Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/POUIFTwy2d3jkZxMkr_WFFWnvSk.roa
File: POUIFTwy2d3jkZxMkr_WFFWnvSk.roa (raw, json)
Hash identifier: NrUmvpYUneqUGHacd6s61tqk99s0cCK8t4ohN/wAnHI=
Subject key identifier: 3C:E5:08:15:3C:32:D9:DD:E3:91:9C:4C:92:BF:D6:14:55:A7:BD:29
Certificate issuer: /CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Certificate serial: 018CC4922E22FF2FDA1B83A99D98BB58CBE8
Authority key identifier: 21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/POUIFTwy2d3jkZxMkr_WFFWnvSk.roa
Signing time: Mon 01 Jan 2024 10:29:23 +0000
ROA not before: Mon 01 Jan 2024 10:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47891
IP address blocks: 91.212.26.0/24 maxlen: 24
185.177.44.0/24 maxlen: 24
2a0a:2f81::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 08 Apr 2024 13:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:2e:22:ff:2f:da:1b:83:a9:9d:98:bb:58:cb:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Validity
Not Before: Jan 1 10:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ce508153c32d9dde3919c4c92bfd61455a7bd29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:cd:6c:3f:ef:5c:42:8c:f5:c2:0b:54:42:a0:
ee:85:60:87:28:07:17:31:b7:6e:ce:b0:5f:b8:43:
d3:fa:4a:d5:07:da:21:2a:65:5e:ba:5f:3e:1d:66:
80:12:99:61:81:4a:87:46:85:70:ad:ab:28:d8:da:
3a:94:ca:80:0f:eb:b9:81:08:35:fa:99:34:41:df:
66:16:5d:b3:75:3e:b9:d2:6b:ac:9d:12:34:98:47:
7a:90:0b:3c:ec:3c:e6:bb:3e:cd:fa:1b:6a:0f:17:
55:23:c2:12:49:d9:44:11:a3:1c:c0:69:0f:66:3a:
2e:0d:b3:ce:08:a8:a6:a6:62:e9:fc:ae:36:33:8a:
90:6a:58:95:07:b4:d7:0f:27:c7:26:5c:25:f9:64:
53:9f:9a:b2:9f:0c:6e:67:ec:7b:04:a3:b6:0a:58:
44:fe:55:a2:56:ae:42:ee:5e:df:e3:8b:80:e0:81:
61:34:47:65:b4:6d:88:eb:e4:b0:43:df:ee:15:86:
4e:f4:18:18:e8:9e:96:bd:25:d0:ee:3f:04:d0:12:
d6:e1:d4:16:2c:2d:c9:64:01:cd:b7:11:37:44:07:
0e:00:4d:02:77:ef:78:27:3a:1c:0a:34:9e:be:5a:
f0:a5:36:6f:b0:a4:00:2e:e6:69:a0:f3:7f:dc:5b:
7b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E5:08:15:3C:32:D9:DD:E3:91:9C:4C:92:BF:D6:14:55:A7:BD:29
X509v3 Authority Key Identifier:
keyid:21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/POUIFTwy2d3jkZxMkr_WFFWnvSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.26.0/24
185.177.44.0/24
IPv6:
2a0a:2f81::/32
Signature Algorithm: sha256WithRSAEncryption
2b:d5:33:96:7a:1a:14:11:a3:16:ef:02:7a:7b:e6:46:5b:eb:
0f:3d:d6:ee:73:94:1f:0f:68:f2:c3:c7:8c:13:8b:0d:5e:cf:
aa:35:ce:81:ba:69:78:85:a2:47:92:f3:b4:97:b4:1d:99:c6:
07:e9:d0:8c:fe:71:10:f4:20:33:3d:07:ff:ec:76:6d:21:a1:
36:1c:e9:44:d1:e5:dd:a6:12:52:72:35:81:40:be:6b:b6:31:
c2:ec:46:a7:bd:a2:38:f0:b4:fc:07:59:c0:10:15:99:6b:8d:
2b:12:7c:15:6a:02:e3:97:bb:43:8a:23:16:7d:38:8b:87:7f:
31:38:a0:6d:f7:bc:55:8a:08:9d:fc:f8:59:a0:f6:3c:4b:e3:
87:80:b8:4a:c3:b4:d1:fe:af:88:b3:c7:2a:7f:9f:09:b6:19:
54:48:21:9a:3c:54:f4:43:e5:d0:65:9d:e6:f6:fd:c4:d6:5f:
ec:a7:75:01:9a:5b:b4:ab:65:47:ca:d5:cf:2a:fd:95:21:14:
db:e8:ed:77:60:ec:22:37:30:aa:b8:02:8a:7f:cd:68:da:d3:
45:d1:40:be:60:c8:e5:2c:2b:f9:fb:36:9e:59:81:28:d8:2e:
d0:04:46:2e:f8:6e:ad:41:95:86:67:3e:f0:d9:ef:2f:fe:6a:
05:8c:61:dd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEki4i/y/aG4OpnZi7WMvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxY2IyYWMzNzdmYzYwM2Y5NWZhZWNjNTRhYzdkNTkwZjJj
YzMxOWQwHhcNMjQwMTAxMTAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2U1MDgxNTNjMzJkOWRkZTM5MTljNGM5MmJmZDYxNDU1YTdiZDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiM1sP+9cQoz1wgtUQqDuhWCHKAcX
MbduzrBfuEPT+krVB9ohKmVeul8+HWaAEplhgUqHRoVwraso2No6lMqAD+u5gQg1
+pk0Qd9mFl2zdT650musnRI0mEd6kAs87Dzmuz7N+htqDxdVI8ISSdlEEaMcwGkP
ZjouDbPOCKimpmLp/K42M4qQaliVB7TXDyfHJlwl+WRTn5qynwxuZ+x7BKO2ClhE
/lWiVq5C7l7f44uA4IFhNEdltG2I6+SwQ9/uFYZO9BgY6J6WvSXQ7j8E0BLW4dQW
LC3JZAHNtxE3RAcOAE0Cd+94JzocCjSevlrwpTZvsKQALuZpoPN/3Ft7tQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDzlCBU8Mtnd45GcTJK/1hRVp70pMB8GA1UdIwQY
MBaAFCHLKsN3/GA/lfrsxUrH1ZDyzDGdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUt
ZmI0MGQ2ZGEyNDY4LzEvUE9VSUZUd3kyZDNqa1p4TWtyX1dGRldudlNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUtZmI0MGQ2ZGEyNDY4
LzEvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9QaAwQA
ubEsMA0EAgACMAcDBQAqCi+BMA0GCSqGSIb3DQEBCwUAA4IBAQAr1TOWehoUEaMW
7wJ6e+ZGW+sPPdbuc5QfD2jyw8eME4sNXs+qNc6Buml4haJHkvO0l7QdmcYH6dCM
/nEQ9CAzPQf/7HZtIaE2HOlE0eXdphJScjWBQL5rtjHC7EanvaI48LT8B1nAEBWZ
a40rEnwVagLjl7tDiiMWfTiLh38xOKBt97xVigid/PhZoPY8S+OHgLhKw7TR/q+I
s8cqf58JthlUSCGaPFT0Q+XQZZ3m9v3E1l/sp3UBmlu0q2VHytXPKv2VIRTb6O13
YOwiNzCquAKKf81o2tNF0UC+YMjlLCv5+zaeWYEo2C7QBEYu+G6tQZWGZz7w2e8v
/moFjGHd
-----END CERTIFICATE-----
Generated at Mon Apr 8 17:17:58 2024 by rpki-client on console-fra.rpki-client.org