Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/vI6L_i6WSWzXdrfRIIIOLMALd2I.roa
File: vI6L_i6WSWzXdrfRIIIOLMALd2I.roa (raw, json)
Hash identifier: BMyUiiBx6cr/PvStI0h9ezHG6DS/o6Xnoq2HwKAvgRY=
Subject key identifier: BC:8E:8B:FE:2E:96:49:6C:D7:76:B7:D1:20:82:0E:2C:C0:0B:77:62
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 01857155295CB66030FDA918AF22E9773F89
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/vI6L_i6WSWzXdrfRIIIOLMALd2I.roa
Signing time: Mon 02 Jan 2023 07:14:44 +0000
ROA not before: Mon 02 Jan 2023 07:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205960
IP address blocks: 91.204.224.0/24 maxlen: 24
91.204.226.0/24 maxlen: 24
91.204.225.0/24 maxlen: 24
91.204.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Dec 2023 13:28:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:29:5c:b6:60:30:fd:a9:18:af:22:e9:77:3f:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jan 2 07:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc8e8bfe2e96496cd776b7d120820e2cc00b7762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b7:8d:cc:2a:f7:3c:5d:e4:10:15:95:c7:82:
1a:d4:d3:ec:36:02:82:e1:8c:91:a5:06:a4:2a:49:
75:34:66:1c:02:84:b5:9d:fa:a6:18:a1:92:80:df:
a1:a0:6e:42:02:f0:ac:91:d6:92:9e:76:14:3f:4b:
12:1d:c6:4d:ae:eb:d2:f0:b7:b4:23:fd:1a:6c:c9:
dc:6f:94:de:67:62:1d:69:41:8f:f3:0e:66:c7:1a:
5c:4d:b4:f1:80:c3:a7:6d:4f:65:84:d0:99:cf:8a:
2f:08:5b:68:98:84:97:02:96:73:f9:16:a3:94:36:
46:fa:4f:46:96:1f:9d:d8:b9:c8:ee:6b:a5:82:a7:
75:b6:c6:82:dd:82:47:1c:6e:a5:93:d1:a9:57:08:
6f:14:b1:ab:d9:4e:0e:a5:2f:4b:51:a1:7b:e9:0e:
47:b7:fd:f0:6e:2a:7b:ec:86:c0:b9:bc:a8:bc:66:
71:50:49:d8:05:b7:72:2e:07:bb:c0:23:42:d5:38:
58:15:6b:3b:a2:9b:ae:ed:04:44:f2:ae:47:50:be:
a0:03:97:53:79:81:a1:38:d4:45:0f:fd:10:88:bd:
e2:bc:40:4d:c2:67:e8:48:61:bb:ed:58:f2:a1:a4:
75:9b:ad:d4:3c:46:58:54:82:20:f3:30:e1:f1:8b:
ba:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:8E:8B:FE:2E:96:49:6C:D7:76:B7:D1:20:82:0E:2C:C0:0B:77:62
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/vI6L_i6WSWzXdrfRIIIOLMALd2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.224.0/22
Signature Algorithm: sha256WithRSAEncryption
06:f7:7f:a1:bb:df:03:b1:af:f3:7b:f9:e5:61:a8:04:ad:d6:
bf:21:62:49:b3:20:8e:36:dd:c3:09:c8:dc:a8:d6:48:77:bd:
b5:ba:51:e9:7d:a7:86:aa:f2:57:57:17:bb:4b:51:f3:ac:5a:
a1:fd:3d:66:91:01:30:a1:1c:7f:a5:6d:72:c9:4e:52:2c:f0:
6d:91:e1:52:45:ce:a8:88:7c:46:ed:da:56:43:d8:29:2a:81:
0b:16:6e:ec:bb:fa:ad:ff:3a:e3:00:b2:72:53:f5:71:a4:32:
cf:70:09:3c:cf:65:db:fe:87:72:b3:60:38:de:a8:0e:05:27:
47:ff:db:1e:22:b7:39:83:b8:37:84:1f:a8:0d:ae:cd:9f:ab:
c5:e9:7b:d9:fd:75:2f:dc:71:22:7d:7f:2e:72:d8:8a:b1:1a:
92:16:8c:64:f8:30:01:6a:33:af:71:90:fd:6b:c5:c9:85:4e:
25:10:9f:cc:78:dc:92:3f:3e:33:34:3d:f8:98:d6:63:4d:f9:
a3:cd:ec:91:d9:33:55:d7:cc:75:50:ca:3a:49:22:f9:63:95:
5e:31:65:99:e7:da:76:7a:fe:22:f6:27:b6:b5:0e:e6:c8:d4:
2a:64:9b:5b:7f:06:30:40:4d:27:c0:df:c0:3a:64:9e:df:3e:
d3:79:ed:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVSlctmAw/akYryLpdz+JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjMwMTAyMDcxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzhlOGJmZTJlOTY0OTZjZDc3NmI3ZDEyMDgyMGUyY2MwMGI3NzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7eNzCr3PF3kEBWVx4Ia1NPsNgKC
4YyRpQakKkl1NGYcAoS1nfqmGKGSgN+hoG5CAvCskdaSnnYUP0sSHcZNruvS8Le0
I/0abMncb5TeZ2IdaUGP8w5mxxpcTbTxgMOnbU9lhNCZz4ovCFtomISXApZz+Raj
lDZG+k9Glh+d2LnI7mulgqd1tsaC3YJHHG6lk9GpVwhvFLGr2U4OpS9LUaF76Q5H
t/3wbip77IbAubyovGZxUEnYBbdyLge7wCNC1ThYFWs7opuu7QRE8q5HUL6gA5dT
eYGhONRFD/0QiL3ivEBNwmfoSGG77VjyoaR1m63UPEZYVIIg8zDh8Yu6aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLyOi/4ulkls13a30SCCDizAC3diMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvdkk2TF9pNldTV3pYZHJmUklJSU9MTUFMZDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8zgMA0G
CSqGSIb3DQEBCwUAA4IBAQAG93+hu98Dsa/ze/nlYagErda/IWJJsyCONt3DCcjc
qNZId721ulHpfaeGqvJXVxe7S1HzrFqh/T1mkQEwoRx/pW1yyU5SLPBtkeFSRc6o
iHxG7dpWQ9gpKoELFm7su/qt/zrjALJyU/VxpDLPcAk8z2Xb/odys2A43qgOBSdH
/9seIrc5g7g3hB+oDa7Nn6vF6XvZ/XUv3HEifX8uctiKsRqSFoxk+DABajOvcZD9
a8XJhU4lEJ/MeNySPz4zND34mNZjTfmjzeyR2TNV18x1UMo6SSL5Y5VeMWWZ59p2
ev4i9ie2tQ7myNQqZJtbfwYwQE0nwN/AOmSe3z7Tee2S
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:03 2024 by rpki-client on console-ams.rpki-client.org