Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/daR0BnmD14cb6pIPVOFt_AdTky4.roa
File: daR0BnmD14cb6pIPVOFt_AdTky4.roa (raw, json)
Hash identifier: zoERZa/9MZK60lAhxbtzyFNGh/nnrf4TkMzzmTQ5RXM=
Subject key identifier: 75:A4:74:06:79:83:D7:87:1B:EA:92:0F:54:E1:6D:FC:07:53:93:2E
Certificate issuer: /CN=a9ec57bc8464fec2e9a1b098ffce34c21aaf9ca6
Certificate serial: 018A2BC89216978A7C5643E7D15FA26F947B
Authority key identifier: A9:EC:57:BC:84:64:FE:C2:E9:A1:B0:98:FF:CE:34:C2:1A:AF:9C:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/daR0BnmD14cb6pIPVOFt_AdTky4.roa
Signing time: Fri 25 Aug 2023 08:21:19 +0000
ROA not before: Fri 25 Aug 2023 08:21:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210850
IP address blocks: 213.108.134.0/24 maxlen: 32
91.223.53.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2b:c8:92:16:97:8a:7c:56:43:e7:d1:5f:a2:6f:94:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9ec57bc8464fec2e9a1b098ffce34c21aaf9ca6
Validity
Not Before: Aug 25 08:21:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75a474067983d7871bea920f54e16dfc0753932e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:63:9e:7a:a3:e5:e8:38:07:83:be:19:6f:8d:
1f:ce:f8:2e:65:8b:48:d7:76:a0:b1:16:30:08:ac:
93:96:49:59:cb:cc:e9:25:63:c4:fe:64:44:19:92:
af:e7:7b:99:b5:12:5b:77:65:8f:b8:2a:b6:b8:09:
47:23:0a:0c:ff:0c:c7:f4:88:a9:93:4c:0b:77:0c:
8e:87:40:15:5f:9b:2c:b4:c0:f2:9f:5f:47:0c:c5:
c7:9b:47:b8:4e:b4:e4:34:3f:04:d6:36:4f:5b:22:
93:42:f4:d0:49:03:03:84:9a:68:f3:ed:f1:db:28:
8b:08:e2:71:3e:d9:b8:b9:be:b4:d9:89:91:3b:55:
26:c8:32:04:b3:5c:5d:fd:ef:ca:81:61:68:dc:60:
40:fe:62:46:5e:97:78:52:7c:c1:38:e6:64:60:f5:
b3:58:8a:63:5d:01:5e:9c:2d:fb:bc:d5:02:f0:5b:
34:a4:50:bf:6c:56:97:ff:4f:3d:2c:e2:6c:05:f6:
85:89:65:4f:60:fd:7c:a3:fc:fe:32:1c:7f:ef:57:
bc:40:d4:fe:71:ee:b8:05:32:71:6c:3d:4a:e9:dd:
95:3e:fe:10:b4:07:e4:02:d4:2d:6e:7e:e5:bd:58:
87:ae:ca:d8:dd:a7:e8:2f:24:e3:8c:4e:97:c9:86:
8e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:A4:74:06:79:83:D7:87:1B:EA:92:0F:54:E1:6D:FC:07:53:93:2E
X509v3 Authority Key Identifier:
keyid:A9:EC:57:BC:84:64:FE:C2:E9:A1:B0:98:FF:CE:34:C2:1A:AF:9C:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/daR0BnmD14cb6pIPVOFt_AdTky4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/qexXvIRk_sLpobCY_840whqvnKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.53.0/24
213.108.134.0/24
Signature Algorithm: sha256WithRSAEncryption
32:63:c1:61:43:40:5f:ce:27:38:05:c4:e8:80:be:e5:2d:d5:
02:d6:57:4f:6a:25:0b:5d:a2:52:19:99:7e:6f:70:b0:ce:95:
a0:da:80:66:23:64:41:9f:8f:85:69:a8:42:a9:1b:a3:f0:e0:
7e:e4:a9:18:ae:9a:25:16:d8:fa:05:c3:f0:04:bc:fe:08:e8:
45:94:cf:ec:59:39:6c:d9:5c:e2:1e:be:73:d3:6e:3e:84:a3:
39:f2:f4:74:d1:b7:89:d5:60:1c:e8:ec:ba:60:ae:50:65:39:
bc:f2:87:7e:88:d7:cf:97:ff:d7:d6:3a:69:45:27:c6:87:01:
28:14:c2:50:62:3f:3d:8a:be:4c:68:65:20:1d:a2:9e:38:c5:
27:af:f9:9f:e0:c7:af:dc:6d:da:13:04:a3:cf:6f:a9:84:f8:
81:66:f4:a2:6d:65:10:45:99:ed:89:84:71:34:40:77:b2:6c:
4d:29:4b:4c:fe:72:19:4a:b3:44:1c:b9:fe:09:31:07:90:61:
52:38:d5:f3:16:06:d2:24:c0:ef:c6:74:16:7d:f7:77:10:e3:
82:d2:e4:2a:70:01:d8:ab:d0:a2:b6:a4:88:82:34:ae:32:58:
06:e6:35:5c:71:7f:73:72:dd:fa:a6:67:d6:0e:3c:60:98:dd:
61:dd:f7:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoryJIWl4p8VkPn0V+ib5R7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZWM1N2JjODQ2NGZlYzJlOWExYjA5OGZmY2UzNGMyMWFh
ZjljYTYwHhcNMjMwODI1MDgyMTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWE0NzQwNjc5ODNkNzg3MWJlYTkyMGY1NGUxNmRmYzA3NTM5MzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2OeeqPl6DgHg74Zb40fzvguZYtI
13agsRYwCKyTlklZy8zpJWPE/mREGZKv53uZtRJbd2WPuCq2uAlHIwoM/wzH9Iip
k0wLdwyOh0AVX5sstMDyn19HDMXHm0e4TrTkND8E1jZPWyKTQvTQSQMDhJpo8+3x
2yiLCOJxPtm4ub602YmRO1UmyDIEs1xd/e/KgWFo3GBA/mJGXpd4UnzBOOZkYPWz
WIpjXQFenC37vNUC8Fs0pFC/bFaX/089LOJsBfaFiWVPYP18o/z+Mhx/71e8QNT+
ce64BTJxbD1K6d2VPv4QtAfkAtQtbn7lvViHrsrY3afoLyTjjE6XyYaOVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHWkdAZ5g9eHG+qSD1ThbfwHU5MuMB8GA1UdIwQY
MBaAFKnsV7yEZP7C6aGwmP/ONMIar5ymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWV4WHZJUmtfc0xwb2JDWV84NDB3aHF2bktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80MWI0MGMtZjNiNi00MGI4LTg0MGMt
MTlhM2M1NjQ5YjU3LzEvZGFSMEJubUQxNGNiNnBJUFZPRnRfQWRUa3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80MWI0MGMtZjNiNi00MGI4LTg0MGMtMTlhM2M1NjQ5YjU3
LzEvcWV4WHZJUmtfc0xwb2JDWV84NDB3aHF2bktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW981AwQA
1WyGMA0GCSqGSIb3DQEBCwUAA4IBAQAyY8FhQ0Bfzic4BcTogL7lLdUC1ldPaiUL
XaJSGZl+b3CwzpWg2oBmI2RBn4+FaahCqRuj8OB+5KkYrpolFtj6BcPwBLz+COhF
lM/sWTls2VziHr5z024+hKM58vR00beJ1WAc6Oy6YK5QZTm88od+iNfPl//X1jpp
RSfGhwEoFMJQYj89ir5MaGUgHaKeOMUnr/mf4Mev3G3aEwSjz2+phPiBZvSibWUQ
RZntiYRxNEB3smxNKUtM/nIZSrNEHLn+CTEHkGFSONXzFgbSJMDvxnQWffd3EOOC
0uQqcAHYq9CitqSIgjSuMlgG5jVccX9zct36pmfWDjxgmN1h3ffB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:48 2024 by rpki-client on console-fra.rpki-client.org