Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/33z-H9JxZXYirV_GSCun6ahnvzY.roa
File: 33z-H9JxZXYirV_GSCun6ahnvzY.roa (raw, json)
Hash identifier: 6kL1BtrzzQmg6F6JD6R0EXAadgnIhG4AzWjM8/DQqfQ=
Subject key identifier: DF:7C:FE:1F:D2:71:65:76:22:AD:5F:C6:48:2B:A7:E9:A8:67:BF:36
Certificate issuer: /CN=f0a32d2129a386c9a0afdbb915e0dbf130ba70d5
Certificate serial: 018CC8DF312D7659B0E552E39CA88DDCF74E
Authority key identifier: F0:A3:2D:21:29:A3:86:C9:A0:AF:DB:B9:15:E0:DB:F1:30:BA:70:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8KMtISmjhsmgr9u5FeDb8TC6cNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/33z-H9JxZXYirV_GSCun6ahnvzY.roa
Signing time: Tue 02 Jan 2024 06:31:59 +0000
ROA not before: Tue 02 Jan 2024 06:31:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207829
IP address blocks: 91.198.170.0/23 maxlen: 23
2a0b:c140::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 14 Feb 2024 15:03:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:31:2d:76:59:b0:e5:52:e3:9c:a8:8d:dc:f7:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0a32d2129a386c9a0afdbb915e0dbf130ba70d5
Validity
Not Before: Jan 2 06:31:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df7cfe1fd271657622ad5fc6482ba7e9a867bf36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:67:d2:95:f1:a4:3d:52:47:43:87:28:08:e5:
c8:c0:b1:fd:83:d0:be:49:d5:f8:13:b1:a0:db:53:
ba:16:29:5f:c2:50:ea:d9:ad:88:a4:c9:b4:c8:38:
8c:12:cd:d6:97:26:6e:a2:0b:a0:58:bb:59:68:95:
ef:c4:29:df:d7:6c:c9:46:e6:f7:1b:f4:a7:60:50:
cc:ec:22:91:05:09:f7:52:78:28:9f:e5:a0:bf:c4:
48:8d:7d:b1:65:b6:68:c7:01:41:b0:85:9f:07:e6:
c0:20:ba:bd:65:7e:11:eb:cd:d6:a2:03:81:54:f8:
a6:95:08:26:83:73:d5:9e:41:53:86:6b:20:a9:8d:
3b:3f:b5:26:62:c8:8b:b1:4b:e4:be:a0:23:1d:10:
0b:f8:17:7e:e0:e0:1e:6e:81:e9:d2:a6:52:78:16:
3e:0f:73:2a:93:96:76:e1:93:8a:86:1e:b2:ce:d7:
4d:8d:60:dd:17:df:d8:77:a5:04:80:11:72:a7:c6:
75:c8:db:7c:a7:d9:c6:f8:5f:92:de:74:af:66:a4:
80:6a:80:fb:82:29:f3:8a:7b:a4:96:fb:95:d8:10:
e2:fd:90:a2:77:28:81:0b:47:4f:fe:c8:47:ec:1e:
e4:b3:00:77:0b:81:51:1b:3a:07:44:90:f8:9d:2e:
5f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:7C:FE:1F:D2:71:65:76:22:AD:5F:C6:48:2B:A7:E9:A8:67:BF:36
X509v3 Authority Key Identifier:
keyid:F0:A3:2D:21:29:A3:86:C9:A0:AF:DB:B9:15:E0:DB:F1:30:BA:70:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8KMtISmjhsmgr9u5FeDb8TC6cNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/33z-H9JxZXYirV_GSCun6ahnvzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/8KMtISmjhsmgr9u5FeDb8TC6cNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.170.0/23
IPv6:
2a0b:c140::/32
Signature Algorithm: sha256WithRSAEncryption
27:35:28:b0:42:31:3e:c7:7a:33:c7:3e:c0:28:20:c2:e8:a5:
1e:f6:6d:f4:5f:d9:fc:6b:1e:69:12:53:84:ad:d0:7f:87:81:
93:bf:61:03:5c:36:be:2d:e1:cc:2f:c2:c5:26:69:25:06:6a:
dd:89:8e:56:1e:c7:75:4c:e1:ec:3c:a5:39:a6:97:ef:5e:ee:
09:0b:95:46:82:ca:5f:13:1c:f3:2f:ae:43:09:a5:49:86:21:
60:94:4b:97:af:df:19:6f:f0:e6:ff:11:4e:98:4f:46:e6:bf:
68:9a:bb:d1:c9:88:8d:36:9a:22:f4:36:ed:5c:b4:d5:5e:01:
e2:8f:f3:f3:d2:04:34:82:4d:99:c6:bb:7f:43:5f:71:f5:de:
f5:13:71:fd:4d:c5:e6:66:e8:c4:e3:4e:e5:2c:4c:10:db:93:
ff:5b:4a:68:a3:fb:6a:b4:f9:35:e6:24:a7:33:48:2e:c6:be:
da:2a:fb:22:5f:70:77:ce:17:8a:81:7b:de:95:b1:9a:d2:42:
20:39:2c:3a:21:af:30:05:8a:4a:08:56:19:60:3a:1c:66:f3:
0d:4b:19:eb:4b:fe:89:4e:c6:ff:a5:cc:07:66:36:26:83:f6:
5c:b7:13:74:c7:f3:e0:6b:1b:eb:68:67:bb:95:19:68:ed:b1:
2f:87:3b:72
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3zEtdlmw5VLjnKiN3PdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYTMyZDIxMjlhMzg2YzlhMGFmZGJiOTE1ZTBkYmYxMzBi
YTcwZDUwHhcNMjQwMTAyMDYzMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjdjZmUxZmQyNzE2NTc2MjJhZDVmYzY0ODJiYTdlOWE4NjdiZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2fSlfGkPVJHQ4coCOXIwLH9g9C+
SdX4E7Gg21O6FilfwlDq2a2IpMm0yDiMEs3WlyZuogugWLtZaJXvxCnf12zJRub3
G/SnYFDM7CKRBQn3Ungon+Wgv8RIjX2xZbZoxwFBsIWfB+bAILq9ZX4R683WogOB
VPimlQgmg3PVnkFThmsgqY07P7UmYsiLsUvkvqAjHRAL+Bd+4OAeboHp0qZSeBY+
D3Mqk5Z24ZOKhh6yztdNjWDdF9/Yd6UEgBFyp8Z1yNt8p9nG+F+S3nSvZqSAaoD7
ginzinuklvuV2BDi/ZCidyiBC0dP/shH7B7kswB3C4FRGzoHRJD4nS5fZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN98/h/ScWV2Iq1fxkgrp+moZ782MB8GA1UdIwQY
MBaAFPCjLSEpo4bJoK/buRXg2/EwunDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEtNdElTbWpoc21ncjl1NUZlRGI4VEM2Y05VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy81OGI4ZTItMTIxNS00YmIwLTk2ZGYt
MmYwODM4MGFlNmM3LzEvMzN6LUg5SnhaWFlpclZfR1NDdW42YWhudnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy81OGI4ZTItMTIxNS00YmIwLTk2ZGYtMmYwODM4MGFlNmM3
LzEvOEtNdElTbWpoc21ncjl1NUZlRGI4VEM2Y05VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW8aqMA0E
AgACMAcDBQAqC8FAMA0GCSqGSIb3DQEBCwUAA4IBAQAnNSiwQjE+x3ozxz7AKCDC
6KUe9m30X9n8ax5pElOErdB/h4GTv2EDXDa+LeHML8LFJmklBmrdiY5WHsd1TOHs
PKU5ppfvXu4JC5VGgspfExzzL65DCaVJhiFglEuXr98Zb/Dm/xFOmE9G5r9omrvR
yYiNNpoi9DbtXLTVXgHij/Pz0gQ0gk2Zxrt/Q19x9d71E3H9TcXmZujE407lLEwQ
25P/W0poo/tqtPk15iSnM0guxr7aKvsiX3B3zheKgXvelbGa0kIgOSw6Ia8wBYpK
CFYZYDocZvMNSxnrS/6JTsb/pcwHZjYmg/ZctxN0x/PgaxvraGe7lRlo7bEvhzty
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:49 2024 by rpki-client on console-fra.rpki-client.org