Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/caa2da-5ebc-45cb-b8fe-08f3e8907c42/1/5pBbxtQ9Ja45d_BYWrT99MENp_w.roa
File: 5pBbxtQ9Ja45d_BYWrT99MENp_w.roa (raw, json)
Hash identifier: XVJ+hJUrKdXHeLXkNwe3TiJRdQa9cqgRHpZkBNya+nc=
Subject key identifier: E6:90:5B:C6:D4:3D:25:AE:39:77:F0:58:5A:B4:FD:F4:C1:0D:A7:FC
Certificate issuer: /CN=0e3c9ee1be3308fd6bd4a7c7ac2b9d910089b779
Certificate serial: 018572837C564A69B4AED076E37849B9DB07
Authority key identifier: 0E:3C:9E:E1:BE:33:08:FD:6B:D4:A7:C7:AC:2B:9D:91:00:89:B7:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Djye4b4zCP1r1KfHrCudkQCJt3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/caa2da-5ebc-45cb-b8fe-08f3e8907c42/1/5pBbxtQ9Ja45d_BYWrT99MENp_w.roa
Signing time: Mon 02 Jan 2023 12:44:57 +0000
ROA not before: Mon 02 Jan 2023 12:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61311
IP address blocks: 91.202.176.0/24 maxlen: 24
91.202.176.0/22 maxlen: 24
91.202.179.0/24 maxlen: 24
91.202.178.0/24 maxlen: 24
91.202.177.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:7c:56:4a:69:b4:ae:d0:76:e3:78:49:b9:db:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e3c9ee1be3308fd6bd4a7c7ac2b9d910089b779
Validity
Not Before: Jan 2 12:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6905bc6d43d25ae3977f0585ab4fdf4c10da7fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ab:ae:13:fc:a8:f2:ca:ec:e0:21:fd:89:03:
fa:60:af:cd:9a:57:55:e5:4b:c8:94:89:94:b7:0b:
1f:58:ec:d1:2b:97:95:ed:cf:c0:05:ec:d9:d0:54:
1f:3e:a4:ab:c0:e1:df:0a:e9:50:a6:05:16:6e:75:
a0:58:a5:b3:88:b1:59:fd:98:97:d2:b9:d9:11:8e:
3d:22:39:9b:07:f0:57:88:5e:44:51:ae:5d:5b:aa:
43:17:2f:c3:4e:49:a3:f4:f5:07:a6:20:49:9e:9e:
54:4f:a1:c4:a1:bf:8d:e6:7c:4a:45:08:d1:ba:76:
dd:d0:46:9b:6c:82:ac:bd:71:65:d1:d4:36:ff:4c:
ae:94:5c:d9:e4:05:5c:46:a7:71:66:73:13:9d:a3:
44:3c:b9:3f:7b:ad:67:e5:18:3f:dd:d1:17:e2:7e:
4a:31:6d:3b:04:df:5f:10:b1:42:6b:a4:b9:6c:39:
ef:fd:0c:2c:aa:24:b7:ba:f8:5d:ab:53:72:b4:d9:
cd:33:b2:e5:ac:12:f3:80:0a:c4:82:89:1c:3a:31:
ca:b5:cb:4c:30:d8:23:3b:27:0e:89:91:f7:3f:be:
ed:c7:50:1a:e0:0d:6f:6d:ee:6f:ab:af:e4:67:8c:
68:8a:d5:25:8c:dd:99:d2:1c:97:1b:29:32:18:71:
e0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:90:5B:C6:D4:3D:25:AE:39:77:F0:58:5A:B4:FD:F4:C1:0D:A7:FC
X509v3 Authority Key Identifier:
keyid:0E:3C:9E:E1:BE:33:08:FD:6B:D4:A7:C7:AC:2B:9D:91:00:89:B7:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Djye4b4zCP1r1KfHrCudkQCJt3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/caa2da-5ebc-45cb-b8fe-08f3e8907c42/1/5pBbxtQ9Ja45d_BYWrT99MENp_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/caa2da-5ebc-45cb-b8fe-08f3e8907c42/1/Djye4b4zCP1r1KfHrCudkQCJt3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.176.0/22
Signature Algorithm: sha256WithRSAEncryption
03:93:dd:89:85:80:a6:37:04:10:63:8f:d3:84:b2:6a:a1:0e:
80:3c:3d:d6:21:d6:46:6f:51:b8:74:1e:4f:7f:be:47:6a:f7:
81:fa:fe:b6:f8:a8:49:af:82:a6:62:e8:80:f2:5d:96:df:3b:
c8:10:f5:9b:09:a8:c0:ee:9c:f1:b0:1c:58:dc:08:15:fa:6d:
90:70:33:d3:ed:ef:02:00:29:a7:a5:59:97:c2:57:67:a6:7e:
c7:05:a5:9d:0b:8d:cf:45:6a:e6:5f:6c:bd:f3:fd:72:76:80:
36:1e:9c:08:d8:f1:f8:d0:41:a6:d3:7e:0c:db:31:9c:53:39:
1f:65:c9:86:e7:6d:c4:0d:22:8f:09:43:a2:f6:38:f9:1c:f6:
6d:ee:3a:2d:ef:d9:f5:a2:db:07:34:a5:d0:19:ba:29:dc:dd:
05:83:2a:f2:fb:93:36:26:e6:53:49:0f:d1:3b:16:11:9a:45:
91:2b:c2:a7:e9:26:ed:6f:ca:b7:0c:e9:ed:68:b4:b9:5a:b7:
c1:aa:d4:a8:97:01:bf:64:93:17:77:14:84:03:51:bc:71:01:
9c:42:dc:d2:3b:45:f4:3a:3c:29:d8:4b:e1:e3:13:0f:19:d1:
05:87:3a:48:0f:93:86:9f:a7:e9:2e:f2:82:ee:e1:41:dc:b0:
71:56:bb:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyg3xWSmm0rtB243hJudsHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlM2M5ZWUxYmUzMzA4ZmQ2YmQ0YTdjN2FjMmI5ZDkxMDA4
OWI3NzkwHhcNMjMwMTAyMTI0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjkwNWJjNmQ0M2QyNWFlMzk3N2YwNTg1YWI0ZmRmNGMxMGRhN2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoquuE/yo8srs4CH9iQP6YK/NmldV
5UvIlImUtwsfWOzRK5eV7c/ABezZ0FQfPqSrwOHfCulQpgUWbnWgWKWziLFZ/ZiX
0rnZEY49IjmbB/BXiF5EUa5dW6pDFy/DTkmj9PUHpiBJnp5UT6HEob+N5nxKRQjR
unbd0EabbIKsvXFl0dQ2/0yulFzZ5AVcRqdxZnMTnaNEPLk/e61n5Rg/3dEX4n5K
MW07BN9fELFCa6S5bDnv/QwsqiS3uvhdq1NytNnNM7LlrBLzgArEgokcOjHKtctM
MNgjOycOiZH3P77tx1Aa4A1vbe5vq6/kZ4xoitUljN2Z0hyXGykyGHHgmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOaQW8bUPSWuOXfwWFq0/fTBDaf8MB8GA1UdIwQY
MBaAFA48nuG+Mwj9a9Snx6wrnZEAibd5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGp5ZTRiNHpDUDFyMUtmSHJDdWRrUUNKdDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9jYWEyZGEtNWViYy00NWNiLWI4ZmUt
MDhmM2U4OTA3YzQyLzEvNXBCYnh0UTlKYTQ1ZF9CWVdyVDk5TUVOcF93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9jYWEyZGEtNWViYy00NWNiLWI4ZmUtMDhmM2U4OTA3YzQy
LzEvRGp5ZTRiNHpDUDFyMUtmSHJDdWRrUUNKdDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8qwMA0G
CSqGSIb3DQEBCwUAA4IBAQADk92JhYCmNwQQY4/ThLJqoQ6APD3WIdZGb1G4dB5P
f75HaveB+v62+KhJr4KmYuiA8l2W3zvIEPWbCajA7pzxsBxY3AgV+m2QcDPT7e8C
ACmnpVmXwldnpn7HBaWdC43PRWrmX2y98/1ydoA2HpwI2PH40EGm034M2zGcUzkf
ZcmG523EDSKPCUOi9jj5HPZt7jot79n1otsHNKXQGbop3N0Fgyry+5M2JuZTSQ/R
OxYRmkWRK8Kn6Sbtb8q3DOntaLS5WrfBqtSolwG/ZJMXdxSEA1G8cQGcQtzSO0X0
Ojwp2Evh4xMPGdEFhzpID5OGn6fpLvKC7uFB3LBxVrsJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org