Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/sa9s8EcvaAPIpNU6hftZGGAIuOU.roa
File: sa9s8EcvaAPIpNU6hftZGGAIuOU.roa (raw, json)
Hash identifier: /thVTg53e7hF0Tm1ZXPFcYPRC+Hb598s2gXx0varwp0=
Subject key identifier: B1:AF:6C:F0:47:2F:68:03:C8:A4:D5:3A:85:FB:59:18:60:08:B8:E5
Certificate issuer: /CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Certificate serial: 0194CB1A4EC2B5768573B926327E4B083CDD
Authority key identifier: 7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/sa9s8EcvaAPIpNU6hftZGGAIuOU.roa
Signing time: Mon 03 Feb 2025 09:18:06 +0000
ROA not before: Mon 03 Feb 2025 09:18:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213744
IP address blocks: 91.142.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Feb 2025 09:42:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:1a:4e:c2:b5:76:85:73:b9:26:32:7e:4b:08:3c:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Validity
Not Before: Feb 3 09:18:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1af6cf0472f6803c8a4d53a85fb59186008b8e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f7:0a:1d:28:6c:65:97:a4:b8:8f:ca:d0:c6:
60:97:01:9f:c7:f3:ee:37:21:9f:0f:e7:bf:cc:a8:
b3:34:25:64:3c:e9:d3:0e:d8:6b:0e:b6:bb:f1:e0:
99:53:ba:3f:c6:6a:a7:ee:3c:94:7f:c9:bc:c6:25:
8f:81:84:86:4a:40:b2:c4:c1:95:c3:ac:42:b7:19:
4c:a9:44:a4:1d:e0:39:65:f9:6d:0a:3b:3b:f3:20:
55:5f:01:c4:4b:d6:51:c5:27:d9:3a:76:c5:23:d1:
25:9a:18:56:a5:f6:1b:9e:5f:02:18:9e:3c:17:d8:
b7:ca:a0:43:d2:59:58:81:05:ec:97:bc:fb:e0:15:
31:a7:58:81:7a:f8:13:5b:99:5b:0d:1a:b0:40:e6:
e6:07:2e:aa:d7:a1:cb:70:dc:c2:73:d8:c5:64:22:
9d:01:11:ea:18:71:d7:25:46:b3:71:88:39:65:00:
32:a7:29:80:90:1e:4c:ca:f2:76:f6:94:35:e1:6c:
1c:be:ce:13:30:7c:e0:c8:25:e8:85:5f:d4:02:d7:
64:14:9e:a4:ad:a3:20:3b:1c:dc:8f:50:96:55:65:
de:05:b7:e5:bb:2c:13:77:d1:bd:32:8a:dd:c7:f0:
39:d9:ae:4f:3b:be:57:cb:c8:19:af:57:4e:d3:e4:
87:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:AF:6C:F0:47:2F:68:03:C8:A4:D5:3A:85:FB:59:18:60:08:B8:E5
X509v3 Authority Key Identifier:
keyid:7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/sa9s8EcvaAPIpNU6hftZGGAIuOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/er4RhD2-gDQLJGD8Fg7GubiPIio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.129.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:09:fc:cb:14:9c:0e:02:22:92:9c:8a:48:08:06:c7:a8:2d:
06:4e:c0:f8:78:09:7e:28:7f:e8:4e:3d:fa:c5:a8:63:02:d8:
fc:e2:ec:b2:5f:40:2a:cc:f8:e2:e6:e6:fc:ca:a8:9d:50:cf:
65:d8:d8:b0:8c:cd:33:4b:54:a0:8b:cd:39:ab:26:38:12:ba:
0d:84:6a:ad:27:25:8c:7a:e9:d2:d2:48:4a:10:f5:05:0d:11:
c2:20:0c:65:4e:1f:03:f2:a3:53:f2:ce:bc:81:f3:c7:c0:cc:
2e:87:a1:9f:d9:b8:ac:5d:f0:79:26:6c:56:17:0c:ee:01:39:
c4:51:35:7b:70:20:2f:7d:e6:83:ef:75:79:be:0a:4e:e5:2d:
66:df:81:86:81:9a:02:15:31:c7:b2:87:66:a0:ba:0a:d7:69:
63:e9:52:4a:9a:1c:4a:d4:84:9c:6a:d4:6e:bb:4e:72:ba:62:
17:0c:e5:e2:71:58:9f:db:50:0a:ea:47:57:ac:32:69:ce:a6:
b8:80:fe:df:b2:e6:1a:f0:b7:70:c5:32:48:f7:64:18:00:ff:
2b:f4:b8:2a:c5:99:e5:91:4c:ab:39:45:63:1e:8a:61:fb:58:
ab:96:33:cd:8e:14:f8:a5:5d:89:13:f7:5b:34:f6:62:0f:45:
03:9d:2a:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTLGk7CtXaFc7kmMn5LCDzdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhYmUxMTg0M2RiZTgwMzQwYjI0NjBmYzE2MGVjNmI5Yjg4
ZjIyMmEwHhcNMjUwMjAzMDkxODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWFmNmNmMDQ3MmY2ODAzYzhhNGQ1M2E4NWZiNTkxODYwMDhiOGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfcKHShsZZekuI/K0MZglwGfx/Pu
NyGfD+e/zKizNCVkPOnTDthrDra78eCZU7o/xmqn7jyUf8m8xiWPgYSGSkCyxMGV
w6xCtxlMqUSkHeA5ZfltCjs78yBVXwHES9ZRxSfZOnbFI9ElmhhWpfYbnl8CGJ48
F9i3yqBD0llYgQXsl7z74BUxp1iBevgTW5lbDRqwQObmBy6q16HLcNzCc9jFZCKd
ARHqGHHXJUazcYg5ZQAypymAkB5MyvJ29pQ14Wwcvs4TMHzgyCXohV/UAtdkFJ6k
raMgOxzcj1CWVWXeBbfluywTd9G9Mordx/A52a5PO75Xy8gZr1dO0+SHywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLGvbPBHL2gDyKTVOoX7WRhgCLjlMB8GA1UdIwQY
MBaAFHq+EYQ9voA0CyRg/BYOxrm4jyIqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUt
MzQxMWM2ZmI0ZmNhLzEvc2E5czhFY3ZhQVBJcE5VNmhmdFpHR0FJdU9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUtMzQxMWM2ZmI0ZmNh
LzEvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW46BMA0G
CSqGSIb3DQEBCwUAA4IBAQA7CfzLFJwOAiKSnIpICAbHqC0GTsD4eAl+KH/oTj36
xahjAtj84uyyX0AqzPji5ub8yqidUM9l2NiwjM0zS1Sgi805qyY4EroNhGqtJyWM
eunS0khKEPUFDRHCIAxlTh8D8qNT8s68gfPHwMwuh6Gf2bisXfB5JmxWFwzuATnE
UTV7cCAvfeaD73V5vgpO5S1m34GGgZoCFTHHsodmoLoK12lj6VJKmhxK1IScatRu
u05yumIXDOXicVif21AK6kdXrDJpzqa4gP7fsuYa8LdwxTJI92QYAP8r9LgqxZnl
kUyrOUVjHoph+1irljPNjhT4pV2JE/dbNPZiD0UDnSpU
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:33:47 2025 by rpki-client