Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6f3269-587d-4b87-8d3a-e6679e7b795a/1/d0in1oaA5ltdEkjaA9ykbtsSqXY.roa
File: d0in1oaA5ltdEkjaA9ykbtsSqXY.roa (raw, json)
Hash identifier: qumCZUxs5iHoInJjXbEmhY9shT5BQQ93LIsgAK+QukA=
Subject key identifier: 77:48:A7:D6:86:80:E6:5B:5D:12:48:DA:03:DC:A4:6E:DB:12:A9:76
Certificate issuer: /CN=68637081ca7c2eba41010abeaad64a7c61f6a113
Certificate serial: 0189DE986BF86A5BB3A0D3F6A56B2DB9A878
Authority key identifier: 68:63:70:81:CA:7C:2E:BA:41:01:0A:BE:AA:D6:4A:7C:61:F6:A1:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aGNwgcp8LrpBAQq-qtZKfGH2oRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6f3269-587d-4b87-8d3a-e6679e7b795a/1/d0in1oaA5ltdEkjaA9ykbtsSqXY.roa
Signing time: Thu 10 Aug 2023 08:37:58 +0000
ROA not before: Thu 10 Aug 2023 08:37:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29684
IP address blocks: 91.202.250.0/24 maxlen: 24
91.202.251.0/24 maxlen: 24
91.202.248.0/22 maxlen: 24
91.202.248.0/24 maxlen: 24
91.202.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:de:98:6b:f8:6a:5b:b3:a0:d3:f6:a5:6b:2d:b9:a8:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68637081ca7c2eba41010abeaad64a7c61f6a113
Validity
Not Before: Aug 10 08:37:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7748a7d68680e65b5d1248da03dca46edb12a976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8f:99:3c:ff:c1:56:af:4a:1a:f0:6d:0a:90:
ab:cc:74:10:7c:d5:bf:7b:b3:67:68:ac:0c:0e:31:
58:10:78:a0:7c:b2:30:dd:88:59:d4:f4:b3:b1:99:
ab:c9:32:3b:fa:b2:56:54:08:d1:cb:fe:4c:69:e0:
9b:b9:10:f6:c4:dd:9c:1c:39:f3:74:b9:4d:eb:57:
c2:12:0f:b5:dd:55:ae:13:a8:80:b2:34:cf:c3:58:
1d:00:98:a6:08:c8:9d:d8:5d:6f:65:9f:e2:a0:91:
51:a4:58:8c:fe:1a:d6:fc:70:1b:ba:e3:ec:e5:54:
e5:74:8f:66:33:cc:47:4b:2b:47:25:ea:81:f4:79:
ab:25:42:47:3f:af:62:77:1f:be:a7:18:2d:1d:0c:
87:c3:81:15:51:2c:cd:06:a3:69:43:fc:d9:37:08:
b8:9c:de:0f:24:bf:ac:8d:59:b3:4f:b6:41:7b:60:
04:04:33:8f:42:d8:e5:72:d6:dc:22:49:d8:65:1d:
dd:a1:6b:c5:f0:c6:9c:8a:f2:2a:48:30:cf:c5:9f:
62:35:cb:8e:cb:13:b5:16:44:66:c3:49:2f:78:af:
6f:66:7c:d2:b4:37:88:45:ac:4b:29:e3:6d:90:f2:
ed:64:77:77:a7:23:90:60:f0:71:71:27:0e:58:8f:
b6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:48:A7:D6:86:80:E6:5B:5D:12:48:DA:03:DC:A4:6E:DB:12:A9:76
X509v3 Authority Key Identifier:
keyid:68:63:70:81:CA:7C:2E:BA:41:01:0A:BE:AA:D6:4A:7C:61:F6:A1:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aGNwgcp8LrpBAQq-qtZKfGH2oRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6f3269-587d-4b87-8d3a-e6679e7b795a/1/d0in1oaA5ltdEkjaA9ykbtsSqXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6f3269-587d-4b87-8d3a-e6679e7b795a/1/aGNwgcp8LrpBAQq-qtZKfGH2oRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.248.0/22
Signature Algorithm: sha256WithRSAEncryption
49:f4:1f:a7:92:c6:3c:1c:0f:0e:40:ed:94:da:f9:ea:c9:2f:
14:71:84:22:19:4b:47:f7:41:ed:e5:62:4e:8b:9f:35:60:5b:
07:83:74:74:d4:38:d9:44:86:b2:f9:90:50:4b:5e:16:35:79:
bb:85:5f:3e:8c:dc:11:6d:6e:0d:b6:fd:0f:a2:7d:80:cb:86:
a5:f8:34:85:f4:75:79:40:57:c2:8a:b6:64:9a:21:4f:02:2b:
4d:b5:5e:58:32:5f:46:53:16:07:b8:3d:35:f4:d5:18:43:92:
1d:df:42:58:4d:3d:c9:ca:44:67:5e:13:03:f9:d5:71:d1:c1:
3d:39:20:9f:ef:f1:33:df:0b:29:db:93:97:3c:28:32:61:f6:
e1:aa:0c:54:5f:df:a4:5a:94:d5:59:e6:b1:d6:7d:03:24:30:
a7:bc:29:9f:81:45:30:e2:bf:19:64:35:e3:6d:cd:35:3d:f8:
a5:5b:34:f6:95:eb:8b:b7:26:d9:87:80:43:96:62:a1:57:23:
08:11:38:2c:77:c4:78:01:a6:3f:85:31:8c:fc:39:5c:24:c1:
8e:6f:98:ad:8b:51:28:5d:8c:40:ea:39:04:59:f9:46:f0:4b:
ec:63:b8:aa:31:77:f4:cc:71:fe:b2:b1:d7:d6:4c:3f:34:b5:
d1:a1:e2:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnemGv4aluzoNP2pWstuah4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NjM3MDgxY2E3YzJlYmE0MTAxMGFiZWFhZDY0YTdjNjFm
NmExMTMwHhcNMjMwODEwMDgzNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzQ4YTdkNjg2ODBlNjViNWQxMjQ4ZGEwM2RjYTQ2ZWRiMTJhOTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyo+ZPP/BVq9KGvBtCpCrzHQQfNW/
e7NnaKwMDjFYEHigfLIw3YhZ1PSzsZmryTI7+rJWVAjRy/5MaeCbuRD2xN2cHDnz
dLlN61fCEg+13VWuE6iAsjTPw1gdAJimCMid2F1vZZ/ioJFRpFiM/hrW/HAbuuPs
5VTldI9mM8xHSytHJeqB9HmrJUJHP69idx++pxgtHQyHw4EVUSzNBqNpQ/zZNwi4
nN4PJL+sjVmzT7ZBe2AEBDOPQtjlctbcIknYZR3doWvF8MacivIqSDDPxZ9iNcuO
yxO1FkRmw0kveK9vZnzStDeIRaxLKeNtkPLtZHd3pyOQYPBxcScOWI+25QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHdIp9aGgOZbXRJI2gPcpG7bEql2MB8GA1UdIwQY
MBaAFGhjcIHKfC66QQEKvqrWSnxh9qETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUdOd2djcDhMcnBCQVFxLXF0WktmR0gyb1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82ZjMyNjktNTg3ZC00Yjg3LThkM2Et
ZTY2NzllN2I3OTVhLzEvZDBpbjFvYUE1bHRkRWtqYUE5eWtidHNTcVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82ZjMyNjktNTg3ZC00Yjg3LThkM2EtZTY2NzllN2I3OTVh
LzEvYUdOd2djcDhMcnBCQVFxLXF0WktmR0gyb1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8r4MA0G
CSqGSIb3DQEBCwUAA4IBAQBJ9B+nksY8HA8OQO2U2vnqyS8UcYQiGUtH90Ht5WJO
i581YFsHg3R01DjZRIay+ZBQS14WNXm7hV8+jNwRbW4Ntv0Pon2Ay4al+DSF9HV5
QFfCirZkmiFPAitNtV5YMl9GUxYHuD019NUYQ5Id30JYTT3JykRnXhMD+dVx0cE9
OSCf7/Ez3wsp25OXPCgyYfbhqgxUX9+kWpTVWeax1n0DJDCnvCmfgUUw4r8ZZDXj
bc01PfilWzT2leuLtybZh4BDlmKhVyMIETgsd8R4AaY/hTGM/DlcJMGOb5iti1Eo
XYxA6jkEWflG8EvsY7iqMXf0zHH+srHX1kw/NLXRoeKx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:55 2024 by rpki-client on console-ams.rpki-client.org