Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/jo4DyXtP3o31HwDFoPKwgAsFyvM.roa
File: jo4DyXtP3o31HwDFoPKwgAsFyvM.roa (raw, json)
Hash identifier: Z1j17T0SbNzMNDuqeWK6Q82TpIfdSub5bkI/T7pWjHE=
Subject key identifier: 8E:8E:03:C9:7B:4F:DE:8D:F5:1F:00:C5:A0:F2:B0:80:0B:05:CA:F3
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 018679A49F9AB5CD46DA840AC98713534531
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/jo4DyXtP3o31HwDFoPKwgAsFyvM.roa
Signing time: Wed 22 Feb 2023 15:01:17 +0000
ROA not before: Wed 22 Feb 2023 15:01:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46261
IP address blocks: 91.201.140.0/23 maxlen: 23
91.201.142.0/23 maxlen: 23
139.28.136.0/24 maxlen: 24
195.206.111.0/24 maxlen: 24
195.206.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Jun 2023 05:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:79:a4:9f:9a:b5:cd:46:da:84:0a:c9:87:13:53:45:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Feb 22 15:01:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e8e03c97b4fde8df51f00c5a0f2b0800b05caf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:de:34:f8:81:61:8b:2a:e7:56:1b:66:32:e2:
9a:6f:33:57:c6:4a:9a:9f:6a:10:02:18:c3:9f:84:
91:43:a8:f4:ac:eb:79:cd:ff:ba:7f:15:db:28:a2:
11:4c:d8:19:c6:e7:cd:10:e0:e4:fa:1b:92:fe:53:
bd:92:94:7c:46:93:9e:65:c8:1e:41:1d:b0:b9:57:
49:e9:2c:36:f5:35:0b:9a:5e:c0:b4:50:c9:54:d4:
d9:11:12:2e:83:4b:23:f7:e3:eb:c4:d1:53:85:13:
74:68:d2:da:fd:2c:73:45:43:b8:e2:0d:62:57:44:
30:6e:81:11:51:4f:59:c5:ce:5f:52:24:6c:0c:55:
b6:21:68:3b:ed:f6:09:a2:0b:18:10:ec:06:44:78:
5d:8a:c6:5a:70:e5:38:e4:f4:58:05:cf:98:89:a3:
a6:24:e3:ea:08:f5:0a:1b:35:6c:1b:6f:a1:e8:0f:
91:5f:c0:46:1b:ee:e8:c5:ba:74:60:6b:25:29:93:
62:5a:d7:bd:5d:a0:3d:18:a6:94:09:44:33:bf:15:
f5:df:78:3b:5b:83:9b:e3:2a:65:06:e9:34:e3:58:
da:97:ca:0d:e2:fc:42:e6:a2:ff:f6:6b:75:2c:e4:
58:1d:47:b9:6e:49:e3:d6:99:0c:5d:83:7d:0d:ab:
7b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:8E:03:C9:7B:4F:DE:8D:F5:1F:00:C5:A0:F2:B0:80:0B:05:CA:F3
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/jo4DyXtP3o31HwDFoPKwgAsFyvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.140.0/22
139.28.136.0/24
195.206.110.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:96:d5:5a:e7:b3:c9:0a:96:2a:b6:84:3a:c5:d1:7e:7d:be:
75:1d:52:76:d5:9b:cc:72:a2:65:6d:b3:6e:5f:0b:da:51:54:
d4:cd:96:53:c2:84:a1:71:96:1e:21:f6:f9:e9:5a:b9:b4:f8:
f0:77:6a:65:b3:79:bc:dd:d2:0f:d7:30:16:5a:ef:94:f2:e7:
87:9e:7b:70:a8:39:59:a6:0a:60:f5:f2:7d:e3:72:9f:4e:05:
2f:42:da:8e:c0:23:a7:40:9a:4c:84:1a:0f:23:8d:c3:8f:2d:
8e:59:5c:ad:12:5c:9e:9b:1f:2e:d8:44:a6:ba:f1:7d:ac:4e:
ec:ac:12:8f:54:09:71:8c:2a:62:28:8d:dc:b9:f8:8d:d3:60:
8b:b9:38:cf:5b:64:5b:a9:28:ce:a6:a6:51:be:57:45:32:52:
08:92:83:44:66:e7:98:7d:30:39:90:e3:ae:19:5f:9f:ec:a4:
f8:b6:27:2f:7b:2b:35:7b:41:f8:64:bb:e5:d3:07:92:ea:04:
ca:c8:8a:bc:41:7f:03:0e:1f:c0:8f:67:27:a0:28:0e:87:3e:
d9:30:f2:b8:cb:59:4a:43:83:1c:b9:58:97:49:e4:e6:56:6e:
ee:52:13:2f:3d:5a:9c:12:d0:3f:ba:7a:df:11:0d:24:87:f4:
c0:3b:73:99
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZ5pJ+atc1G2oQKyYcTU0UxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjMwMjIyMTUwMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZThlMDNjOTdiNGZkZThkZjUxZjAwYzVhMGYyYjA4MDBiMDVjYWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmt40+IFhiyrnVhtmMuKabzNXxkqa
n2oQAhjDn4SRQ6j0rOt5zf+6fxXbKKIRTNgZxufNEODk+huS/lO9kpR8RpOeZcge
QR2wuVdJ6Sw29TULml7AtFDJVNTZERIug0sj9+PrxNFThRN0aNLa/SxzRUO44g1i
V0QwboERUU9Zxc5fUiRsDFW2IWg77fYJogsYEOwGRHhdisZacOU45PRYBc+YiaOm
JOPqCPUKGzVsG2+h6A+RX8BGG+7oxbp0YGslKZNiWte9XaA9GKaUCUQzvxX133g7
W4Ob4yplBuk041jal8oN4vxC5qL/9mt1LORYHUe5bknj1pkMXYN9Dat7qQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI6OA8l7T96N9R8AxaDysIALBcrzMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvam80RHlYdFAzbzMxSHdERm9QS3dnQXNGeXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8mMAwQA
ixyIAwQBw85uMA0GCSqGSIb3DQEBCwUAA4IBAQA7ltVa57PJCpYqtoQ6xdF+fb51
HVJ21ZvMcqJlbbNuXwvaUVTUzZZTwoShcZYeIfb56Vq5tPjwd2pls3m83dIP1zAW
Wu+U8ueHnntwqDlZpgpg9fJ943KfTgUvQtqOwCOnQJpMhBoPI43Djy2OWVytElye
mx8u2ESmuvF9rE7srBKPVAlxjCpiKI3cufiN02CLuTjPW2RbqSjOpqZRvldFMlII
koNEZueYfTA5kOOuGV+f7KT4ticveys1e0H4ZLvl0weS6gTKyIq8QX8DDh/Aj2cn
oCgOhz7ZMPK4y1lKQ4McuViXSeTmVm7uUhMvPVqcEtA/unrfEQ0kh/TAO3OZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:20 2024 by rpki-client on console-ams.rpki-client.org