Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/bGsY2j4qRA-s7P5K-O0RqXPYk_Y.roa
File: bGsY2j4qRA-s7P5K-O0RqXPYk_Y.roa (raw, json)
Hash identifier: fuTuyu/AuCj0/VP7uOiaAHXgGkGlK5uJFoMJQpMsfrw=
Subject key identifier: 6C:6B:18:DA:3E:2A:44:0F:AC:EC:FE:4A:F8:ED:11:A9:73:D8:93:F6
Certificate issuer: /CN=a8c6f393350c77598c121acd3c92f7048576ef89
Certificate serial: 01856D788D7C52C98C876936D72206893725
Authority key identifier: A8:C6:F3:93:35:0C:77:59:8C:12:1A:CD:3C:92:F7:04:85:76:EF:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/bGsY2j4qRA-s7P5K-O0RqXPYk_Y.roa
Signing time: Sun 01 Jan 2023 13:14:55 +0000
ROA not before: Sun 01 Jan 2023 13:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60386
IP address blocks: 91.237.107.0/24 maxlen: 24
176.121.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:8d:7c:52:c9:8c:87:69:36:d7:22:06:89:37:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8c6f393350c77598c121acd3c92f7048576ef89
Validity
Not Before: Jan 1 13:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c6b18da3e2a440facecfe4af8ed11a973d893f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f0:8a:9a:8b:39:cc:07:40:e4:fd:65:5a:8b:
d2:68:29:88:42:fa:c9:16:67:36:18:f1:4a:ad:e0:
3a:95:af:46:f3:2b:00:cd:1f:a6:26:dd:bc:d9:63:
fb:f8:d8:02:ba:6e:ca:bb:2b:3e:4e:f3:c5:8c:00:
9f:d3:e8:cd:f5:60:a2:3c:3e:40:39:29:11:83:40:
fd:37:e6:18:a0:73:90:8b:ad:ff:18:10:ef:9c:44:
58:18:94:c1:c6:a5:3f:e9:f2:32:13:76:a2:d7:08:
48:6e:88:90:fa:23:d5:4d:22:e9:f9:cc:8c:64:c6:
c7:2d:8d:ef:6a:88:c2:a3:42:6e:13:dd:13:f7:72:
7e:a4:a1:f0:66:24:a8:69:79:25:46:04:c4:90:e0:
17:9f:e9:5f:3a:23:02:ea:00:bc:46:c0:09:9c:7f:
69:f1:a8:c1:15:72:80:fd:b7:cd:ba:ed:45:b2:31:
af:5a:e4:6e:24:a3:86:2a:28:dc:51:e4:d8:8e:eb:
81:3b:bb:c6:41:38:0a:0d:ea:cf:c0:0c:90:74:bc:
d0:0c:73:6f:89:77:76:40:8a:92:fc:b4:63:c0:89:
b4:1a:a8:cc:1c:ce:ea:8e:d1:5c:f2:e7:84:8a:32:
5f:7d:fa:7f:d7:35:cb:8f:dc:de:64:63:77:69:eb:
5b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:6B:18:DA:3E:2A:44:0F:AC:EC:FE:4A:F8:ED:11:A9:73:D8:93:F6
X509v3 Authority Key Identifier:
keyid:A8:C6:F3:93:35:0C:77:59:8C:12:1A:CD:3C:92:F7:04:85:76:EF:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/bGsY2j4qRA-s7P5K-O0RqXPYk_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.107.0/24
176.121.3.0/24
Signature Algorithm: sha256WithRSAEncryption
90:1d:e4:6f:96:bc:f2:b9:ee:bb:24:39:f2:4a:f3:c9:09:dc:
b8:00:db:24:37:0b:6f:d9:e2:1f:36:be:2d:b1:15:03:ac:93:
c5:4b:fc:c4:2d:e4:fe:fa:c1:4c:97:58:6b:e1:f9:5c:54:5f:
be:d7:d4:8d:04:6c:70:97:44:6b:a3:ce:9c:68:6b:19:99:4b:
5c:33:a5:e9:9d:87:1f:01:47:3b:ac:12:f9:ee:b9:88:5f:ea:
a8:32:48:3f:6b:c1:72:77:aa:dd:7a:fa:b9:df:fb:d8:47:15:
cd:3b:f3:0e:24:b5:55:7e:aa:c1:d3:a3:d5:25:13:35:79:8d:
05:fb:9a:8b:8e:22:af:4e:f2:4f:1b:00:48:c0:69:cb:c2:e3:
af:f8:be:25:4e:d7:4a:1b:da:7a:35:fc:6e:41:91:c7:f3:89:
91:b3:74:e6:d8:1b:6a:5c:82:cf:6c:dd:37:0e:cb:57:01:4f:
68:b3:fa:77:35:3e:23:e2:33:d3:cb:08:be:89:91:86:9d:9d:
3a:41:ad:82:b1:c9:f0:64:75:cf:b1:4d:0b:88:df:fb:b8:b9:
a0:3c:61:f1:2e:bc:d1:13:83:94:b0:ea:9e:a9:7f:99:34:6b:
03:10:67:f2:a7:91:46:d9:24:58:17:23:e5:d5:cc:50:73:43:
5a:55:d1:35
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVteI18UsmMh2k21yIGiTclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YzZmMzkzMzUwYzc3NTk4YzEyMWFjZDNjOTJmNzA0ODU3
NmVmODkwHhcNMjMwMTAxMTMxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzZiMThkYTNlMmE0NDBmYWNlY2ZlNGFmOGVkMTFhOTczZDg5M2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/CKmos5zAdA5P1lWovSaCmIQvrJ
Fmc2GPFKreA6la9G8ysAzR+mJt282WP7+NgCum7Kuys+TvPFjACf0+jN9WCiPD5A
OSkRg0D9N+YYoHOQi63/GBDvnERYGJTBxqU/6fIyE3ai1whIboiQ+iPVTSLp+cyM
ZMbHLY3vaojCo0JuE90T93J+pKHwZiSoaXklRgTEkOAXn+lfOiMC6gC8RsAJnH9p
8ajBFXKA/bfNuu1FsjGvWuRuJKOGKijcUeTYjuuBO7vGQTgKDerPwAyQdLzQDHNv
iXd2QIqS/LRjwIm0GqjMHM7qjtFc8ueEijJfffp/1zXLj9zeZGN3aetbuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGxrGNo+KkQPrOz+SvjtEalz2JP2MB8GA1UdIwQY
MBaAFKjG85M1DHdZjBIazTyS9wSFdu+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS83MDllMDctNDdkNS00NzIwLWI3Nzct
YzZiY2EwMWIyZmY4LzEvYkdzWTJqNHFSQS1zN1A1Sy1PMFJxWFBZa19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS83MDllMDctNDdkNS00NzIwLWI3NzctYzZiY2EwMWIyZmY4
LzEvcU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+1rAwQA
sHkDMA0GCSqGSIb3DQEBCwUAA4IBAQCQHeRvlrzyue67JDnySvPJCdy4ANskNwtv
2eIfNr4tsRUDrJPFS/zELeT++sFMl1hr4flcVF++19SNBGxwl0Rro86caGsZmUtc
M6XpnYcfAUc7rBL57rmIX+qoMkg/a8Fyd6rdevq53/vYRxXNO/MOJLVVfqrB06PV
JRM1eY0F+5qLjiKvTvJPGwBIwGnLwuOv+L4lTtdKG9p6NfxuQZHH84mRs3Tm2Btq
XILPbN03DstXAU9os/p3NT4j4jPTywi+iZGGnZ06Qa2CscnwZHXPsU0LiN/7uLmg
PGHxLrzRE4OUsOqeqX+ZNGsDEGfyp5FG2SRYFyPl1cxQc0NaVdE1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:20 2024 by rpki-client on console-ams.rpki-client.org