Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/xRC4FCAeMaD3_Pxms6bEzT4tGQY.roa
File: xRC4FCAeMaD3_Pxms6bEzT4tGQY.roa (raw, json)
Hash identifier: OngUdFUmOiODmeHSKZG2Z013fhnjj7QDJhax1ZoXUK4=
Subject key identifier: C5:10:B8:14:20:1E:31:A0:F7:FC:FC:66:B3:A6:C4:CD:3E:2D:19:06
Certificate issuer: /CN=60ea8385a14fd9967978ae7f06ec4dd52229a44a
Certificate serial: 0186BC3255CF0BD1BE3029FC77BD3949E908
Authority key identifier: 60:EA:83:85:A1:4F:D9:96:79:78:AE:7F:06:EC:4D:D5:22:29:A4:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/xRC4FCAeMaD3_Pxms6bEzT4tGQY.roa
Signing time: Tue 07 Mar 2023 13:11:00 +0000
ROA not before: Tue 07 Mar 2023 13:11:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199284
IP address blocks: 91.137.16.0/20 maxlen: 24
91.137.50.0/23 maxlen: 24
91.137.48.0/22 maxlen: 24
91.137.56.0/21 maxlen: 22
91.137.60.0/22 maxlen: 24
91.137.62.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bc:32:55:cf:0b:d1:be:30:29:fc:77:bd:39:49:e9:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ea8385a14fd9967978ae7f06ec4dd52229a44a
Validity
Not Before: Mar 7 13:11:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c510b814201e31a0f7fcfc66b3a6c4cd3e2d1906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:16:4a:de:b5:eb:ec:99:2f:78:a8:9d:9c:37:
5d:31:17:1e:27:0f:49:b7:71:02:ca:de:ad:44:1a:
62:90:c5:72:48:22:67:d5:04:f8:a3:96:69:70:1f:
e1:8f:c6:45:4c:3a:1b:77:8a:38:65:de:99:b3:51:
8e:c6:ae:02:c5:49:64:a6:d0:3b:ee:65:af:75:86:
14:3d:4b:9f:de:64:2d:31:c7:bc:1c:c6:2d:27:64:
87:84:3a:97:6b:d9:39:f1:4c:e8:e5:37:70:b8:46:
3b:b1:e2:b7:1c:0a:ae:db:d0:08:ec:ca:3f:84:27:
25:15:c9:67:ef:6d:df:f4:b2:81:ef:d0:ae:3e:e0:
74:47:64:86:3b:3a:59:c5:b6:84:26:95:ce:fa:e2:
31:bd:af:18:ad:23:25:26:21:51:43:0a:62:e5:ad:
b2:3f:eb:88:da:b4:72:23:3c:54:7f:0b:25:04:6b:
a9:2d:5b:12:c3:7a:2f:db:f8:fa:3e:88:3d:6e:df:
4d:40:97:e4:c1:c9:76:2a:8d:2d:dc:6a:d2:2f:9d:
c5:2b:e6:cf:32:98:a0:d4:34:1d:1b:16:b4:d2:05:
5a:27:0e:19:43:cf:ea:bc:0d:c8:5c:db:79:c3:d8:
61:94:71:78:79:61:c5:41:af:3a:8e:ec:00:66:50:
49:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:10:B8:14:20:1E:31:A0:F7:FC:FC:66:B3:A6:C4:CD:3E:2D:19:06
X509v3 Authority Key Identifier:
keyid:60:EA:83:85:A1:4F:D9:96:79:78:AE:7F:06:EC:4D:D5:22:29:A4:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/xRC4FCAeMaD3_Pxms6bEzT4tGQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.137.16.0/20
91.137.48.0/22
91.137.56.0/21
Signature Algorithm: sha256WithRSAEncryption
1e:4d:56:81:07:33:d9:4c:9c:c1:db:c1:9c:b7:66:80:ad:45:
08:ae:5e:6c:bc:1c:5e:48:06:b9:6d:eb:ed:88:9b:c5:39:6f:
f9:09:d5:f9:ba:e4:d5:c1:9a:01:6c:bf:6e:7e:ac:63:75:ed:
df:a5:48:df:5c:06:ca:d9:6d:16:e0:e5:0f:7b:f3:0f:78:d5:
3f:8a:16:41:f7:6a:af:0a:c5:c1:fb:6f:66:f7:0b:6d:69:a1:
78:7c:8e:82:e1:32:8a:29:c7:89:48:3e:a9:50:0b:ca:2f:c6:
89:57:c4:2c:a8:f6:c8:94:16:70:56:26:65:fa:16:d7:e8:a9:
78:53:b9:54:30:c2:aa:ad:02:da:80:fc:b9:c3:e8:3a:4e:73:
82:ed:ac:56:ed:17:08:79:ee:d8:56:aa:1e:74:8b:b2:10:16:
9f:24:78:ca:ed:7e:64:5d:62:b5:bf:32:80:8a:45:e6:2d:01:
47:ac:06:9f:91:cf:d8:3f:24:55:a6:cf:0f:8e:23:66:c7:9a:
9b:e7:e4:2f:6e:93:d4:84:c9:24:9a:0b:d0:c4:0a:27:da:2f:
4a:4a:1b:aa:f8:be:e9:8d:32:bd:24:39:a4:12:45:66:c5:cd:
67:60:9f:a0:de:19:a5:a8:de:d4:31:62:d0:f6:50:e2:8d:0b:
e8:45:fe:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYa8MlXPC9G+MCn8d705SekIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWE4Mzg1YTE0ZmQ5OTY3OTc4YWU3ZjA2ZWM0ZGQ1MjIy
OWE0NGEwHhcNMjMwMzA3MTMxMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTEwYjgxNDIwMWUzMWEwZjdmY2ZjNjZiM2E2YzRjZDNlMmQxOTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBZK3rXr7JkveKidnDddMRceJw9J
t3ECyt6tRBpikMVySCJn1QT4o5ZpcB/hj8ZFTDobd4o4Zd6Zs1GOxq4CxUlkptA7
7mWvdYYUPUuf3mQtMce8HMYtJ2SHhDqXa9k58Uzo5TdwuEY7seK3HAqu29AI7Mo/
hCclFcln723f9LKB79CuPuB0R2SGOzpZxbaEJpXO+uIxva8YrSMlJiFRQwpi5a2y
P+uI2rRyIzxUfwslBGupLVsSw3ov2/j6Pog9bt9NQJfkwcl2Ko0t3GrSL53FK+bP
Mpig1DQdGxa00gVaJw4ZQ8/qvA3IXNt5w9hhlHF4eWHFQa86juwAZlBJiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMUQuBQgHjGg9/z8ZrOmxM0+LRkGMB8GA1UdIwQY
MBaAFGDqg4WhT9mWeXiufwbsTdUiKaRKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU9xRGhhRlAyWlo1ZUs1X0J1eE4xU0lwcEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8wMzMwZmItOTVkMS00MzAyLWJlYTEt
ZjU0NTc3ZjdjYzBmLzEveFJDNEZDQWVNYUQzX1B4bXM2YkV6VDR0R1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8wMzMwZmItOTVkMS00MzAyLWJlYTEtZjU0NTc3ZjdjYzBm
LzEvWU9xRGhhRlAyWlo1ZUs1X0J1eE4xU0lwcEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEW4kQAwQC
W4kwAwQDW4k4MA0GCSqGSIb3DQEBCwUAA4IBAQAeTVaBBzPZTJzB28Gct2aArUUI
rl5svBxeSAa5bevtiJvFOW/5CdX5uuTVwZoBbL9ufqxjde3fpUjfXAbK2W0W4OUP
e/MPeNU/ihZB92qvCsXB+29m9wttaaF4fI6C4TKKKceJSD6pUAvKL8aJV8QsqPbI
lBZwViZl+hbX6Kl4U7lUMMKqrQLagPy5w+g6TnOC7axW7RcIee7YVqoedIuyEBaf
JHjK7X5kXWK1vzKAikXmLQFHrAafkc/YPyRVps8PjiNmx5qb5+QvbpPUhMkkmgvQ
xAon2i9KShuq+L7pjTK9JDmkEkVmxc1nYJ+g3hmlqN7UMWLQ9lDijQvoRf4/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:39 2024 by rpki-client on console-ams.rpki-client.org