Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/1O7gu2kvuvn7017oTng-dQeTAa0.roa
File: 1O7gu2kvuvn7017oTng-dQeTAa0.roa (raw, json)
Hash identifier: OT6WrJOyhkhsYl96CZgHLWxPY1slnsd9sVBdoJxdDhQ=
Subject key identifier: D4:EE:E0:BB:69:2F:BA:F9:FB:D3:5E:E8:4E:78:3E:75:07:93:01:AD
Certificate issuer: /CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Certificate serial: 018EBDE73F45381A830C7D6932499E062425
Authority key identifier: 21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/1O7gu2kvuvn7017oTng-dQeTAa0.roa
Signing time: Mon 08 Apr 2024 13:30:32 +0000
ROA not before: Mon 08 Apr 2024 13:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57809
IP address blocks: 91.212.26.0/24 maxlen: 24
185.177.44.0/24 maxlen: 24
2a0a:2f81::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 May 2024 16:27:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:e7:3f:45:38:1a:83:0c:7d:69:32:49:9e:06:24:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Validity
Not Before: Apr 8 13:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4eee0bb692fbaf9fbd35ee84e783e75079301ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:22:77:fa:60:0f:08:62:5e:9b:30:19:75:bd:
b0:f8:67:d8:56:db:c1:7d:81:d4:7b:78:03:fb:c6:
9b:3c:15:ce:b6:a5:f6:08:5e:e0:b8:ef:ae:0c:d2:
df:39:58:01:eb:fa:1a:93:7e:a5:87:33:36:f4:2c:
86:65:67:7e:8b:7d:40:6b:b8:ee:b6:e9:0a:18:b0:
b1:e6:65:c2:c3:76:35:da:e4:13:ad:86:79:b1:73:
da:e4:ca:a0:cb:90:62:e9:43:88:9c:89:00:43:63:
34:ef:c2:7e:61:a5:15:c4:cb:d0:14:c9:96:4d:0b:
9d:ee:c4:9e:fb:31:43:c7:87:f3:29:e6:1f:e8:a6:
30:8c:df:df:56:7a:6a:be:a0:fb:b8:6c:d6:a2:7c:
c9:57:28:1d:55:a4:c0:5b:01:34:7d:b6:16:b4:27:
0b:47:92:fe:80:c2:e7:f1:22:a8:a2:dc:14:82:a9:
2b:6c:75:91:ba:1b:2d:0f:f0:6b:f2:69:e5:96:88:
29:fe:f1:03:3a:01:29:dd:f5:aa:d0:b8:02:12:0c:
6a:11:24:33:01:94:dd:c5:0b:81:82:56:6a:7b:0e:
c4:6b:03:89:c1:ad:d6:f0:f5:80:c1:ae:ec:44:ec:
a7:5d:38:e8:d9:5f:4a:a5:86:2d:28:a0:8e:df:a9:
8c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:EE:E0:BB:69:2F:BA:F9:FB:D3:5E:E8:4E:78:3E:75:07:93:01:AD
X509v3 Authority Key Identifier:
keyid:21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/1O7gu2kvuvn7017oTng-dQeTAa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.26.0/24
185.177.44.0/24
IPv6:
2a0a:2f81::/32
Signature Algorithm: sha256WithRSAEncryption
3f:02:cf:72:f7:1a:e5:96:61:e0:fe:9e:07:e2:a8:17:ab:7d:
ef:1c:c5:21:62:c5:6e:c2:88:f6:e6:b3:95:48:bd:11:ca:7c:
7a:e2:ff:4a:be:38:a0:28:2f:b7:b3:a4:73:8e:f1:d7:95:34:
10:b7:f7:4a:fb:0d:f7:52:77:1f:9c:64:cd:1f:8c:de:b4:9c:
4a:6e:7b:a7:74:15:30:6e:16:d2:c7:42:a5:fa:7a:b8:09:68:
7e:45:ce:02:e8:af:fa:16:79:d6:e2:f0:ea:e3:3e:a4:ea:69:
f6:ed:d4:8d:57:dd:4d:12:7e:ab:6f:78:8a:08:21:47:5c:c6:
7e:e3:59:fa:d8:60:4a:53:9d:a8:56:96:ca:bf:0b:e6:ee:88:
81:fb:d6:ef:37:e0:2b:cf:79:ed:66:c4:74:cf:ce:f3:b7:33:
22:34:a4:a3:b6:04:ad:7d:47:9f:d6:30:f7:a1:b1:b4:ea:9c:
d2:76:44:9e:4c:30:81:1d:90:31:65:8b:d4:fd:40:2e:ac:c8:
3c:57:75:94:83:35:b0:e7:af:66:77:f0:d0:4c:b7:0a:a0:99:
30:3d:60:51:44:82:f9:9b:fa:22:c5:56:8b:43:cf:dd:c4:80:
1d:b4:ab:fe:97:ac:d4:05:15:73:c0:96:71:0d:e9:dd:1f:cf:
ad:dd:85:90
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY695z9FOBqDDH1pMkmeBiQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxY2IyYWMzNzdmYzYwM2Y5NWZhZWNjNTRhYzdkNTkwZjJj
YzMxOWQwHhcNMjQwNDA4MTMzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGVlZTBiYjY5MmZiYWY5ZmJkMzVlZTg0ZTc4M2U3NTA3OTMwMWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyJ3+mAPCGJemzAZdb2w+GfYVtvB
fYHUe3gD+8abPBXOtqX2CF7guO+uDNLfOVgB6/oak36lhzM29CyGZWd+i31Aa7ju
tukKGLCx5mXCw3Y12uQTrYZ5sXPa5Mqgy5Bi6UOInIkAQ2M078J+YaUVxMvQFMmW
TQud7sSe+zFDx4fzKeYf6KYwjN/fVnpqvqD7uGzWonzJVygdVaTAWwE0fbYWtCcL
R5L+gMLn8SKootwUgqkrbHWRuhstD/Br8mnllogp/vEDOgEp3fWq0LgCEgxqESQz
AZTdxQuBglZqew7EawOJwa3W8PWAwa7sROynXTjo2V9KpYYtKKCO36mMawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNTu4LtpL7r5+9Ne6E54PnUHkwGtMB8GA1UdIwQY
MBaAFCHLKsN3/GA/lfrsxUrH1ZDyzDGdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUt
ZmI0MGQ2ZGEyNDY4LzEvMU83Z3Uya3Z1dm43MDE3b1RuZy1kUWVUQWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUtZmI0MGQ2ZGEyNDY4
LzEvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9QaAwQA
ubEsMA0EAgACMAcDBQAqCi+BMA0GCSqGSIb3DQEBCwUAA4IBAQA/As9y9xrllmHg
/p4H4qgXq33vHMUhYsVuwoj25rOVSL0Rynx64v9KvjigKC+3s6RzjvHXlTQQt/dK
+w33UncfnGTNH4zetJxKbnundBUwbhbSx0Kl+nq4CWh+Rc4C6K/6FnnW4vDq4z6k
6mn27dSNV91NEn6rb3iKCCFHXMZ+41n62GBKU52oVpbKvwvm7oiB+9bvN+Arz3nt
ZsR0z87ztzMiNKSjtgStfUef1jD3obG06pzSdkSeTDCBHZAxZYvU/UAurMg8V3WU
gzWw569md/DQTLcKoJkwPWBRRIL5m/oixVaLQ8/dxIAdtKv+l6zUBRVzwJZxDend
H8+t3YWQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:29 2024 by rpki-client on console-ams.rpki-client.org