Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/kDuuVWbdxKRgp8Pv-YLrOt7JDxY.roa
File: kDuuVWbdxKRgp8Pv-YLrOt7JDxY.roa (raw, json)
Hash identifier: KlNt+AVIOFhg2BzBAoP+0fFeOGGCEaRBJhwu4FLLZrs=
Subject key identifier: 90:3B:AE:55:66:DD:C4:A4:60:A7:C3:EF:F9:82:EB:3A:DE:C9:0F:16
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018FED75243F1D3A3C33E1AA1760D9D30FBA
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/kDuuVWbdxKRgp8Pv-YLrOt7JDxY.roa
Signing time: Thu 06 Jun 2024 12:10:28 +0000
ROA not before: Thu 06 Jun 2024 12:10:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 91.200.223.0/24 maxlen: 24
91.210.145.0/24 maxlen: 24
91.226.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jul 2024 12:42:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ed:75:24:3f:1d:3a:3c:33:e1:aa:17:60:d9:d3:0f:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 6 12:10:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=903bae5566ddc4a460a7c3eff982eb3adec90f16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:dc:f0:39:65:53:23:29:1d:a6:7b:64:95:80:
4e:f8:20:32:76:a8:a6:f5:54:3a:d6:1d:75:b8:fe:
82:58:1a:29:59:27:b6:df:23:c6:ae:81:d2:1e:c3:
07:c3:3b:0d:15:0a:61:e2:e5:23:78:69:40:94:90:
4a:da:45:b4:35:31:d0:7f:1f:53:dd:f1:a8:0b:ad:
53:58:0b:30:48:4b:ab:75:2a:3d:a1:cb:45:85:b7:
84:f2:f9:de:33:2f:a1:41:4d:0a:04:62:e3:56:0c:
2d:f1:a7:30:b4:93:e8:15:88:f7:67:99:65:67:51:
ac:8f:e8:20:67:b5:71:b8:06:fb:0f:9e:58:da:d0:
0c:35:03:25:c8:b4:6f:c8:d1:d1:5e:71:bb:2a:ea:
1c:da:1b:7f:b6:64:90:30:39:b2:2b:34:53:c4:43:
26:71:e0:db:37:a0:34:01:e6:be:f9:ec:8f:2e:94:
62:d1:a6:2c:eb:4f:a9:ad:b0:61:53:df:d2:37:73:
bc:0a:52:6b:5a:1b:c4:25:71:59:65:ad:92:ec:75:
74:2f:d3:6a:84:d7:6b:33:07:aa:42:40:d3:52:80:
97:e7:78:1f:3e:96:f9:ca:3a:c2:eb:ca:4a:ab:a8:
1e:a4:f3:37:09:f4:a1:f7:09:b8:1d:32:73:97:e8:
c3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:3B:AE:55:66:DD:C4:A4:60:A7:C3:EF:F9:82:EB:3A:DE:C9:0F:16
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/kDuuVWbdxKRgp8Pv-YLrOt7JDxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.223.0/24
91.210.145.0/24
91.226.56.0/24
Signature Algorithm: sha256WithRSAEncryption
87:f3:89:41:20:f6:28:3c:e1:14:ec:26:d0:e1:67:9e:86:73:
ab:cd:3c:5c:c9:b4:7c:8b:3e:6b:f0:11:e7:d9:89:1c:a0:9c:
6e:06:5d:37:a9:f2:cb:f9:c7:e6:bd:82:e4:07:e8:34:45:ea:
8d:fc:db:b9:4c:ff:c0:6f:b3:17:11:d5:38:41:a6:ca:a1:7e:
76:a2:fe:76:48:6c:67:48:a0:f0:3e:b1:2d:45:3b:4e:b5:17:
ce:8f:4d:44:fb:36:f8:10:2e:11:57:cb:9c:82:39:d8:e7:46:
f2:39:a5:0e:23:6d:71:97:7d:28:c7:57:a6:f9:b7:7c:54:e0:
0c:6d:6b:43:96:9e:21:7d:2f:fa:95:70:15:18:da:6c:05:fe:
7b:31:11:ce:6e:ba:2d:3f:1b:6d:fc:dd:98:5c:08:64:65:c2:
d3:04:73:36:c8:82:98:10:85:1e:bf:64:e8:b6:2e:d4:51:60:
78:fd:f7:39:78:e2:cc:0c:37:00:27:26:c5:90:ec:6f:12:d9:
00:0e:b4:e8:83:33:3b:f5:31:76:ec:cc:93:84:1c:d9:8b:9e:
fe:74:16:92:84:f4:b3:1f:f0:40:c8:1d:b1:3a:96:8f:15:63:
97:84:29:bd:b4:89:d8:1e:d5:7f:b0:2f:d0:5c:a6:a6:d1:09:
70:f5:ce:8c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/tdSQ/HTo8M+GqF2DZ0w+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNjA2MTIxMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDNiYWU1NTY2ZGRjNGE0NjBhN2MzZWZmOTgyZWIzYWRlYzkwZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9zwOWVTIykdpntklYBO+CAydqim
9VQ61h11uP6CWBopWSe23yPGroHSHsMHwzsNFQph4uUjeGlAlJBK2kW0NTHQfx9T
3fGoC61TWAswSEurdSo9octFhbeE8vneMy+hQU0KBGLjVgwt8acwtJPoFYj3Z5ll
Z1Gsj+ggZ7VxuAb7D55Y2tAMNQMlyLRvyNHRXnG7Kuoc2ht/tmSQMDmyKzRTxEMm
ceDbN6A0Aea++eyPLpRi0aYs60+prbBhU9/SN3O8ClJrWhvEJXFZZa2S7HV0L9Nq
hNdrMweqQkDTUoCX53gfPpb5yjrC68pKq6gepPM3CfSh9wm4HTJzl+jDaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJA7rlVm3cSkYKfD7/mC6zreyQ8WMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEva0R1dVZXYmR4S1JncDhQdi1ZTHJPdDdKRHhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8jfAwQA
W9KRAwQAW+I4MA0GCSqGSIb3DQEBCwUAA4IBAQCH84lBIPYoPOEU7CbQ4WeehnOr
zTxcybR8iz5r8BHn2YkcoJxuBl03qfLL+cfmvYLkB+g0ReqN/Nu5TP/Ab7MXEdU4
QabKoX52ov52SGxnSKDwPrEtRTtOtRfOj01E+zb4EC4RV8ucgjnY50byOaUOI21x
l30ox1em+bd8VOAMbWtDlp4hfS/6lXAVGNpsBf57MRHObrotPxtt/N2YXAhkZcLT
BHM2yIKYEIUev2Toti7UUWB4/fc5eOLMDDcAJybFkOxvEtkADrTogzM79TF27MyT
hBzZi57+dBaShPSzH/BAyB2xOpaPFWOXhCm9tInYHtV/sC/QXKam0Qlw9c6M
-----END CERTIFICATE-----
Generated at Wed Jul 3 15:14:03 2024 by rpki-client on console-fra.rpki-client.org