Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XFufYR89TTrtReAJbWMAwy5CBu0.roa
File: XFufYR89TTrtReAJbWMAwy5CBu0.roa (raw, json)
Hash identifier: ZPLxZFV7RyJcWyxogOkyVApCQedCr7hQSYfqBkBb0cU=
Subject key identifier: 5C:5B:9F:61:1F:3D:4D:3A:ED:45:E0:09:6D:63:00:C3:2E:42:06:ED
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 018570306E26A23B500C3F04AF480255903A
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XFufYR89TTrtReAJbWMAwy5CBu0.roa
Signing time: Mon 02 Jan 2023 01:55:00 +0000
ROA not before: Mon 02 Jan 2023 01:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202532
IP address blocks: 91.107.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:6e:26:a2:3b:50:0c:3f:04:af:48:02:55:90:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Jan 2 01:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c5b9f611f3d4d3aed45e0096d6300c32e4206ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:09:df:aa:ca:2b:60:29:0d:9c:a0:6b:79:33:
dd:6e:00:12:05:9b:95:f8:33:e8:47:5e:2a:90:d9:
42:3f:27:35:1d:ca:82:9b:14:29:5c:e8:09:39:b6:
22:f8:40:da:de:07:2e:69:e3:ca:36:fa:42:62:6f:
bf:da:97:5e:41:e7:39:6c:f3:4e:38:ad:c2:28:8a:
17:e4:2e:ca:99:ee:cc:1a:a3:48:e7:6e:68:48:48:
aa:ad:94:bd:10:8d:55:6c:3d:61:45:2c:19:86:70:
a2:04:90:87:e0:c4:a7:25:df:80:e3:7c:49:fd:49:
4e:60:60:49:11:ab:8f:56:e2:1e:77:79:b3:0b:86:
51:69:73:ca:37:43:85:95:5d:d8:a6:99:92:0e:65:
66:e5:d6:61:3a:ac:cc:9c:4f:43:fa:18:b9:e9:55:
7c:a3:37:12:2f:15:89:d0:15:c0:af:85:27:98:bd:
84:db:4b:45:ae:aa:70:4a:44:7e:e2:9b:32:c1:4a:
4e:29:da:56:61:0d:22:67:96:7f:51:45:69:5a:6f:
cf:3a:89:3f:9f:64:58:ac:9f:d4:97:0b:e4:13:4c:
e2:64:50:fc:a3:a2:6c:24:6b:6a:5d:71:97:3b:99:
6b:cd:49:2a:7f:d8:c1:ee:13:56:a0:6a:00:e9:c9:
f5:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5B:9F:61:1F:3D:4D:3A:ED:45:E0:09:6D:63:00:C3:2E:42:06:ED
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XFufYR89TTrtReAJbWMAwy5CBu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.107.84.0/24
Signature Algorithm: sha256WithRSAEncryption
14:8d:7d:ac:92:ce:66:ab:05:3a:88:38:4b:a1:3b:58:9b:b7:
c0:f6:9a:b4:a8:ea:d1:b4:b7:f9:34:79:59:7b:29:a3:3c:34:
58:dd:8c:ee:1b:63:68:cd:e5:c0:21:27:3f:ff:9a:b1:f0:39:
b3:57:bd:3f:75:59:a9:cf:9f:c0:00:9c:43:f7:d8:b9:18:c0:
05:35:73:b5:c6:98:6f:8e:98:0e:01:c1:d4:0f:ad:30:bb:30:
1b:5f:33:73:09:cc:ff:a3:b2:1f:ce:94:b9:b1:e8:1a:2d:e7:
af:e0:78:3e:16:14:a8:29:64:3d:f3:e2:e6:14:94:f2:5e:40:
44:3d:61:55:18:b1:67:62:61:31:df:b8:b8:6f:89:2f:a0:d1:
a2:41:43:61:04:62:1a:8f:f2:fd:18:17:c2:87:31:27:1e:94:
69:28:d9:dc:b1:2a:99:6c:01:2e:dc:94:8d:78:6f:a9:12:3e:
63:0b:eb:9d:b3:84:d8:b6:48:c2:7d:ee:5b:bb:9a:3f:f4:0d:
ef:46:61:cd:dc:df:6e:37:c1:64:5c:2b:5c:47:89:ff:ad:0d:
40:c6:a4:6b:3f:f7:09:c9:c9:59:e4:82:23:ae:c1:ea:69:98:
e8:cc:61:9a:d1:dd:f2:fd:54:77:41:44:ba:59:1f:5c:c6:c9:
31:2f:2d:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMG4mojtQDD8Er0gCVZA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjMwMTAyMDE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzViOWY2MTFmM2Q0ZDNhZWQ0NWUwMDk2ZDYzMDBjMzJlNDIwNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggnfqsorYCkNnKBreTPdbgASBZuV
+DPoR14qkNlCPyc1HcqCmxQpXOgJObYi+EDa3gcuaePKNvpCYm+/2pdeQec5bPNO
OK3CKIoX5C7Kme7MGqNI525oSEiqrZS9EI1VbD1hRSwZhnCiBJCH4MSnJd+A43xJ
/UlOYGBJEauPVuIed3mzC4ZRaXPKN0OFlV3YppmSDmVm5dZhOqzMnE9D+hi56VV8
ozcSLxWJ0BXAr4UnmL2E20tFrqpwSkR+4psywUpOKdpWYQ0iZ5Z/UUVpWm/POok/
n2RYrJ/UlwvkE0ziZFD8o6JsJGtqXXGXO5lrzUkqf9jB7hNWoGoA6cn1DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxbn2EfPU067UXgCW1jAMMuQgbtMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvWEZ1ZllSODlUVHJ0UmVBSmJXTUF3eTVDQnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2tUMA0G
CSqGSIb3DQEBCwUAA4IBAQAUjX2sks5mqwU6iDhLoTtYm7fA9pq0qOrRtLf5NHlZ
eymjPDRY3YzuG2NozeXAISc//5qx8DmzV70/dVmpz5/AAJxD99i5GMAFNXO1xphv
jpgOAcHUD60wuzAbXzNzCcz/o7IfzpS5segaLeev4Hg+FhSoKWQ98+LmFJTyXkBE
PWFVGLFnYmEx37i4b4kvoNGiQUNhBGIaj/L9GBfChzEnHpRpKNncsSqZbAEu3JSN
eG+pEj5jC+uds4TYtkjCfe5bu5o/9A3vRmHN3N9uN8FkXCtcR4n/rQ1AxqRrP/cJ
yclZ5IIjrsHqaZjozGGa0d3y/VR3QUS6WR9cxskxLy1Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:22 2024 by rpki-client on console-fra.rpki-client.org