Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/Xdh7HuEH6jPJsEk9zzHg1twGTD4.roa
File: Xdh7HuEH6jPJsEk9zzHg1twGTD4.roa (raw, json)
Hash identifier: TyyKgVhxzXIJ7oDuzH61TvoH+sexpTENTd4yK1eCJrw=
Subject key identifier: 5D:D8:7B:1E:E1:07:EA:33:C9:B0:49:3D:CF:31:E0:D6:DC:06:4C:3E
Certificate issuer: /CN=ad4c830b11261483a62b6696a4c3720e8ad88a0d
Certificate serial: 01856DEF7B7FFBB0C473FE7BE85E16B8816C
Authority key identifier: AD:4C:83:0B:11:26:14:83:A6:2B:66:96:A4:C3:72:0E:8A:D8:8A:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rUyDCxEmFIOmK2aWpMNyDorYig0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/Xdh7HuEH6jPJsEk9zzHg1twGTD4.roa
Signing time: Sun 01 Jan 2023 15:24:49 +0000
ROA not before: Sun 01 Jan 2023 15:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 91.216.108.0/24 maxlen: 24
195.66.76.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:7b:7f:fb:b0:c4:73:fe:7b:e8:5e:16:b8:81:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad4c830b11261483a62b6696a4c3720e8ad88a0d
Validity
Not Before: Jan 1 15:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dd87b1ee107ea33c9b0493dcf31e0d6dc064c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0e:88:d9:52:c7:5a:f4:ee:30:4e:04:9b:70:
2f:9b:dd:43:ab:a7:1e:34:f3:42:4d:56:3a:77:a7:
0f:e3:df:fc:20:a7:5c:2b:a2:97:82:f9:05:e8:cd:
16:38:34:24:4d:4d:03:7d:48:d7:59:a0:81:b2:27:
ba:8a:fd:be:d4:41:c8:40:07:24:79:79:06:0c:9c:
c8:37:ed:31:e3:2c:44:4e:22:35:c5:dc:d8:9f:cd:
b2:21:9e:ec:e8:c6:de:0e:e7:1a:e5:34:fc:fe:f5:
f5:77:1e:07:ca:0e:a1:02:3e:81:9f:65:8a:74:20:
ee:90:e0:16:50:8c:5a:20:b1:bf:8c:f7:61:58:3c:
12:5c:53:71:d0:2e:0d:82:53:f6:62:ba:43:e0:ad:
b5:c3:c3:ad:be:5d:99:4c:0d:55:68:c2:df:14:c6:
97:86:26:1d:59:a9:71:c2:44:ce:46:99:79:67:20:
2b:3a:78:d1:1e:d3:3c:93:94:b8:50:38:c1:6f:9a:
88:0d:10:53:85:ce:d8:fb:10:82:8e:25:e8:c7:cf:
90:fb:6d:f4:d0:c0:ac:13:cd:17:f5:69:05:a9:4a:
ea:41:9e:3a:e8:d2:79:d3:85:a0:a1:b6:54:97:cb:
35:08:e0:47:aa:68:2a:80:55:8d:49:2d:84:11:5b:
2b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D8:7B:1E:E1:07:EA:33:C9:B0:49:3D:CF:31:E0:D6:DC:06:4C:3E
X509v3 Authority Key Identifier:
keyid:AD:4C:83:0B:11:26:14:83:A6:2B:66:96:A4:C3:72:0E:8A:D8:8A:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rUyDCxEmFIOmK2aWpMNyDorYig0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/Xdh7HuEH6jPJsEk9zzHg1twGTD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/rUyDCxEmFIOmK2aWpMNyDorYig0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.108.0/24
195.66.76.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:9c:e7:9a:c4:47:70:d1:09:e5:29:e6:46:2e:aa:4d:72:a8:
3d:6e:98:63:9a:1e:29:59:6a:0b:06:64:8d:0e:d0:45:83:c4:
93:f1:4c:0f:51:da:6a:39:9a:8f:97:c3:14:91:ad:b8:cc:69:
23:e0:a5:5c:86:3b:2d:4d:50:68:55:30:f2:fc:2d:f6:0c:90:
7f:31:31:f7:f3:a4:07:70:90:a4:d0:e1:ee:a1:a2:bc:d4:4d:
54:ba:53:3a:b8:0c:6b:3d:2f:e9:1b:25:77:af:2d:08:ee:c7:
3c:fc:66:6c:a0:7f:ee:81:2d:ec:70:36:ed:0d:85:3a:96:7b:
d6:6d:a9:19:cb:3e:fa:8c:45:5c:89:43:d7:c1:c3:eb:0e:43:
01:6c:05:8d:c7:2b:cd:37:44:c5:27:de:aa:4c:83:fe:17:46:
6b:9a:f0:a8:78:0b:b5:86:cf:41:2c:25:ff:5b:d3:70:c2:43:
66:37:89:05:0f:01:17:7e:73:b7:71:27:b4:a7:f3:34:62:ba:
e7:53:d4:cc:c7:9f:d5:52:66:f1:c0:86:c8:1d:70:74:d8:23:
5c:de:2b:53:3d:d8:24:05:36:34:d8:78:59:a5:c3:04:67:d0:
6f:e3:c9:98:58:b1:32:f5:be:1b:c7:09:c7:4b:ce:01:1e:7f:
89:e8:9e:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt73t/+7DEc/576F4WuIFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNGM4MzBiMTEyNjE0ODNhNjJiNjY5NmE0YzM3MjBlOGFk
ODhhMGQwHhcNMjMwMTAxMTUyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGQ4N2IxZWUxMDdlYTMzYzliMDQ5M2RjZjMxZTBkNmRjMDY0YzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnA6I2VLHWvTuME4Em3Avm91Dq6ce
NPNCTVY6d6cP49/8IKdcK6KXgvkF6M0WODQkTU0DfUjXWaCBsie6iv2+1EHIQAck
eXkGDJzIN+0x4yxETiI1xdzYn82yIZ7s6MbeDuca5TT8/vX1dx4Hyg6hAj6Bn2WK
dCDukOAWUIxaILG/jPdhWDwSXFNx0C4NglP2YrpD4K21w8Otvl2ZTA1VaMLfFMaX
hiYdWalxwkTORpl5ZyArOnjRHtM8k5S4UDjBb5qIDRBThc7Y+xCCjiXox8+Q+230
0MCsE80X9WkFqUrqQZ466NJ504WgobZUl8s1COBHqmgqgFWNSS2EEVsrJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF3Yex7hB+ozybBJPc8x4NbcBkw+MB8GA1UdIwQY
MBaAFK1MgwsRJhSDpitmlqTDcg6K2IoNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclV5REN4RW1GSU9tSzJhV3BNTnlEb3JZaWcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNmE2YmEtYWUwNS00NTI0LTg0ZDEt
MjIyY2ViNmMzNDRjLzEvWGRoN0h1RUg2alBKc0VrOXp6SGcxdHdHVEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNmE2YmEtYWUwNS00NTI0LTg0ZDEtMjIyY2ViNmMzNDRj
LzEvclV5REN4RW1GSU9tSzJhV3BNTnlEb3JZaWcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9hsAwQA
w0JMMA0GCSqGSIb3DQEBCwUAA4IBAQCjnOeaxEdw0QnlKeZGLqpNcqg9bphjmh4p
WWoLBmSNDtBFg8ST8UwPUdpqOZqPl8MUka24zGkj4KVchjstTVBoVTDy/C32DJB/
MTH386QHcJCk0OHuoaK81E1UulM6uAxrPS/pGyV3ry0I7sc8/GZsoH/ugS3scDbt
DYU6lnvWbakZyz76jEVciUPXwcPrDkMBbAWNxyvNN0TFJ96qTIP+F0ZrmvCoeAu1
hs9BLCX/W9NwwkNmN4kFDwEXfnO3cSe0p/M0YrrnU9TMx5/VUmbxwIbIHXB02CNc
3itTPdgkBTY02HhZpcMEZ9Bv48mYWLEy9b4bxwnHS84BHn+J6J7o
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:31 2024 by rpki-client on console-fra.rpki-client.org