Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/Jrfqug7hyEYhoJ9HzqAbuVRtgXE.roa
File: Jrfqug7hyEYhoJ9HzqAbuVRtgXE.roa (raw, json)
Hash identifier: BaLoYyOzM6Xi3mD6kq1ftNn8fLXuy5uLftXUPSf2H/0=
Subject key identifier: 26:B7:EA:BA:0E:E1:C8:46:21:A0:9F:47:CE:A0:1B:B9:54:6D:81:71
Certificate issuer: /CN=9df185e99ffe611527a0e94331151ffe2ee72ae9
Certificate serial: 018B990CD109AB1F0FF3A7190BD7B5C14B79
Authority key identifier: 9D:F1:85:E9:9F:FE:61:15:27:A0:E9:43:31:15:1F:FE:2E:E7:2A:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/Jrfqug7hyEYhoJ9HzqAbuVRtgXE.roa
Signing time: Sat 04 Nov 2023 06:37:15 +0000
ROA not before: Sat 04 Nov 2023 06:37:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201990
IP address blocks: 193.218.203.0/24 maxlen: 24
217.197.102.0/24 maxlen: 24
45.90.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:99:0c:d1:09:ab:1f:0f:f3:a7:19:0b:d7:b5:c1:4b:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df185e99ffe611527a0e94331151ffe2ee72ae9
Validity
Not Before: Nov 4 06:37:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26b7eaba0ee1c84621a09f47cea01bb9546d8171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:74:60:a4:90:b9:b1:a8:72:0d:e0:1f:6c:52:
55:cd:ed:0b:68:f9:bc:13:83:ab:4e:f4:35:88:e1:
b0:81:ca:0d:de:e7:9c:d6:98:4a:d4:00:a9:91:f2:
2a:73:64:72:79:3f:9a:16:fa:ff:d5:0d:2c:56:a8:
e2:50:8c:eb:8e:e8:30:66:a2:7a:d6:6f:dd:78:3b:
9b:d9:7b:f1:36:93:87:d3:68:bf:7c:eb:79:09:dc:
2d:84:da:92:7e:95:c9:6c:63:ae:6f:f4:9a:e5:d9:
e9:a0:f6:3c:1c:1a:4b:9e:59:5e:82:4c:7d:c0:7d:
ed:d9:87:06:c7:3f:db:9f:b5:fa:f9:4b:be:0a:ed:
53:8c:79:4b:09:e3:f0:48:df:a5:54:79:61:44:0c:
a6:ed:cb:8b:61:03:1d:b8:bd:34:ab:b4:b4:5e:11:
8b:4f:08:57:01:ab:b0:23:23:65:bb:5e:fa:15:46:
91:d2:ec:d0:45:a2:77:79:7a:6d:cd:b6:8e:24:d4:
1d:90:6b:cf:ed:77:6e:44:fd:5b:c0:5a:bf:67:67:
ac:bc:e5:dd:6c:db:a1:0e:d0:63:d2:79:9e:7b:a7:
9a:9f:a9:2b:5c:8c:fe:f4:95:4b:d9:3e:f0:fa:5b:
d3:4e:a1:2c:40:ef:fd:a2:7a:10:ec:7b:ad:8c:82:
8c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:B7:EA:BA:0E:E1:C8:46:21:A0:9F:47:CE:A0:1B:B9:54:6D:81:71
X509v3 Authority Key Identifier:
keyid:9D:F1:85:E9:9F:FE:61:15:27:A0:E9:43:31:15:1F:FE:2E:E7:2A:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/Jrfqug7hyEYhoJ9HzqAbuVRtgXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.43.0/24
193.218.203.0/24
217.197.102.0/24
Signature Algorithm: sha256WithRSAEncryption
50:18:b5:5d:bd:d6:f1:bb:0a:5d:7f:37:77:1f:a0:7c:c5:50:
22:c0:a0:c8:d9:bd:03:24:77:31:5a:a1:3a:97:24:6a:64:48:
06:13:31:11:3b:b8:b9:14:5a:02:ec:72:a2:e2:5f:fd:58:f2:
a0:55:78:c6:a5:91:eb:91:48:37:8e:5e:1c:cd:16:d3:49:91:
4f:77:8b:f9:87:61:7a:de:8f:56:f3:e1:ef:14:4e:06:e1:8a:
eb:00:13:16:38:04:d8:5e:19:2e:64:48:e7:47:9c:c2:56:cf:
b8:70:f8:f1:c5:6c:91:1e:53:0a:62:aa:dd:93:3f:86:aa:dc:
bc:2d:1c:21:f4:01:e4:94:54:59:55:a0:f4:cc:78:21:5d:f0:
96:17:30:b6:f9:e4:44:b5:0d:d0:39:0a:fb:d6:51:a3:ab:35:
f8:4b:25:1c:e7:f3:38:68:1d:8d:20:86:6b:8d:02:99:22:4e:
b8:2b:3e:be:1d:59:8c:f7:a3:7d:df:5d:74:d0:0e:ed:d6:15:
9a:d6:02:58:eb:b5:66:af:16:23:1d:11:a5:5c:a1:ed:62:af:
b7:68:1d:46:7c:9e:fb:65:7f:0c:4f:b9:45:5d:87:16:39:be:
e6:e5:d1:94:6b:e9:3c:4b:c5:36:3a:e3:c8:dd:39:02:26:a1:
2f:11:b8:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuZDNEJqx8P86cZC9e1wUt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZjE4NWU5OWZmZTYxMTUyN2EwZTk0MzMxMTUxZmZlMmVl
NzJhZTkwHhcNMjMxMTA0MDYzNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmI3ZWFiYTBlZTFjODQ2MjFhMDlmNDdjZWEwMWJiOTU0NmQ4MTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXRgpJC5sahyDeAfbFJVze0LaPm8
E4OrTvQ1iOGwgcoN3uec1phK1ACpkfIqc2RyeT+aFvr/1Q0sVqjiUIzrjugwZqJ6
1m/deDub2XvxNpOH02i/fOt5CdwthNqSfpXJbGOub/Sa5dnpoPY8HBpLnllegkx9
wH3t2YcGxz/bn7X6+Uu+Cu1TjHlLCePwSN+lVHlhRAym7cuLYQMduL00q7S0XhGL
TwhXAauwIyNlu176FUaR0uzQRaJ3eXptzbaOJNQdkGvP7XduRP1bwFq/Z2esvOXd
bNuhDtBj0nmee6ean6krXIz+9JVL2T7w+lvTTqEsQO/9onoQ7HutjIKMSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCa36roO4chGIaCfR86gG7lUbYFxMB8GA1UdIwQY
MBaAFJ3xhemf/mEVJ6DpQzEVH/4u5yrpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmZHRjZaXy1ZUlVub09sRE1SVWZfaTduS3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy82MGU1MWYtYjgwMy00NzRkLWIyN2Et
ZjI5OTBjZWI5NGVjLzEvSnJmcXVnN2h5RVlob0o5SHpxQWJ1VlJ0Z1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy82MGU1MWYtYjgwMy00NzRkLWIyN2EtZjI5OTBjZWI5NGVj
LzEvbmZHRjZaXy1ZUlVub09sRE1SVWZfaTduS3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVorAwQA
wdrLAwQA2cVmMA0GCSqGSIb3DQEBCwUAA4IBAQBQGLVdvdbxuwpdfzd3H6B8xVAi
wKDI2b0DJHcxWqE6lyRqZEgGEzERO7i5FFoC7HKi4l/9WPKgVXjGpZHrkUg3jl4c
zRbTSZFPd4v5h2F63o9W8+HvFE4G4YrrABMWOATYXhkuZEjnR5zCVs+4cPjxxWyR
HlMKYqrdkz+Gqty8LRwh9AHklFRZVaD0zHghXfCWFzC2+eREtQ3QOQr71lGjqzX4
SyUc5/M4aB2NIIZrjQKZIk64Kz6+HVmM96N931100A7t1hWa1gJY67VmrxYjHRGl
XKHtYq+3aB1GfJ77ZX8MT7lFXYcWOb7m5dGUa+k8S8U2OuPI3TkCJqEvEbiP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:32 2024 by rpki-client on console-ams.rpki-client.org