Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/Gi0ps5m37rlYgEeVycaUlk0Eh-s.roa
File: Gi0ps5m37rlYgEeVycaUlk0Eh-s.roa (raw, json)
Hash identifier: zGJZ6iaaTv069v1pLqa794lLl/2MUw2K4tQ4nAdMiyk=
Subject key identifier: 1A:2D:29:B3:99:B7:EE:B9:58:80:47:95:C9:C6:94:96:4D:04:87:EB
Certificate issuer: /CN=30d58e40c6d91f3729e57e3344d308b5992fe46e
Certificate serial: 018570FBBE3E67D0E099225CEA1641B8A028
Authority key identifier: 30:D5:8E:40:C6:D9:1F:37:29:E5:7E:33:44:D3:08:B5:99:2F:E4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MNWOQMbZHzcp5X4zRNMItZkv5G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/Gi0ps5m37rlYgEeVycaUlk0Eh-s.roa
Signing time: Mon 02 Jan 2023 05:37:04 +0000
ROA not before: Mon 02 Jan 2023 05:37:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202348
IP address blocks: 91.240.89.0/24 maxlen: 24
2a13:141:4::/48 maxlen: 48
2a13:141:2::/48 maxlen: 48
2a13:141:11::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:be:3e:67:d0:e0:99:22:5c:ea:16:41:b8:a0:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30d58e40c6d91f3729e57e3344d308b5992fe46e
Validity
Not Before: Jan 2 05:37:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a2d29b399b7eeb958804795c9c694964d0487eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1d:cd:85:c9:5b:43:10:68:9a:ea:08:c1:14:
68:93:9e:da:e9:d6:34:17:c5:97:d3:97:ae:b7:28:
17:17:af:70:e5:30:2b:55:a4:e4:45:06:85:18:0e:
dc:bc:18:af:f2:b1:3e:cb:ed:10:11:23:f4:3c:84:
d2:e7:15:6f:04:04:66:98:ce:c5:38:01:cf:74:5c:
e3:3e:b8:c3:b7:d1:8e:da:4f:34:ae:c9:1f:db:ad:
a9:93:00:49:15:3a:83:6b:1d:d7:e3:5c:36:c2:38:
9a:dd:6f:8b:0f:00:bc:3a:60:c4:7c:11:04:59:ff:
e1:48:7e:ee:28:c3:6a:79:95:2b:3c:f3:9e:07:8e:
0c:4f:14:6a:2f:8f:92:d8:78:18:06:49:96:65:93:
4a:d0:13:03:d9:2a:27:5e:54:ae:37:28:19:0e:a2:
07:20:38:af:dd:e2:fb:a6:4c:2c:31:58:e6:fb:a7:
3f:12:7e:4c:fe:85:82:54:82:dd:41:80:a1:84:8a:
af:8e:19:e6:0c:43:b0:9a:55:0e:77:b7:0c:38:75:
5c:a9:eb:b7:74:f6:55:39:d1:cf:ac:16:5d:20:45:
63:2c:c4:19:07:c3:f1:2b:2f:32:a5:fe:e0:b3:b4:
d8:8d:68:0a:29:c4:89:cd:42:8d:83:32:56:8a:ab:
95:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:2D:29:B3:99:B7:EE:B9:58:80:47:95:C9:C6:94:96:4D:04:87:EB
X509v3 Authority Key Identifier:
keyid:30:D5:8E:40:C6:D9:1F:37:29:E5:7E:33:44:D3:08:B5:99:2F:E4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MNWOQMbZHzcp5X4zRNMItZkv5G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/Gi0ps5m37rlYgEeVycaUlk0Eh-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/MNWOQMbZHzcp5X4zRNMItZkv5G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.89.0/24
IPv6:
2a13:141:2::/48
2a13:141:4::/48
2a13:141:11::/48
Signature Algorithm: sha256WithRSAEncryption
40:07:a5:01:09:c1:19:aa:1b:22:89:15:d5:76:fd:2d:a6:d8:
95:14:69:77:2f:b7:89:78:ce:51:99:92:20:ed:c8:61:a4:ba:
bc:52:90:fc:5b:42:f6:48:41:c1:c3:62:a5:bc:df:4e:a2:3a:
69:22:6f:c6:06:d1:88:27:1c:db:0f:b7:2b:b8:e5:39:e3:13:
41:80:b2:06:98:63:89:2f:8c:15:1d:b4:c3:9d:b1:24:60:e9:
0b:a9:50:9e:96:13:2e:93:22:62:35:26:d2:40:a8:18:d3:14:
07:95:c7:a0:6f:b5:8e:46:5c:8a:4b:66:fe:2b:84:d0:1f:c4:
81:2b:9d:21:b2:74:22:32:2e:77:05:79:7a:e7:9e:cf:c4:83:
be:e3:93:19:31:07:01:37:61:17:7b:a2:e9:b6:c6:58:cf:06:
61:68:4d:a1:42:0e:3c:35:03:da:05:c8:8f:7f:dd:f7:73:c1:
ce:fd:2b:0d:39:f1:66:f5:a1:22:95:89:60:f6:0f:5b:71:6b:
de:30:48:51:cc:29:bb:dd:3b:8b:c2:c1:f6:b6:8a:74:31:e3:
f3:24:54:e0:3b:6a:c9:92:ff:c5:f0:03:44:53:c3:78:cf:ef:
ce:07:95:cf:93:f1:b0:f9:82:1c:3d:54:0f:75:16:26:53:d7:
68:10:4b:ac
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVw+74+Z9DgmSJc6hZBuKAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZDU4ZTQwYzZkOTFmMzcyOWU1N2UzMzQ0ZDMwOGI1OTky
ZmU0NmUwHhcNMjMwMTAyMDUzNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTJkMjliMzk5YjdlZWI5NTg4MDQ3OTVjOWM2OTQ5NjRkMDQ4N2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtx3NhclbQxBomuoIwRRok57a6dY0
F8WX05eutygXF69w5TArVaTkRQaFGA7cvBiv8rE+y+0QESP0PITS5xVvBARmmM7F
OAHPdFzjPrjDt9GO2k80rskf262pkwBJFTqDax3X41w2wjia3W+LDwC8OmDEfBEE
Wf/hSH7uKMNqeZUrPPOeB44MTxRqL4+S2HgYBkmWZZNK0BMD2SonXlSuNygZDqIH
IDiv3eL7pkwsMVjm+6c/En5M/oWCVILdQYChhIqvjhnmDEOwmlUOd7cMOHVcqeu3
dPZVOdHPrBZdIEVjLMQZB8PxKy8ypf7gs7TYjWgKKcSJzUKNgzJWiquV1wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBotKbOZt+65WIBHlcnGlJZNBIfrMB8GA1UdIwQY
MBaAFDDVjkDG2R83KeV+M0TTCLWZL+RuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU5XT1FNYlpIemNwNVg0elJOTUl0Wmt2NUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy82MjVhMzAtM2E2Yi00NjYxLTg0MGEt
ZjgyYjcwZDhhMGE3LzEvR2kwcHM1bTM3cmxZZ0VlVnljYVVsazBFaC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy82MjVhMzAtM2E2Yi00NjYxLTg0MGEtZjgyYjcwZDhhMGE3
LzEvTU5XT1FNYlpIemNwNVg0elJOTUl0Wmt2NUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAW/BZMCEE
AgACMBsDBwAqEwFBAAIDBwAqEwFBAAQDBwAqEwFBABEwDQYJKoZIhvcNAQELBQAD
ggEBAEAHpQEJwRmqGyKJFdV2/S2m2JUUaXcvt4l4zlGZkiDtyGGkurxSkPxbQvZI
QcHDYqW8306iOmkib8YG0YgnHNsPtyu45TnjE0GAsgaYY4kvjBUdtMOdsSRg6Qup
UJ6WEy6TImI1JtJAqBjTFAeVx6BvtY5GXIpLZv4rhNAfxIErnSGydCIyLncFeXrn
ns/Eg77jkxkxBwE3YRd7oum2xljPBmFoTaFCDjw1A9oFyI9/3fdzwc79Kw058Wb1
oSKViWD2D1txa94wSFHMKbvdO4vCwfa2inQx4/MkVOA7asmS/8XwA0RTw3jP784H
lc+T8bD5ghw9VA91FiZT12gQS6w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:57 2024 by rpki-client on console-fra.rpki-client.org