Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/c171d4-0672-414d-a02d-cd027a0681bd/1/scHlzG0GnWaRlbWL5GMTSxYLNiE.roa
File: scHlzG0GnWaRlbWL5GMTSxYLNiE.roa (raw, json)
Hash identifier: WqxX/1rovT1jVUW7Ao0goXHYfnO3FdDdy96xzwsWKH0=
Subject key identifier: B1:C1:E5:CC:6D:06:9D:66:91:95:B5:8B:E4:63:13:4B:16:0B:36:21
Certificate issuer: /CN=8968883765549991d7ff376126d58a909a14b8f1
Certificate serial: 0194382C0F67CF8A1F700415CB463BC457E5
Authority key identifier: 89:68:88:37:65:54:99:91:D7:FF:37:61:26:D5:8A:90:9A:14:B8:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWiIN2VUmZHX_zdhJtWKkJoUuPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/c171d4-0672-414d-a02d-cd027a0681bd/1/scHlzG0GnWaRlbWL5GMTSxYLNiE.roa
Signing time: Sun 05 Jan 2025 20:33:19 +0000
ROA not before: Sun 05 Jan 2025 20:33:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52194
IP address blocks: 91.203.234.0/24 maxlen: 24
193.106.97.0/24 maxlen: 24
194.242.26.0/23 maxlen: 23
194.242.26.0/24 maxlen: 24
194.242.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Jan 2025 15:38:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:38:2c:0f:67:cf:8a:1f:70:04:15:cb:46:3b:c4:57:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8968883765549991d7ff376126d58a909a14b8f1
Validity
Not Before: Jan 5 20:33:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1c1e5cc6d069d669195b58be463134b160b3621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a0:56:bb:27:7a:3f:6a:16:56:b4:66:d1:9a:
b7:03:8d:23:4d:96:80:70:4a:99:0d:e2:f2:0d:1a:
5e:4f:00:37:4f:84:2c:c5:b2:7b:9b:06:c4:c1:6f:
60:92:fa:81:5a:d9:49:30:8c:9b:b5:af:42:6a:22:
2d:20:1a:60:80:fe:c7:7f:2e:91:98:71:88:89:e1:
9e:da:12:bf:39:dc:aa:86:b2:0d:66:62:b5:44:21:
d7:01:49:05:12:97:2e:0c:d4:88:e9:48:30:0b:d1:
a9:f4:de:35:e2:5e:dc:3f:1a:0f:7f:89:63:8e:d7:
ef:03:9d:7b:a4:8b:01:28:45:7e:5f:86:34:f8:92:
99:c2:d4:5f:6a:29:dd:81:eb:a9:a2:38:8c:32:f1:
8f:3c:a7:4d:a6:f3:c3:d4:41:87:cb:e2:1f:6d:f0:
a6:a5:38:2d:3f:c6:ed:12:85:fe:d2:6d:8b:c9:77:
63:f0:71:8d:94:5a:cc:c3:c7:7b:07:46:9e:4b:63:
38:9d:7f:c0:75:14:cc:11:8a:44:cc:ba:2e:39:9d:
a7:5a:5d:83:36:34:60:f1:46:e0:10:5f:fb:84:36:
5f:f0:a2:e8:3a:40:c9:84:dc:cf:c0:7c:d5:1e:34:
c1:0c:7e:97:18:0a:22:6b:8f:f1:cc:88:83:f6:ea:
25:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C1:E5:CC:6D:06:9D:66:91:95:B5:8B:E4:63:13:4B:16:0B:36:21
X509v3 Authority Key Identifier:
keyid:89:68:88:37:65:54:99:91:D7:FF:37:61:26:D5:8A:90:9A:14:B8:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWiIN2VUmZHX_zdhJtWKkJoUuPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/c171d4-0672-414d-a02d-cd027a0681bd/1/scHlzG0GnWaRlbWL5GMTSxYLNiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/c171d4-0672-414d-a02d-cd027a0681bd/1/iWiIN2VUmZHX_zdhJtWKkJoUuPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.234.0/24
193.106.97.0/24
194.242.26.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:b4:8b:f5:dd:34:91:1f:5b:89:bb:f2:2f:c8:0b:d0:61:6a:
72:84:cf:74:4d:e0:2b:3d:ae:11:e4:3b:66:ca:70:82:37:20:
6b:1d:1b:75:95:b6:26:22:71:fa:34:47:ae:9f:99:92:56:6f:
5b:ce:33:ae:b7:ff:ad:0c:29:7c:3f:8d:ab:26:6c:fe:3b:7a:
4b:3c:0e:71:9c:58:04:28:b8:56:e1:0f:b7:1b:77:ba:07:f3:
37:87:d7:3a:ce:7a:e7:ed:cc:73:b2:17:9c:97:7a:a0:30:a4:
12:02:7a:03:e2:e9:dc:11:94:a2:0a:d0:b8:b0:3a:b7:8e:09:
73:a7:3a:6e:03:45:c3:04:3b:a9:bd:e0:50:69:88:5d:b4:6e:
10:32:48:16:3f:31:c4:ec:80:61:60:91:0b:75:e0:3b:63:44:
a7:c4:16:d5:64:63:e8:4f:cf:e4:24:da:f1:b3:ef:43:7d:af:
9c:e1:40:fa:ae:e1:04:7c:d5:d2:4e:ed:d7:f6:e3:70:22:ad:
0e:44:c1:91:69:55:49:e7:a4:a2:8e:a5:56:69:bd:08:84:bf:
6e:b9:88:95:77:80:6b:99:8c:53:5d:da:93:22:fd:e4:78:d3:
6a:48:ac:b4:34:70:7b:22:b2:69:b7:28:7b:24:39:f8:b2:3e:
dc:e0:63:8c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQ4LA9nz4ofcAQVy0Y7xFflMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5Njg4ODM3NjU1NDk5OTFkN2ZmMzc2MTI2ZDU4YTkwOWEx
NGI4ZjEwHhcNMjUwMTA1MjAzMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWMxZTVjYzZkMDY5ZDY2OTE5NWI1OGJlNDYzMTM0YjE2MGIzNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaBWuyd6P2oWVrRm0Zq3A40jTZaA
cEqZDeLyDRpeTwA3T4QsxbJ7mwbEwW9gkvqBWtlJMIybta9CaiItIBpggP7Hfy6R
mHGIieGe2hK/OdyqhrINZmK1RCHXAUkFEpcuDNSI6UgwC9Gp9N414l7cPxoPf4lj
jtfvA517pIsBKEV+X4Y0+JKZwtRfaindgeupojiMMvGPPKdNpvPD1EGHy+IfbfCm
pTgtP8btEoX+0m2LyXdj8HGNlFrMw8d7B0aeS2M4nX/AdRTMEYpEzLouOZ2nWl2D
NjRg8UbgEF/7hDZf8KLoOkDJhNzPwHzVHjTBDH6XGAoia4/xzIiD9uolyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLHB5cxtBp1mkZW1i+RjE0sWCzYhMB8GA1UdIwQY
MBaAFIloiDdlVJmR1/83YSbVipCaFLjxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdpSU4yVlVtWkhYX3pkaEp0V0trSm9VdVBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9jMTcxZDQtMDY3Mi00MTRkLWEwMmQt
Y2QwMjdhMDY4MWJkLzEvc2NIbHpHMEduV2FSbGJXTDVHTVRTeFlMTmlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9jMTcxZDQtMDY3Mi00MTRkLWEwMmQtY2QwMjdhMDY4MWJk
LzEvaVdpSU4yVlVtWkhYX3pkaEp0V0trSm9VdVBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8vqAwQA
wWphAwQBwvIaMA0GCSqGSIb3DQEBCwUAA4IBAQCKtIv13TSRH1uJu/IvyAvQYWpy
hM90TeArPa4R5DtmynCCNyBrHRt1lbYmInH6NEeun5mSVm9bzjOut/+tDCl8P42r
Jmz+O3pLPA5xnFgEKLhW4Q+3G3e6B/M3h9c6znrn7cxzshecl3qgMKQSAnoD4unc
EZSiCtC4sDq3jglzpzpuA0XDBDupveBQaYhdtG4QMkgWPzHE7IBhYJELdeA7Y0Sn
xBbVZGPoT8/kJNrxs+9Dfa+c4UD6ruEEfNXSTu3X9uNwIq0ORMGRaVVJ56SijqVW
ab0IhL9uuYiVd4BrmYxTXdqTIv3keNNqSKy0NHB7IrJptyh7JDn4sj7c4GOM
-----END CERTIFICATE-----
Generated at Sat May 3 10:31:10 2025 by rpki-client