Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/33eccf-0ae3-4c7e-a441-08e8f0cbb840/1/M9Phr8kiM1qpqm8fOhOc643BZ-w.roa
File: M9Phr8kiM1qpqm8fOhOc643BZ-w.roa (raw, json)
Hash identifier: yX26uxX3f9sB1rEmO0t6bLafQEiv72zRHnviQTxnpIE=
Subject key identifier: 33:D3:E1:AF:C9:22:33:5A:A9:AA:6F:1F:3A:13:9C:EB:8D:C1:67:EC
Certificate issuer: /CN=8a6024b2c27a67dff5b654efa06bf7bfc1222625
Certificate serial: 018CCA2A875A4B5E2DC6F40B81694762FED1
Authority key identifier: 8A:60:24:B2:C2:7A:67:DF:F5:B6:54:EF:A0:6B:F7:BF:C1:22:26:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imAkssJ6Z9_1tlTvoGv3v8EiJiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/33eccf-0ae3-4c7e-a441-08e8f0cbb840/1/M9Phr8kiM1qpqm8fOhOc643BZ-w.roa
Signing time: Tue 02 Jan 2024 12:33:53 +0000
ROA not before: Tue 02 Jan 2024 12:33:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208949
IP address blocks: 91.200.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 14:59:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:87:5a:4b:5e:2d:c6:f4:0b:81:69:47:62:fe:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a6024b2c27a67dff5b654efa06bf7bfc1222625
Validity
Not Before: Jan 2 12:33:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33d3e1afc922335aa9aa6f1f3a139ceb8dc167ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:71:e8:a2:f2:fd:6f:bd:2d:62:40:f3:05:c6:
46:1c:6c:10:a4:b5:cb:6b:3d:0d:f2:17:fe:b0:9c:
ec:71:79:df:d7:07:82:76:5c:f9:53:f2:2b:a9:e1:
07:f1:df:47:9a:b3:60:96:50:8a:09:d0:1c:49:9c:
1e:dc:09:1b:c3:22:5d:5c:fb:0d:38:bc:de:2d:8d:
2a:48:83:17:69:30:58:17:82:45:2a:fb:d1:3c:5f:
68:ab:bb:39:61:65:4e:9b:81:20:1e:92:8e:24:ae:
5a:fd:47:73:d4:77:f0:13:47:a4:06:6d:17:da:8f:
12:79:3a:01:b7:56:7e:11:fb:79:11:3f:c7:7b:b3:
26:99:39:3a:2c:3e:7d:fc:94:72:98:49:2a:33:2a:
0e:02:2d:68:61:b0:8d:49:d0:7a:40:ab:21:7b:09:
83:34:cc:8e:3c:e6:a4:a4:30:6f:3d:5d:51:ab:cf:
a8:cd:43:6c:c6:53:20:13:5e:d6:52:83:0f:08:79:
7a:a1:9a:d9:e8:a0:3c:17:de:88:f4:50:37:09:d3:
47:62:96:c2:7f:82:be:71:f3:84:eb:03:e1:0c:b9:
2a:41:96:05:3e:1d:cb:4a:35:06:69:d9:dc:bd:8b:
ad:16:39:98:6e:2d:7d:a0:24:e4:d4:f4:68:c0:98:
4b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D3:E1:AF:C9:22:33:5A:A9:AA:6F:1F:3A:13:9C:EB:8D:C1:67:EC
X509v3 Authority Key Identifier:
keyid:8A:60:24:B2:C2:7A:67:DF:F5:B6:54:EF:A0:6B:F7:BF:C1:22:26:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imAkssJ6Z9_1tlTvoGv3v8EiJiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/33eccf-0ae3-4c7e-a441-08e8f0cbb840/1/M9Phr8kiM1qpqm8fOhOc643BZ-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/33eccf-0ae3-4c7e-a441-08e8f0cbb840/1/imAkssJ6Z9_1tlTvoGv3v8EiJiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.57.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:15:c9:89:2c:22:d8:c3:57:f5:e6:61:12:23:16:37:1e:f6:
b2:97:a1:e2:d4:85:e1:67:0b:6d:e5:48:fa:a4:88:31:d8:9c:
e2:f8:87:b3:33:9a:e1:43:5a:e8:05:f7:bb:5c:ee:f7:8f:c4:
b7:80:59:88:85:95:bb:a3:d3:42:4a:c2:7b:c2:a1:1d:37:63:
d8:fc:74:9d:ef:57:28:b2:44:8a:93:4e:d5:a9:e7:9b:51:cc:
bf:65:df:1c:65:24:c2:46:86:31:53:1f:98:4f:c1:da:c3:8a:
88:42:0d:ef:4d:12:6b:eb:89:36:02:0b:7d:32:9a:b6:5e:71:
39:b8:77:0b:ef:ae:4d:14:c1:f3:93:dc:f2:5c:a2:3c:4d:33:
4e:bf:c6:b0:ab:fa:4d:91:7a:92:7d:3b:f5:78:c7:1b:6c:d3:
e2:b9:8c:93:77:54:dd:11:2f:02:03:fa:3f:83:06:9d:74:8f:
3e:dd:be:64:6a:8d:e1:56:6d:06:c3:a8:ad:d8:8b:7a:60:65:
89:5f:ce:93:be:d5:29:a1:c6:e6:8e:40:c9:3e:d9:70:ac:d5:
36:03:aa:6e:e8:51:ed:1c:f3:94:e9:39:a9:58:ec:53:0c:ce:
f9:52:82:ef:b0:23:9f:cd:e3:ed:cf:89:55:7d:02:40:b9:e1:
fd:98:c8:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKodaS14txvQLgWlHYv7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjAyNGIyYzI3YTY3ZGZmNWI2NTRlZmEwNmJmN2JmYzEy
MjI2MjUwHhcNMjQwMTAyMTIzMzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2QzZTFhZmM5MjIzMzVhYTlhYTZmMWYzYTEzOWNlYjhkYzE2N2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXHoovL9b70tYkDzBcZGHGwQpLXL
az0N8hf+sJzscXnf1weCdlz5U/IrqeEH8d9HmrNgllCKCdAcSZwe3AkbwyJdXPsN
OLzeLY0qSIMXaTBYF4JFKvvRPF9oq7s5YWVOm4EgHpKOJK5a/Udz1HfwE0ekBm0X
2o8SeToBt1Z+Eft5ET/He7MmmTk6LD59/JRymEkqMyoOAi1oYbCNSdB6QKshewmD
NMyOPOakpDBvPV1Rq8+ozUNsxlMgE17WUoMPCHl6oZrZ6KA8F96I9FA3CdNHYpbC
f4K+cfOE6wPhDLkqQZYFPh3LSjUGadncvYutFjmYbi19oCTk1PRowJhLGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDPT4a/JIjNaqapvHzoTnOuNwWfsMB8GA1UdIwQY
MBaAFIpgJLLCemff9bZU76Br97/BIiYlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1Ba3NzSjZaOV8xdGxUdm9HdjN2OEVpSmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zM2VjY2YtMGFlMy00YzdlLWE0NDEt
MDhlOGYwY2JiODQwLzEvTTlQaHI4a2lNMXFwcW04Zk9oT2M2NDNCWi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zM2VjY2YtMGFlMy00YzdlLWE0NDEtMDhlOGYwY2JiODQw
LzEvaW1Ba3NzSjZaOV8xdGxUdm9HdjN2OEVpSmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8g5MA0G
CSqGSIb3DQEBCwUAA4IBAQC1FcmJLCLYw1f15mESIxY3Hvayl6Hi1IXhZwtt5Uj6
pIgx2Jzi+IezM5rhQ1roBfe7XO73j8S3gFmIhZW7o9NCSsJ7wqEdN2PY/HSd71co
skSKk07VqeebUcy/Zd8cZSTCRoYxUx+YT8Haw4qIQg3vTRJr64k2Agt9Mpq2XnE5
uHcL765NFMHzk9zyXKI8TTNOv8awq/pNkXqSfTv1eMcbbNPiuYyTd1TdES8CA/o/
gwaddI8+3b5kao3hVm0Gw6it2It6YGWJX86TvtUpocbmjkDJPtlwrNU2A6pu6FHt
HPOU6TmpWOxTDM75UoLvsCOfzePtz4lVfQJAueH9mMhP
-----END CERTIFICATE-----
Generated at Mon Jan 22 17:49:59 2024 by rpki-client on console-fra.rpki-client.org