Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/i0DsUm66j6WYBzhhoprinBW5yfs.roa
File: i0DsUm66j6WYBzhhoprinBW5yfs.roa (raw, json)
Hash identifier: IbekW5NAa3asqYPhCdi2GAetP45XhKCPa3cxtxZZ6QI=
Subject key identifier: 8B:40:EC:52:6E:BA:8F:A5:98:07:38:61:A2:9A:E2:9C:15:B9:C9:FB
Certificate issuer: /CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Certificate serial: 01866DDEBA8697AA45D3EEB67556B7A21F33
Authority key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/i0DsUm66j6WYBzhhoprinBW5yfs.roa
Signing time: Mon 20 Feb 2023 08:09:18 +0000
ROA not before: Mon 20 Feb 2023 08:09:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196976
IP address blocks: 91.133.34.0/24 maxlen: 24
91.133.32.0/19 maxlen: 19
2a04:3100::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6d:de:ba:86:97:aa:45:d3:ee:b6:75:56:b7:a2:1f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Validity
Not Before: Feb 20 08:09:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b40ec526eba8fa598073861a29ae29c15b9c9fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e2:a1:15:cc:01:9c:6e:8a:81:a9:cc:21:94:
3f:32:a9:78:40:a0:71:10:ef:07:7f:88:e1:f3:e9:
13:2d:18:5e:9e:b8:31:e7:73:28:2a:2b:f5:4f:34:
54:97:b0:5b:54:e5:67:28:be:0e:8f:b2:a4:66:ee:
b6:8f:bd:91:f7:02:3e:60:b6:89:b8:bb:65:a7:da:
4c:c4:39:42:a0:11:c1:81:5b:63:df:87:f0:5b:a4:
40:9e:0c:d6:c0:a5:49:93:b2:03:f8:43:54:4c:e1:
99:51:4a:a9:91:9f:e0:26:99:60:93:d0:f1:61:e7:
e2:d5:0b:84:47:0f:4d:0a:9d:74:bd:f2:bf:75:42:
c6:33:02:07:2e:25:91:89:1f:b3:d0:45:33:fd:99:
38:9a:a2:19:ef:ad:b8:cc:ed:6d:35:9d:90:15:70:
2c:30:05:7d:8e:6e:a8:4d:54:30:0f:7d:53:7b:c7:
50:71:d0:87:7d:8d:dc:c6:4c:27:33:77:02:d2:75:
b3:61:8c:5a:a3:36:78:35:f2:d8:f0:5b:fe:b6:d4:
c4:7e:b4:5f:01:9b:d2:7b:db:a5:59:9b:84:4f:b8:
74:10:cf:c4:d8:86:81:f8:4d:69:bb:6d:46:26:2b:
f5:1c:fc:d6:b3:88:b3:9d:fe:98:b8:fb:0b:8f:ec:
cf:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:40:EC:52:6E:BA:8F:A5:98:07:38:61:A2:9A:E2:9C:15:B9:C9:FB
X509v3 Authority Key Identifier:
keyid:A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/i0DsUm66j6WYBzhhoprinBW5yfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.133.32.0/19
IPv6:
2a04:3100::/29
Signature Algorithm: sha256WithRSAEncryption
3f:32:2a:1b:db:91:f5:b2:74:9a:1b:62:30:83:76:0f:c2:d8:
0d:eb:2f:e7:42:93:17:81:19:e3:de:1b:ab:d5:8d:00:f5:f8:
66:06:8c:83:de:a2:67:1f:dc:7e:9c:c7:2b:d1:de:1d:87:e0:
cc:46:3e:2e:a7:2e:83:a1:1e:ef:1c:0a:e1:10:62:02:12:81:
9e:ac:a4:ef:18:c1:e4:0f:1b:bd:2f:05:5a:ab:a9:47:c6:87:
a2:a8:b5:36:cb:45:6e:b2:7b:f2:29:a2:66:59:6d:a5:9f:bf:
2f:26:8f:27:13:49:f5:3b:3f:60:3f:96:63:6e:dd:1b:c8:8b:
83:17:fc:c9:25:c2:f9:34:23:c4:76:04:4f:2f:09:5f:9e:91:
5b:8a:b2:17:45:b2:5f:e4:0c:8c:38:99:dc:7c:4b:7f:65:47:
d8:a3:a4:80:f3:22:ce:8b:02:ad:8f:07:f8:56:7b:76:8b:8a:
d2:f4:8e:be:05:36:87:a6:1c:8a:d9:4d:d4:a3:f6:40:39:af:
7c:a7:30:92:be:fc:35:86:0e:3c:4e:79:e4:79:5d:1b:a6:ee:
25:62:72:c8:17:a0:15:95:a3:2d:18:b5:49:89:7c:f9:5a:e2:
34:49:c4:20:19:ad:be:3c:4b:a0:6d:ae:80:a9:8f:85:d1:d2:
83:ef:6a:aa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYZt3rqGl6pF0+62dVa3oh8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTcyMDVmNWQ0MTI1N2E2YmI5NWY5MDBlZWMwYTExMjNl
NzUxNjQwHhcNMjMwMjIwMDgwOTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQwZWM1MjZlYmE4ZmE1OTgwNzM4NjFhMjlhZTI5YzE1YjljOWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuKhFcwBnG6KganMIZQ/Mql4QKBx
EO8Hf4jh8+kTLRhenrgx53MoKiv1TzRUl7BbVOVnKL4Oj7KkZu62j72R9wI+YLaJ
uLtlp9pMxDlCoBHBgVtj34fwW6RAngzWwKVJk7ID+ENUTOGZUUqpkZ/gJplgk9Dx
Yefi1QuERw9NCp10vfK/dULGMwIHLiWRiR+z0EUz/Zk4mqIZ7624zO1tNZ2QFXAs
MAV9jm6oTVQwD31Te8dQcdCHfY3cxkwnM3cC0nWzYYxaozZ4NfLY8Fv+ttTEfrRf
AZvSe9ulWZuET7h0EM/E2IaB+E1pu21GJiv1HPzWs4iznf6YuPsLj+zPmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFItA7FJuuo+lmAc4YaKa4pwVucn7MB8GA1UdIwQY
MBaAFKTnIF9dQSV6a7lfkA7sChEj51FkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDkt
M2U1OWNlNDQ1YjFjLzEvaTBEc1VtNjZqNldZQnpoaG9wcmluQlc1eWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDktM2U1OWNlNDQ1YjFj
LzEvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFW4UgMA0E
AgACMAcDBQMqBDEAMA0GCSqGSIb3DQEBCwUAA4IBAQA/Miob25H1snSaG2Iwg3YP
wtgN6y/nQpMXgRnj3hur1Y0A9fhmBoyD3qJnH9x+nMcr0d4dh+DMRj4upy6DoR7v
HArhEGICEoGerKTvGMHkDxu9LwVaq6lHxoeiqLU2y0VusnvyKaJmWW2ln78vJo8n
E0n1Oz9gP5Zjbt0byIuDF/zJJcL5NCPEdgRPLwlfnpFbirIXRbJf5AyMOJncfEt/
ZUfYo6SA8yLOiwKtjwf4Vnt2i4rS9I6+BTaHphyK2U3Uo/ZAOa98pzCSvvw1hg48
TnnkeV0bpu4lYnLIF6AVlaMtGLVJiXz5WuI0ScQgGa2+PEugba6AqY+F0dKD72qq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:23 2024 by rpki-client on console-fra.rpki-client.org