Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/1-pPAF1Ql9_g18HC5kCz5S3Y7VmY.roa
File: 1-pPAF1Ql9_g18HC5kCz5S3Y7VmY.roa (raw, json)
Hash identifier: kOCBt/tj1oYitr9no6M7BIc7rhRrDmFW1TBoycvC900=
Subject key identifier: FA:93:C0:17:54:25:F7:F8:35:F0:70:B9:90:2C:F9:4B:76:3B:56:66
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018FED752412B5ACB99F0E9643E4613D3FAF
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/1-pPAF1Ql9_g18HC5kCz5S3Y7VmY.roa
Signing time: Thu 06 Jun 2024 12:10:28 +0000
ROA not before: Thu 06 Jun 2024 12:10:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 91.200.223.0/24 maxlen: 24
91.210.145.0/24 maxlen: 24
91.226.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jul 2024 12:42:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ed:75:24:12:b5:ac:b9:9f:0e:96:43:e4:61:3d:3f:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 6 12:10:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa93c0175425f7f835f070b9902cf94b763b5666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:eb:14:bd:e5:91:97:96:65:35:e5:2c:9a:ed:
88:b9:59:d4:a1:f3:5a:9a:8a:64:eb:17:31:87:8e:
ef:2a:fc:dd:fc:57:d6:65:7c:cf:3f:3f:d5:4e:4b:
3d:98:e3:08:89:2b:44:89:f8:2c:0f:68:fa:4e:9b:
88:99:d7:4a:54:5a:b8:0b:a0:4b:a4:ef:1e:ce:16:
b7:41:2b:9f:69:a8:2e:65:b8:70:1c:58:1c:c1:26:
97:c8:86:7a:e2:8f:aa:46:29:7e:88:00:ff:5d:0e:
98:2d:cc:c4:6d:0f:52:5c:92:9a:9e:80:a0:7b:0f:
68:82:c6:1f:6f:25:0a:94:17:2d:22:3e:78:6a:ac:
8a:7d:9d:ca:2b:36:12:32:4e:a0:8a:77:28:1e:f6:
e7:a8:f0:66:48:6c:d4:ab:2c:b5:b3:e5:63:46:74:
9c:b5:75:c6:6e:01:4b:b0:b4:2b:3e:b1:b9:b0:d1:
3d:98:7e:95:b7:f4:a5:cc:9b:32:7a:07:9d:fd:a2:
f9:b6:67:a0:27:c3:af:96:56:3e:90:ca:3b:10:e8:
b7:5d:11:b6:e5:b3:ee:66:58:1d:a4:4d:7e:3b:83:
2f:74:af:75:82:90:ce:67:19:67:9c:36:31:75:20:
ac:7e:3b:f4:21:5f:79:48:ae:93:40:55:25:dc:04:
30:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:93:C0:17:54:25:F7:F8:35:F0:70:B9:90:2C:F9:4B:76:3B:56:66
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/1-pPAF1Ql9_g18HC5kCz5S3Y7VmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.223.0/24
91.210.145.0/24
91.226.56.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:43:c3:05:80:bb:64:e1:a0:c2:ea:d1:3d:cf:9e:67:d7:b0:
ca:93:09:91:09:46:e9:21:7e:3e:55:43:57:cc:b9:54:6c:cb:
b5:c7:6e:28:51:dd:bc:79:4e:b8:13:e7:76:27:57:90:65:b3:
15:10:be:17:f8:be:ac:1c:5c:43:b5:05:51:7c:1b:33:3c:af:
b7:81:ae:71:8b:d3:67:fe:ed:62:cd:39:43:c2:55:a4:24:3d:
11:40:f5:1d:be:f7:a3:4a:60:2a:fb:27:ca:8d:73:77:f3:4b:
98:48:54:c8:33:f6:8b:7d:fa:68:a0:cb:09:46:97:02:a4:ec:
2f:0b:90:96:8b:28:cd:35:be:d8:82:75:fa:01:c5:be:7d:c1:
33:1d:ae:d6:dd:e9:56:43:52:a3:cc:ff:ef:52:05:d9:bb:07:
b7:59:05:a2:7d:31:06:98:a5:0a:f0:87:6d:e3:a6:37:cd:c6:
ae:f6:6c:90:16:28:41:d7:91:1d:97:25:ba:a7:9d:5a:c7:d6:
57:19:fd:8b:9a:a8:8a:7f:99:92:c5:7d:e9:29:bc:f7:03:15:
6d:c4:25:3b:24:a3:e5:41:01:6c:cd:4c:80:14:4f:d8:8b:00:
84:4d:3e:8f:0f:22:66:d2:b3:c5:08:99:bc:3d:2e:84:84:c0:
68:f2:d1:cc
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAY/tdSQStay5nw6WQ+RhPT+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNjA2MTIxMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTkzYzAxNzU0MjVmN2Y4MzVmMDcwYjk5MDJjZjk0Yjc2M2I1NjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtusUveWRl5ZlNeUsmu2IuVnUofNa
mopk6xcxh47vKvzd/FfWZXzPPz/VTks9mOMIiStEifgsD2j6TpuImddKVFq4C6BL
pO8ezha3QSufaaguZbhwHFgcwSaXyIZ64o+qRil+iAD/XQ6YLczEbQ9SXJKanoCg
ew9ogsYfbyUKlBctIj54aqyKfZ3KKzYSMk6gincoHvbnqPBmSGzUqyy1s+VjRnSc
tXXGbgFLsLQrPrG5sNE9mH6Vt/SlzJsyeged/aL5tmegJ8OvllY+kMo7EOi3XRG2
5bPuZlgdpE1+O4MvdK91gpDOZxlnnDYxdSCsfjv0IV95SK6TQFUl3AQwcQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPqTwBdUJff4NfBwuZAs+Ut2O1ZmMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvMS1wUEFGMVFsOV9nMThIQzVrQ3o1UzNZN1ZtWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWMvZDI2NjE4LWIzNDAtNGY1MC1iMzMwLTMxOGEyNmQ0YThj
OS8xL2d6NF9YdmdsVldzQlNnaGRNbFpic012RnJJMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFvI3wME
AFvSkQMEAFviODANBgkqhkiG9w0BAQsFAAOCAQEAjUPDBYC7ZOGgwurRPc+eZ9ew
ypMJkQlG6SF+PlVDV8y5VGzLtcduKFHdvHlOuBPndidXkGWzFRC+F/i+rBxcQ7UF
UXwbMzyvt4GucYvTZ/7tYs05Q8JVpCQ9EUD1Hb73o0pgKvsnyo1zd/NLmEhUyDP2
i336aKDLCUaXAqTsLwuQlosozTW+2IJ1+gHFvn3BMx2u1t3pVkNSo8z/71IF2bsH
t1kFon0xBpilCvCHbeOmN83GrvZskBYoQdeRHZcluqedWsfWVxn9i5qoin+ZksV9
6Sm89wMVbcQlOySj5UEBbM1MgBRP2IsAhE0+jw8iZtKzxQiZvD0uhITAaPLRzA==
-----END CERTIFICATE-----
Generated at Wed Jul 3 14:35:16 2024 by rpki-client on console-ams.rpki-client.org