Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/2f5269-d433-47ed-bf1b-ab6fc4e0f1e0/1/FSXzgQAsZ9C_Tg4U8qOwjOQHohU.roa
File: FSXzgQAsZ9C_Tg4U8qOwjOQHohU.roa (raw, json)
Hash identifier: 51mzgwQ66nL3eVZTWMPnIeUaUUtQ6e0ZOeXtvJmVVqU=
Subject key identifier: 15:25:F3:81:00:2C:67:D0:BF:4E:0E:14:F2:A3:B0:8C:E4:07:A2:15
Certificate issuer: /CN=686d6f569500c25070b6124f1b86f60952677a93
Certificate serial: 018621EB89B9382100FEA101E51440DBF137
Authority key identifier: 68:6D:6F:56:95:00:C2:50:70:B6:12:4F:1B:86:F6:09:52:67:7A:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG1vVpUAwlBwthJPG4b2CVJnepM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/2f5269-d433-47ed-bf1b-ab6fc4e0f1e0/1/FSXzgQAsZ9C_Tg4U8qOwjOQHohU.roa
Signing time: Sun 05 Feb 2023 14:12:09 +0000
ROA not before: Sun 05 Feb 2023 14:12:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207881
IP address blocks: 91.237.208.0/24 maxlen: 24
91.237.215.0/24 maxlen: 24
91.238.1.0/24 maxlen: 24
91.238.18.0/24 maxlen: 24
2a0f:6940::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:21:eb:89:b9:38:21:00:fe:a1:01:e5:14:40:db:f1:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686d6f569500c25070b6124f1b86f60952677a93
Validity
Not Before: Feb 5 14:12:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1525f381002c67d0bf4e0e14f2a3b08ce407a215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:95:c5:96:ad:9f:71:b0:34:1b:0e:fe:c4:c2:
a0:13:08:0f:93:e2:be:80:40:3c:66:55:51:5e:f7:
66:8a:e9:a8:de:d5:b6:5a:63:ff:1e:f9:1a:04:fe:
c3:16:d3:e4:41:ab:7f:12:8e:d0:03:de:e6:ea:46:
f4:3f:dd:9e:8e:c2:db:44:04:f8:d8:0b:c4:86:e6:
a8:5a:54:f0:8b:a5:b5:59:3a:07:35:41:0d:4d:6a:
d2:31:89:0c:f8:69:19:f3:7e:b6:6b:2f:db:6e:4f:
f6:5b:87:cb:e1:9d:99:db:30:c9:49:5e:44:c3:b9:
4a:9b:ae:bb:58:a2:94:2f:57:1c:8c:fa:f9:e5:c1:
12:d6:87:77:8f:ad:c4:5f:0b:a7:29:23:e3:0f:93:
83:be:39:ed:f3:9b:f9:64:4e:16:ee:ce:16:3a:db:
31:5e:6d:e8:6e:9d:cf:57:52:02:a7:fc:24:e9:58:
f4:02:5f:19:57:5f:cc:be:00:37:a9:bb:2c:f5:1b:
06:b9:e9:c1:0c:8e:b3:e1:c2:e1:73:30:32:89:b5:
d7:fb:39:e7:de:3d:07:6a:b6:d4:24:76:58:9a:47:
d0:72:19:44:c1:c6:0f:d9:31:d2:3b:63:4c:b0:ab:
c7:9f:2e:78:a9:d7:17:1c:06:4d:ea:49:da:a2:1e:
13:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:25:F3:81:00:2C:67:D0:BF:4E:0E:14:F2:A3:B0:8C:E4:07:A2:15
X509v3 Authority Key Identifier:
keyid:68:6D:6F:56:95:00:C2:50:70:B6:12:4F:1B:86:F6:09:52:67:7A:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG1vVpUAwlBwthJPG4b2CVJnepM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2f5269-d433-47ed-bf1b-ab6fc4e0f1e0/1/FSXzgQAsZ9C_Tg4U8qOwjOQHohU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2f5269-d433-47ed-bf1b-ab6fc4e0f1e0/1/aG1vVpUAwlBwthJPG4b2CVJnepM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.208.0/24
91.237.215.0/24
91.238.1.0/24
91.238.18.0/24
IPv6:
2a0f:6940::/32
Signature Algorithm: sha256WithRSAEncryption
12:55:cf:54:61:95:da:7a:87:2d:f6:ca:eb:20:12:63:99:ad:
5e:2a:cd:cd:c1:c0:c6:62:c6:17:35:d9:7f:76:cd:38:60:4b:
6a:7c:3b:61:69:97:c9:56:81:8c:ae:ca:22:76:c3:94:8a:d7:
df:08:ef:35:b4:ad:bc:cb:a4:d5:04:0d:92:6d:0b:36:3e:5c:
1e:64:36:6f:cc:46:ff:bd:fa:6a:a3:1f:61:43:f8:73:d3:fe:
6e:8a:c0:dc:7c:fb:0d:ca:ab:ad:9a:e6:68:fb:51:71:5c:50:
c3:4f:e5:22:ad:40:0b:00:04:61:0e:09:12:89:02:a4:01:cc:
70:e7:99:63:02:0d:77:ee:38:8e:ab:d6:bd:55:ce:11:71:64:
23:89:74:bb:d9:98:02:14:da:6e:67:48:b4:5f:2f:2a:78:ef:
7f:f9:db:bd:34:32:02:c1:47:c6:01:0e:13:41:6a:82:40:e4:
4c:e7:d6:3b:19:d1:de:65:47:cd:77:a1:8d:21:46:97:e6:c3:
00:8a:75:5a:d0:ad:5f:32:7a:16:f5:8a:4a:36:f8:2d:b2:ff:
1a:22:da:8d:6a:31:5c:36:d0:16:52:eb:53:d3:0f:b9:b5:d8:
d8:a0:b9:00:61:b3:40:d6:dd:1e:17:b3:87:ee:65:e7:0d:cc:
40:e8:11:5f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYYh64m5OCEA/qEB5RRA2/E3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmQ2ZjU2OTUwMGMyNTA3MGI2MTI0ZjFiODZmNjA5NTI2
NzdhOTMwHhcNMjMwMjA1MTQxMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTI1ZjM4MTAwMmM2N2QwYmY0ZTBlMTRmMmEzYjA4Y2U0MDdhMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05XFlq2fcbA0Gw7+xMKgEwgPk+K+
gEA8ZlVRXvdmiumo3tW2WmP/HvkaBP7DFtPkQat/Eo7QA97m6kb0P92ejsLbRAT4
2AvEhuaoWlTwi6W1WToHNUENTWrSMYkM+GkZ8362ay/bbk/2W4fL4Z2Z2zDJSV5E
w7lKm667WKKUL1ccjPr55cES1od3j63EXwunKSPjD5ODvjnt85v5ZE4W7s4WOtsx
Xm3obp3PV1ICp/wk6Vj0Al8ZV1/MvgA3qbss9RsGuenBDI6z4cLhczAyibXX+znn
3j0HarbUJHZYmkfQchlEwcYP2THSO2NMsKvHny54qdcXHAZN6knaoh4TnwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBUl84EALGfQv04OFPKjsIzkB6IVMB8GA1UdIwQY
MBaAFGhtb1aVAMJQcLYSTxuG9glSZ3qTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUcxdlZwVUF3bEJ3dGhKUEc0YjJDVkpuZXBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8yZjUyNjktZDQzMy00N2VkLWJmMWIt
YWI2ZmM0ZTBmMWUwLzEvRlNYemdRQXNaOUNfVGc0VThxT3dqT1FIb2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8yZjUyNjktZDQzMy00N2VkLWJmMWItYWI2ZmM0ZTBmMWUw
LzEvYUcxdlZwVUF3bEJ3dGhKUEc0YjJDVkpuZXBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW+3QAwQA
W+3XAwQAW+4BAwQAW+4SMA0EAgACMAcDBQAqD2lAMA0GCSqGSIb3DQEBCwUAA4IB
AQASVc9UYZXaeoct9srrIBJjma1eKs3NwcDGYsYXNdl/ds04YEtqfDthaZfJVoGM
rsoidsOUitffCO81tK28y6TVBA2SbQs2PlweZDZvzEb/vfpqox9hQ/hz0/5uisDc
fPsNyqutmuZo+1FxXFDDT+UirUALAARhDgkSiQKkAcxw55ljAg137jiOq9a9Vc4R
cWQjiXS72ZgCFNpuZ0i0Xy8qeO9/+du9NDICwUfGAQ4TQWqCQORM59Y7GdHeZUfN
d6GNIUaX5sMAinVa0K1fMnoW9YpKNvgtsv8aItqNajFcNtAWUutT0w+5tdjYoLkA
YbNA1t0eF7OH7mXnDcxA6BFf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:46 2024 by rpki-client on console-ams.rpki-client.org