Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/80841a-88ae-4b0e-8e25-48ae70161e79/1/AQ_KjEtM_pqJ2AYXfIwtthZXFag.roa
File: AQ_KjEtM_pqJ2AYXfIwtthZXFag.roa (raw, json)
Hash identifier: VJrFhJzxBkfwN4h9sElSbF2uvONObcMYUZAqNMaGbcA=
Subject key identifier: 01:0F:CA:8C:4B:4C:FE:9A:89:D8:06:17:7C:8C:2D:B6:16:57:15:A8
Certificate issuer: /CN=42dbcf9b8eb036043bb7f7b8d3386bce24d5dd6e
Certificate serial: 018CC9BCF9C329BBB5E3035891B9703669AC
Authority key identifier: 42:DB:CF:9B:8E:B0:36:04:3B:B7:F7:B8:D3:38:6B:CE:24:D5:DD:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QtvPm46wNgQ7t_e40zhrziTV3W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/80841a-88ae-4b0e-8e25-48ae70161e79/1/AQ_KjEtM_pqJ2AYXfIwtthZXFag.roa
Signing time: Tue 02 Jan 2024 10:34:14 +0000
ROA not before: Tue 02 Jan 2024 10:34:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212151
IP address blocks: 91.213.53.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:f9:c3:29:bb:b5:e3:03:58:91:b9:70:36:69:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42dbcf9b8eb036043bb7f7b8d3386bce24d5dd6e
Validity
Not Before: Jan 2 10:34:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=010fca8c4b4cfe9a89d806177c8c2db6165715a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ca:3f:f9:f8:d9:72:3d:28:ad:b8:cb:30:6d:
b6:e4:24:c6:4c:3b:3f:01:c7:8d:39:2e:08:35:a8:
db:51:30:2b:08:4f:a9:f7:a6:a0:f7:ad:76:eb:39:
e8:37:f1:76:73:dd:7f:fc:5a:e4:7c:9f:e9:ee:b8:
c9:37:2c:f0:f7:43:08:68:6f:87:81:df:08:af:2c:
4c:b0:bc:69:78:91:54:8d:3b:3a:46:07:6d:f0:fd:
00:81:6d:4d:fb:14:e4:9f:95:a8:bf:a9:2e:e4:19:
9a:67:1e:b7:e0:30:92:20:8c:83:16:e3:ca:3c:60:
31:36:11:3d:ae:61:4f:f7:0f:49:f5:1c:e3:67:e4:
a4:f0:8c:3d:ca:46:1b:6f:8e:1b:a4:fb:33:64:fd:
18:f5:3c:7d:d2:a9:3d:f4:ef:cf:e2:72:2d:68:fc:
1d:7f:d5:ef:08:c9:5b:43:02:8f:5a:f5:01:b4:b6:
6f:b1:60:d2:e0:38:a3:1d:0e:59:3e:8c:3c:65:39:
66:a2:eb:35:0e:79:42:b8:30:04:c3:5a:de:5b:69:
d9:46:d2:8f:c5:74:5a:4c:de:c6:ae:a4:a6:89:88:
a4:29:da:58:7b:02:9c:54:2b:73:38:67:4b:f5:e9:
82:76:d0:54:bd:b8:59:95:ad:7b:9d:b4:98:53:79:
54:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:0F:CA:8C:4B:4C:FE:9A:89:D8:06:17:7C:8C:2D:B6:16:57:15:A8
X509v3 Authority Key Identifier:
keyid:42:DB:CF:9B:8E:B0:36:04:3B:B7:F7:B8:D3:38:6B:CE:24:D5:DD:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QtvPm46wNgQ7t_e40zhrziTV3W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/80841a-88ae-4b0e-8e25-48ae70161e79/1/AQ_KjEtM_pqJ2AYXfIwtthZXFag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/80841a-88ae-4b0e-8e25-48ae70161e79/1/QtvPm46wNgQ7t_e40zhrziTV3W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.53.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:67:36:3b:62:10:5c:83:33:39:84:43:2b:aa:7e:ca:b8:1f:
51:c5:1a:bf:47:27:78:53:e7:42:9a:c3:0f:6b:30:c1:69:52:
f7:03:1b:3e:65:24:7f:51:69:4c:26:e1:81:d7:5c:d7:d4:e8:
2a:8d:c2:9b:fe:41:61:be:ed:69:62:5a:54:a1:ea:ee:42:28:
42:21:63:33:21:35:1e:3f:df:74:a3:d9:e6:79:9e:56:02:29:
36:5c:bb:04:e1:29:af:9d:3e:2f:8f:47:a6:ab:8e:52:24:55:
ca:a2:be:8a:17:80:a5:d2:fa:de:fd:98:4b:82:05:e2:04:37:
2b:46:1d:84:be:74:43:71:96:84:bb:96:7b:1e:ab:3d:da:18:
26:0b:9a:a3:91:9d:06:9f:59:2d:09:3e:9d:9c:cc:3e:ef:b3:
77:50:2c:5e:49:1f:b8:40:69:7a:38:90:a2:2d:a4:67:39:b0:
6f:54:e8:cc:58:d1:9a:4b:bd:3f:62:30:aa:71:e9:e0:4c:bb:
8f:7b:50:8f:22:55:a6:53:8a:d3:bd:c5:5d:f6:ab:bd:4b:57:
27:a7:7b:4b:7b:0f:3f:64:bb:87:b3:6d:6d:40:37:7c:32:92:
63:42:95:fa:16:33:bc:e2:56:b2:38:b2:3f:6a:23:90:7b:23:
64:d9:e3:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvPnDKbu14wNYkblwNmmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZGJjZjliOGViMDM2MDQzYmI3ZjdiOGQzMzg2YmNlMjRk
NWRkNmUwHhcNMjQwMTAyMTAzNDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTBmY2E4YzRiNGNmZTlhODlkODA2MTc3YzhjMmRiNjE2NTcxNWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMo/+fjZcj0orbjLMG225CTGTDs/
AceNOS4INajbUTArCE+p96ag96126znoN/F2c91//FrkfJ/p7rjJNyzw90MIaG+H
gd8IryxMsLxpeJFUjTs6Rgdt8P0AgW1N+xTkn5Wov6ku5BmaZx634DCSIIyDFuPK
PGAxNhE9rmFP9w9J9RzjZ+Sk8Iw9ykYbb44bpPszZP0Y9Tx90qk99O/P4nItaPwd
f9XvCMlbQwKPWvUBtLZvsWDS4DijHQ5ZPow8ZTlmous1DnlCuDAEw1reW2nZRtKP
xXRaTN7GrqSmiYikKdpYewKcVCtzOGdL9emCdtBUvbhZla17nbSYU3lUIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAEPyoxLTP6aidgGF3yMLbYWVxWoMB8GA1UdIwQY
MBaAFELbz5uOsDYEO7f3uNM4a84k1d1uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXR2UG00NndOZ1E3dF9lNDB6aHJ6aVRWM1c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC84MDg0MWEtODhhZS00YjBlLThlMjUt
NDhhZTcwMTYxZTc5LzEvQVFfS2pFdE1fcHFKMkFZWGZJd3R0aFpYRmFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC84MDg0MWEtODhhZS00YjBlLThlMjUtNDhhZTcwMTYxZTc5
LzEvUXR2UG00NndOZ1E3dF9lNDB6aHJ6aVRWM1c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9U1MA0G
CSqGSIb3DQEBCwUAA4IBAQB7ZzY7YhBcgzM5hEMrqn7KuB9RxRq/Ryd4U+dCmsMP
azDBaVL3Axs+ZSR/UWlMJuGB11zX1OgqjcKb/kFhvu1pYlpUoeruQihCIWMzITUe
P990o9nmeZ5WAik2XLsE4SmvnT4vj0emq45SJFXKor6KF4Cl0vre/ZhLggXiBDcr
Rh2EvnRDcZaEu5Z7Hqs92hgmC5qjkZ0Gn1ktCT6dnMw+77N3UCxeSR+4QGl6OJCi
LaRnObBvVOjMWNGaS70/YjCqcengTLuPe1CPIlWmU4rTvcVd9qu9S1cnp3tLew8/
ZLuHs21tQDd8MpJjQpX6FjO84layOLI/aiOQeyNk2eOX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:18 2025 by rpki-client