Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/0d3f51-af73-4045-a0f1-eab828eca45b/1/J4EbPRrfstMwbjWgkNrM8BPuD6U.roa
File: J4EbPRrfstMwbjWgkNrM8BPuD6U.roa (raw, json)
Hash identifier: bsAWCujTKpvU+MHqAY00wu/mVFDkPKpb3ClMPYLpCGk=
Subject key identifier: 27:81:1B:3D:1A:DF:B2:D3:30:6E:35:A0:90:DA:CC:F0:13:EE:0F:A5
Certificate issuer: /CN=03ebb001528281734bf5c94bc4bef6f6e99a377e
Certificate serial: 01856E1D2E912F67BEFF250021F0AA778CC5
Authority key identifier: 03:EB:B0:01:52:82:81:73:4B:F5:C9:4B:C4:BE:F6:F6:E9:9A:37:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A-uwAVKCgXNL9clLxL729umaN34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/0d3f51-af73-4045-a0f1-eab828eca45b/1/J4EbPRrfstMwbjWgkNrM8BPuD6U.roa
Signing time: Sun 01 Jan 2023 16:14:44 +0000
ROA not before: Sun 01 Jan 2023 16:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42878
IP address blocks: 91.193.202.0/24 maxlen: 24
91.193.200.0/22 maxlen: 22
91.193.201.0/24 maxlen: 24
91.193.203.0/24 maxlen: 24
91.193.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:1d:2e:91:2f:67:be:ff:25:00:21:f0:aa:77:8c:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03ebb001528281734bf5c94bc4bef6f6e99a377e
Validity
Not Before: Jan 1 16:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27811b3d1adfb2d3306e35a090daccf013ee0fa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6e:ba:ec:ce:71:e4:5e:22:81:7b:cd:8e:47:
b1:90:5a:70:ff:05:22:00:ea:3f:00:9c:14:b9:0c:
b8:d9:d7:83:ba:ba:8f:07:8c:f8:ea:37:22:fc:e6:
5a:aa:32:e1:2d:aa:fc:7f:54:8e:e2:36:76:b0:69:
ca:aa:18:90:2e:be:0e:b4:60:67:d8:2c:0d:df:1c:
c8:16:76:2e:78:2b:10:7d:96:44:c8:16:cb:92:ed:
0f:14:82:ee:6d:11:e7:0e:9a:22:8f:42:e2:69:81:
f5:a9:68:62:69:fb:6f:25:f3:f4:07:d5:26:fa:00:
e8:1d:2e:ed:b8:33:64:d4:36:1f:77:a8:a2:2a:4f:
a1:12:fc:57:fe:15:ab:99:1c:77:cc:9d:f4:33:ff:
ab:46:2c:2e:09:cf:25:32:1f:87:37:81:6b:76:d9:
40:a1:1d:a7:75:53:ee:b2:be:a3:6d:3f:5e:7e:20:
01:b4:84:31:da:ea:f4:c2:fd:33:5e:a4:68:6d:80:
bf:8b:7e:c5:17:2b:a0:cd:c3:7f:7e:8a:b1:15:64:
f8:34:c6:28:b7:66:6f:c5:6d:43:ee:e8:82:db:0f:
b4:09:49:bf:f2:e6:d4:e0:cf:e6:78:6d:74:8d:ea:
10:7d:eb:52:fe:e2:40:2a:2e:77:57:a5:fa:cc:32:
41:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:81:1B:3D:1A:DF:B2:D3:30:6E:35:A0:90:DA:CC:F0:13:EE:0F:A5
X509v3 Authority Key Identifier:
keyid:03:EB:B0:01:52:82:81:73:4B:F5:C9:4B:C4:BE:F6:F6:E9:9A:37:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A-uwAVKCgXNL9clLxL729umaN34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/0d3f51-af73-4045-a0f1-eab828eca45b/1/J4EbPRrfstMwbjWgkNrM8BPuD6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/0d3f51-af73-4045-a0f1-eab828eca45b/1/A-uwAVKCgXNL9clLxL729umaN34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.200.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:12:b4:6c:0a:2d:91:4a:62:cf:eb:ac:60:48:70:c4:40:64:
85:91:26:30:73:f7:f2:60:ca:e9:a0:4e:86:53:63:c1:25:ce:
ff:05:52:11:c8:56:1a:34:82:4b:12:f6:62:a7:6a:c8:27:32:
d9:91:d0:80:40:a1:68:a4:3d:35:9a:b9:db:86:bc:d1:d7:8a:
c0:96:c3:e9:64:19:81:58:e3:42:45:ad:eb:17:24:91:3d:5b:
68:18:d6:0e:b6:88:52:39:ff:be:ae:c2:76:12:8a:1b:f4:22:
48:4d:ac:c6:fc:97:1c:6a:7a:ac:46:05:e0:c6:9c:a0:60:68:
43:b5:41:49:30:bb:ed:01:10:c3:07:d1:fd:c5:37:d6:21:8b:
2d:3d:18:9a:d8:c8:95:12:b7:80:0f:4b:8b:5e:99:9a:d6:b2:
df:bb:eb:8c:5c:df:d9:86:f9:f2:ea:d6:a1:8e:d0:d1:ff:0d:
d8:84:11:a4:31:78:de:0a:5c:09:b0:bc:d1:f0:c4:a2:89:67:
52:86:ec:ad:70:b2:46:d8:a0:95:92:38:2d:93:3f:b9:f5:83:
c5:04:e6:d9:8b:e4:a3:24:f8:9a:89:fa:b6:6d:16:7c:f8:d7:
d2:80:1d:1d:05:79:7c:82:a2:63:b0:af:04:54:2a:93:c3:10:
05:d6:0d:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuHS6RL2e+/yUAIfCqd4zFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZWJiMDAxNTI4MjgxNzM0YmY1Yzk0YmM0YmVmNmY2ZTk5
YTM3N2UwHhcNMjMwMTAxMTYxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzgxMWIzZDFhZGZiMmQzMzA2ZTM1YTA5MGRhY2NmMDEzZWUwZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjG667M5x5F4igXvNjkexkFpw/wUi
AOo/AJwUuQy42deDurqPB4z46jci/OZaqjLhLar8f1SO4jZ2sGnKqhiQLr4OtGBn
2CwN3xzIFnYueCsQfZZEyBbLku0PFILubRHnDpoij0LiaYH1qWhiaftvJfP0B9Um
+gDoHS7tuDNk1DYfd6iiKk+hEvxX/hWrmRx3zJ30M/+rRiwuCc8lMh+HN4FrdtlA
oR2ndVPusr6jbT9efiABtIQx2ur0wv0zXqRobYC/i37FFyugzcN/foqxFWT4NMYo
t2ZvxW1D7uiC2w+0CUm/8ubU4M/meG10jeoQfetS/uJAKi53V6X6zDJBdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCeBGz0a37LTMG41oJDazPAT7g+lMB8GA1UdIwQY
MBaAFAPrsAFSgoFzS/XJS8S+9vbpmjd+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQS11d0FWS0NnWE5MOWNsTHhMNzI5dW1hTjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8wZDNmNTEtYWY3My00MDQ1LWEwZjEt
ZWFiODI4ZWNhNDViLzEvSjRFYlBScmZzdE13YmpXZ2tOck04QlB1RDZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8wZDNmNTEtYWY3My00MDQ1LWEwZjEtZWFiODI4ZWNhNDVi
LzEvQS11d0FWS0NnWE5MOWNsTHhMNzI5dW1hTjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8HIMA0G
CSqGSIb3DQEBCwUAA4IBAQAPErRsCi2RSmLP66xgSHDEQGSFkSYwc/fyYMrpoE6G
U2PBJc7/BVIRyFYaNIJLEvZip2rIJzLZkdCAQKFopD01mrnbhrzR14rAlsPpZBmB
WONCRa3rFySRPVtoGNYOtohSOf++rsJ2Eoob9CJITazG/JccanqsRgXgxpygYGhD
tUFJMLvtARDDB9H9xTfWIYstPRia2MiVEreAD0uLXpma1rLfu+uMXN/Zhvny6tah
jtDR/w3YhBGkMXjeClwJsLzR8MSiiWdShuytcLJG2KCVkjgtkz+59YPFBObZi+Sj
JPiaifq2bRZ8+NfSgB0dBXl8gqJjsK8EVCqTwxAF1g1s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:50 2024 by rpki-client on console-fra.rpki-client.org