2:
51:aa:17:b0:64:04:4a:9c:0a:c8:13:cd:7a:d7:09:
43:d9:4a:cb:cd:84:80:97:2e:01:7a:4f:c4:e3:bf:
71:b9:6e:fe:f4:2f:a4:15:9c:96:c0:b5:7c:06:79:
d6:ea:94:d0:20:ba:0f:49:6d:50:82:57:28:56:ad:
60:27:59:1a:a2:93:dd:85:aa:25:f1:48:09:17:66:
f9:78:70:15:b8:12:22:9a:02:28:9b:ec:d3:5f:a9:
1e:3b:4d:91:d0:22:12:d6:67:0a:fe:98:f7:75:b2:
3f:7d:6f:8e:80:ae:de:a4:e8:b6:36:41:05:a9:2b:
3f:94:4a:4e:1b:09:5e:09:f2:e5:71:0e:46:c3:ef:
a2:24:bf:74:76:68:7f:ba:5f:5c:84:36:99:4e:ee:
72:7e:55:70:db:e2:33:56:9c:9c:72:4d:a0:b2:8e:
19:fb:6d:f3:9c:ee:97:d0:20:3d:1f:ac:7b:e0:72:
b7:5e:72:76:35:24:e2:20:66:2c:68:ee:29:9e:d7:
6c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:4D:D9:CC:2A:66:51:81:5D:40:EF:25:06:C5:51:F9:34:7E:03:6C
X509v3 Authority Key Identifier:
keyid:0F:34:47:7A:A0:F0:12:31:38:C0:47:2F:5B:35:28:E4:D2:19:3E:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DzRHeqDwEjE4wEcvWzUo5NIZPmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/9d4bef-8ebd-4fdb-aaf0-e09bc4eae189/1/jU3ZzCpmUYFdQO8lBsVR-TR-A2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/9d4bef-8ebd-4fdb-aaf0-e09bc4eae189/1/DzRHeqDwEjE4wEcvWzUo5NIZPmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.232.0/24
Signature Algorithm: sha256WithRSAEncryption
21:ab:43:81:b0:8c:fd:dc:ac:a9:0c:9e:94:db:34:73:bd:0f:
52:8d:14:ab:e7:d9:e5:7b:50:ba:a5:77:34:79:2a:44:87:1f:
94:4d:d1:b4:dd:37:86:da:bd:25:8d:e1:4c:9c:6a:9a:a0:f9:
cd:36:7a:84:ed:90:90:60:07:e1:bd:63:eb:b3:44:20:66:2b:
88:5c:e4:07:ed:fc:81:62:02:ef:0c:dd:1d:b4:a6:82:bb:99:
e7:8b:87:ee:09:31:92:a8:02:72:4e:94:99:61:ef:72:5d:d6:
91:ac:f1:b1:a1:0a:65:dc:c0:39:5b:ae:72:d0:22:7c:ba:66:
55:50:5f:0e:ac:bd:99:3d:f8:54:aa:2f:b4:f7:08:e1:2c:35:
db:75:64:13:96:18:86:ee:b4:78:00:39:c6:d5:45:0d:4c:3a:
89:f1:46:1a:9a:58:e9:f2:5b:99:f5:f3:e8:d5:d3:0a:96:59:
11:a3:ce:e3:7a:04:bf:10:73:34:2d:05:49:33:1a:a0:77:2b:
2a:ae:d6:ff:ef:95:4c:5e:45:69:ab:40:06:4b:15:66:30:5e:
e4:09:f3:5d:53:13:d2:7d:d3:91:0b:d9:60:14:52:c0:81:d0:
5d:58:6f:74:d2:af:34:cf:61:34:e4:72:a4:d3:7f:93:fd:dd:
6f:63:e9:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRYOhcnrKRdBhNAMqZth4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMzQ0NzdhYTBmMDEyMzEzOGMwNDcyZjViMzUyOGU0ZDIx
OTNlNjgwHhcNMjUwMTAxMjM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDRkZDljYzJhNjY1MTgxNWQ0MGVmMjUwNmM1NTFmOTM0N2UwMzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1Dfar7JYlQ44w7BU/fGJQC4Dijz
EAsuk5ieHxtavBoUt3G5Q1wn2IBSh9Q15zSQaMQwCzF3i1aXDdJRqhewZARKnArI
E8161wlD2UrLzYSAly4Bek/E479xuW7+9C+kFZyWwLV8BnnW6pTQILoPSW1Qglco
Vq1gJ1kaopPdhaol8UgJF2b5eHAVuBIimgIom+zTX6keO02R0CIS1mcK/pj3dbI/
fW+OgK7epOi2NkEFqSs/lEpOGwleCfLlcQ5Gw++iJL90dmh/ul9chDaZTu5yflVw
2+IzVpycck2gso4Z+23znO6X0CA9H6x74HK3XnJ2NSTiIGYsaO4pntdsMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI1N2cwqZlGBXUDvJQbFUfk0fgNsMB8GA1UdIwQY
MBaAFA80R3qg8BIxOMBHL1s1KOTSGT5oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHpSSGVxRHdFakU0d0Vjdld6VW81TklaUG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85ZDRiZWYtOGViZC00ZmRiLWFhZjAt
ZTA5YmM0ZWFlMTg5LzEvalUzWnpDcG1VWUZkUU84bEJzVlItVFItQTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85ZDRiZWYtOGViZC00ZmRiLWFhZjAtZTA5YmM0ZWFlMTg5
LzEvRHpSSGVxRHdFakU0d0Vjdld6VW81TklaUG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9joMA0G
CSqGSIb3DQEBCwUAA4IBAQAhq0OBsIz93KypDJ6U2zRzvQ9SjRSr59nle1C6pXc0
eSpEhx+UTdG03TeG2r0ljeFMnGqaoPnNNnqE7ZCQYAfhvWPrs0QgZiuIXOQH7fyB
YgLvDN0dtKaCu5nni4fuCTGSqAJyTpSZYe9yXdaRrPGxoQpl3MA5W65y0CJ8umZV
UF8OrL2ZPfhUqi+09wjhLDXbdWQTlhiG7rR4ADnG1UUNTDqJ8UYamljp8luZ9fPo
1dMKllkRo87jegS/EHM0LQVJMxqgdysqrtb/75VMXkVpq0AGSxVmMF7kCfNdUxPS
fdORC9lgFFLAgdBdWG900q80z2E05HKk03+T/d1vY+nT
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:38:28 2025 by rpki-client