Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/8f44c6-7791-4054-a5e5-1ef76442f49a/1/xOfpJxQ0A8GlaLxQ0OKRfxxQC9w.roa
File: xOfpJxQ0A8GlaLxQ0OKRfxxQC9w.roa (raw, json)
Hash identifier: eiVy0gLy8u3LQSoXu0C4r7FR460X617vluSAQyvTH8w=
Subject key identifier: C4:E7:E9:27:14:34:03:C1:A5:68:BC:50:D0:E2:91:7F:1C:50:0B:DC
Certificate issuer: /CN=13701ebe06799de0969899205150e532deffe7b5
Certificate serial: 019426A4574EE5CC8E7789C61C2A85A2D2FC
Authority key identifier: 13:70:1E:BE:06:79:9D:E0:96:98:99:20:51:50:E5:32:DE:FF:E7:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E3AevgZ5neCWmJkgUVDlMt7_57U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/8f44c6-7791-4054-a5e5-1ef76442f49a/1/xOfpJxQ0A8GlaLxQ0OKRfxxQC9w.roa
Signing time: Thu 02 Jan 2025 10:51:32 +0000
ROA not before: Thu 02 Jan 2025 10:51:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35787
IP address blocks: 91.202.228.0/22 maxlen: 22
91.219.120.0/22 maxlen: 22
194.88.154.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 07 Jan 2025 13:12:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:a4:57:4e:e5:cc:8e:77:89:c6:1c:2a:85:a2:d2:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13701ebe06799de0969899205150e532deffe7b5
Validity
Not Before: Jan 2 10:51:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4e7e927143403c1a568bc50d0e2917f1c500bdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ef:da:28:66:43:7a:0e:5c:56:97:ae:f3:e5:
c7:5a:5e:db:6c:27:16:89:33:b7:9e:1e:63:ce:ef:
6b:06:87:c4:5c:71:5f:80:68:68:21:04:22:b5:78:
64:45:4e:1f:9e:32:dc:79:fa:13:63:14:da:61:69:
ca:67:f4:a3:b3:9e:4a:d4:3a:c1:eb:d7:5f:c6:3d:
c0:f5:d5:2f:08:ab:8b:74:49:61:ad:df:62:dd:04:
f7:6b:8f:49:0e:e2:cf:57:81:16:f8:08:e9:30:15:
30:cd:64:23:f9:80:3e:0b:41:a7:c7:10:57:3c:52:
14:d7:73:83:2a:66:1f:59:52:b4:3d:cd:43:8e:ea:
79:03:3a:26:67:f1:63:77:06:7f:cf:e2:d4:05:44:
bf:9f:1f:f2:a7:83:d6:b8:1e:e6:be:3c:45:36:2f:
0b:0b:93:18:14:16:82:1e:5c:17:fc:97:13:06:80:
33:42:6d:d5:be:50:1a:11:31:5c:18:9a:93:57:fd:
bd:74:d2:73:ce:82:8b:a5:58:be:84:05:3b:f6:b3:
dd:2a:cf:4c:eb:31:d7:a4:e6:94:01:cd:22:18:cb:
89:0e:d0:b5:a9:57:e8:73:dc:0b:89:e8:ae:1b:a2:
fc:52:e7:00:0f:90:21:36:06:53:75:4a:2e:1d:09:
5b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E7:E9:27:14:34:03:C1:A5:68:BC:50:D0:E2:91:7F:1C:50:0B:DC
X509v3 Authority Key Identifier:
keyid:13:70:1E:BE:06:79:9D:E0:96:98:99:20:51:50:E5:32:DE:FF:E7:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E3AevgZ5neCWmJkgUVDlMt7_57U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/8f44c6-7791-4054-a5e5-1ef76442f49a/1/xOfpJxQ0A8GlaLxQ0OKRfxxQC9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/8f44c6-7791-4054-a5e5-1ef76442f49a/1/E3AevgZ5neCWmJkgUVDlMt7_57U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.228.0/22
91.219.120.0/22
194.88.154.0/23
Signature Algorithm: sha256WithRSAEncryption
d7:b2:5e:b9:df:0b:bd:03:e6:58:d6:b5:68:68:f9:00:e2:fd:
ed:82:fd:f6:e7:a6:7d:aa:e2:ea:e5:5b:03:d5:10:73:8c:8a:
54:7c:0e:3a:7f:d0:b9:2e:4e:67:27:33:f3:a1:7d:0c:6f:25:
45:62:0b:b5:62:61:df:45:42:a7:8d:4a:da:36:eb:61:2f:b8:
6e:e5:56:f6:99:44:77:fc:e3:0b:4a:86:9d:2c:07:c6:0b:ba:
e8:9e:00:cd:37:2f:c7:62:45:1c:73:2b:4d:c7:ad:5f:d7:13:
4d:0e:6e:78:80:58:c6:d2:65:23:22:c1:ab:98:bd:1b:4c:30:
7d:f3:58:97:73:9a:d8:74:b2:b7:a2:be:36:9b:70:c9:9a:9d:
b8:31:2d:dc:dc:d6:a4:be:4b:11:f6:8e:67:49:71:a0:ec:c2:
d8:85:66:89:70:a4:c0:11:2b:46:25:6c:da:e4:eb:fa:45:6c:
52:fc:77:45:ff:db:0c:87:4f:be:4f:74:98:32:39:48:6d:f2:
f3:9a:8f:92:6c:02:45:c1:22:c1:ff:81:af:82:93:c2:84:d1:
b8:be:37:39:aa:da:0d:81:1e:88:f7:2a:50:93:11:95:60:7e:
27:82:b8:bb:ef:ca:e2:cb:fa:69:60:97:2f:5e:f8:fa:e3:68:
b5:54:f0:82
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQmpFdO5cyOd4nGHCqFotL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNzAxZWJlMDY3OTlkZTA5Njk4OTkyMDUxNTBlNTMyZGVm
ZmU3YjUwHhcNMjUwMTAyMTA1MTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGU3ZTkyNzE0MzQwM2MxYTU2OGJjNTBkMGUyOTE3ZjFjNTAwYmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+/aKGZDeg5cVpeu8+XHWl7bbCcW
iTO3nh5jzu9rBofEXHFfgGhoIQQitXhkRU4fnjLcefoTYxTaYWnKZ/Sjs55K1DrB
69dfxj3A9dUvCKuLdElhrd9i3QT3a49JDuLPV4EW+AjpMBUwzWQj+YA+C0GnxxBX
PFIU13ODKmYfWVK0Pc1Djup5AzomZ/FjdwZ/z+LUBUS/nx/yp4PWuB7mvjxFNi8L
C5MYFBaCHlwX/JcTBoAzQm3VvlAaETFcGJqTV/29dNJzzoKLpVi+hAU79rPdKs9M
6zHXpOaUAc0iGMuJDtC1qVfoc9wLieiuG6L8UucAD5AhNgZTdUouHQlbvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMTn6ScUNAPBpWi8UNDikX8cUAvcMB8GA1UdIwQY
MBaAFBNwHr4GeZ3glpiZIFFQ5TLe/+e1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTNBZXZnWjVuZUNXbUprZ1VWRGxNdDdfNTdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS84ZjQ0YzYtNzc5MS00MDU0LWE1ZTUt
MWVmNzY0NDJmNDlhLzEveE9mcEp4UTBBOEdsYUx4UTBPS1JmeHhRQzl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS84ZjQ0YzYtNzc5MS00MDU0LWE1ZTUtMWVmNzY0NDJmNDlh
LzEvRTNBZXZnWjVuZUNXbUprZ1VWRGxNdDdfNTdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8rkAwQC
W9t4AwQBwliaMA0GCSqGSIb3DQEBCwUAA4IBAQDXsl653wu9A+ZY1rVoaPkA4v3t
gv3256Z9quLq5VsD1RBzjIpUfA46f9C5Lk5nJzPzoX0MbyVFYgu1YmHfRUKnjUra
NuthL7hu5Vb2mUR3/OMLSoadLAfGC7rongDNNy/HYkUccytNx61f1xNNDm54gFjG
0mUjIsGrmL0bTDB981iXc5rYdLK3or42m3DJmp24MS3c3NakvksR9o5nSXGg7MLY
hWaJcKTAEStGJWza5Ov6RWxS/HdF/9sMh0++T3SYMjlIbfLzmo+SbAJFwSLB/4Gv
gpPChNG4vjc5qtoNgR6I9ypQkxGVYH4ngri778riy/ppYJcvXvj642i1VPCC
-----END CERTIFICATE-----
Generated at Sat May 3 02:25:03 2025 by rpki-client