Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/33eccf-0ae3-4c7e-a441-08e8f0cbb840/1/cFfq1jI5Rbq__VyQgbSSZqRtEng.roa
File: cFfq1jI5Rbq__VyQgbSSZqRtEng.roa (raw, json)
Hash identifier: utCigEBQ6f9kyDmM1uBzdHWas2h6znYgo18FEwUEoIQ=
Subject key identifier: 70:57:EA:D6:32:39:45:BA:BF:FD:5C:90:81:B4:92:66:A4:6D:12:78
Certificate issuer: /CN=8a6024b2c27a67dff5b654efa06bf7bfc1222625
Certificate serial: 018A1CA797D23DBB12A589C1CC53D2E066AB
Authority key identifier: 8A:60:24:B2:C2:7A:67:DF:F5:B6:54:EF:A0:6B:F7:BF:C1:22:26:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imAkssJ6Z9_1tlTvoGv3v8EiJiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/33eccf-0ae3-4c7e-a441-08e8f0cbb840/1/cFfq1jI5Rbq__VyQgbSSZqRtEng.roa
Signing time: Tue 22 Aug 2023 09:50:59 +0000
ROA not before: Tue 22 Aug 2023 09:50:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 91.200.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Oct 2023 10:04:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:a7:97:d2:3d:bb:12:a5:89:c1:cc:53:d2:e0:66:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a6024b2c27a67dff5b654efa06bf7bfc1222625
Validity
Not Before: Aug 22 09:50:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7057ead6323945babffd5c9081b49266a46d1278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6b:95:9a:b7:97:a2:b2:38:00:ae:d1:36:cd:
c8:11:a0:45:dd:f2:3d:20:d5:a4:30:c8:75:83:6d:
87:52:07:94:4a:02:b5:9a:6e:6f:c4:c3:03:8c:7c:
07:c8:8a:43:da:0d:08:7a:6f:e7:fe:3e:d3:e4:03:
f1:bd:4a:57:e9:7c:31:f1:44:17:1a:f2:91:67:32:
d5:b0:97:77:03:ee:87:18:98:33:52:fc:0c:5c:62:
c1:51:62:bf:22:a1:2e:25:ec:ee:59:10:2b:d4:82:
f8:59:c9:5a:85:01:cb:89:f3:16:4d:7b:15:82:38:
53:e3:d8:cf:bb:7c:f4:67:c5:7d:9d:61:35:ba:6d:
bb:68:dd:9a:69:9c:ab:e4:e0:fd:b5:d5:8a:a4:9f:
b2:a7:58:da:18:06:5e:bd:2f:60:ed:2f:13:0c:15:
96:0d:a2:60:56:24:11:80:ab:d6:81:33:08:bd:60:
0a:15:db:91:bb:82:9d:8e:3b:d0:94:4a:26:4e:07:
fd:27:0d:1b:39:0c:ad:40:0f:08:fa:82:b4:cf:4d:
43:2e:9e:92:bf:6c:ee:4d:f6:0b:45:ec:e0:d1:0f:
f8:99:92:04:42:ef:0c:93:a9:a3:df:2d:ca:75:b4:
40:44:49:6c:53:46:c8:3c:f6:26:c6:3e:63:ce:0c:
54:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:57:EA:D6:32:39:45:BA:BF:FD:5C:90:81:B4:92:66:A4:6D:12:78
X509v3 Authority Key Identifier:
keyid:8A:60:24:B2:C2:7A:67:DF:F5:B6:54:EF:A0:6B:F7:BF:C1:22:26:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imAkssJ6Z9_1tlTvoGv3v8EiJiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/33eccf-0ae3-4c7e-a441-08e8f0cbb840/1/cFfq1jI5Rbq__VyQgbSSZqRtEng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/33eccf-0ae3-4c7e-a441-08e8f0cbb840/1/imAkssJ6Z9_1tlTvoGv3v8EiJiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.57.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:67:00:d7:2e:46:55:a5:bf:c4:ca:78:2a:0f:ef:29:0d:9a:
ca:1a:cb:a8:69:91:1f:74:d8:89:df:d4:aa:43:56:26:d9:0f:
5c:98:5e:0b:c0:19:50:96:98:49:6b:4e:83:66:91:98:c1:d4:
ad:db:b8:45:54:cf:6f:d2:0b:a2:c2:25:f7:42:3e:06:92:54:
79:b9:5a:1b:04:ea:de:41:4d:e5:2b:59:47:aa:ad:45:df:08:
b0:fe:a2:58:46:b4:ff:65:76:fc:3e:ea:25:8c:8c:1d:9f:4a:
84:f4:ac:c6:55:ed:91:51:85:37:eb:e9:e0:1f:92:43:54:bf:
2e:13:35:d0:6f:18:b8:48:71:ad:03:8c:b2:93:9a:f2:0e:66:
b8:6f:d2:f9:10:17:34:81:10:bb:ed:51:83:0c:e2:15:82:a0:
88:d5:69:8e:bf:c5:32:de:a2:2c:13:f8:46:1f:2b:5e:79:bc:
94:81:c6:5c:8c:03:65:a5:5a:53:32:cb:70:59:3e:dd:f1:6f:
30:c5:3e:17:a6:ba:2a:53:ce:80:83:be:69:01:ef:e5:db:64:
32:3d:b7:67:17:87:9e:7b:6b:34:b8:9d:97:b6:34:0b:de:0a:
e6:62:33:12:03:eb:23:72:dc:d1:90:16:49:6f:6d:4c:99:26:
32:a5:a9:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYocp5fSPbsSpYnBzFPS4GarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjAyNGIyYzI3YTY3ZGZmNWI2NTRlZmEwNmJmN2JmYzEy
MjI2MjUwHhcNMjMwODIyMDk1MDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDU3ZWFkNjMyMzk0NWJhYmZmZDVjOTA4MWI0OTI2NmE0NmQxMjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2uVmreXorI4AK7RNs3IEaBF3fI9
INWkMMh1g22HUgeUSgK1mm5vxMMDjHwHyIpD2g0Iem/n/j7T5APxvUpX6Xwx8UQX
GvKRZzLVsJd3A+6HGJgzUvwMXGLBUWK/IqEuJezuWRAr1IL4WclahQHLifMWTXsV
gjhT49jPu3z0Z8V9nWE1um27aN2aaZyr5OD9tdWKpJ+yp1jaGAZevS9g7S8TDBWW
DaJgViQRgKvWgTMIvWAKFduRu4KdjjvQlEomTgf9Jw0bOQytQA8I+oK0z01DLp6S
v2zuTfYLRezg0Q/4mZIEQu8Mk6mj3y3KdbRARElsU0bIPPYmxj5jzgxUcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHBX6tYyOUW6v/1ckIG0kmakbRJ4MB8GA1UdIwQY
MBaAFIpgJLLCemff9bZU76Br97/BIiYlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1Ba3NzSjZaOV8xdGxUdm9HdjN2OEVpSmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zM2VjY2YtMGFlMy00YzdlLWE0NDEt
MDhlOGYwY2JiODQwLzEvY0ZmcTFqSTVSYnFfX1Z5UWdiU1NacVJ0RW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zM2VjY2YtMGFlMy00YzdlLWE0NDEtMDhlOGYwY2JiODQw
LzEvaW1Ba3NzSjZaOV8xdGxUdm9HdjN2OEVpSmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8g5MA0G
CSqGSIb3DQEBCwUAA4IBAQChZwDXLkZVpb/EyngqD+8pDZrKGsuoaZEfdNiJ39Sq
Q1Ym2Q9cmF4LwBlQlphJa06DZpGYwdSt27hFVM9v0guiwiX3Qj4GklR5uVobBOre
QU3lK1lHqq1F3wiw/qJYRrT/ZXb8PuoljIwdn0qE9KzGVe2RUYU36+ngH5JDVL8u
EzXQbxi4SHGtA4yyk5ryDma4b9L5EBc0gRC77VGDDOIVgqCI1WmOv8Uy3qIsE/hG
HyteebyUgcZcjANlpVpTMstwWT7d8W8wxT4XproqU86Ag75pAe/l22QyPbdnF4ee
e2s0uJ2XtjQL3grmYjMSA+sjctzRkBZJb21MmSYypalh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:51 2024 by rpki-client on console-ams.rpki-client.org