Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/CuOqRjOm98as2b9usMMbOCBIYKs.roa
File: CuOqRjOm98as2b9usMMbOCBIYKs.roa (raw, json)
Hash identifier: M9UZJ3p79QDGhmGdQHI8ooqqCJ3OhWHWAd+M/wEX9r8=
Subject key identifier: 0A:E3:AA:46:33:A6:F7:C6:AC:D9:BF:6E:B0:C3:1B:38:20:48:60:AB
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01909880295D101CD66EA5B982A18582A989
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/CuOqRjOm98as2b9usMMbOCBIYKs.roa
Signing time: Tue 09 Jul 2024 17:17:34 +0000
ROA not before: Tue 09 Jul 2024 17:17:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204104
IP address blocks: 91.246.49.0/24 maxlen: 24
195.96.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Aug 2024 12:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:98:80:29:5d:10:1c:d6:6e:a5:b9:82:a1:85:82:a9:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jul 9 17:17:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ae3aa4633a6f7c6acd9bf6eb0c31b38204860ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:20:11:aa:8d:32:9f:9d:3d:16:59:c3:da:df:
37:75:e7:70:fc:42:b6:32:ab:79:6a:32:2f:e5:d2:
1f:90:05:84:75:70:2d:c8:83:07:28:cf:e2:c6:b0:
5c:5b:e0:2a:3e:5f:21:49:3b:e7:72:8c:df:a6:2a:
c3:db:7d:4f:0c:93:ff:d8:90:53:1e:e8:e7:92:f9:
a7:56:68:9c:97:06:e6:8d:77:8b:75:f4:46:dc:e0:
97:b2:c7:00:eb:dc:c5:59:cb:26:13:7c:f2:21:f5:
2a:dd:be:75:83:f8:50:28:c5:e2:07:c0:29:19:29:
f2:d2:37:00:af:f4:55:4e:fb:b4:2d:9f:ee:bb:5d:
8e:b4:69:0b:bc:4a:1a:80:3e:7a:1f:48:1e:9a:13:
14:76:cf:fb:51:45:1a:5c:0f:ac:72:01:04:3a:9c:
67:b9:71:a0:0f:07:40:b0:70:d9:23:9a:c9:00:af:
44:6b:c3:ab:58:ec:c2:2f:a9:9d:99:e4:2b:e4:4b:
ea:e0:64:ed:ae:13:67:a7:a7:9d:00:e5:85:3d:57:
26:de:11:38:74:34:48:9d:82:0b:f2:b5:40:a4:14:
3d:d4:a5:45:5f:8f:1b:ab:ac:3a:c9:28:8b:a7:40:
54:d4:5e:1a:33:c6:ad:f8:8f:99:2a:6d:80:4f:c6:
0c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E3:AA:46:33:A6:F7:C6:AC:D9:BF:6E:B0:C3:1B:38:20:48:60:AB
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/CuOqRjOm98as2b9usMMbOCBIYKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.49.0/24
195.96.135.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:4f:ac:33:f5:85:ca:25:ba:bb:b8:29:ba:5b:2c:83:06:3d:
50:8c:03:25:2a:0c:9e:44:86:01:15:66:28:10:5a:26:cf:18:
f7:03:f8:18:47:3d:82:83:c8:ad:c1:bc:70:dc:29:d0:f9:18:
0c:2a:dd:f5:7f:f5:3d:f0:4d:66:7a:04:97:6e:f5:8f:15:2b:
68:54:e7:12:2c:e2:ac:0f:87:63:d5:48:c4:1b:b0:b1:68:28:
a2:1a:12:71:9b:42:cb:6a:f5:de:79:dc:ab:83:5b:10:cf:74:
fc:db:dd:3f:95:11:14:a4:54:ae:35:54:1d:fd:ef:50:4f:dc:
4d:d6:bb:83:bd:f2:d7:89:19:1d:eb:59:d8:5e:04:54:88:2c:
83:34:a3:85:49:71:b8:7b:21:89:0a:03:23:49:34:b7:2d:69:
40:5a:0b:e6:3b:0b:dc:e6:7d:f4:c7:46:de:7e:e9:db:23:7e:
05:66:0f:f7:61:f6:e9:8c:69:7c:44:4b:e0:1b:75:29:1b:8a:
42:7b:b1:4c:fa:b1:ff:5b:b8:46:a4:29:7b:3b:aa:17:39:68:
c8:46:bd:64:b5:cd:bc:6d:76:cd:50:5f:01:a6:dd:65:d1:ce:
51:26:3c:0f:86:13:2f:73:43:9f:5c:e0:79:c6:7f:f2:3d:a0:
02:11:fa:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCYgCldEBzWbqW5gqGFgqmJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNzA5MTcxNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWUzYWE0NjMzYTZmN2M2YWNkOWJmNmViMGMzMWIzODIwNDg2MGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyARqo0yn509FlnD2t83dedw/EK2
Mqt5ajIv5dIfkAWEdXAtyIMHKM/ixrBcW+AqPl8hSTvncozfpirD231PDJP/2JBT
HujnkvmnVmiclwbmjXeLdfRG3OCXsscA69zFWcsmE3zyIfUq3b51g/hQKMXiB8Ap
GSny0jcAr/RVTvu0LZ/uu12OtGkLvEoagD56H0gemhMUds/7UUUaXA+scgEEOpxn
uXGgDwdAsHDZI5rJAK9Ea8OrWOzCL6mdmeQr5Evq4GTtrhNnp6edAOWFPVcm3hE4
dDRInYIL8rVApBQ91KVFX48bq6w6ySiLp0BU1F4aM8at+I+ZKm2AT8YMuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFArjqkYzpvfGrNm/brDDGzggSGCrMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvQ3VPcVJqT205OGFzMmI5dXNNTWJPQ0JJWUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/YxAwQA
w2CHMA0GCSqGSIb3DQEBCwUAA4IBAQAKT6wz9YXKJbq7uCm6WyyDBj1QjAMlKgye
RIYBFWYoEFomzxj3A/gYRz2Cg8itwbxw3CnQ+RgMKt31f/U98E1megSXbvWPFSto
VOcSLOKsD4dj1UjEG7CxaCiiGhJxm0LLavXeedyrg1sQz3T8290/lREUpFSuNVQd
/e9QT9xN1ruDvfLXiRkd61nYXgRUiCyDNKOFSXG4eyGJCgMjSTS3LWlAWgvmOwvc
5n30x0befunbI34FZg/3YfbpjGl8REvgG3UpG4pCe7FM+rH/W7hGpCl7O6oXOWjI
Rr1ktc28bXbNUF8Bpt1l0c5RJjwPhhMvc0OfXOB5xn/yPaACEfpj
-----END CERTIFICATE-----
Generated at Wed Aug 21 16:34:19 2024 by rpki-client on console-fra.rpki-client.org