Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/_2hTbWfhWCx34GTtA6Wm34xXyqE.roa
File: _2hTbWfhWCx34GTtA6Wm34xXyqE.roa (raw, json)
Hash identifier: 1ACaV7DUVbu8zDyXdwSfqbdMA/8IGVI+azLYCDbs8Rg=
Subject key identifier: FF:68:53:6D:67:E1:58:2C:77:E0:64:ED:03:A5:A6:DF:8C:57:CA:A1
Certificate issuer: /CN=009267f3e3b9e1ebb979969080b0dfab24c3601a
Certificate serial: 0194CC04AEBD369E55DDAE19670D326A27B2
Authority key identifier: 00:92:67:F3:E3:B9:E1:EB:B9:79:96:90:80:B0:DF:AB:24:C3:60:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AJJn8-O54eu5eZaQgLDfqyTDYBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/_2hTbWfhWCx34GTtA6Wm34xXyqE.roa
Signing time: Mon 03 Feb 2025 13:34:06 +0000
ROA not before: Mon 03 Feb 2025 13:34:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57912
IP address blocks: 91.236.144.0/24 maxlen: 24
91.236.145.0/24 maxlen: 24
91.236.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Feb 2025 13:35:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cc:04:ae:bd:36:9e:55:dd:ae:19:67:0d:32:6a:27:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=009267f3e3b9e1ebb979969080b0dfab24c3601a
Validity
Not Before: Feb 3 13:34:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff68536d67e1582c77e064ed03a5a6df8c57caa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b6:87:c0:4d:8d:82:4f:29:c7:bf:f9:5a:99:
81:8d:41:ed:60:fb:dd:45:05:af:70:6a:7e:1d:b5:
cf:d0:10:5f:9e:b4:83:29:f6:0c:43:49:2e:40:38:
27:ba:21:e9:06:88:67:5c:52:d3:bb:69:3d:80:5b:
e1:fa:25:b9:65:6c:19:c0:1b:3a:fe:ae:d3:7f:03:
6b:c3:17:7a:e9:f3:01:cf:cb:f0:93:64:fd:78:70:
59:7b:5c:1c:77:c7:07:b1:98:10:50:7e:40:cc:0f:
0b:e7:3a:af:e3:5c:06:f0:f7:10:15:d1:dd:13:55:
57:e2:7f:5e:cb:80:76:1d:3e:52:6e:1e:1e:bd:c0:
03:95:80:ed:80:ac:6d:db:cf:cc:95:bb:5d:41:c2:
25:34:d2:30:e0:7c:f0:b1:de:7e:7d:ab:e3:1f:36:
3c:7c:15:20:12:91:03:40:cf:09:ea:7a:92:e9:d4:
ff:4d:5f:72:06:e0:ae:c9:f6:dc:8b:4a:60:86:6d:
04:b9:c3:23:72:05:5b:e5:68:73:46:00:4c:b1:fc:
98:7f:58:c4:1c:12:b6:4c:f1:fb:3a:0e:8c:eb:09:
b5:c3:8f:23:03:58:89:b4:7d:d7:af:a7:14:08:03:
8d:21:2b:72:07:b5:8e:64:eb:f5:5d:62:6f:77:30:
95:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:68:53:6D:67:E1:58:2C:77:E0:64:ED:03:A5:A6:DF:8C:57:CA:A1
X509v3 Authority Key Identifier:
keyid:00:92:67:F3:E3:B9:E1:EB:B9:79:96:90:80:B0:DF:AB:24:C3:60:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AJJn8-O54eu5eZaQgLDfqyTDYBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/_2hTbWfhWCx34GTtA6Wm34xXyqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/AJJn8-O54eu5eZaQgLDfqyTDYBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.144.0-91.236.146.255
Signature Algorithm: sha256WithRSAEncryption
14:dd:3c:93:06:b3:a9:fc:e1:54:3a:5e:ed:ed:c2:28:ac:4e:
8b:74:ab:40:be:5c:eb:d8:f0:67:ae:3f:59:26:3e:c7:e4:a7:
66:16:56:62:e9:58:a5:65:25:bd:71:e4:97:3e:17:33:44:0a:
48:4c:d3:f7:0d:64:99:3b:99:6a:2a:64:53:1e:69:5e:94:2f:
75:49:93:dc:05:70:e1:2b:18:c7:08:eb:e9:7b:ca:5d:b3:ec:
0b:41:80:43:7e:da:e1:c1:af:91:10:e8:ac:1b:e4:ab:46:96:
89:27:05:51:75:1b:f9:82:50:93:02:dc:02:60:48:84:d5:54:
54:2c:40:95:ec:5c:b6:79:ff:41:78:e6:1b:71:1b:f6:3e:6a:
d6:aa:ab:73:74:f4:f9:0b:6a:d1:be:0b:1b:07:d5:f0:8e:6d:
39:87:12:73:77:4a:9d:b9:19:d2:a9:30:c7:c9:6f:36:51:ea:
69:d0:d9:69:13:e4:bd:bd:c2:b6:9d:81:55:37:ea:89:f8:ae:
de:4e:f9:d9:ac:1f:df:89:61:a7:43:e3:83:d0:b3:88:f5:16:
e9:be:da:c0:32:6d:8b:f9:0c:a2:92:5c:53:fe:87:f9:48:d7:
0d:18:5d:32:46:fe:7c:65:2e:c3:8f:73:a2:b8:19:37:ca:12:
cd:65:19:90
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZTMBK69Np5V3a4ZZw0yaieyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwOTI2N2YzZTNiOWUxZWJiOTc5OTY5MDgwYjBkZmFiMjRj
MzYwMWEwHhcNMjUwMjAzMTMzNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjY4NTM2ZDY3ZTE1ODJjNzdlMDY0ZWQwM2E1YTZkZjhjNTdjYWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxraHwE2Ngk8px7/5WpmBjUHtYPvd
RQWvcGp+HbXP0BBfnrSDKfYMQ0kuQDgnuiHpBohnXFLTu2k9gFvh+iW5ZWwZwBs6
/q7TfwNrwxd66fMBz8vwk2T9eHBZe1wcd8cHsZgQUH5AzA8L5zqv41wG8PcQFdHd
E1VX4n9ey4B2HT5Sbh4evcADlYDtgKxt28/MlbtdQcIlNNIw4Hzwsd5+favjHzY8
fBUgEpEDQM8J6nqS6dT/TV9yBuCuyfbci0pghm0EucMjcgVb5WhzRgBMsfyYf1jE
HBK2TPH7Og6M6wm1w48jA1iJtH3Xr6cUCAONIStyB7WOZOv1XWJvdzCVTQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFP9oU21n4Vgsd+Bk7QOlpt+MV8qhMB8GA1UdIwQY
MBaAFACSZ/PjueHruXmWkICw36skw2AaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUpKbjgtTzU0ZXU1ZVphUWdMRGZxeVREWUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9mNGRiYTYtNmQ5NC00MTBmLTliZTIt
ZDY5MDM4MjUwMThjLzEvXzJoVGJXZmhXQ3gzNEdUdEE2V20zNHhYeXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9mNGRiYTYtNmQ5NC00MTBmLTliZTItZDY5MDM4MjUwMThj
LzEvQUpKbjgtTzU0ZXU1ZVphUWdMRGZxeVREWUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARb7JAD
BABb7JIwDQYJKoZIhvcNAQELBQADggEBABTdPJMGs6n84VQ6Xu3twiisTot0q0C+
XOvY8GeuP1kmPsfkp2YWVmLpWKVlJb1x5Jc+FzNECkhM0/cNZJk7mWoqZFMeaV6U
L3VJk9wFcOErGMcI6+l7yl2z7AtBgEN+2uHBr5EQ6Kwb5KtGloknBVF1G/mCUJMC
3AJgSITVVFQsQJXsXLZ5/0F45htxG/Y+ataqq3N09PkLatG+CxsH1fCObTmHEnN3
Sp25GdKpMMfJbzZR6mnQ2WkT5L29wradgVU36on4rt5O+dmsH9+JYadD44PQs4j1
Fum+2sAybYv5DKKSXFP+h/lI1w0YXTJG/nxlLsOPc6K4GTfKEs1lGZA=
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:39:59 2025 by rpki-client