Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/c171d4-0672-414d-a02d-cd027a0681bd/1/oc1Aqn-laN6pbyyu2mRKbV_bO34.roa
File: oc1Aqn-laN6pbyyu2mRKbV_bO34.roa (raw, json)
Hash identifier: LUnmJUbg9OmvPW4H5fZs8B/mZL0x739gMBLwf8YUuzI=
Subject key identifier: A1:CD:40:AA:7F:A5:68:DE:A9:6F:2C:AE:DA:64:4A:6D:5F:DB:3B:7E
Certificate issuer: /CN=8968883765549991d7ff376126d58a909a14b8f1
Certificate serial: 01966810258F3CF9A5D3E3DC0ABB0D370EFE
Authority key identifier: 89:68:88:37:65:54:99:91:D7:FF:37:61:26:D5:8A:90:9A:14:B8:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWiIN2VUmZHX_zdhJtWKkJoUuPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/c171d4-0672-414d-a02d-cd027a0681bd/1/oc1Aqn-laN6pbyyu2mRKbV_bO34.roa
Signing time: Thu 24 Apr 2025 13:50:10 +0000
ROA not before: Thu 24 Apr 2025 13:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52194
IP address blocks: 91.203.234.0/24 maxlen: 24
193.19.110.0/24 maxlen: 24
193.106.97.0/24 maxlen: 24
194.242.26.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 25 Apr 2025 15:44:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:68:10:25:8f:3c:f9:a5:d3:e3:dc:0a:bb:0d:37:0e:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8968883765549991d7ff376126d58a909a14b8f1
Validity
Not Before: Apr 24 13:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1cd40aa7fa568dea96f2caeda644a6d5fdb3b7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:41:ea:b2:ea:e9:44:af:27:06:e5:08:59:be:
47:77:1e:d4:e9:a5:5b:84:95:9f:27:39:45:7c:bd:
da:4b:fd:ab:c1:84:a7:73:b4:fe:49:15:67:55:7d:
b0:d5:1f:7f:a5:44:42:b2:8f:d0:ba:51:1d:c3:5a:
28:66:83:7d:0e:7b:cd:74:bb:71:77:9c:91:b3:7a:
53:b8:aa:be:01:31:eb:39:72:dc:e4:d7:2e:0e:d8:
20:a0:25:48:d3:74:92:29:83:81:a6:b8:f6:52:a9:
a2:72:d3:79:6f:02:ed:b8:e2:32:36:81:b5:00:ee:
43:65:9d:e4:14:43:c5:60:56:e3:cb:cc:d4:aa:4b:
2f:60:4a:c9:e9:5f:eb:4b:3e:4a:cf:e5:19:a6:2c:
95:72:3a:ab:2f:b4:11:97:f0:5f:8b:5a:27:76:50:
a9:c4:c4:92:c8:30:26:7a:fe:43:cc:d0:46:4d:9d:
2f:6b:f2:a8:49:a7:68:41:46:de:9c:c5:38:9c:fd:
93:54:2d:30:18:c5:fd:af:d1:2e:72:a3:00:73:93:
df:c7:7f:44:3d:41:93:e5:dc:6d:60:63:a7:9c:88:
ad:2f:fe:21:82:a4:5f:d0:b4:a5:f0:df:3f:5b:20:
d9:b9:cd:82:77:98:49:66:81:ee:80:c5:e1:5f:f7:
f3:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:CD:40:AA:7F:A5:68:DE:A9:6F:2C:AE:DA:64:4A:6D:5F:DB:3B:7E
X509v3 Authority Key Identifier:
keyid:89:68:88:37:65:54:99:91:D7:FF:37:61:26:D5:8A:90:9A:14:B8:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWiIN2VUmZHX_zdhJtWKkJoUuPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/c171d4-0672-414d-a02d-cd027a0681bd/1/oc1Aqn-laN6pbyyu2mRKbV_bO34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/c171d4-0672-414d-a02d-cd027a0681bd/1/iWiIN2VUmZHX_zdhJtWKkJoUuPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.234.0/24
193.19.110.0/24
193.106.97.0/24
194.242.26.0/23
Signature Algorithm: sha256WithRSAEncryption
14:bb:1d:9c:7c:79:ef:93:de:e4:97:63:eb:47:11:ba:72:9e:
d9:a7:71:2a:a7:ea:a7:6e:2c:d4:4c:bb:b9:6b:18:29:f1:d2:
db:79:62:65:ec:8a:5e:1a:8d:98:66:6e:30:e0:f2:35:ff:58:
22:89:6e:45:03:8f:65:02:13:17:11:ca:fd:3f:3f:61:76:b0:
22:6e:bf:a8:f0:4c:3b:64:bb:7e:8f:3d:3f:88:26:67:06:a0:
79:65:65:d6:12:21:90:e5:0e:4c:48:a1:51:9d:44:80:df:e6:
2a:bf:50:5f:49:4d:86:a0:7b:38:26:17:56:bf:df:cb:5c:2d:
2e:ea:d1:81:f9:4d:a4:3c:65:34:6d:75:cb:a3:7b:d5:ce:3b:
e5:6a:42:ac:04:f8:0b:50:c0:bb:be:22:94:97:46:6b:0f:05:
19:b6:94:d2:9f:e0:f7:c7:25:bb:2d:a2:21:5b:38:17:80:04:
fc:7d:a7:d5:3d:1e:ad:9f:cc:72:37:41:5b:08:66:d9:02:fc:
9c:4e:b4:32:7a:80:8c:48:85:9b:f3:b7:67:77:82:c4:a7:7c:
ae:aa:6c:ec:b0:bb:9b:04:66:c7:02:2b:3e:8b:60:51:bd:de:
7d:fb:d8:e9:f0:9b:37:4e:2e:b1:3d:2e:00:58:36:d1:ee:36:
0d:ae:3e:7c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZoECWPPPml0+PcCrsNNw7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5Njg4ODM3NjU1NDk5OTFkN2ZmMzc2MTI2ZDU4YTkwOWEx
NGI4ZjEwHhcNMjUwNDI0MTM1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWNkNDBhYTdmYTU2OGRlYTk2ZjJjYWVkYTY0NGE2ZDVmZGIzYjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0HqsurpRK8nBuUIWb5Hdx7U6aVb
hJWfJzlFfL3aS/2rwYSnc7T+SRVnVX2w1R9/pURCso/QulEdw1ooZoN9DnvNdLtx
d5yRs3pTuKq+ATHrOXLc5NcuDtggoCVI03SSKYOBprj2UqmictN5bwLtuOIyNoG1
AO5DZZ3kFEPFYFbjy8zUqksvYErJ6V/rSz5Kz+UZpiyVcjqrL7QRl/Bfi1ondlCp
xMSSyDAmev5DzNBGTZ0va/KoSadoQUbenMU4nP2TVC0wGMX9r9EucqMAc5Pfx39E
PUGT5dxtYGOnnIitL/4hgqRf0LSl8N8/WyDZuc2Cd5hJZoHugMXhX/fzZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKHNQKp/pWjeqW8srtpkSm1f2zt+MB8GA1UdIwQY
MBaAFIloiDdlVJmR1/83YSbVipCaFLjxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdpSU4yVlVtWkhYX3pkaEp0V0trSm9VdVBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9jMTcxZDQtMDY3Mi00MTRkLWEwMmQt
Y2QwMjdhMDY4MWJkLzEvb2MxQXFuLWxhTjZwYnl5dTJtUktiVl9iTzM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9jMTcxZDQtMDY3Mi00MTRkLWEwMmQtY2QwMjdhMDY4MWJk
LzEvaVdpSU4yVlVtWkhYX3pkaEp0V0trSm9VdVBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8vqAwQA
wRNuAwQAwWphAwQBwvIaMA0GCSqGSIb3DQEBCwUAA4IBAQAUux2cfHnvk97kl2Pr
RxG6cp7Zp3Eqp+qnbizUTLu5axgp8dLbeWJl7IpeGo2YZm4w4PI1/1giiW5FA49l
AhMXEcr9Pz9hdrAibr+o8Ew7ZLt+jz0/iCZnBqB5ZWXWEiGQ5Q5MSKFRnUSA3+Yq
v1BfSU2GoHs4JhdWv9/LXC0u6tGB+U2kPGU0bXXLo3vVzjvlakKsBPgLUMC7viKU
l0ZrDwUZtpTSn+D3xyW7LaIhWzgXgAT8fafVPR6tn8xyN0FbCGbZAvycTrQyeoCM
SIWb87dnd4LEp3yuqmzssLubBGbHAis+i2BRvd59+9jp8Js3Ti6xPS4AWDbR7jYN
rj58
-----END CERTIFICATE-----
Generated at Thu May 1 20:10:27 2025 by rpki-client