Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/42a166-8a86-48da-bb96-79fd5023de36/1/xjCxgN7Fn0WZfnhs_IVZ20t8Bmk.roa
File: xjCxgN7Fn0WZfnhs_IVZ20t8Bmk.roa (raw, json)
Hash identifier: +iSD2R6t8gl0Ur5W4JKK6D8OJN4fTWpVgZHfOVnh4NI=
Subject key identifier: C6:30:B1:80:DE:C5:9F:45:99:7E:78:6C:FC:85:59:DB:4B:7C:06:69
Certificate issuer: /CN=da1b9fe8f1a33917fee7e4dbe9fab925eb8625a9
Certificate serial: 018B62137D16A000D5F3AC419C27C0ADEE2D
Authority key identifier: DA:1B:9F:E8:F1:A3:39:17:FE:E7:E4:DB:E9:FA:B9:25:EB:86:25:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2huf6PGjORf-5-Tb6fq5JeuGJak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/42a166-8a86-48da-bb96-79fd5023de36/1/xjCxgN7Fn0WZfnhs_IVZ20t8Bmk.roa
Signing time: Tue 24 Oct 2023 14:25:26 +0000
ROA not before: Tue 24 Oct 2023 14:25:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60392
IP address blocks: 91.211.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:62:13:7d:16:a0:00:d5:f3:ac:41:9c:27:c0:ad:ee:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da1b9fe8f1a33917fee7e4dbe9fab925eb8625a9
Validity
Not Before: Oct 24 14:25:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c630b180dec59f45997e786cfc8559db4b7c0669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bf:ab:64:b3:76:6c:98:99:78:f2:17:7d:4c:
f6:c6:2a:c0:30:9e:e3:b1:78:bb:fe:2b:47:5f:a6:
32:eb:f2:54:fd:05:e0:c1:b1:03:48:c6:1e:71:b8:
98:a5:16:67:99:9c:06:4f:35:5a:1c:16:12:1a:91:
50:a6:f1:b6:ab:83:4f:5b:52:61:cd:d1:14:4d:75:
23:7b:07:a3:59:18:77:72:7c:57:95:b7:61:bd:f2:
47:e9:62:f9:c5:14:9b:48:61:a3:36:43:92:44:4c:
d0:df:4b:58:70:64:b1:14:8c:79:59:1b:c5:43:d2:
5a:05:98:11:f9:0e:77:2a:8b:f0:cd:07:fb:2b:c3:
c8:45:c9:fc:37:63:cb:3d:9c:5c:12:bd:6a:5d:fb:
94:cc:54:02:63:ba:20:ec:4d:10:36:53:65:76:ae:
ce:39:c4:e7:52:28:99:f5:c4:7d:86:2b:30:ce:93:
89:6c:10:ce:cc:a7:5c:24:e2:a9:ca:86:3f:a5:70:
9d:c5:01:c4:9d:12:ec:e7:f1:ad:04:99:15:75:af:
c4:3b:57:44:b7:73:1f:72:9b:cd:55:f7:54:29:3f:
33:08:ce:8f:40:c2:b0:eb:3b:d4:88:23:a0:63:2d:
87:74:f8:ac:e4:c5:cd:cd:15:f7:58:3c:d0:d3:56:
0a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:30:B1:80:DE:C5:9F:45:99:7E:78:6C:FC:85:59:DB:4B:7C:06:69
X509v3 Authority Key Identifier:
keyid:DA:1B:9F:E8:F1:A3:39:17:FE:E7:E4:DB:E9:FA:B9:25:EB:86:25:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2huf6PGjORf-5-Tb6fq5JeuGJak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/42a166-8a86-48da-bb96-79fd5023de36/1/xjCxgN7Fn0WZfnhs_IVZ20t8Bmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/42a166-8a86-48da-bb96-79fd5023de36/1/2huf6PGjORf-5-Tb6fq5JeuGJak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.86.0/24
Signature Algorithm: sha256WithRSAEncryption
22:23:a5:27:4e:14:af:e3:5d:f1:9c:3e:87:dc:3d:27:97:c9:
55:da:3b:62:c4:8b:eb:c3:3e:ce:ba:84:09:89:cb:27:f1:c0:
0c:18:07:a7:2f:2b:0e:8a:63:4f:8c:6e:e5:67:b6:d2:60:17:
62:f7:47:37:39:1a:6c:7c:26:57:b9:2e:e5:3b:be:1e:bb:44:
85:37:98:26:07:ec:0f:82:a7:cd:eb:67:8c:46:70:af:ac:94:
3f:04:58:97:f2:8a:d5:0a:3d:53:8c:1f:9f:11:76:98:c8:13:
c4:54:46:f5:06:18:ad:bf:f0:b1:27:31:5b:09:03:bd:4c:30:
4d:f1:98:f9:a3:9c:71:fa:35:80:2a:71:03:64:08:c8:2b:c0:
aa:80:49:9d:c4:c4:c8:41:cf:b9:cb:c2:da:2b:3a:7f:47:a6:
5b:12:2f:35:73:61:d0:56:97:7a:67:f7:31:8e:ca:2e:ab:05:
fa:73:ce:44:6b:e1:82:be:69:72:d8:c9:62:2b:d2:25:5f:8e:
37:0c:e0:68:65:91:d5:44:85:88:07:34:e9:4e:ab:00:2e:b2:
05:18:49:7f:16:ee:6d:84:3b:8c:f2:57:f9:38:be:a7:f7:a7:
c9:e0:31:ae:81:30:28:d3:27:85:bf:21:1c:01:37:5e:c9:2a:
fb:c3:21:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtiE30WoADV86xBnCfAre4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWI5ZmU4ZjFhMzM5MTdmZWU3ZTRkYmU5ZmFiOTI1ZWI4
NjI1YTkwHhcNMjMxMDI0MTQyNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjMwYjE4MGRlYzU5ZjQ1OTk3ZTc4NmNmYzg1NTlkYjRiN2MwNjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqb+rZLN2bJiZePIXfUz2xirAMJ7j
sXi7/itHX6Yy6/JU/QXgwbEDSMYecbiYpRZnmZwGTzVaHBYSGpFQpvG2q4NPW1Jh
zdEUTXUjewejWRh3cnxXlbdhvfJH6WL5xRSbSGGjNkOSREzQ30tYcGSxFIx5WRvF
Q9JaBZgR+Q53KovwzQf7K8PIRcn8N2PLPZxcEr1qXfuUzFQCY7og7E0QNlNldq7O
OcTnUiiZ9cR9hiswzpOJbBDOzKdcJOKpyoY/pXCdxQHEnRLs5/GtBJkVda/EO1dE
t3MfcpvNVfdUKT8zCM6PQMKw6zvUiCOgYy2HdPis5MXNzRX3WDzQ01YKqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMYwsYDexZ9FmX54bPyFWdtLfAZpMB8GA1UdIwQY
MBaAFNobn+jxozkX/ufk2+n6uSXrhiWpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmh1ZjZQR2pPUmYtNS1UYjZmcTVKZXVHSmFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80MmExNjYtOGE4Ni00OGRhLWJiOTYt
NzlmZDUwMjNkZTM2LzEveGpDeGdON0ZuMFdaZm5oc19JVloyMHQ4Qm1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80MmExNjYtOGE4Ni00OGRhLWJiOTYtNzlmZDUwMjNkZTM2
LzEvMmh1ZjZQR2pPUmYtNS1UYjZmcTVKZXVHSmFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9NWMA0G
CSqGSIb3DQEBCwUAA4IBAQAiI6UnThSv413xnD6H3D0nl8lV2jtixIvrwz7OuoQJ
icsn8cAMGAenLysOimNPjG7lZ7bSYBdi90c3ORpsfCZXuS7lO74eu0SFN5gmB+wP
gqfN62eMRnCvrJQ/BFiX8orVCj1TjB+fEXaYyBPEVEb1Bhitv/CxJzFbCQO9TDBN
8Zj5o5xx+jWAKnEDZAjIK8CqgEmdxMTIQc+5y8LaKzp/R6ZbEi81c2HQVpd6Z/cx
jsouqwX6c85Ea+GCvmly2MliK9IlX443DOBoZZHVRIWIBzTpTqsALrIFGEl/Fu5t
hDuM8lf5OL6n96fJ4DGugTAo0yeFvyEcATdeySr7wyEE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:30 2024 by rpki-client on console-fra.rpki-client.org