Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/024641-0568-4a54-9599-c0588aae02ed/1/gdfRfEJJQr5uwbA0Wk9m6eUxEvE.roa
File: gdfRfEJJQr5uwbA0Wk9m6eUxEvE.roa (raw, json)
Hash identifier: nZom9zWCa0Clm1moI8yBFzowKzg8u67pEbF4KtpjmNA=
Subject key identifier: 81:D7:D1:7C:42:49:42:BE:6E:C1:B0:34:5A:4F:66:E9:E5:31:12:F1
Certificate issuer: /CN=c3ae20b4a389e854d26a65aab9b0d01997f0ac22
Certificate serial: 01856CB81B043E5B322CDB0B63CF36AC46F2
Authority key identifier: C3:AE:20:B4:A3:89:E8:54:D2:6A:65:AA:B9:B0:D0:19:97:F0:AC:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w64gtKOJ6FTSamWqubDQGZfwrCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/024641-0568-4a54-9599-c0588aae02ed/1/gdfRfEJJQr5uwbA0Wk9m6eUxEvE.roa
Signing time: Sun 01 Jan 2023 09:44:42 +0000
ROA not before: Sun 01 Jan 2023 09:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 27970
IP address blocks: 91.221.208.0/24 maxlen: 24
91.221.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:1b:04:3e:5b:32:2c:db:0b:63:cf:36:ac:46:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3ae20b4a389e854d26a65aab9b0d01997f0ac22
Validity
Not Before: Jan 1 09:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81d7d17c424942be6ec1b0345a4f66e9e53112f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:24:1f:f8:1b:6b:90:e1:b1:31:9e:d8:56:38:
84:8c:5b:15:89:3c:e2:7f:b5:29:b5:4c:6f:40:12:
81:77:f9:dd:27:39:68:88:6c:5c:fc:8b:5e:cb:ab:
c2:e1:18:09:ae:3f:c5:48:dc:1d:87:84:22:9d:c3:
db:66:f5:a1:88:bc:e3:11:10:a9:0a:f2:77:3e:b2:
df:77:d4:40:8b:67:33:22:89:70:a8:0e:e9:c2:5a:
41:31:39:6f:b0:99:0a:e8:be:d0:aa:92:b3:89:8f:
92:fd:fa:16:4c:e2:97:06:98:d5:b9:c3:91:96:40:
f3:69:dd:f4:12:68:cd:41:16:b4:82:55:f4:74:6f:
e0:01:a8:ce:90:2a:be:99:d4:c2:11:c5:d1:81:67:
f9:dc:53:78:60:4b:3b:6a:24:02:f9:08:11:21:f5:
5b:6f:db:ae:26:fb:1c:de:db:78:63:a7:5f:8a:8e:
58:94:4f:0f:0b:71:bf:5a:7f:00:6d:f8:0d:03:a9:
f2:5a:88:38:95:e9:d9:ef:ed:c9:1e:2a:60:01:a5:
ea:3d:53:ef:bc:c5:c7:f7:bb:68:bc:ef:12:36:f8:
f7:cf:fd:38:92:46:2a:43:8f:a8:f7:d6:be:43:7a:
28:c5:b5:6a:58:05:3e:fc:c3:27:10:9a:17:87:04:
11:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D7:D1:7C:42:49:42:BE:6E:C1:B0:34:5A:4F:66:E9:E5:31:12:F1
X509v3 Authority Key Identifier:
keyid:C3:AE:20:B4:A3:89:E8:54:D2:6A:65:AA:B9:B0:D0:19:97:F0:AC:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w64gtKOJ6FTSamWqubDQGZfwrCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/024641-0568-4a54-9599-c0588aae02ed/1/gdfRfEJJQr5uwbA0Wk9m6eUxEvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/024641-0568-4a54-9599-c0588aae02ed/1/w64gtKOJ6FTSamWqubDQGZfwrCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.208.0/23
Signature Algorithm: sha256WithRSAEncryption
c8:d5:aa:94:0c:ad:fc:bb:7e:3f:4b:10:99:74:34:58:b7:3c:
6a:eb:a9:fc:de:2e:4a:5a:d5:28:35:d7:a1:20:53:45:e2:b2:
53:1d:6f:9e:62:27:9d:e7:b8:85:6e:8c:84:dc:42:d4:f8:60:
b9:db:bd:d8:65:b6:44:b0:c9:8e:0f:5e:8a:b1:24:bf:7e:d9:
e8:de:69:19:30:c9:16:fd:da:11:35:0e:d6:9c:63:aa:4e:be:
d0:4c:41:d8:aa:ad:29:4a:8b:81:e5:9d:03:2f:ba:6d:cd:a5:
22:93:1b:81:8f:0f:9f:50:3a:2c:4f:ed:90:6f:4b:4f:db:b2:
20:f3:67:31:55:f1:0a:2f:cc:47:d3:b9:93:a5:94:2c:f1:64:
c0:d0:c2:58:67:ff:15:00:99:95:23:9b:be:8e:d4:e5:99:b0:
a7:e9:db:7e:a2:30:02:7f:11:4e:45:9c:0c:de:64:db:98:84:
90:07:80:77:87:32:e0:b9:77:13:8a:07:c8:f2:eb:86:64:f5:
62:93:ad:2a:42:84:2d:af:87:08:e2:78:4e:02:6e:a3:16:5f:
f9:78:f9:b6:94:b2:98:e3:25:8c:74:0e:3e:39:d1:ab:ee:01:
fa:10:0c:e2:0c:07:4c:85:07:0e:82:14:ce:0d:0f:e2:6a:74:
35:ab:22:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuBsEPlsyLNsLY882rEbyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYWUyMGI0YTM4OWU4NTRkMjZhNjVhYWI5YjBkMDE5OTdm
MGFjMjIwHhcNMjMwMTAxMDk0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWQ3ZDE3YzQyNDk0MmJlNmVjMWIwMzQ1YTRmNjZlOWU1MzExMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyQf+BtrkOGxMZ7YVjiEjFsViTzi
f7UptUxvQBKBd/ndJzloiGxc/Itey6vC4RgJrj/FSNwdh4QincPbZvWhiLzjERCp
CvJ3PrLfd9RAi2czIolwqA7pwlpBMTlvsJkK6L7QqpKziY+S/foWTOKXBpjVucOR
lkDzad30EmjNQRa0glX0dG/gAajOkCq+mdTCEcXRgWf53FN4YEs7aiQC+QgRIfVb
b9uuJvsc3tt4Y6dfio5YlE8PC3G/Wn8AbfgNA6nyWog4lenZ7+3JHipgAaXqPVPv
vMXH97tovO8SNvj3z/04kkYqQ4+o99a+Q3ooxbVqWAU+/MMnEJoXhwQRDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIHX0XxCSUK+bsGwNFpPZunlMRLxMB8GA1UdIwQY
MBaAFMOuILSjiehU0mplqrmw0BmX8KwiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzY0Z3RLT0o2RlRTYW1XcXViRFFHWmZ3ckNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8wMjQ2NDEtMDU2OC00YTU0LTk1OTkt
YzA1ODhhYWUwMmVkLzEvZ2RmUmZFSkpRcjV1d2JBMFdrOW02ZVV4RXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8wMjQ2NDEtMDU2OC00YTU0LTk1OTktYzA1ODhhYWUwMmVk
LzEvdzY0Z3RLT0o2RlRTYW1XcXViRFFHWmZ3ckNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW93QMA0G
CSqGSIb3DQEBCwUAA4IBAQDI1aqUDK38u34/SxCZdDRYtzxq66n83i5KWtUoNdeh
IFNF4rJTHW+eYied57iFboyE3ELU+GC5273YZbZEsMmOD16KsSS/ftno3mkZMMkW
/doRNQ7WnGOqTr7QTEHYqq0pSouB5Z0DL7ptzaUikxuBjw+fUDosT+2Qb0tP27Ig
82cxVfEKL8xH07mTpZQs8WTA0MJYZ/8VAJmVI5u+jtTlmbCn6dt+ojACfxFORZwM
3mTbmISQB4B3hzLguXcTigfI8uuGZPVik60qQoQtr4cI4nhOAm6jFl/5ePm2lLKY
4yWMdA4+OdGr7gH6EAziDAdMhQcOghTODQ/ianQ1qyKj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:15 2024 by rpki-client on console-fra.rpki-client.org