Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/1faa24-f086-4b48-b1bd-45527e8e44d2/1/1-tQv85rh5xVUrSMSRagRRAlhGpY.roa
File: 1-tQv85rh5xVUrSMSRagRRAlhGpY.roa (raw, json)
Hash identifier: pwRRg3943eegiz6Oc3H7nIcLg5T6HWBStS7ZnssHdhc=
Subject key identifier: FA:D4:2F:F3:9A:E1:E7:15:54:AD:23:12:45:A8:11:44:09:61:1A:96
Certificate issuer: /CN=72e12a3876ff7bd00d9d9ebb972ab1e621ea1e8d
Certificate serial: 01856EA6C9374EBBF043CCF5994FD75D0C78
Authority key identifier: 72:E1:2A:38:76:FF:7B:D0:0D:9D:9E:BB:97:2A:B1:E6:21:EA:1E:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cuEqOHb_e9ANnZ67lyqx5iHqHo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/1faa24-f086-4b48-b1bd-45527e8e44d2/1/1-tQv85rh5xVUrSMSRagRRAlhGpY.roa
Signing time: Sun 01 Jan 2023 18:45:02 +0000
ROA not before: Sun 01 Jan 2023 18:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12414
IP address blocks: 91.235.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:c9:37:4e:bb:f0:43:cc:f5:99:4f:d7:5d:0c:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e12a3876ff7bd00d9d9ebb972ab1e621ea1e8d
Validity
Not Before: Jan 1 18:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fad42ff39ae1e71554ad231245a8114409611a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d4:af:54:10:7f:c3:bd:65:6d:0e:bd:e6:fe:
7d:4d:71:ed:73:9c:97:08:1d:6a:dd:49:d3:ed:09:
29:4b:61:6e:a9:10:59:cc:d7:0f:3a:bc:5e:90:54:
ec:80:7c:d6:72:2e:f9:59:02:1b:98:fe:87:4d:ff:
09:d4:13:fa:06:b8:d4:c9:56:c7:60:9f:7d:80:b7:
7c:b7:7e:6a:1c:0a:8c:7f:69:61:bc:eb:9b:2c:51:
7b:64:ed:30:78:5e:86:cb:71:3a:fd:98:09:b9:88:
b7:60:be:43:87:3d:7f:4b:51:76:ec:5a:b9:b6:20:
3e:a7:98:bf:53:3e:0a:f4:64:69:84:94:2b:97:fd:
56:57:94:6e:50:89:4e:6b:a1:9e:aa:e8:8f:c8:17:
6b:95:00:e2:5c:19:83:57:90:b3:62:25:ab:96:f0:
ae:7c:59:ba:a8:d6:5a:fc:ed:4c:91:74:25:bc:1a:
b1:04:82:0e:d0:8c:ed:56:99:7e:a3:7b:60:53:c3:
d2:d9:bd:97:b3:d2:ed:0e:1e:2f:42:d5:e8:13:86:
e5:24:b6:a7:aa:ce:be:41:e1:68:1b:2a:23:48:38:
46:29:03:87:93:7e:d9:ed:5a:8a:db:ed:20:dd:e0:
ce:c8:a9:b4:95:34:17:db:ee:b0:92:35:77:5c:74:
50:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D4:2F:F3:9A:E1:E7:15:54:AD:23:12:45:A8:11:44:09:61:1A:96
X509v3 Authority Key Identifier:
keyid:72:E1:2A:38:76:FF:7B:D0:0D:9D:9E:BB:97:2A:B1:E6:21:EA:1E:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cuEqOHb_e9ANnZ67lyqx5iHqHo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1faa24-f086-4b48-b1bd-45527e8e44d2/1/1-tQv85rh5xVUrSMSRagRRAlhGpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1faa24-f086-4b48-b1bd-45527e8e44d2/1/cuEqOHb_e9ANnZ67lyqx5iHqHo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.237.0/24
Signature Algorithm: sha256WithRSAEncryption
41:74:92:36:96:56:8c:0c:48:66:46:26:60:bf:4d:f5:ee:8b:
83:1b:14:e9:58:cc:fe:fd:73:f0:5a:dc:31:14:fc:b5:2c:d2:
de:99:e2:f8:49:5f:40:3b:20:33:c8:72:20:db:27:38:59:57:
7a:97:36:65:14:f2:13:7c:95:6a:9f:82:0d:3e:b6:15:17:9f:
09:ff:8c:89:0f:9c:fe:39:79:87:16:b0:ed:48:90:56:2b:14:
4c:3e:96:4b:72:74:02:64:9c:09:1b:04:18:d8:23:47:db:9d:
87:d4:18:56:06:04:44:78:00:2a:03:c8:a7:b3:a8:e2:ab:00:
20:a8:ad:9f:3c:c5:8b:4d:4b:4d:76:45:ff:d7:1b:47:bf:f2:
ab:5d:f0:21:5c:86:74:33:73:71:10:89:85:b7:37:e6:16:67:
f9:5d:de:a1:c7:9b:4d:04:6b:40:7a:6b:e1:7e:89:c4:4d:9b:
a2:dc:de:81:06:9a:7d:ad:51:7f:9c:cd:d1:0d:7e:ab:dc:0c:
5d:c0:5f:33:f6:5b:b3:4c:bc:06:df:65:f5:dd:43:6a:11:84:
fd:c5:7d:6c:8c:4e:a9:09:7c:78:0c:5d:47:9b:3d:90:78:f6:
e1:2c:71:9a:67:58:b2:1e:64:3a:07:65:c0:2e:67:a4:e2:d3:
ef:bd:b3:27
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVupsk3TrvwQ8z1mU/XXQx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTEyYTM4NzZmZjdiZDAwZDlkOWViYjk3MmFiMWU2MjFl
YTFlOGQwHhcNMjMwMTAxMTg0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQ0MmZmMzlhZTFlNzE1NTRhZDIzMTI0NWE4MTE0NDA5NjExYTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtSvVBB/w71lbQ695v59TXHtc5yX
CB1q3UnT7QkpS2FuqRBZzNcPOrxekFTsgHzWci75WQIbmP6HTf8J1BP6BrjUyVbH
YJ99gLd8t35qHAqMf2lhvOubLFF7ZO0weF6Gy3E6/ZgJuYi3YL5Dhz1/S1F27Fq5
tiA+p5i/Uz4K9GRphJQrl/1WV5RuUIlOa6GequiPyBdrlQDiXBmDV5CzYiWrlvCu
fFm6qNZa/O1MkXQlvBqxBIIO0IztVpl+o3tgU8PS2b2Xs9LtDh4vQtXoE4blJLan
qs6+QeFoGyojSDhGKQOHk37Z7VqK2+0g3eDOyKm0lTQX2+6wkjV3XHRQLwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPrUL/Oa4ecVVK0jEkWoEUQJYRqWMB8GA1UdIwQY
MBaAFHLhKjh2/3vQDZ2eu5cqseYh6h6NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VFcU9IYl9lOUFOblo2N2x5cXg1aUhxSG8wLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8xZmFhMjQtZjA4Ni00YjQ4LWIxYmQt
NDU1MjdlOGU0NGQyLzEvMS10UXY4NXJoNXhWVXJTTVNSYWdSUkFsaEdwWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzUvMWZhYTI0LWYwODYtNGI0OC1iMWJkLTQ1NTI3ZThlNDRk
Mi8xL2N1RXFPSGJfZTlBTm5aNjdseXF4NWlIcUhvMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvr7TAN
BgkqhkiG9w0BAQsFAAOCAQEAQXSSNpZWjAxIZkYmYL9N9e6LgxsU6VjM/v1z8Frc
MRT8tSzS3pni+ElfQDsgM8hyINsnOFlXepc2ZRTyE3yVap+CDT62FRefCf+MiQ+c
/jl5hxaw7UiQVisUTD6WS3J0AmScCRsEGNgjR9udh9QYVgYERHgAKgPIp7Oo4qsA
IKitnzzFi01LTXZF/9cbR7/yq13wIVyGdDNzcRCJhbc35hZn+V3eocebTQRrQHpr
4X6JxE2botzegQaafa1Rf5zN0Q1+q9wMXcBfM/Zbs0y8Bt9l9d1DahGE/cV9bIxO
qQl8eAxdR5s9kHj24SxxmmdYsh5kOgdlwC5npOLT772zJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:09 2024 by rpki-client on console-fra.rpki-client.org