Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/M5s0QxMuMU-A4al3Ee3h1isbKy8.roa
File: M5s0QxMuMU-A4al3Ee3h1isbKy8.roa (raw, json)
Hash identifier: 6NZnbFzo8i1W3MG3fKZc6e8Qid0qNffQHetGb/RGQNw=
Subject key identifier: 33:9B:34:43:13:2E:31:4F:80:E1:A9:77:11:ED:E1:D6:2B:1B:2B:2F
Certificate issuer: /CN=8dff1b0ce9f486a67e63d3f0d0e688a24f700c7c
Certificate serial: 018A08090A0E8DDBF456E31791CC04B1ABE5
Authority key identifier: 8D:FF:1B:0C:E9:F4:86:A6:7E:63:D3:F0:D0:E6:88:A2:4F:70:0C:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/M5s0QxMuMU-A4al3Ee3h1isbKy8.roa
Signing time: Fri 18 Aug 2023 09:45:24 +0000
ROA not before: Fri 18 Aug 2023 09:45:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 185.156.84.0/24 maxlen: 24
185.156.85.0/24 maxlen: 24
91.221.58.0/24 maxlen: 24
91.221.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Nov 2023 13:16:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:08:09:0a:0e:8d:db:f4:56:e3:17:91:cc:04:b1:ab:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dff1b0ce9f486a67e63d3f0d0e688a24f700c7c
Validity
Not Before: Aug 18 09:45:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=339b3443132e314f80e1a97711ede1d62b1b2b2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c9:c6:a8:7e:56:a9:b0:95:2f:42:c4:3e:ae:
4c:8d:37:02:df:ca:79:47:98:b7:ad:e4:c3:74:8d:
eb:70:b0:a4:3f:64:5d:d1:34:ee:d4:71:ba:93:79:
b0:f9:e4:93:2b:07:17:59:67:f2:9a:89:91:e3:8e:
4c:0c:b2:f8:78:8c:a4:bf:ee:54:4b:17:a5:b7:a7:
79:47:1c:9c:52:6c:78:fa:16:f0:f2:8b:09:33:52:
c7:70:06:2d:e5:b5:24:73:74:3f:dc:1e:35:d7:d0:
fa:07:ce:1e:6c:45:43:62:de:2e:c5:96:f9:19:ab:
08:16:dd:d5:55:99:c3:72:72:f4:3b:4c:51:91:c9:
bd:da:75:ca:fd:8d:44:3d:d0:bb:69:18:8e:a8:56:
76:9c:18:13:8b:17:54:00:c9:8f:b4:e5:eb:84:a4:
e7:a6:d4:fc:59:50:8d:74:7e:d2:82:a4:e1:2e:0d:
0d:8a:41:66:bf:db:bf:67:c2:c3:ae:af:b2:78:11:
1c:28:3e:74:13:4f:31:e5:4e:28:f2:0f:f8:5e:27:
5c:8e:92:33:f3:5d:1d:67:ac:72:6d:4a:1b:11:b9:
39:f9:53:fa:3f:09:3d:25:40:68:b8:e6:d9:67:ee:
8c:4d:ff:30:ad:a2:ad:62:0a:31:e4:00:b4:89:ab:
08:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9B:34:43:13:2E:31:4F:80:E1:A9:77:11:ED:E1:D6:2B:1B:2B:2F
X509v3 Authority Key Identifier:
keyid:8D:FF:1B:0C:E9:F4:86:A6:7E:63:D3:F0:D0:E6:88:A2:4F:70:0C:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/M5s0QxMuMU-A4al3Ee3h1isbKy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.58.0/23
185.156.84.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:c2:3a:8c:ec:86:a6:4a:1c:5a:c7:91:5e:c0:5b:24:75:4a:
bb:c0:da:a4:32:f8:1e:2d:6f:42:ec:2c:36:d2:79:82:7e:ce:
84:e6:53:74:84:73:34:77:09:8b:5e:8a:a2:6e:7e:73:b8:1b:
e3:84:ba:a0:5e:85:3e:8f:c3:61:65:7e:4b:ab:90:27:d1:0f:
07:43:a7:ae:e7:c1:33:69:33:91:36:1a:ae:e7:9d:2f:01:87:
f6:74:9c:67:e5:19:70:5b:51:4e:dc:69:d4:2d:02:ac:1e:88:
69:80:d8:07:45:33:dd:49:72:66:cf:05:f0:63:18:a3:d9:f8:
e1:aa:35:26:c2:2d:ba:ce:b1:ef:e1:28:7a:4a:f9:5e:c7:cb:
ce:2b:b2:7f:4b:02:e1:6b:b5:9d:ee:be:2d:33:c0:09:e7:88:
e8:c0:00:dd:2d:4f:2f:db:2a:2d:56:6b:4e:13:88:65:5b:36:
45:a9:88:7e:ce:fd:74:57:72:04:a1:28:54:dd:d8:f8:7d:2b:
d2:e9:84:a4:26:b0:17:92:c7:ed:47:18:93:ce:4c:de:5f:1e:
b2:a8:29:32:98:be:08:c2:84:fa:97:bf:8e:55:d6:0e:87:27:
07:6e:6a:14:53:a1:bc:4d:87:47:a3:e7:6d:eb:07:52:75:6a:
f1:02:d8:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoICQoOjdv0VuMXkcwEsavlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZmYxYjBjZTlmNDg2YTY3ZTYzZDNmMGQwZTY4OGEyNGY3
MDBjN2MwHhcNMjMwODE4MDk0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzliMzQ0MzEzMmUzMTRmODBlMWE5NzcxMWVkZTFkNjJiMWIyYjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8nGqH5WqbCVL0LEPq5MjTcC38p5
R5i3reTDdI3rcLCkP2Rd0TTu1HG6k3mw+eSTKwcXWWfymomR445MDLL4eIykv+5U
Sxelt6d5RxycUmx4+hbw8osJM1LHcAYt5bUkc3Q/3B4119D6B84ebEVDYt4uxZb5
GasIFt3VVZnDcnL0O0xRkcm92nXK/Y1EPdC7aRiOqFZ2nBgTixdUAMmPtOXrhKTn
ptT8WVCNdH7SgqThLg0NikFmv9u/Z8LDrq+yeBEcKD50E08x5U4o8g/4XidcjpIz
810dZ6xybUobEbk5+VP6Pwk9JUBouObZZ+6MTf8wraKtYgox5AC0iasIPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDObNEMTLjFPgOGpdxHt4dYrGysvMB8GA1UdIwQY
MBaAFI3/Gwzp9IamfmPT8NDmiKJPcAx8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamY4YkRPbjBocVotWTlQdzBPYUlvazl3REh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80YWY2NGEtNTdmOC00NjQzLTg3YmEt
ZDg3YjcwMjZhM2ZmLzEvTTVzMFF4TXVNVS1BNGFsM0VlM2gxaXNiS3k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80YWY2NGEtNTdmOC00NjQzLTg3YmEtZDg3YjcwMjZhM2Zm
LzEvamY4YkRPbjBocVotWTlQdzBPYUlvazl3REh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW906AwQB
uZxUMA0GCSqGSIb3DQEBCwUAA4IBAQCpwjqM7IamShxax5FewFskdUq7wNqkMvge
LW9C7Cw20nmCfs6E5lN0hHM0dwmLXoqibn5zuBvjhLqgXoU+j8NhZX5Lq5An0Q8H
Q6eu58EzaTORNhqu550vAYf2dJxn5RlwW1FO3GnULQKsHohpgNgHRTPdSXJmzwXw
Yxij2fjhqjUmwi26zrHv4Sh6Svlex8vOK7J/SwLha7Wd7r4tM8AJ54jowADdLU8v
2yotVmtOE4hlWzZFqYh+zv10V3IEoShU3dj4fSvS6YSkJrAXksftRxiTzkzeXx6y
qCkymL4IwoT6l7+OVdYOhycHbmoUU6G8TYdHo+dt6wdSdWrxAth2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:35 2024 by rpki-client on console-fra.rpki-client.org