Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/8JOI1I4UAJoJjzwg_-TRfMp6XvY.roa
File: 8JOI1I4UAJoJjzwg_-TRfMp6XvY.roa (raw, json)
Hash identifier: T4sXAYMMvH+Gf3vAOjbVnKpGZwu4hbvHe09Jcr2XSQw=
Subject key identifier: F0:93:88:D4:8E:14:00:9A:09:8F:3C:20:FF:E4:D1:7C:CA:7A:5E:F6
Certificate issuer: /CN=90fd8aae1b6e159a2fa8f03d7a3188a1e18072a0
Certificate serial: 018570C2A9C9DE49DD38C34EA633E74196BA
Authority key identifier: 90:FD:8A:AE:1B:6E:15:9A:2F:A8:F0:3D:7A:31:88:A1:E1:80:72:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kP2KrhtuFZovqPA9ejGIoeGAcqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/8JOI1I4UAJoJjzwg_-TRfMp6XvY.roa
Signing time: Mon 02 Jan 2023 04:34:43 +0000
ROA not before: Mon 02 Jan 2023 04:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212073
IP address blocks: 91.209.16.0/24 maxlen: 24
2a0f:c444::/32 maxlen: 48
2a0f:c440::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:a9:c9:de:49:dd:38:c3:4e:a6:33:e7:41:96:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90fd8aae1b6e159a2fa8f03d7a3188a1e18072a0
Validity
Not Before: Jan 2 04:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f09388d48e14009a098f3c20ffe4d17cca7a5ef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:96:f4:0e:c6:41:38:b1:1c:0f:ae:c1:25:ba:
bd:38:01:2c:e3:ed:a4:72:2e:76:98:2e:e2:5e:8b:
7f:4d:b0:02:f2:01:48:63:a3:99:08:1c:29:7e:82:
9d:b6:b6:1a:18:e3:81:88:13:cc:34:31:26:53:3d:
6e:02:3a:85:11:33:34:a7:17:9f:63:65:25:1e:30:
e6:27:bd:93:38:9f:0d:8b:7d:af:1f:26:4f:a5:e3:
1b:b3:6d:96:4c:d9:7c:54:85:92:3d:1e:63:3d:6a:
7d:8b:21:f0:e1:55:61:54:fe:07:18:e6:78:75:49:
64:28:83:fa:66:1f:a1:19:3c:ee:3a:eb:e7:a5:e0:
a7:fa:06:0d:5d:87:4d:54:17:52:84:2e:bc:5a:1c:
c9:75:bc:16:a1:e5:c8:6e:b2:c6:40:eb:b4:55:12:
86:f7:90:32:2a:56:41:58:aa:79:cc:42:a1:4c:34:
a9:ea:e7:15:d9:c2:0e:d9:1f:08:d1:37:bb:36:82:
ef:57:75:56:f1:65:4f:b2:e1:ab:c6:7e:bd:6e:a5:
9d:03:cf:cb:73:91:7f:5e:4d:dd:6f:00:e7:c4:11:
3a:b0:0a:6a:59:af:5c:42:86:42:46:0a:58:dd:61:
05:3b:84:1b:26:63:4a:63:79:b0:67:12:ff:ed:0d:
2f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:93:88:D4:8E:14:00:9A:09:8F:3C:20:FF:E4:D1:7C:CA:7A:5E:F6
X509v3 Authority Key Identifier:
keyid:90:FD:8A:AE:1B:6E:15:9A:2F:A8:F0:3D:7A:31:88:A1:E1:80:72:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kP2KrhtuFZovqPA9ejGIoeGAcqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/8JOI1I4UAJoJjzwg_-TRfMp6XvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/kP2KrhtuFZovqPA9ejGIoeGAcqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.16.0/24
IPv6:
2a0f:c440::/48
2a0f:c444::/32
Signature Algorithm: sha256WithRSAEncryption
b1:cf:ad:84:79:03:9b:8e:65:ae:1e:c8:f4:5a:54:5b:ef:0f:
51:53:eb:2e:23:0b:d1:d1:ee:87:92:26:fa:0c:3b:e2:da:42:
de:97:2d:af:2f:d7:a4:c4:5d:da:4a:9f:33:57:b4:2a:62:d7:
66:51:4c:d2:20:1f:b8:84:41:70:91:00:3e:bf:85:17:40:b1:
18:6f:0c:74:cf:35:72:de:25:ab:49:fb:3b:93:a8:df:bf:bc:
dc:62:ca:5a:89:2b:b4:30:40:eb:e4:9d:58:c0:4c:20:60:3c:
b6:ab:be:12:9e:a7:18:ca:24:0e:f4:74:55:e2:c2:4c:e2:48:
cf:38:96:cd:2d:87:c8:7c:7f:ae:0c:92:7b:fb:65:27:a6:ff:
44:c8:b3:cd:fe:c2:94:3b:09:74:95:77:0f:ff:dd:55:88:0c:
8c:06:f8:6e:fc:bb:21:1a:58:53:79:1e:63:b0:9e:c5:93:9c:
80:cf:58:4b:e5:ba:e9:7f:0c:19:c5:83:7c:15:76:76:eb:66:
99:9b:52:36:92:c3:e2:f5:53:18:61:fa:0e:a1:b5:98:5b:cd:
40:e6:df:fd:fe:e8:43:f4:70:7b:41:be:b1:ea:c3:3f:ab:bd:
a5:9b:7d:70:d6:c9:5e:f8:1a:b5:e4:4d:43:ca:12:79:9e:36:
1f:7d:07:8f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVwwqnJ3kndOMNOpjPnQZa6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZmQ4YWFlMWI2ZTE1OWEyZmE4ZjAzZDdhMzE4OGExZTE4
MDcyYTAwHhcNMjMwMTAyMDQzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDkzODhkNDhlMTQwMDlhMDk4ZjNjMjBmZmU0ZDE3Y2NhN2E1ZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJb0DsZBOLEcD67BJbq9OAEs4+2k
ci52mC7iXot/TbAC8gFIY6OZCBwpfoKdtrYaGOOBiBPMNDEmUz1uAjqFETM0pxef
Y2UlHjDmJ72TOJ8Ni32vHyZPpeMbs22WTNl8VIWSPR5jPWp9iyHw4VVhVP4HGOZ4
dUlkKIP6Zh+hGTzuOuvnpeCn+gYNXYdNVBdShC68WhzJdbwWoeXIbrLGQOu0VRKG
95AyKlZBWKp5zEKhTDSp6ucV2cIO2R8I0Te7NoLvV3VW8WVPsuGrxn69bqWdA8/L
c5F/Xk3dbwDnxBE6sApqWa9cQoZCRgpY3WEFO4QbJmNKY3mwZxL/7Q0vSwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPCTiNSOFACaCY88IP/k0XzKel72MB8GA1UdIwQY
MBaAFJD9iq4bbhWaL6jwPXoxiKHhgHKgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1AyS3JodHVGWm92cVBBOWVqR0lvZUdBY3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi81ZGZjNzYtZTdlYi00ZDM1LThhZDct
Nzk5MzU5MTExM2U0LzEvOEpPSTFJNFVBSm9Kanp3Z18tVFJmTXA2WHZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi81ZGZjNzYtZTdlYi00ZDM1LThhZDctNzk5MzU5MTExM2U0
LzEva1AyS3JodHVGWm92cVBBOWVqR0lvZUdBY3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAW9EQMBYE
AgACMBADBwAqD8RAAAADBQAqD8REMA0GCSqGSIb3DQEBCwUAA4IBAQCxz62EeQOb
jmWuHsj0WlRb7w9RU+suIwvR0e6Hkib6DDvi2kLely2vL9ekxF3aSp8zV7QqYtdm
UUzSIB+4hEFwkQA+v4UXQLEYbwx0zzVy3iWrSfs7k6jfv7zcYspaiSu0MEDr5J1Y
wEwgYDy2q74SnqcYyiQO9HRV4sJM4kjPOJbNLYfIfH+uDJJ7+2Unpv9EyLPN/sKU
Owl0lXcP/91ViAyMBvhu/LshGlhTeR5jsJ7Fk5yAz1hL5brpfwwZxYN8FXZ262aZ
m1I2ksPi9VMYYfoOobWYW81A5t/9/uhD9HB7Qb6x6sM/q72lm31w1sle+Bq15E1D
yhJ5njYffQeP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:49 2024 by rpki-client on console-fra.rpki-client.org