Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/208129-d086-49d4-9dc7-5a9ac7f39023/1/RIchX2haCrAnJ0VjT-yJHilsZ0Q.roa
File: RIchX2haCrAnJ0VjT-yJHilsZ0Q.roa (raw, json)
Hash identifier: ZUdAt37yMM00YhYbBsLL9yVH/BtfuPnCPztM6HBgH4k=
Subject key identifier: 44:87:21:5F:68:5A:0A:B0:27:27:45:63:4F:EC:89:1E:29:6C:67:44
Certificate issuer: /CN=377bd10f7d906c131c8c9e2fc7316416df4ae224
Certificate serial: 01856EF438E4E021A58DFF3CDB61A67A8A85
Authority key identifier: 37:7B:D1:0F:7D:90:6C:13:1C:8C:9E:2F:C7:31:64:16:DF:4A:E2:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N3vRD32QbBMcjJ4vxzFkFt9K4iQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/208129-d086-49d4-9dc7-5a9ac7f39023/1/RIchX2haCrAnJ0VjT-yJHilsZ0Q.roa
Signing time: Sun 01 Jan 2023 20:09:36 +0000
ROA not before: Sun 01 Jan 2023 20:09:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47271
IP address blocks: 91.198.11.0/24 maxlen: 24
91.209.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:38:e4:e0:21:a5:8d:ff:3c:db:61:a6:7a:8a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=377bd10f7d906c131c8c9e2fc7316416df4ae224
Validity
Not Before: Jan 1 20:09:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4487215f685a0ab0272745634fec891e296c6744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:97:00:67:1f:55:07:19:7b:ad:d3:e9:8e:5e:
c2:92:98:4a:4a:0f:21:52:52:11:8c:a4:e5:6c:f5:
7b:ff:a4:a6:aa:15:89:f4:7e:63:8a:11:1c:53:d6:
b4:c2:81:55:68:32:23:1a:a4:b5:3f:47:96:e9:16:
ea:1c:83:15:dc:e7:32:48:63:4f:a6:0d:ff:bc:70:
eb:af:f9:e1:a6:8d:34:38:94:d9:4f:2f:64:24:55:
18:ed:df:cd:df:28:83:15:a0:35:76:6c:3a:ab:2b:
74:88:5d:e5:8b:47:e4:b0:5b:8b:ab:df:f3:00:b7:
e6:d5:60:53:d4:b1:1c:dc:4a:fb:3f:cd:ca:26:f3:
82:53:fc:22:bb:4e:ae:60:c8:e9:e0:bf:a6:4a:72:
2a:4a:bc:82:28:58:3d:6a:35:53:67:23:ac:69:a2:
b1:a7:e0:a0:c5:74:0a:86:a7:ea:0c:92:50:ac:a6:
4e:ed:65:3d:95:b9:6a:17:bc:9f:40:33:ee:9f:09:
31:58:ce:f0:92:67:cc:fa:aa:5b:76:5c:06:d4:de:
6c:c5:6a:fe:e2:40:5a:b8:ad:9e:3e:a7:b1:1f:76:
44:85:ff:b8:08:4c:f8:36:a0:f8:b4:48:9f:0d:6d:
4e:25:92:8c:95:ac:43:92:54:f3:3e:49:f0:ff:a5:
ea:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:87:21:5F:68:5A:0A:B0:27:27:45:63:4F:EC:89:1E:29:6C:67:44
X509v3 Authority Key Identifier:
keyid:37:7B:D1:0F:7D:90:6C:13:1C:8C:9E:2F:C7:31:64:16:DF:4A:E2:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N3vRD32QbBMcjJ4vxzFkFt9K4iQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/208129-d086-49d4-9dc7-5a9ac7f39023/1/RIchX2haCrAnJ0VjT-yJHilsZ0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/208129-d086-49d4-9dc7-5a9ac7f39023/1/N3vRD32QbBMcjJ4vxzFkFt9K4iQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.11.0/24
91.209.3.0/24
Signature Algorithm: sha256WithRSAEncryption
54:c6:ab:03:86:d7:ba:61:a0:01:19:94:fa:2d:70:f5:b7:ce:
4b:a6:53:15:33:08:55:1f:3d:14:79:f0:bb:39:4b:49:17:b7:
eb:83:f6:e1:af:82:4a:51:ed:8e:b0:d1:ea:05:43:74:68:c6:
eb:61:be:b9:6e:e4:48:cd:16:a1:7b:95:17:c0:2b:08:98:32:
7a:8f:85:b2:3f:75:98:2e:3c:66:f2:35:5b:c6:cd:49:cf:05:
47:d2:13:b6:cf:10:ea:76:3b:f8:2d:53:3f:a7:ea:dc:90:36:
97:bb:c0:77:3c:72:06:7f:03:7a:93:f8:e2:e6:a6:c0:0a:a7:
39:fa:4a:ef:d4:2b:59:ed:f8:69:dc:b5:d7:f6:46:31:06:df:
2c:35:ba:90:ed:df:1b:e8:b4:7c:e0:a5:19:5a:ae:04:af:4b:
28:91:02:2c:a7:49:d2:6c:cc:32:d7:e9:01:80:5a:00:8e:20:
40:a5:c4:5a:a0:1f:39:a7:63:6b:30:8d:cd:cb:2d:d0:92:86:
a1:45:4e:31:f3:87:d1:e5:86:0a:76:1f:0a:78:3b:46:c2:19:
63:6f:71:01:48:13:15:4b:30:dc:a8:ab:80:2e:19:0a:ec:78:
b7:97:f9:d2:e5:8d:b6:39:61:38:80:b6:00:cc:51:5a:16:16:
07:4d:8f:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVu9Djk4CGljf8822GmeoqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3N2JkMTBmN2Q5MDZjMTMxYzhjOWUyZmM3MzE2NDE2ZGY0
YWUyMjQwHhcNMjMwMTAxMjAwOTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDg3MjE1ZjY4NWEwYWIwMjcyNzQ1NjM0ZmVjODkxZTI5NmM2NzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZcAZx9VBxl7rdPpjl7CkphKSg8h
UlIRjKTlbPV7/6SmqhWJ9H5jihEcU9a0woFVaDIjGqS1P0eW6RbqHIMV3OcySGNP
pg3/vHDrr/nhpo00OJTZTy9kJFUY7d/N3yiDFaA1dmw6qyt0iF3li0fksFuLq9/z
ALfm1WBT1LEc3Er7P83KJvOCU/wiu06uYMjp4L+mSnIqSryCKFg9ajVTZyOsaaKx
p+CgxXQKhqfqDJJQrKZO7WU9lblqF7yfQDPunwkxWM7wkmfM+qpbdlwG1N5sxWr+
4kBauK2ePqexH3ZEhf+4CEz4NqD4tEifDW1OJZKMlaxDklTzPknw/6XqhQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFESHIV9oWgqwJydFY0/siR4pbGdEMB8GA1UdIwQY
MBaAFDd70Q99kGwTHIyeL8cxZBbfSuIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjN2UkQzMlFiQk1jako0dnh6RmtGdDlLNGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yMDgxMjktZDA4Ni00OWQ0LTlkYzct
NWE5YWM3ZjM5MDIzLzEvUkljaFgyaGFDckFuSjBWalQteUpIaWxzWjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yMDgxMjktZDA4Ni00OWQ0LTlkYzctNWE5YWM3ZjM5MDIz
LzEvTjN2UkQzMlFiQk1jako0dnh6RmtGdDlLNGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8YLAwQA
W9EDMA0GCSqGSIb3DQEBCwUAA4IBAQBUxqsDhte6YaABGZT6LXD1t85LplMVMwhV
Hz0UefC7OUtJF7frg/bhr4JKUe2OsNHqBUN0aMbrYb65buRIzRahe5UXwCsImDJ6
j4WyP3WYLjxm8jVbxs1JzwVH0hO2zxDqdjv4LVM/p+rckDaXu8B3PHIGfwN6k/ji
5qbACqc5+krv1CtZ7fhp3LXX9kYxBt8sNbqQ7d8b6LR84KUZWq4Er0sokQIsp0nS
bMwy1+kBgFoAjiBApcRaoB85p2NrMI3Nyy3QkoahRU4x84fR5YYKdh8KeDtGwhlj
b3EBSBMVSzDcqKuALhkK7Hi3l/nS5Y22OWE4gLYAzFFaFhYHTY+C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:40 2024 by rpki-client on console-fra.rpki-client.org