Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/12cd13-7f7b-4150-92b8-1880e7ef1db4/1/PKPsAw6TiIGg-AAN9xmKk190Z0k.roa
File: PKPsAw6TiIGg-AAN9xmKk190Z0k.roa (raw, json)
Hash identifier: FvxASslObwz/xLG32TYZ77PRS7JQ8hNT7OjhyLukeEg=
Subject key identifier: 3C:A3:EC:03:0E:93:88:81:A0:F8:00:0D:F7:19:8A:93:5F:74:67:49
Certificate issuer: /CN=0eacc662cebfad9fff9c0f87400cf0cf03f547a2
Certificate serial: 01910D123D7E2D0304146CE00D08C936DE04
Authority key identifier: 0E:AC:C6:62:CE:BF:AD:9F:FF:9C:0F:87:40:0C:F0:CF:03:F5:47:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DqzGYs6_rZ__nA-HQAzwzwP1R6I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/12cd13-7f7b-4150-92b8-1880e7ef1db4/1/PKPsAw6TiIGg-AAN9xmKk190Z0k.roa
Signing time: Thu 01 Aug 2024 08:33:04 +0000
ROA not before: Thu 01 Aug 2024 08:33:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198421
IP address blocks: 91.234.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0d:12:3d:7e:2d:03:04:14:6c:e0:0d:08:c9:36:de:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0eacc662cebfad9fff9c0f87400cf0cf03f547a2
Validity
Not Before: Aug 1 08:33:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ca3ec030e938881a0f8000df7198a935f746749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:60:11:d7:12:f9:0d:e0:3c:c8:21:0b:24:5f:
71:0f:60:90:74:37:77:7a:ce:08:7c:a0:13:77:06:
d3:62:e9:5f:43:c9:52:05:4a:49:6b:d1:39:9e:3f:
e4:8d:84:71:fa:1d:67:a9:66:a8:c3:05:9a:fc:1e:
33:e6:c1:66:29:26:eb:de:09:70:62:bf:ec:d9:4d:
fc:88:66:93:b2:a3:81:3e:da:ec:04:c8:ea:e4:bb:
de:d9:09:f2:68:73:47:7a:f3:90:6e:a3:98:6d:bf:
9f:2c:49:3d:cd:21:67:3f:ec:57:0c:d6:dc:2d:c8:
ec:2a:43:36:d3:93:d8:b6:c4:ba:ee:e7:30:ae:e7:
04:17:b8:1d:b8:ac:bf:0d:a5:7d:69:31:e6:49:16:
2e:69:ac:b0:4c:96:8a:fb:4e:d6:ac:39:72:a0:a8:
96:80:7b:d2:de:d6:e7:99:d2:50:8d:c4:cb:59:75:
00:e0:8f:81:74:08:80:2d:bd:c3:1e:01:6b:8c:b2:
1b:a5:fb:d7:82:06:c6:5f:90:77:00:f8:3a:62:61:
57:96:a6:f2:d1:cf:3a:fc:ab:71:a7:b9:2d:8e:7c:
60:74:e2:6b:7e:de:c3:2c:47:6f:d9:7c:e9:b7:28:
f4:9c:72:c5:03:b0:78:dd:4e:86:6c:e9:da:2c:34:
40:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A3:EC:03:0E:93:88:81:A0:F8:00:0D:F7:19:8A:93:5F:74:67:49
X509v3 Authority Key Identifier:
keyid:0E:AC:C6:62:CE:BF:AD:9F:FF:9C:0F:87:40:0C:F0:CF:03:F5:47:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DqzGYs6_rZ__nA-HQAzwzwP1R6I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/12cd13-7f7b-4150-92b8-1880e7ef1db4/1/PKPsAw6TiIGg-AAN9xmKk190Z0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/12cd13-7f7b-4150-92b8-1880e7ef1db4/1/DqzGYs6_rZ__nA-HQAzwzwP1R6I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.132.0/22
Signature Algorithm: sha256WithRSAEncryption
36:cd:78:86:4a:d7:43:3d:5b:b6:b2:3b:3b:0a:87:16:83:d5:
2b:d4:2d:d1:42:13:5d:66:13:27:be:1c:a6:30:9f:ee:1e:84:
e6:18:7c:da:e4:f0:8c:79:fa:dd:c1:c0:d1:e2:1e:ca:0a:fb:
61:3e:b9:3f:b3:7e:e0:29:81:7d:90:23:1a:b3:6e:f5:4e:46:
85:a3:37:31:38:86:b3:b9:46:e3:13:6a:93:de:10:0d:0c:05:
3f:ce:ed:b3:87:f4:e9:4c:87:c4:9c:a8:6a:d8:e5:63:65:64:
fe:4f:bb:c4:16:36:78:7b:52:d9:74:77:23:ab:bb:b7:f9:ba:
98:ce:8e:78:27:01:c5:96:b7:e5:b6:30:91:e5:d0:bc:2c:b6:
89:58:08:8d:2f:cb:eb:1d:73:12:96:99:97:5b:ea:5e:45:d9:
7f:e5:4f:ce:cc:6f:9c:41:2c:f9:2d:8c:c8:f9:2b:2d:5a:0e:
d5:ee:c1:bb:48:2f:15:15:4f:36:7c:61:92:3c:52:e7:a2:a0:
81:fa:47:c1:3f:a9:cc:7c:fd:13:a6:e4:5d:d2:22:49:d0:4a:
23:2b:ad:5c:67:a0:c6:2c:39:a3:db:cf:fe:c5:02:9f:0c:cb:
8c:48:74:e3:c5:71:f8:f3:4a:1f:34:a6:6f:1a:8a:96:fc:d6:
ba:fc:12:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZENEj1+LQMEFGzgDQjJNt4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlYWNjNjYyY2ViZmFkOWZmZjljMGY4NzQwMGNmMGNmMDNm
NTQ3YTIwHhcNMjQwODAxMDgzMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2EzZWMwMzBlOTM4ODgxYTBmODAwMGRmNzE5OGE5MzVmNzQ2NzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2AR1xL5DeA8yCELJF9xD2CQdDd3
es4IfKATdwbTYulfQ8lSBUpJa9E5nj/kjYRx+h1nqWaowwWa/B4z5sFmKSbr3glw
Yr/s2U38iGaTsqOBPtrsBMjq5Lve2QnyaHNHevOQbqOYbb+fLEk9zSFnP+xXDNbc
LcjsKkM205PYtsS67ucwrucEF7gduKy/DaV9aTHmSRYuaaywTJaK+07WrDlyoKiW
gHvS3tbnmdJQjcTLWXUA4I+BdAiALb3DHgFrjLIbpfvXggbGX5B3APg6YmFXlqby
0c86/Ktxp7ktjnxgdOJrft7DLEdv2Xzptyj0nHLFA7B43U6GbOnaLDRAmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyj7AMOk4iBoPgADfcZipNfdGdJMB8GA1UdIwQY
MBaAFA6sxmLOv62f/5wPh0AM8M8D9UeiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHF6R1lzNl9yWl9fbkEtSFFBend6d1AxUjZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8xMmNkMTMtN2Y3Yi00MTUwLTkyYjgt
MTg4MGU3ZWYxZGI0LzEvUEtQc0F3NlRpSUdnLUFBTjl4bUtrMTkwWjBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8xMmNkMTMtN2Y3Yi00MTUwLTkyYjgtMTg4MGU3ZWYxZGI0
LzEvRHF6R1lzNl9yWl9fbkEtSFFBend6d1AxUjZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+qEMA0G
CSqGSIb3DQEBCwUAA4IBAQA2zXiGStdDPVu2sjs7CocWg9Ur1C3RQhNdZhMnvhym
MJ/uHoTmGHza5PCMefrdwcDR4h7KCvthPrk/s37gKYF9kCMas271TkaFozcxOIaz
uUbjE2qT3hANDAU/zu2zh/TpTIfEnKhq2OVjZWT+T7vEFjZ4e1LZdHcjq7u3+bqY
zo54JwHFlrfltjCR5dC8LLaJWAiNL8vrHXMSlpmXW+peRdl/5U/OzG+cQSz5LYzI
+SstWg7V7sG7SC8VFU82fGGSPFLnoqCB+kfBP6nMfP0TpuRd0iJJ0EojK61cZ6DG
LDmj28/+xQKfDMuMSHTjxXH480ofNKZvGoqW/Na6/BLE
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:03:24 2025 by rpki-client