Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/XfaDSa9jmCpwmpvcLT8SZjf-ves.roa
File: XfaDSa9jmCpwmpvcLT8SZjf-ves.roa (raw, json)
Hash identifier: 8AmQjuBU9Jt9YqTFYFYBHOyLkICSKOelpGLu5cbgU8A=
Subject key identifier: 5D:F6:83:49:AF:63:98:2A:70:9A:9B:DC:2D:3F:12:66:37:FE:BD:EB
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018DEC0B6D5FC5FDC2626BC38057DF2EE961
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/XfaDSa9jmCpwmpvcLT8SZjf-ves.roa
Signing time: Tue 27 Feb 2024 19:29:48 +0000
ROA not before: Tue 27 Feb 2024 19:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 91.210.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 13:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ec:0b:6d:5f:c5:fd:c2:62:6b:c3:80:57:df:2e:e9:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Feb 27 19:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5df68349af63982a709a9bdc2d3f126637febdeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:67:68:ba:a0:08:a2:01:19:92:e8:bc:13:24:
aa:25:9b:45:fb:5c:b9:74:a3:20:68:cd:58:9a:c5:
8a:1f:0e:8d:18:32:76:00:21:02:21:6f:bf:3b:8b:
3d:cb:a2:f3:ba:35:fc:c9:7f:b6:1c:fe:4c:3f:b9:
53:2d:50:c0:ad:69:a3:a7:b6:39:7a:91:61:7e:39:
a1:27:ca:45:ce:c2:d7:5a:3e:06:21:88:1f:a1:26:
35:35:06:e3:33:21:97:28:6f:a9:b0:50:b8:45:da:
b7:88:64:f4:99:ed:4b:f8:6c:2d:62:72:83:07:8a:
90:29:d7:eb:cc:54:28:c5:7e:f7:c8:ca:b5:5c:ff:
3b:41:27:01:98:fa:69:13:f3:f4:01:2c:1f:f8:43:
97:d8:0d:c0:99:ed:9a:f5:0e:97:a6:ea:26:24:3c:
11:c0:17:8d:eb:2a:53:db:ef:f8:34:fc:5e:11:e3:
2d:78:73:d6:81:2f:4a:ce:9d:ef:51:b6:67:d1:86:
8e:e4:6c:34:2f:bf:e5:7a:2c:c0:4d:a4:96:9d:e2:
bc:2f:84:b5:83:86:f4:f5:22:6b:99:8b:c0:e6:3d:
18:ec:1d:8f:6f:5a:b8:ae:c3:85:2f:c6:ae:2a:cd:
4c:14:ef:fc:bc:4d:8d:c2:c6:be:a6:5c:bc:08:75:
e2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F6:83:49:AF:63:98:2A:70:9A:9B:DC:2D:3F:12:66:37:FE:BD:EB
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/XfaDSa9jmCpwmpvcLT8SZjf-ves.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.147.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:e3:90:06:9c:95:58:b1:2c:23:35:62:de:e5:55:df:04:9b:
92:9d:af:ca:5d:ab:0a:a4:ff:ab:d1:48:a1:76:d7:8f:4e:56:
43:7a:83:38:0b:ca:62:96:da:e9:0d:0e:ee:74:59:49:dc:c8:
73:50:97:21:85:18:a8:4c:fa:40:fa:5d:d8:48:2a:7b:a1:a2:
ca:4c:0c:d7:c4:a4:2a:ee:98:a0:6c:2f:d6:92:b0:97:a8:43:
a2:a0:0d:6a:7f:8c:67:61:9c:b7:dd:b4:a5:96:a0:d8:a7:ad:
45:4f:bc:83:07:93:b9:9f:46:99:d7:63:6a:ec:6f:33:5e:34:
45:03:c2:70:15:af:cb:2d:f0:37:8a:f6:ae:67:96:48:3b:10:
2c:a8:c9:63:e4:7a:6e:11:c3:b4:8c:24:55:fc:f2:31:6c:3f:
ce:b4:33:69:a6:b1:d0:00:c7:b9:ab:28:b2:bf:35:a1:8b:79:
4d:1a:bf:ae:60:71:6e:fc:78:df:87:a2:35:b4:55:02:cd:b4:
05:65:d8:29:65:8c:6c:53:45:a9:19:bd:93:65:8e:2a:03:86:
23:2f:b4:87:52:6f:96:a5:a0:89:c5:e2:a9:1c:38:bc:6c:cc:
02:10:ec:6c:7d:03:d5:b1:cb:90:bf:8c:67:94:0c:9b:41:36:
80:8d:d0:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3sC21fxf3CYmvDgFffLulhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMjI3MTkyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGY2ODM0OWFmNjM5ODJhNzA5YTliZGMyZDNmMTI2NjM3ZmViZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2douqAIogEZkui8EySqJZtF+1y5
dKMgaM1YmsWKHw6NGDJ2ACECIW+/O4s9y6LzujX8yX+2HP5MP7lTLVDArWmjp7Y5
epFhfjmhJ8pFzsLXWj4GIYgfoSY1NQbjMyGXKG+psFC4Rdq3iGT0me1L+GwtYnKD
B4qQKdfrzFQoxX73yMq1XP87QScBmPppE/P0ASwf+EOX2A3Ame2a9Q6XpuomJDwR
wBeN6ypT2+/4NPxeEeMteHPWgS9Kzp3vUbZn0YaO5Gw0L7/leizATaSWneK8L4S1
g4b09SJrmYvA5j0Y7B2Pb1q4rsOFL8auKs1MFO/8vE2Nwsa+ply8CHXi5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF32g0mvY5gqcJqb3C0/EmY3/r3rMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvWGZhRFNhOWptQ3B3bXB2Y0xUOFNaamYtdmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9KTMA0G
CSqGSIb3DQEBCwUAA4IBAQBa45AGnJVYsSwjNWLe5VXfBJuSna/KXasKpP+r0Uih
dtePTlZDeoM4C8piltrpDQ7udFlJ3MhzUJchhRioTPpA+l3YSCp7oaLKTAzXxKQq
7pigbC/WkrCXqEOioA1qf4xnYZy33bSllqDYp61FT7yDB5O5n0aZ12Nq7G8zXjRF
A8JwFa/LLfA3ivauZ5ZIOxAsqMlj5HpuEcO0jCRV/PIxbD/OtDNpprHQAMe5qyiy
vzWhi3lNGr+uYHFu/Hjfh6I1tFUCzbQFZdgpZYxsU0WpGb2TZY4qA4YjL7SHUm+W
paCJxeKpHDi8bMwCEOxsfQPVscuQv4xnlAybQTaAjdC8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org