Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/KOF7AkipavLRS3Lec1QF9TyiEuU.roa
File: KOF7AkipavLRS3Lec1QF9TyiEuU.roa (raw, json)
Hash identifier: 9v2RzoQjEUDBHnkRyYF6jJrx5UdiYxkS6PJWkrFAa6c=
Subject key identifier: 28:E1:7B:02:48:A9:6A:F2:D1:4B:72:DE:73:54:05:F5:3C:A2:12:E5
Certificate issuer: /CN=8dff1b0ce9f486a67e63d3f0d0e688a24f700c7c
Certificate serial: 018572835E8B2309ACF9FD7ED1F008CCA1CD
Authority key identifier: 8D:FF:1B:0C:E9:F4:86:A6:7E:63:D3:F0:D0:E6:88:A2:4F:70:0C:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/KOF7AkipavLRS3Lec1QF9TyiEuU.roa
Signing time: Mon 02 Jan 2023 12:44:50 +0000
ROA not before: Mon 02 Jan 2023 12:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51733
IP address blocks: 91.209.254.0/24 maxlen: 24
185.156.85.0/24 maxlen: 24
185.156.84.0/24 maxlen: 24
185.156.84.0/23 maxlen: 23
185.156.84.0/22 maxlen: 22
91.221.58.0/24 maxlen: 24
91.221.58.0/23 maxlen: 23
91.221.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:5e:8b:23:09:ac:f9:fd:7e:d1:f0:08:cc:a1:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dff1b0ce9f486a67e63d3f0d0e688a24f700c7c
Validity
Not Before: Jan 2 12:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28e17b0248a96af2d14b72de735405f53ca212e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ab:b9:26:70:b8:60:3f:ec:72:2e:29:34:5d:
2a:15:4b:38:26:26:d0:15:e1:e6:10:9b:da:88:13:
2a:3b:28:2f:cf:94:c5:68:7e:e5:51:cd:0a:50:69:
d4:1d:c4:cc:42:47:52:8b:b2:c2:b0:56:ed:e3:51:
77:d0:92:1d:b4:a2:e6:00:f5:42:bf:9f:04:bb:61:
ce:30:c9:e5:52:95:3b:ed:4a:19:6b:a7:a0:1d:5b:
f5:93:ac:9b:4d:e6:52:5f:d2:50:8e:c3:2a:57:07:
36:1f:99:4e:42:87:e5:26:de:be:b7:5f:c5:b1:da:
b8:ec:b5:a8:7d:46:9c:7d:d2:11:95:27:1b:df:5e:
a9:a2:a3:b2:88:ba:d6:a2:d2:b3:be:2f:7e:e6:b7:
2a:df:02:1f:6e:96:6b:86:1a:83:02:be:78:27:ad:
fc:74:97:30:88:a2:bf:55:93:34:9d:20:9c:3d:d0:
e5:5d:e6:90:ef:b0:7e:54:61:81:b0:fb:9b:9a:84:
3b:65:65:73:33:d3:60:e9:45:ce:a6:8c:39:45:08:
4e:29:c0:2a:43:89:96:f3:1b:ad:10:2a:c0:13:d0:
82:56:59:19:d9:66:77:87:3f:46:90:cd:99:63:48:
b4:81:ff:ac:5b:0f:c7:b9:ef:4b:6c:cb:c5:c3:b3:
d1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E1:7B:02:48:A9:6A:F2:D1:4B:72:DE:73:54:05:F5:3C:A2:12:E5
X509v3 Authority Key Identifier:
keyid:8D:FF:1B:0C:E9:F4:86:A6:7E:63:D3:F0:D0:E6:88:A2:4F:70:0C:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/KOF7AkipavLRS3Lec1QF9TyiEuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.254.0/24
91.221.58.0/23
185.156.84.0/22
Signature Algorithm: sha256WithRSAEncryption
91:f4:87:65:14:a2:17:53:37:28:e6:b9:a4:99:7c:98:53:63:
5f:61:44:89:1e:4e:e5:88:dd:21:81:41:19:58:a9:a4:11:23:
3d:31:73:b5:71:2f:b7:8a:47:56:07:24:4f:bf:46:6f:11:d8:
5d:78:e0:e1:52:e1:b1:64:42:b6:46:9a:5a:c8:d8:12:41:4c:
94:fa:34:cd:66:6b:9d:40:5c:66:45:82:80:bc:7f:60:50:e4:
ff:8a:e8:8f:a0:01:ba:27:30:ae:13:6c:1b:13:cf:9b:2e:ae:
ef:a0:a0:bd:84:9e:d8:f9:d9:33:0c:85:bb:f4:d0:58:e4:e1:
a0:41:b3:b0:de:88:fe:37:d9:61:26:d4:73:2d:1b:e4:2f:64:
d0:c7:07:2d:58:07:9a:17:da:24:1e:9d:ac:ea:2f:92:be:f7:
3f:8a:d2:3e:70:f2:33:81:db:9c:f2:d2:d7:bc:5c:b9:ba:f3:
0d:c3:8d:e7:1d:bd:99:87:39:e3:49:15:36:45:5b:3d:08:62:
03:cc:dc:93:77:1f:3c:04:a5:fa:dc:a3:62:32:a8:3e:d5:15:
ab:3a:b0:bb:fc:24:aa:34:fd:88:c4:8f:6a:7f:39:67:ec:64:
5d:d7:e3:f6:bd:f8:b7:c6:6a:c1:33:c4:fb:f7:23:95:78:9d:
31:a3:05:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyg16LIwms+f1+0fAIzKHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZmYxYjBjZTlmNDg2YTY3ZTYzZDNmMGQwZTY4OGEyNGY3
MDBjN2MwHhcNMjMwMTAyMTI0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGUxN2IwMjQ4YTk2YWYyZDE0YjcyZGU3MzU0MDVmNTNjYTIxMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnau5JnC4YD/sci4pNF0qFUs4JibQ
FeHmEJvaiBMqOygvz5TFaH7lUc0KUGnUHcTMQkdSi7LCsFbt41F30JIdtKLmAPVC
v58Eu2HOMMnlUpU77UoZa6egHVv1k6ybTeZSX9JQjsMqVwc2H5lOQoflJt6+t1/F
sdq47LWofUacfdIRlScb316poqOyiLrWotKzvi9+5rcq3wIfbpZrhhqDAr54J638
dJcwiKK/VZM0nSCcPdDlXeaQ77B+VGGBsPubmoQ7ZWVzM9Ng6UXOpow5RQhOKcAq
Q4mW8xutECrAE9CCVlkZ2WZ3hz9GkM2ZY0i0gf+sWw/Hue9LbMvFw7PRYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCjhewJIqWry0Uty3nNUBfU8ohLlMB8GA1UdIwQY
MBaAFI3/Gwzp9IamfmPT8NDmiKJPcAx8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamY4YkRPbjBocVotWTlQdzBPYUlvazl3REh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80YWY2NGEtNTdmOC00NjQzLTg3YmEt
ZDg3YjcwMjZhM2ZmLzEvS09GN0FraXBhdkxSUzNMZWMxUUY5VHlpRXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80YWY2NGEtNTdmOC00NjQzLTg3YmEtZDg3YjcwMjZhM2Zm
LzEvamY4YkRPbjBocVotWTlQdzBPYUlvazl3REh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9H+AwQB
W906AwQCuZxUMA0GCSqGSIb3DQEBCwUAA4IBAQCR9IdlFKIXUzco5rmkmXyYU2Nf
YUSJHk7liN0hgUEZWKmkESM9MXO1cS+3ikdWByRPv0ZvEdhdeODhUuGxZEK2Rppa
yNgSQUyU+jTNZmudQFxmRYKAvH9gUOT/iuiPoAG6JzCuE2wbE8+bLq7voKC9hJ7Y
+dkzDIW79NBY5OGgQbOw3oj+N9lhJtRzLRvkL2TQxwctWAeaF9okHp2s6i+Svvc/
itI+cPIzgduc8tLXvFy5uvMNw43nHb2ZhznjSRU2RVs9CGIDzNyTdx88BKX63KNi
Mqg+1RWrOrC7/CSqNP2IxI9qfzln7GRd1+P2vfi3xmrBM8T79yOVeJ0xowUZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:56 2024 by rpki-client on console-ams.rpki-client.org