Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/808471-7daa-4cd2-a860-069da9c84785/1/un1K4kPvlkfV4kjuTDfLvb4biEw.roa
File: un1K4kPvlkfV4kjuTDfLvb4biEw.roa (raw, json)
Hash identifier: frLYkn9kOL6ocoxJ70rjf8hmCmnR6/2hJYldqWZIn9I=
Subject key identifier: BA:7D:4A:E2:43:EF:96:47:D5:E2:48:EE:4C:37:CB:BD:BE:1B:88:4C
Certificate issuer: /CN=20d617bdb5d768e395e49b41cd81217bd3163ab3
Certificate serial: 01857142D4DC2BCEC4002E6E2FFFADBB63E0
Authority key identifier: 20:D6:17:BD:B5:D7:68:E3:95:E4:9B:41:CD:81:21:7B:D3:16:3A:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/INYXvbXXaOOV5JtBzYEhe9MWOrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/808471-7daa-4cd2-a860-069da9c84785/1/un1K4kPvlkfV4kjuTDfLvb4biEw.roa
Signing time: Mon 02 Jan 2023 06:54:43 +0000
ROA not before: Mon 02 Jan 2023 06:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30870
IP address blocks: 91.199.219.0/24 maxlen: 24
171.25.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Sep 2023 11:53:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:d4:dc:2b:ce:c4:00:2e:6e:2f:ff:ad:bb:63:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20d617bdb5d768e395e49b41cd81217bd3163ab3
Validity
Not Before: Jan 2 06:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba7d4ae243ef9647d5e248ee4c37cbbdbe1b884c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7b:49:b3:c9:77:d4:3c:9a:70:7d:ef:df:d4:
fb:ef:d2:32:f5:3f:14:5f:98:26:4c:4b:41:ba:6f:
5e:7e:76:ff:cf:ae:08:e9:9e:c0:65:9e:dd:a0:5e:
49:d0:92:9a:28:ad:d4:b7:4c:ec:ac:27:2e:f5:55:
4c:32:b1:ff:de:d4:84:b9:5f:e7:e1:f1:17:c9:c4:
e3:11:0d:52:ac:ab:a7:f4:bd:37:7c:0b:19:fc:37:
68:bd:ef:d9:4c:e1:19:50:36:84:5d:00:11:38:07:
bb:2e:7c:db:cd:65:6a:4b:d0:1e:5b:7c:c2:ab:06:
0a:ee:47:7c:29:6c:ef:ec:e7:be:17:34:e2:33:96:
53:29:3b:f3:11:53:a3:36:5f:a8:85:20:d0:d9:0e:
d8:e2:a1:8a:e3:59:90:27:42:78:87:0f:19:fe:92:
0b:aa:b4:14:09:b9:fd:f5:56:e6:3a:7e:2d:fa:89:
2e:12:d1:1b:2c:3c:39:0a:9d:20:a0:b9:9a:df:f6:
31:30:f2:43:91:25:1e:ce:a4:db:4c:95:30:5c:a4:
fd:e8:f8:23:01:a9:ea:3e:8f:22:fb:76:0a:cf:e5:
ad:8a:3b:4c:4e:dd:68:63:61:34:29:d2:46:29:8a:
d2:f2:52:f9:08:78:e7:f2:69:ec:28:94:44:b3:be:
b1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:7D:4A:E2:43:EF:96:47:D5:E2:48:EE:4C:37:CB:BD:BE:1B:88:4C
X509v3 Authority Key Identifier:
keyid:20:D6:17:BD:B5:D7:68:E3:95:E4:9B:41:CD:81:21:7B:D3:16:3A:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/INYXvbXXaOOV5JtBzYEhe9MWOrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/808471-7daa-4cd2-a860-069da9c84785/1/un1K4kPvlkfV4kjuTDfLvb4biEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/808471-7daa-4cd2-a860-069da9c84785/1/INYXvbXXaOOV5JtBzYEhe9MWOrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.219.0/24
171.25.179.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:0b:b9:7c:dd:dc:ba:c2:23:71:06:b0:2f:38:f9:83:ee:a3:
c3:f0:6d:1a:d9:b4:a3:ba:82:19:71:d6:68:c8:6a:24:12:dc:
c3:a8:e9:10:60:19:9e:1a:55:08:63:fd:44:e6:5f:33:a9:14:
4d:94:2b:72:b4:d0:23:1b:b1:e5:ef:fd:d2:b0:9c:95:2a:d4:
16:7a:8e:c9:9d:bd:da:b9:b4:0f:94:58:4d:ff:ab:70:d9:cb:
8f:ff:95:d7:05:33:63:f4:7e:86:f3:a8:e9:41:0f:14:74:67:
ae:e2:fa:96:f4:e6:fd:0b:9e:bf:78:da:09:06:a4:24:dd:18:
07:59:9f:6b:06:1c:08:e9:8e:53:93:80:2e:4e:2a:f8:6f:fb:
c6:53:5d:e4:3b:e8:e8:8c:ef:32:f9:61:65:86:67:93:3f:3d:
dc:17:94:81:8d:76:a9:ac:02:08:fc:e7:c0:0a:33:cc:08:07:
f5:ef:dd:cc:e4:71:29:83:76:ba:a6:f0:4a:bd:0b:39:d5:39:
2a:01:af:4b:87:68:ce:50:13:83:56:bd:1c:c1:f4:d0:49:3a:
b2:cc:7d:db:97:16:99:92:cd:0c:8b:fb:3a:50:01:67:01:ac:
2b:c3:c4:3d:26:f2:ba:30:c3:3e:23:b7:d8:ed:ba:0c:81:9a:
00:04:82:a0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxQtTcK87EAC5uL/+tu2PgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZDYxN2JkYjVkNzY4ZTM5NWU0OWI0MWNkODEyMTdiZDMx
NjNhYjMwHhcNMjMwMTAyMDY1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTdkNGFlMjQzZWY5NjQ3ZDVlMjQ4ZWU0YzM3Y2JiZGJlMWI4ODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXtJs8l31DyacH3v39T779Iy9T8U
X5gmTEtBum9efnb/z64I6Z7AZZ7doF5J0JKaKK3Ut0zsrCcu9VVMMrH/3tSEuV/n
4fEXycTjEQ1SrKun9L03fAsZ/Ddove/ZTOEZUDaEXQAROAe7LnzbzWVqS9AeW3zC
qwYK7kd8KWzv7Oe+FzTiM5ZTKTvzEVOjNl+ohSDQ2Q7Y4qGK41mQJ0J4hw8Z/pIL
qrQUCbn99VbmOn4t+okuEtEbLDw5Cp0goLma3/YxMPJDkSUezqTbTJUwXKT96Pgj
AanqPo8i+3YKz+WtijtMTt1oY2E0KdJGKYrS8lL5CHjn8mnsKJREs76xswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLp9SuJD75ZH1eJI7kw3y72+G4hMMB8GA1UdIwQY
MBaAFCDWF72112jjleSbQc2BIXvTFjqzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU5ZWHZiWFhhT09WNUp0QnpZRWhlOU1XT3JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84MDg0NzEtN2RhYS00Y2QyLWE4NjAt
MDY5ZGE5Yzg0Nzg1LzEvdW4xSzRrUHZsa2ZWNGtqdVREZkx2YjRiaUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy84MDg0NzEtN2RhYS00Y2QyLWE4NjAtMDY5ZGE5Yzg0Nzg1
LzEvSU5ZWHZiWFhhT09WNUp0QnpZRWhlOU1XT3JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8fbAwQA
qxmzMA0GCSqGSIb3DQEBCwUAA4IBAQB9C7l83dy6wiNxBrAvOPmD7qPD8G0a2bSj
uoIZcdZoyGokEtzDqOkQYBmeGlUIY/1E5l8zqRRNlCtytNAjG7Hl7/3SsJyVKtQW
eo7Jnb3aubQPlFhN/6tw2cuP/5XXBTNj9H6G86jpQQ8UdGeu4vqW9Ob9C56/eNoJ
BqQk3RgHWZ9rBhwI6Y5Tk4AuTir4b/vGU13kO+jojO8y+WFlhmeTPz3cF5SBjXap
rAII/OfACjPMCAf1793M5HEpg3a6pvBKvQs51TkqAa9Lh2jOUBODVr0cwfTQSTqy
zH3blxaZks0Mi/s6UAFnAawrw8Q9JvK6MMM+I7fY7boMgZoABIKg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:15 2024 by rpki-client on console-fra.rpki-client.org