Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/dz1ieM2fpOPE2-Iq-_OWPJWKHT8.roa
File: dz1ieM2fpOPE2-Iq-_OWPJWKHT8.roa (raw, json)
Hash identifier: WOsVRdRYT9w8DL6oTmcQ3ujvMw+S+V3jL9HuRjbGQBE=
Subject key identifier: 77:3D:62:78:CD:9F:A4:E3:C4:DB:E2:2A:FB:F3:96:3C:95:8A:1D:3F
Certificate issuer: /CN=a633725cd5dd91cf190ab3a99526e898357856ef
Certificate serial: 018CC424FA7FFEE2B4EA0A225CDAC91EFB2C
Authority key identifier: A6:33:72:5C:D5:DD:91:CF:19:0A:B3:A9:95:26:E8:98:35:78:56:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjNyXNXdkc8ZCrOplSbomDV4Vu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/dz1ieM2fpOPE2-Iq-_OWPJWKHT8.roa
Signing time: Mon 01 Jan 2024 08:30:06 +0000
ROA not before: Mon 01 Jan 2024 08:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15495
IP address blocks: 91.213.221.0/24 maxlen: 24
141.6.0.0/16 maxlen: 24
128.246.0.0/16 maxlen: 24
195.234.178.0/24 maxlen: 24
2a03:5680::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 14 May 2024 14:28:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:fa:7f:fe:e2:b4:ea:0a:22:5c:da:c9:1e:fb:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a633725cd5dd91cf190ab3a99526e898357856ef
Validity
Not Before: Jan 1 08:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=773d6278cd9fa4e3c4dbe22afbf3963c958a1d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fd:e5:a9:3c:3b:c6:9e:49:79:19:e5:20:3c:
cf:20:20:b1:71:57:b5:44:0d:0b:4f:39:f0:64:af:
05:1d:de:9b:c5:c1:98:58:1b:a2:10:64:e1:13:4a:
c8:3d:e1:84:ac:d8:e1:70:8d:a5:5f:8d:4a:08:f9:
70:63:95:52:92:aa:d6:40:70:c0:d6:07:f7:73:44:
95:ff:fd:3e:e5:25:cf:03:fd:e8:0c:ed:db:02:f8:
fc:c5:6e:4a:f0:64:2c:91:b2:bc:7b:ef:52:40:c6:
14:cd:cb:fd:8d:c0:18:28:da:47:f5:e9:06:01:d8:
63:3e:6c:e6:05:b8:b4:85:0a:74:6d:74:ea:63:40:
f0:ec:5c:7a:f3:bc:59:1f:3e:11:1d:68:cf:80:81:
a0:4c:9b:bb:49:bd:29:8b:5a:33:a1:33:09:5e:78:
32:cc:73:97:09:1d:aa:5c:35:e4:0b:37:67:0c:16:
4d:a1:2f:fc:74:e7:cc:02:39:00:19:54:d5:06:55:
e7:c7:d5:64:e7:52:ed:27:dd:87:c8:6d:35:69:af:
4c:10:b3:76:44:5b:66:11:76:52:48:2e:3e:41:f7:
6d:15:fa:04:58:e9:8f:da:c4:ef:00:3a:59:86:11:
9f:91:5a:b3:ff:60:31:71:65:f0:57:ee:2b:78:b0:
1c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:3D:62:78:CD:9F:A4:E3:C4:DB:E2:2A:FB:F3:96:3C:95:8A:1D:3F
X509v3 Authority Key Identifier:
keyid:A6:33:72:5C:D5:DD:91:CF:19:0A:B3:A9:95:26:E8:98:35:78:56:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjNyXNXdkc8ZCrOplSbomDV4Vu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/dz1ieM2fpOPE2-Iq-_OWPJWKHT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/pjNyXNXdkc8ZCrOplSbomDV4Vu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.221.0/24
128.246.0.0/16
141.6.0.0/16
195.234.178.0/24
IPv6:
2a03:5680::/32
Signature Algorithm: sha256WithRSAEncryption
7b:0c:c7:c2:51:d8:a7:db:d4:cc:53:fe:a4:18:75:29:5d:8a:
b8:ae:07:25:61:af:8a:7c:1e:a0:02:74:a0:fb:06:2c:4e:53:
dc:d0:f3:f2:0d:74:2a:d6:65:1b:8a:ba:52:55:b0:e3:1c:9a:
f3:64:18:3a:ad:5f:cd:2c:8a:55:36:c9:a1:ba:3c:e8:63:ed:
f6:be:ad:d2:8d:c2:15:15:03:fd:51:a1:13:3f:c1:f5:a5:a7:
ea:52:90:1a:c9:97:57:cf:d2:c2:33:ac:00:1a:71:26:0e:86:
d3:8d:29:57:5a:34:4d:d1:bf:1c:7a:5e:59:63:d3:d7:0d:29:
6e:5b:e3:0a:0f:b9:08:e2:dc:ae:84:bb:78:84:d8:4b:3e:b5:
7f:23:3f:1a:56:ae:d7:8b:cc:04:1a:e1:dc:73:39:17:d3:5a:
08:da:f2:8f:ef:19:78:77:4c:1c:d4:f7:ad:5c:26:01:56:4d:
f1:d7:40:d4:6c:2e:9f:81:5f:df:07:87:8e:5c:2a:9a:14:0a:
ad:73:c3:28:5e:aa:78:bb:94:fb:85:67:e5:4f:1b:97:ff:9a:
fa:a8:17:fb:97:83:cb:fb:ad:d8:54:e7:73:93:22:38:b1:0c:
8c:c9:ec:fe:b3:5f:40:8e:bb:60:77:e0:c7:1e:3e:1c:3c:02:
39:fc:40:3f
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzEJPp//uK06goiXNrJHvssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MzM3MjVjZDVkZDkxY2YxOTBhYjNhOTk1MjZlODk4MzU3
ODU2ZWYwHhcNMjQwMTAxMDgzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzNkNjI3OGNkOWZhNGUzYzRkYmUyMmFmYmYzOTYzYzk1OGExZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArP3lqTw7xp5JeRnlIDzPICCxcVe1
RA0LTznwZK8FHd6bxcGYWBuiEGThE0rIPeGErNjhcI2lX41KCPlwY5VSkqrWQHDA
1gf3c0SV//0+5SXPA/3oDO3bAvj8xW5K8GQskbK8e+9SQMYUzcv9jcAYKNpH9ekG
AdhjPmzmBbi0hQp0bXTqY0Dw7Fx687xZHz4RHWjPgIGgTJu7Sb0pi1ozoTMJXngy
zHOXCR2qXDXkCzdnDBZNoS/8dOfMAjkAGVTVBlXnx9Vk51LtJ92HyG01aa9MELN2
RFtmEXZSSC4+QfdtFfoEWOmP2sTvADpZhhGfkVqz/2AxcWXwV+4reLAcCQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFHc9YnjNn6TjxNviKvvzljyVih0/MB8GA1UdIwQY
MBaAFKYzclzV3ZHPGQqzqZUm6Jg1eFbvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGpOeVhOWGRrYzhaQ3JPcGxTYm9tRFY0VnU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81Yjg1NmEtYTkwZC00NzkxLTljMTAt
YzBiODEzYjRlYzdlLzEvZHoxaWVNMmZwT1BFMi1JcS1fT1dQSldLSFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81Yjg1NmEtYTkwZC00NzkxLTljMTAtYzBiODEzYjRlYzdl
LzEvcGpOeVhOWGRrYzhaQ3JPcGxTYm9tRFY0VnU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAcBAIAATAWAwQAW9XdAwMA
gPYDAwCNBgMEAMPqsjANBAIAAjAHAwUAKgNWgDANBgkqhkiG9w0BAQsFAAOCAQEA
ewzHwlHYp9vUzFP+pBh1KV2KuK4HJWGvinweoAJ0oPsGLE5T3NDz8g10KtZlG4q6
UlWw4xya82QYOq1fzSyKVTbJobo86GPt9r6t0o3CFRUD/VGhEz/B9aWn6lKQGsmX
V8/SwjOsABpxJg6G040pV1o0TdG/HHpeWWPT1w0pblvjCg+5COLcroS7eITYSz61
fyM/Glau14vMBBrh3HM5F9NaCNryj+8ZeHdMHNT3rVwmAVZN8ddA1Gwun4Ff3weH
jlwqmhQKrXPDKF6qeLuU+4Vn5U8bl/+a+qgX+5eDy/ut2FTnc5MiOLEMjMns/rNf
QI67YHfgxx4+HDwCOfxAPw==
-----END CERTIFICATE-----