Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Od83fljD9p1ZPyweXhexoCM4vgQ.roa
File: Od83fljD9p1ZPyweXhexoCM4vgQ.roa (raw, json)
Hash identifier: X3vrj/sMbpOoopZ7khJaxx97nVQBqdWANtU9nrP1Zpw=
Subject key identifier: 39:DF:37:7E:58:C3:F6:9D:59:3F:2C:1E:5E:17:B1:A0:23:38:BE:04
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0190E9581F14487937218DB204B30FC6B700
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Od83fljD9p1ZPyweXhexoCM4vgQ.roa
Signing time: Thu 25 Jul 2024 10:03:04 +0000
ROA not before: Thu 25 Jul 2024 10:03:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60808
IP address blocks: 91.247.177.0/24 maxlen: 24
185.215.246.0/24 maxlen: 24
188.253.96.0/19 maxlen: 24
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 02 Aug 2024 12:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e9:58:1f:14:48:79:37:21:8d:b2:04:b3:0f:c6:b7:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jul 25 10:03:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39df377e58c3f69d593f2c1e5e17b1a02338be04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:68:aa:eb:54:7f:c9:e8:e1:f6:7b:5d:33:0f:
4b:51:58:2c:0c:af:05:ef:67:8d:f2:63:0b:0a:a5:
89:91:c3:ab:90:78:db:84:90:ce:70:6e:ba:93:a5:
a5:3e:c0:7a:0a:8f:d6:ec:66:e3:ba:e1:c1:ce:69:
b9:93:3a:89:8a:8d:6e:99:ca:68:74:ae:cc:9d:74:
00:33:b7:22:ed:3a:f6:17:64:a7:f2:0b:1c:20:00:
d8:46:b9:4f:fb:4d:78:37:24:4d:8c:dc:d0:9a:b9:
50:a8:e6:7e:91:94:0c:72:ff:f7:be:22:0e:e6:c8:
f3:3e:28:60:0f:c1:f7:0f:75:22:d2:15:8d:23:fb:
24:76:17:f3:28:3f:2a:46:26:1c:58:16:a3:55:e0:
ca:86:23:52:11:8b:02:8b:6b:d5:12:f5:ee:53:fb:
1f:c7:5f:86:74:7e:7a:0a:12:4f:33:bd:1a:7d:66:
b0:76:53:19:fc:a2:25:2a:ba:a7:9b:61:21:92:95:
44:4a:f0:41:71:a2:c6:ef:78:03:0e:78:74:27:18:
03:1b:ac:7f:88:1a:b0:77:b5:11:da:af:f3:71:d9:
f2:e3:bc:77:56:3e:ca:72:1f:16:29:3a:49:06:23:
e7:18:ce:90:e9:5f:68:fe:25:f3:ca:d7:b7:bd:d4:
8a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:DF:37:7E:58:C3:F6:9D:59:3F:2C:1E:5E:17:B1:A0:23:38:BE:04
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Od83fljD9p1ZPyweXhexoCM4vgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.177.0/24
185.215.246.0/24
188.253.96.0/19
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
49:06:87:33:1a:13:8f:7b:47:0a:23:f9:c5:06:6f:46:9b:b7:
95:b8:3c:50:d8:3d:48:05:9b:03:ff:da:d9:f7:69:74:0a:e7:
6c:a5:cc:36:9b:c1:4f:cb:11:75:0a:53:f0:68:58:20:e4:a9:
2d:d0:32:5a:5c:51:d4:94:f5:4b:f4:b2:cb:4f:c3:19:1f:05:
66:61:0a:12:0c:bd:98:4d:34:39:a0:29:f3:a4:c8:33:8a:e7:
6c:4c:5b:36:ce:9d:55:c5:c0:11:8b:8d:a2:08:c4:06:6d:61:
a4:04:22:d3:83:5c:28:f1:28:4d:54:50:84:85:ba:06:62:21:
4f:02:cb:94:db:ba:7f:b1:9b:4f:9e:eb:db:2f:0c:4e:e4:64:
32:27:31:9e:e9:47:e8:e5:67:46:9e:66:c6:06:f6:0f:e8:a2:
1c:6c:4c:87:d1:48:af:38:40:00:e3:de:42:56:d4:68:26:5b:
55:be:5e:e9:2b:a0:f4:1a:ce:81:d8:39:3b:a2:c5:3e:db:5d:
fe:b8:18:b6:42:f6:5f:f9:dd:ed:28:38:65:8b:9a:fc:74:28:
27:8e:bb:71:2a:09:be:80:4a:2d:f2:5c:d1:c6:8e:0b:ed:84:
b1:93:3a:83:d7:db:b1:5b:0a:86:c5:ff:fe:58:41:59:ef:26:
9d:d9:00:c0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZDpWB8USHk3IY2yBLMPxrcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNzI1MTAwMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWRmMzc3ZTU4YzNmNjlkNTkzZjJjMWU1ZTE3YjFhMDIzMzhiZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2iq61R/yejh9ntdMw9LUVgsDK8F
72eN8mMLCqWJkcOrkHjbhJDOcG66k6WlPsB6Co/W7GbjuuHBzmm5kzqJio1umcpo
dK7MnXQAM7ci7Tr2F2Sn8gscIADYRrlP+014NyRNjNzQmrlQqOZ+kZQMcv/3viIO
5sjzPihgD8H3D3Ui0hWNI/skdhfzKD8qRiYcWBajVeDKhiNSEYsCi2vVEvXuU/sf
x1+GdH56ChJPM70afWawdlMZ/KIlKrqnm2EhkpVESvBBcaLG73gDDnh0JxgDG6x/
iBqwd7UR2q/zcdny47x3Vj7Kch8WKTpJBiPnGM6Q6V9o/iXzyte3vdSK3wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDnfN35Yw/adWT8sHl4XsaAjOL4EMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvT2Q4M2ZsakQ5cDFaUHl3ZVhoZXhvQ000dmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW/exAwQA
udf2AwQFvP1gMA0EAgACMAcDBQMqBeyAMA0GCSqGSIb3DQEBCwUAA4IBAQBJBocz
GhOPe0cKI/nFBm9Gm7eVuDxQ2D1IBZsD/9rZ92l0Cudspcw2m8FPyxF1ClPwaFgg
5Kkt0DJaXFHUlPVL9LLLT8MZHwVmYQoSDL2YTTQ5oCnzpMgziudsTFs2zp1VxcAR
i42iCMQGbWGkBCLTg1wo8ShNVFCEhboGYiFPAsuU27p/sZtPnuvbLwxO5GQyJzGe
6Ufo5WdGnmbGBvYP6KIcbEyH0UivOEAA495CVtRoJltVvl7pK6D0Gs6B2Dk7osU+
213+uBi2QvZf+d3tKDhli5r8dCgnjrtxKgm+gEot8lzRxo4L7YSxkzqD19uxWwqG
xf/+WEFZ7yad2QDA
-----END CERTIFICATE-----
Generated at Fri Aug 2 14:56:25 2024 by rpki-client on console-ams.rpki-client.org