Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/dJ1ZxOXsf-7IVdHbBL67m7wfLx4.roa
File: dJ1ZxOXsf-7IVdHbBL67m7wfLx4.roa (raw, json)
Hash identifier: brmxIOIc4qtAbj+6T8bOx70SLeBJzfJ0PhRcnL7mpe4=
Subject key identifier: 74:9D:59:C4:E5:EC:7F:EE:C8:55:D1:DB:04:BE:BB:9B:BC:1F:2F:1E
Certificate issuer: /CN=8dff1b0ce9f486a67e63d3f0d0e688a24f700c7c
Certificate serial: 018CC348F2A2914F59AA0FD5AF254AF0B55D
Authority key identifier: 8D:FF:1B:0C:E9:F4:86:A6:7E:63:D3:F0:D0:E6:88:A2:4F:70:0C:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/dJ1ZxOXsf-7IVdHbBL67m7wfLx4.roa
Signing time: Mon 01 Jan 2024 04:29:46 +0000
ROA not before: Mon 01 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51733
IP address blocks: 91.209.254.0/24 maxlen: 24
185.156.85.0/24 maxlen: 24
185.156.84.0/24 maxlen: 24
185.156.84.0/22 maxlen: 22
185.156.84.0/23 maxlen: 23
91.221.58.0/24 maxlen: 24
91.221.58.0/23 maxlen: 23
91.221.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 12:49:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f2:a2:91:4f:59:aa:0f:d5:af:25:4a:f0:b5:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dff1b0ce9f486a67e63d3f0d0e688a24f700c7c
Validity
Not Before: Jan 1 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=749d59c4e5ec7feec855d1db04bebb9bbc1f2f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d2:52:15:fc:d9:24:8e:41:cf:10:68:9e:03:
bd:b6:16:34:8a:77:52:b8:cd:04:02:f2:d7:ba:61:
52:54:d7:8e:c2:c3:ec:eb:a1:df:a2:d2:94:a2:ce:
a1:b9:02:66:4b:8d:84:b4:57:e9:76:de:9a:33:79:
21:eb:a9:d8:ee:96:db:31:ec:99:63:9a:4e:c6:4c:
0b:9e:7e:8c:7e:ce:e4:07:00:e9:71:37:9b:82:cc:
5b:bc:0c:81:85:eb:99:b4:65:98:11:53:19:c3:51:
84:32:b7:84:ea:88:7c:44:05:b2:24:33:7f:09:ec:
0a:b0:d6:2f:19:6d:58:a9:22:b4:f8:06:ed:55:c9:
ba:9b:78:cb:6c:5e:a0:ff:f4:21:9f:cd:b6:74:16:
7a:ef:8e:90:9f:5b:fb:06:1a:66:0c:37:24:ac:ca:
52:13:e4:67:87:0b:ad:6b:19:31:55:3d:77:5c:87:
1b:0c:09:9a:e3:aa:e1:61:d4:10:81:f0:ef:cd:36:
cb:8c:b8:45:bb:64:c6:6a:8c:7a:aa:df:68:66:e3:
36:87:29:a5:db:3c:43:ec:01:7f:70:1a:a5:31:a0:
f1:52:aa:03:db:df:e4:50:42:6f:92:a6:1c:39:6a:
8f:8d:40:d7:e6:8f:fe:fc:d9:72:b0:6f:09:5c:e4:
8b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:9D:59:C4:E5:EC:7F:EE:C8:55:D1:DB:04:BE:BB:9B:BC:1F:2F:1E
X509v3 Authority Key Identifier:
keyid:8D:FF:1B:0C:E9:F4:86:A6:7E:63:D3:F0:D0:E6:88:A2:4F:70:0C:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/dJ1ZxOXsf-7IVdHbBL67m7wfLx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.254.0/24
91.221.58.0/23
185.156.84.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:5b:40:02:83:62:d8:e3:f3:fb:34:ac:b2:35:09:cb:48:6e:
4a:a3:ae:b8:dc:d0:4c:e9:22:8e:8e:dc:4a:27:b8:fa:34:61:
75:5c:77:c1:15:c5:64:52:9a:27:38:7c:5b:1f:2d:66:05:a3:
3d:ca:8d:74:62:cc:98:f1:aa:44:4f:bb:5b:97:e7:09:ac:35:
c4:30:16:19:62:9c:5a:43:6f:7a:9d:bf:78:c4:90:96:f3:b7:
28:ec:64:8c:96:bf:42:e9:27:f1:b5:e7:12:3e:ff:1d:65:7e:
c1:f8:15:58:0f:0c:c4:5f:04:32:01:eb:24:3d:87:c3:de:fc:
54:d9:ba:67:24:68:0b:d5:25:3a:07:26:d3:5f:49:b5:4f:1b:
12:5e:0d:f9:cc:31:85:32:27:1e:c1:bf:bb:84:77:fa:e9:4f:
4e:07:f2:9d:a9:5b:29:58:d2:7b:eb:a7:14:6d:49:13:f2:e8:
bd:b7:57:3e:b5:93:3a:16:29:55:f2:c0:b8:00:02:f3:3f:47:
7d:e8:ba:03:4f:f8:b0:87:21:29:fa:9b:c4:74:bb:3b:0a:10:
07:85:d6:49:1d:10:62:68:ca:00:57:df:46:62:4c:ec:4d:5d:
b5:f4:90:d7:53:2d:b3:d3:ec:41:06:27:38:49:60:91:b9:c2:
13:a9:33:d0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSPKikU9Zqg/VryVK8LVdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZmYxYjBjZTlmNDg2YTY3ZTYzZDNmMGQwZTY4OGEyNGY3
MDBjN2MwHhcNMjQwMTAxMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDlkNTljNGU1ZWM3ZmVlYzg1NWQxZGIwNGJlYmI5YmJjMWYyZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitJSFfzZJI5BzxBongO9thY0indS
uM0EAvLXumFSVNeOwsPs66HfotKUos6huQJmS42EtFfpdt6aM3kh66nY7pbbMeyZ
Y5pOxkwLnn6Mfs7kBwDpcTebgsxbvAyBheuZtGWYEVMZw1GEMreE6oh8RAWyJDN/
CewKsNYvGW1YqSK0+AbtVcm6m3jLbF6g//Qhn822dBZ6746Qn1v7BhpmDDckrMpS
E+RnhwutaxkxVT13XIcbDAma46rhYdQQgfDvzTbLjLhFu2TGaox6qt9oZuM2hyml
2zxD7AF/cBqlMaDxUqoD29/kUEJvkqYcOWqPjUDX5o/+/NlysG8JXOSL1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHSdWcTl7H/uyFXR2wS+u5u8Hy8eMB8GA1UdIwQY
MBaAFI3/Gwzp9IamfmPT8NDmiKJPcAx8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamY4YkRPbjBocVotWTlQdzBPYUlvazl3REh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80YWY2NGEtNTdmOC00NjQzLTg3YmEt
ZDg3YjcwMjZhM2ZmLzEvZEoxWnhPWHNmLTdJVmRIYkJMNjdtN3dmTHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80YWY2NGEtNTdmOC00NjQzLTg3YmEtZDg3YjcwMjZhM2Zm
LzEvamY4YkRPbjBocVotWTlQdzBPYUlvazl3REh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9H+AwQB
W906AwQCuZxUMA0GCSqGSIb3DQEBCwUAA4IBAQCaW0ACg2LY4/P7NKyyNQnLSG5K
o6643NBM6SKOjtxKJ7j6NGF1XHfBFcVkUponOHxbHy1mBaM9yo10YsyY8apET7tb
l+cJrDXEMBYZYpxaQ296nb94xJCW87co7GSMlr9C6SfxtecSPv8dZX7B+BVYDwzE
XwQyAeskPYfD3vxU2bpnJGgL1SU6BybTX0m1TxsSXg35zDGFMicewb+7hHf66U9O
B/KdqVspWNJ766cUbUkT8ui9t1c+tZM6FilV8sC4AALzP0d96LoDT/iwhyEp+pvE
dLs7ChAHhdZJHRBiaMoAV99GYkzsTV219JDXUy2z0+xBBic4SWCRucITqTPQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:35 2024 by rpki-client on console-fra.rpki-client.org