Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/5pbALUGGV14A9_Cfn9PlZgyXwqQ.roa
File: 5pbALUGGV14A9_Cfn9PlZgyXwqQ.roa (raw, json)
Hash identifier: Qeg6mPt8q4siNyXEORfW1k2xSMXb/L4//rFoB4gm5xA=
Subject key identifier: E6:96:C0:2D:41:86:57:5E:00:F7:F0:9F:9F:D3:E5:66:0C:97:C2:A4
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018E861E2084CBD4C6B7279E634885DA1E15
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/5pbALUGGV14A9_Cfn9PlZgyXwqQ.roa
Signing time: Thu 28 Mar 2024 17:31:45 +0000
ROA not before: Thu 28 Mar 2024 17:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 91.210.144.0/24 maxlen: 24
91.210.145.0/24 maxlen: 24
91.210.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Mar 2024 21:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:1e:20:84:cb:d4:c6:b7:27:9e:63:48:85:da:1e:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Mar 28 17:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e696c02d4186575e00f7f09f9fd3e5660c97c2a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fc:e2:70:7b:a3:14:09:f2:5f:9e:f7:7c:28:
c6:89:c6:9d:0a:a4:3e:8f:d9:87:74:41:8e:40:fa:
3e:26:aa:15:3c:97:24:4d:5f:27:c0:2f:11:7d:91:
dc:1f:69:b6:96:8e:46:89:f0:a7:71:d0:ce:bc:ad:
75:04:96:0a:62:01:ff:f0:3d:16:04:a7:c0:56:e5:
e3:2a:d1:bb:2a:54:93:cc:ec:67:03:49:e9:b6:fa:
0b:cf:ce:af:73:ac:53:0c:53:36:0f:da:72:0b:6f:
96:e5:ea:69:64:3c:0e:5c:e5:0d:c4:60:e2:58:35:
fe:ff:32:d4:f1:0c:23:79:dc:de:89:87:f6:a9:ae:
8f:d0:ed:61:be:9e:8c:eb:b2:b0:ba:c9:69:86:62:
fc:10:46:d2:ea:89:71:a8:9f:2e:43:ca:0c:db:7e:
5e:ce:97:b9:86:68:f1:40:2d:c2:3f:91:8a:23:c4:
7d:46:61:9b:dd:93:98:1e:9a:86:6c:a0:92:6b:7a:
e3:84:23:eb:a5:41:28:8c:3a:55:84:f8:28:54:fb:
52:02:d5:e2:15:8c:79:79:4a:df:17:d5:8a:66:91:
01:bf:e7:fb:0b:96:7b:b6:c2:b8:35:4a:02:da:2c:
0e:d4:b9:c7:f4:d5:95:cc:df:18:e2:09:1d:df:8b:
fd:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:96:C0:2D:41:86:57:5E:00:F7:F0:9F:9F:D3:E5:66:0C:97:C2:A4
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/5pbALUGGV14A9_Cfn9PlZgyXwqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.144.0-91.210.146.255
Signature Algorithm: sha256WithRSAEncryption
37:fe:41:ce:be:4a:87:f2:91:f4:13:59:a2:7d:69:5e:ca:4a:
42:fd:59:d8:33:92:e2:7c:47:72:bb:11:99:f1:3e:cf:fa:79:
80:c6:5f:a4:1c:d4:83:a3:23:9c:03:8e:20:13:7c:e6:39:81:
bd:76:06:e2:4b:fb:a9:06:ee:41:2c:9b:65:6f:31:a7:4c:98:
3e:17:24:5c:a0:f8:e9:85:63:22:d7:a5:57:32:2d:05:7e:ab:
a9:a7:19:1b:4a:95:45:c5:24:fd:cf:58:24:f9:a5:be:86:ae:
f7:fa:a4:f7:22:75:3b:9d:f4:8f:5b:46:c4:26:2f:8b:e9:20:
68:1f:86:7d:af:70:56:79:28:9f:06:08:4e:54:0a:76:ce:d6:
09:31:26:3d:5b:d3:bd:3a:49:0d:56:68:a5:f0:52:05:16:c6:
25:a0:05:18:b7:68:d2:2e:a5:b3:da:69:57:71:02:44:ab:72:
1b:4a:78:85:c5:69:b2:4f:7b:58:41:3b:fb:ba:a2:e2:f3:f4:
8d:7e:58:dc:f3:de:45:9e:38:f8:49:8d:2c:27:dd:0e:11:1f:
71:1e:00:9e:78:bb:dd:8d:eb:ad:2a:74:21:7e:7a:37:0e:a3:
76:e4:07:d6:0a:14:6e:69:23:44:de:17:65:28:df:63:d9:d6:
76:fb:bb:1d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY6GHiCEy9TGtyeeY0iF2h4VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMzI4MTczMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjk2YzAyZDQxODY1NzVlMDBmN2YwOWY5ZmQzZTU2NjBjOTdjMmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofzicHujFAnyX573fCjGicadCqQ+
j9mHdEGOQPo+JqoVPJckTV8nwC8RfZHcH2m2lo5GifCncdDOvK11BJYKYgH/8D0W
BKfAVuXjKtG7KlSTzOxnA0nptvoLz86vc6xTDFM2D9pyC2+W5eppZDwOXOUNxGDi
WDX+/zLU8QwjedzeiYf2qa6P0O1hvp6M67KwuslphmL8EEbS6olxqJ8uQ8oM235e
zpe5hmjxQC3CP5GKI8R9RmGb3ZOYHpqGbKCSa3rjhCPrpUEojDpVhPgoVPtSAtXi
FYx5eUrfF9WKZpEBv+f7C5Z7tsK4NUoC2iwO1LnH9NWVzN8Y4gkd34v9AwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOaWwC1BhldeAPfwn5/T5WYMl8KkMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvNXBiQUxVR0dWMTRBOV9DZm45UGxaZ3lYd3FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARb0pAD
BABb0pIwDQYJKoZIhvcNAQELBQADggEBADf+Qc6+SofykfQTWaJ9aV7KSkL9Wdgz
kuJ8R3K7EZnxPs/6eYDGX6Qc1IOjI5wDjiATfOY5gb12BuJL+6kG7kEsm2VvMadM
mD4XJFyg+OmFYyLXpVcyLQV+q6mnGRtKlUXFJP3PWCT5pb6Grvf6pPcidTud9I9b
RsQmL4vpIGgfhn2vcFZ5KJ8GCE5UCnbO1gkxJj1b0706SQ1WaKXwUgUWxiWgBRi3
aNIupbPaaVdxAkSrchtKeIXFabJPe1hBO/u6ouLz9I1+WNzz3kWeOPhJjSwn3Q4R
H3EeAJ54u92N660qdCF+ejcOo3bkB9YKFG5pI0TeF2Uo32PZ1nb7ux0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org