Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/RUFCKR3qYH6koEGtGv2tOu_87cI.roa
File: RUFCKR3qYH6koEGtGv2tOu_87cI.roa (raw, json)
Hash identifier: u/Jm1tovxjm+dhX9QRxNdg7JXWGvbYCZsi0ch6OtBgg=
Subject key identifier: 45:41:42:29:1D:EA:60:7E:A4:A0:41:AD:1A:FD:AD:3A:EF:FC:ED:C2
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018D0BEEE138724927E68094963057FE68BE
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/RUFCKR3qYH6koEGtGv2tOu_87cI.roa
Signing time: Mon 15 Jan 2024 07:03:41 +0000
ROA not before: Mon 15 Jan 2024 07:03:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 91.200.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 09:11:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0b:ee:e1:38:72:49:27:e6:80:94:96:30:57:fe:68:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 15 07:03:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=454142291dea607ea4a041ad1afdad3aeffcedc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:77:4e:56:3a:3f:64:09:21:18:2d:eb:82:3a:
e5:41:ff:7c:70:d1:83:9c:c0:13:33:53:1c:de:9c:
3b:fe:ed:ba:48:40:49:70:ae:52:24:13:f4:e3:1f:
91:f8:d3:5c:9b:25:9c:ac:7b:8c:48:2e:3f:55:22:
8c:c6:12:77:55:a5:08:24:dc:44:a2:d7:6a:bd:e2:
0d:72:0e:73:72:7f:f2:07:75:e3:de:26:f1:03:6a:
82:fb:90:31:c6:d5:42:ad:67:6a:29:18:9b:ee:82:
1c:5f:0f:0b:31:c1:88:0a:5c:fe:50:ac:12:3e:65:
62:b2:f8:a3:35:45:7f:b6:a4:a4:ae:55:71:90:b1:
de:bb:82:9b:06:5f:05:99:82:99:9d:17:bb:b8:93:
26:6e:4c:da:04:e1:89:2a:6e:58:78:76:7a:a5:f6:
f0:1a:7e:ac:53:f9:7e:58:c7:f9:a7:c7:6f:f2:d9:
dc:e0:06:a2:a5:73:80:55:00:26:5a:0f:f9:57:72:
21:bf:35:fd:66:55:a3:80:b6:fb:0d:24:ab:37:6e:
1f:75:bf:4c:6c:57:ba:c4:f9:11:8a:93:8a:eb:24:
11:cc:33:5d:98:57:fd:74:89:8d:22:b4:a1:1f:6f:
08:dc:eb:78:31:d1:8f:83:50:e9:29:82:9a:dc:87:
bf:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:41:42:29:1D:EA:60:7E:A4:A0:41:AD:1A:FD:AD:3A:EF:FC:ED:C2
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/RUFCKR3qYH6koEGtGv2tOu_87cI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
Signature Algorithm: sha256WithRSAEncryption
15:c9:4e:70:2f:80:35:a3:59:85:44:d9:3b:cd:47:8c:ff:ec:
c9:9f:1b:eb:c3:15:29:2e:79:14:f8:18:dc:83:20:3b:67:97:
e4:96:60:c1:98:56:d4:d6:f4:73:16:29:b8:b8:61:4b:5e:36:
07:e9:d7:42:49:0a:f4:8e:12:87:f9:03:ca:95:4d:dd:bd:e8:
3a:43:ad:63:8e:db:3c:fe:b5:41:9b:ba:0d:8d:d1:a9:17:e6:
d5:43:84:c2:00:55:c6:6c:49:a7:da:65:73:51:68:f1:4a:08:
f9:17:01:32:c1:1c:79:89:d3:3a:52:4a:f0:59:eb:49:e1:72:
db:46:2f:c3:c1:55:75:7a:dc:fa:ad:6c:62:66:07:30:1f:e0:
45:c8:cd:1c:93:13:54:62:2f:d2:2f:4d:23:26:b9:a4:9e:e6:
77:94:c7:d3:2b:a0:18:bd:bf:b4:37:c2:c9:de:02:0b:1a:c5:
10:f8:bd:e4:5d:41:12:fe:85:8c:15:42:70:53:0b:28:9b:c8:
24:1a:d2:be:0a:04:86:a8:97:3b:aa:34:6f:6e:1d:aa:a2:ab:
4c:b6:8c:f1:4e:99:a4:61:6c:93:52:54:8f:09:d1:54:8d:2b:
16:f3:55:15:c4:7b:32:5c:c3:33:87:87:92:8e:18:aa:a3:ed:
20:54:45:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0L7uE4ckkn5oCUljBX/mi+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMTE1MDcwMzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTQxNDIyOTFkZWE2MDdlYTRhMDQxYWQxYWZkYWQzYWVmZmNlZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3dOVjo/ZAkhGC3rgjrlQf98cNGD
nMATM1Mc3pw7/u26SEBJcK5SJBP04x+R+NNcmyWcrHuMSC4/VSKMxhJ3VaUIJNxE
otdqveINcg5zcn/yB3Xj3ibxA2qC+5AxxtVCrWdqKRib7oIcXw8LMcGIClz+UKwS
PmVisvijNUV/tqSkrlVxkLHeu4KbBl8FmYKZnRe7uJMmbkzaBOGJKm5YeHZ6pfbw
Gn6sU/l+WMf5p8dv8tnc4AaipXOAVQAmWg/5V3IhvzX9ZlWjgLb7DSSrN24fdb9M
bFe6xPkRipOK6yQRzDNdmFf9dImNIrShH28I3Ot4MdGPg1DpKYKa3Ie/pwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEVBQikd6mB+pKBBrRr9rTrv/O3CMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvUlVGQ0tSM3FZSDZrb0VHdEd2MnRPdV84N2NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8jdMA0G
CSqGSIb3DQEBCwUAA4IBAQAVyU5wL4A1o1mFRNk7zUeM/+zJnxvrwxUpLnkU+Bjc
gyA7Z5fklmDBmFbU1vRzFim4uGFLXjYH6ddCSQr0jhKH+QPKlU3dveg6Q61jjts8
/rVBm7oNjdGpF+bVQ4TCAFXGbEmn2mVzUWjxSgj5FwEywRx5idM6UkrwWetJ4XLb
Ri/DwVV1etz6rWxiZgcwH+BFyM0ckxNUYi/SL00jJrmknuZ3lMfTK6AYvb+0N8LJ
3gILGsUQ+L3kXUES/oWMFUJwUwsom8gkGtK+CgSGqJc7qjRvbh2qoqtMtozxTpmk
YWyTUlSPCdFUjSsW81UVxHsyXMMzh4eSjhiqo+0gVEWU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org