Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/aqHQrOlSc00okc0c3J3XdADuDXM.roa
File: aqHQrOlSc00okc0c3J3XdADuDXM.roa (raw, json)
Hash identifier: eAkuwU366HpKeRpm2VR2UyqaeGEMDC2VYwLD4QzAVhM=
Subject key identifier: 6A:A1:D0:AC:E9:52:73:4D:28:91:CD:1C:DC:9D:D7:74:00:EE:0D:73
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0196A500BB22920FE1264C3C6F770720D8B3
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/aqHQrOlSc00okc0c3J3XdADuDXM.roa
Signing time: Tue 06 May 2025 09:50:10 +0000
ROA not before: Tue 06 May 2025 09:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 91.109.45.0/24 maxlen: 24
147.185.196.0/24 maxlen: 24
193.168.203.0/24 maxlen: 24
207.244.198.0/24 maxlen: 24
207.244.208.0/24 maxlen: 24
207.244.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 May 2025 10:09:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a5:00:bb:22:92:0f:e1:26:4c:3c:6f:77:07:20:d8:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: May 6 09:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6aa1d0ace952734d2891cd1cdc9dd77400ee0d73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:84:01:53:c3:ad:9d:32:34:23:3f:56:90:47:
47:18:ff:09:c6:e2:8f:f3:92:45:5d:65:ea:12:ae:
d0:f6:2a:83:2f:08:ac:e9:fc:64:0e:7d:f4:2a:a3:
d4:94:98:4b:03:19:b9:b3:3b:13:1b:c9:2e:fd:6a:
3f:39:3a:5c:0f:5f:8c:d2:a5:6f:b9:29:af:b3:5e:
55:17:eb:06:5b:68:c3:a5:78:d0:ac:59:40:b5:bb:
b0:af:52:35:42:8b:33:c3:57:3c:88:43:88:13:7b:
14:59:e4:56:88:d8:b1:27:67:3a:38:5d:c8:dd:cf:
a2:af:bf:94:29:1b:13:4b:f4:1f:77:45:50:32:89:
a6:62:84:21:68:0a:3a:28:22:b0:4e:94:a2:0f:23:
f2:47:22:99:23:0f:69:d8:a1:dd:b2:00:a3:5e:c4:
05:f1:ed:da:15:85:a1:2d:bb:18:d1:70:35:1c:77:
a9:17:7f:71:39:ac:f4:a2:f6:0c:26:02:f1:45:3c:
7e:ca:6f:c0:2e:34:24:6b:70:74:77:3f:fe:c3:3f:
29:04:22:52:b1:d6:be:85:ec:e7:6b:a3:03:84:bb:
a0:54:47:f2:a2:de:36:c9:68:eb:b9:d0:ae:87:df:
40:0e:fa:e5:38:70:a2:58:13:39:90:19:85:53:3e:
06:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A1:D0:AC:E9:52:73:4D:28:91:CD:1C:DC:9D:D7:74:00:EE:0D:73
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/aqHQrOlSc00okc0c3J3XdADuDXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.45.0/24
147.185.196.0/24
193.168.203.0/24
207.244.198.0/24
207.244.208.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:c6:87:be:16:92:df:8d:72:1f:cc:c1:04:b5:aa:a6:96:ab:
93:3f:3a:08:72:e5:21:29:aa:2e:7b:90:ab:32:78:a6:4c:0b:
09:bb:6b:8c:63:4c:a0:45:1e:87:f3:b4:e6:a4:38:a8:68:83:
11:93:99:fd:8d:e8:a8:f0:09:5c:1b:be:6e:31:88:5d:d7:2a:
45:7d:9e:a3:f6:22:eb:57:0d:fc:d5:92:bf:c7:af:91:9a:40:
61:cb:10:d9:78:4a:1b:fb:12:a5:31:4d:a2:05:02:66:bb:c4:
ba:94:49:a7:b6:03:0b:5b:80:29:41:56:13:c1:e2:89:b4:3a:
3e:47:51:0f:34:6b:af:09:a8:84:da:ac:3e:c8:76:c0:51:a8:
14:47:24:24:33:74:51:dd:81:9a:8b:7f:30:37:60:a6:e0:23:
53:f5:85:f4:d8:e1:04:cb:b1:07:36:e6:f1:6a:ef:fe:08:25:
d4:a3:35:bb:8f:9d:c1:90:08:49:09:6f:c0:3c:c3:34:86:20:
70:a5:0d:84:38:16:a0:82:66:ab:4f:5c:b8:a3:7a:bd:aa:03:
a4:22:01:94:d8:e6:44:53:b5:af:72:d8:4f:94:3c:52:e8:10:
1d:cb:9c:22:4c:3e:0f:e6:c6:04:ec:c3:21:42:92:a4:be:83:
5f:65:a4:ab
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZalALsikg/hJkw8b3cHINizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwNTA2MDk1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWExZDBhY2U5NTI3MzRkMjg5MWNkMWNkYzlkZDc3NDAwZWUwZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YQBU8OtnTI0Iz9WkEdHGP8JxuKP
85JFXWXqEq7Q9iqDLwis6fxkDn30KqPUlJhLAxm5szsTG8ku/Wo/OTpcD1+M0qVv
uSmvs15VF+sGW2jDpXjQrFlAtbuwr1I1Qoszw1c8iEOIE3sUWeRWiNixJ2c6OF3I
3c+ir7+UKRsTS/Qfd0VQMommYoQhaAo6KCKwTpSiDyPyRyKZIw9p2KHdsgCjXsQF
8e3aFYWhLbsY0XA1HHepF39xOaz0ovYMJgLxRTx+ym/ALjQka3B0dz/+wz8pBCJS
sda+hezna6MDhLugVEfyot42yWjrudCuh99ADvrlOHCiWBM5kBmFUz4GkQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGqh0KzpUnNNKJHNHNyd13QA7g1zMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvYXFIUXJPbFNjMDBva2MwYzNKM1hkQUR1RFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW20tAwQA
k7nEAwQAwajLAwQAz/TGAwQBz/TQMA0GCSqGSIb3DQEBCwUAA4IBAQCcxoe+FpLf
jXIfzMEEtaqmlquTPzoIcuUhKaoue5CrMnimTAsJu2uMY0ygRR6H87TmpDioaIMR
k5n9jeio8AlcG75uMYhd1ypFfZ6j9iLrVw381ZK/x6+RmkBhyxDZeEob+xKlMU2i
BQJmu8S6lEmntgMLW4ApQVYTweKJtDo+R1EPNGuvCaiE2qw+yHbAUagURyQkM3RR
3YGai38wN2Cm4CNT9YX02OEEy7EHNubxau/+CCXUozW7j53BkAhJCW/APMM0hiBw
pQ2EOBaggmarT1y4o3q9qgOkIgGU2OZEU7WvcthPlDxS6BAdy5wiTD4P5sYE7MMh
QpKkvoNfZaSr
-----END CERTIFICATE-----
Generated at Sat May 10 06:27:22 2025 by rpki-client