Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/43f7ac-6788-490b-9b3b-07fb6171f18f/1/X8lI8hsniJwmyZ7uZvaOj8xW1AY.roa
File: X8lI8hsniJwmyZ7uZvaOj8xW1AY.roa (raw, json)
Hash identifier: XgSqCr/cQj5jAJxQ55YKB4SlUtsCdHSWIuP6K9KTNio=
Subject key identifier: 5F:C9:48:F2:1B:27:88:9C:26:C9:9E:EE:66:F6:8E:8F:CC:56:D4:06
Certificate issuer: /CN=3d43cf40f691f14b35ca657032934802005cfa88
Certificate serial: 018BAF87AFAC8238C397CF6A83258D9182B1
Authority key identifier: 3D:43:CF:40:F6:91:F1:4B:35:CA:65:70:32:93:48:02:00:5C:FA:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PUPPQPaR8Us1ymVwMpNIAgBc-og.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/43f7ac-6788-490b-9b3b-07fb6171f18f/1/X8lI8hsniJwmyZ7uZvaOj8xW1AY.roa
Signing time: Wed 08 Nov 2023 15:23:06 +0000
ROA not before: Wed 08 Nov 2023 15:23:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20712
IP address blocks: 91.200.61.0/24 maxlen: 24
2001:67c:1270::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:87:af:ac:82:38:c3:97:cf:6a:83:25:8d:91:82:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d43cf40f691f14b35ca657032934802005cfa88
Validity
Not Before: Nov 8 15:23:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fc948f21b27889c26c99eee66f68e8fcc56d406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1b:b8:78:a1:53:9c:91:c3:4a:e9:5d:98:14:
28:5d:3b:ed:bd:2a:df:f0:4a:1d:c2:b9:9b:db:2c:
47:11:da:7d:93:28:d1:e5:e0:b3:01:f8:02:36:97:
43:37:4c:26:b2:9e:3e:1e:11:00:14:1c:31:62:19:
94:5f:46:90:e0:59:d7:a7:03:f8:86:38:fd:da:58:
32:4d:51:7f:3e:00:3f:85:db:e0:47:1b:8f:be:85:
47:b2:40:73:81:d2:f8:98:d3:1a:b8:8d:d6:66:f9:
a1:64:b7:81:94:32:a3:7b:2b:fb:8d:1e:ec:03:21:
93:8c:a6:5c:be:85:47:f4:77:0e:e2:bb:79:1b:e8:
3b:12:78:3a:8a:19:78:14:61:c4:52:07:70:88:01:
af:fb:03:16:07:b8:60:e0:11:c9:24:0a:5a:8e:11:
37:08:fa:f8:ac:30:6a:55:79:ba:e3:0f:c3:7d:22:
2b:c6:03:83:37:4e:95:b4:d1:25:68:f2:cd:a8:40:
dc:60:e8:66:43:52:14:98:f0:db:de:0c:54:4a:9d:
93:f1:b3:40:98:e7:53:cc:8f:9d:da:d6:04:60:78:
2f:36:7d:4e:f5:79:ed:91:9a:ae:ed:a2:88:e6:ce:
20:06:f3:ce:af:92:79:a1:07:39:f2:5c:5d:d8:60:
48:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C9:48:F2:1B:27:88:9C:26:C9:9E:EE:66:F6:8E:8F:CC:56:D4:06
X509v3 Authority Key Identifier:
keyid:3D:43:CF:40:F6:91:F1:4B:35:CA:65:70:32:93:48:02:00:5C:FA:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PUPPQPaR8Us1ymVwMpNIAgBc-og.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/43f7ac-6788-490b-9b3b-07fb6171f18f/1/X8lI8hsniJwmyZ7uZvaOj8xW1AY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/43f7ac-6788-490b-9b3b-07fb6171f18f/1/PUPPQPaR8Us1ymVwMpNIAgBc-og.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.61.0/24
IPv6:
2001:67c:1270::/48
Signature Algorithm: sha256WithRSAEncryption
38:06:57:3d:58:19:ef:5f:bd:9d:b7:cd:1f:ff:00:6d:44:e8:
e9:35:de:54:96:91:8f:3d:a4:70:63:94:16:ea:3c:7e:d9:64:
13:63:3c:d5:b0:e8:d2:c1:cb:a4:a9:de:ad:1c:3f:a4:38:68:
f6:0e:f4:ac:35:86:3c:87:e6:57:fc:97:b5:79:1e:e5:db:99:
85:37:be:f1:87:9f:8a:06:09:39:1e:f5:ed:ad:ff:1e:f5:c7:
af:2a:43:d3:ee:44:2a:6c:7d:ff:77:c1:62:bc:1b:5a:d0:39:
b1:06:05:43:0d:8a:c3:99:72:d2:3b:ff:8a:78:69:eb:48:52:
ce:2c:fc:a0:42:a1:dc:d7:bc:56:e2:ec:95:1c:92:b3:d4:7e:
bb:ff:4e:7a:e1:c1:5c:ca:66:d5:ea:46:17:c5:59:39:a2:db:
f1:05:54:61:65:36:25:06:9c:10:75:1a:03:82:81:d5:83:41:
fe:29:e4:7b:82:25:a2:38:a1:25:4a:9d:2a:73:af:aa:c8:dd:
02:f2:ae:75:13:38:9c:90:c1:d5:63:39:ec:0f:08:22:d8:13:
bd:e3:83:83:c4:52:75:80:73:3e:34:bc:1b:e6:e9:12:01:6a:
ba:94:db:c3:3a:98:b2:85:eb:7f:73:26:7e:83:2d:d6:87:f9:
1f:63:29:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuvh6+sgjjDl89qgyWNkYKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNDNjZjQwZjY5MWYxNGIzNWNhNjU3MDMyOTM0ODAyMDA1
Y2ZhODgwHhcNMjMxMTA4MTUyMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmM5NDhmMjFiMjc4ODljMjZjOTllZWU2NmY2OGU4ZmNjNTZkNDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBu4eKFTnJHDSuldmBQoXTvtvSrf
8Eodwrmb2yxHEdp9kyjR5eCzAfgCNpdDN0wmsp4+HhEAFBwxYhmUX0aQ4FnXpwP4
hjj92lgyTVF/PgA/hdvgRxuPvoVHskBzgdL4mNMauI3WZvmhZLeBlDKjeyv7jR7s
AyGTjKZcvoVH9HcO4rt5G+g7Eng6ihl4FGHEUgdwiAGv+wMWB7hg4BHJJApajhE3
CPr4rDBqVXm64w/DfSIrxgODN06VtNElaPLNqEDcYOhmQ1IUmPDb3gxUSp2T8bNA
mOdTzI+d2tYEYHgvNn1O9XntkZqu7aKI5s4gBvPOr5J5oQc58lxd2GBIgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF/JSPIbJ4icJsme7mb2jo/MVtQGMB8GA1UdIwQY
MBaAFD1Dz0D2kfFLNcplcDKTSAIAXPqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFVQUFFQYVI4VXMxeW1Wd01wTklBZ0JjLW9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC80M2Y3YWMtNjc4OC00OTBiLTliM2It
MDdmYjYxNzFmMThmLzEvWDhsSThoc25pSndteVo3dVp2YU9qOHhXMUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC80M2Y3YWMtNjc4OC00OTBiLTliM2ItMDdmYjYxNzFmMThm
LzEvUFVQUFFQYVI4VXMxeW1Wd01wTklBZ0JjLW9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8g9MA8E
AgACMAkDBwAgAQZ8EnAwDQYJKoZIhvcNAQELBQADggEBADgGVz1YGe9fvZ23zR//
AG1E6Ok13lSWkY89pHBjlBbqPH7ZZBNjPNWw6NLBy6Sp3q0cP6Q4aPYO9Kw1hjyH
5lf8l7V5HuXbmYU3vvGHn4oGCTke9e2t/x71x68qQ9PuRCpsff93wWK8G1rQObEG
BUMNisOZctI7/4p4aetIUs4s/KBCodzXvFbi7JUckrPUfrv/TnrhwVzKZtXqRhfF
WTmi2/EFVGFlNiUGnBB1GgOCgdWDQf4p5HuCJaI4oSVKnSpzr6rI3QLyrnUTOJyQ
wdVjOewPCCLYE73jg4PEUnWAcz40vBvm6RIBarqU28M6mLKF639zJn6DLdaH+R9j
KQ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:24 2024 by rpki-client on console-ams.rpki-client.org