Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/1Eh91_wLt1VadjRwCKWWuqquQdY.roa
File: 1Eh91_wLt1VadjRwCKWWuqquQdY.roa (raw, json)
Hash identifier: pTaIFx5vCosXUDV7AHpLHJm0HgiFBFxgNUS9HHkWWms=
Subject key identifier: D4:48:7D:D7:FC:0B:B7:55:5A:76:34:70:08:A5:96:BA:AA:AE:41:D6
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CC2DB2EADECC0DD3943BF1B06101DF675
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/1Eh91_wLt1VadjRwCKWWuqquQdY.roa
Signing time: Mon 01 Jan 2024 02:29:53 +0000
ROA not before: Mon 01 Jan 2024 02:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62281
IP address blocks: 91.242.86.0/23 maxlen: 24
91.242.88.0/21 maxlen: 24
91.242.96.0/24 maxlen: 24
91.242.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 21:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:2e:ad:ec:c0:dd:39:43:bf:1b:06:10:1d:f6:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 02:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4487dd7fc0bb7555a76347008a596baaaae41d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:70:a3:9c:36:23:34:0d:e3:13:47:b9:e5:61:
6b:07:32:cc:82:07:e2:8d:aa:5f:ac:3d:d0:f9:17:
89:f7:28:18:51:eb:d3:a0:c4:dd:d4:d4:b7:05:6a:
bf:81:22:89:b4:ca:2b:c2:c9:3c:68:03:de:89:f2:
cb:7d:98:4f:b8:bf:84:96:9d:65:f4:65:a1:5c:a0:
a1:89:e9:70:51:b6:dc:f4:6e:00:fd:a0:0c:a8:26:
d1:9f:43:e3:a0:51:e1:c7:b3:62:d5:77:b3:26:ea:
9f:9e:01:17:db:9a:0b:20:28:aa:ca:ae:22:2b:25:
1c:11:33:e8:4f:16:41:05:39:8b:7b:65:cc:38:eb:
b0:b1:c9:7c:e8:86:f4:57:d1:c8:1e:ab:12:5e:2e:
f3:a9:b0:f9:16:07:13:e3:c7:7e:bb:c1:45:44:65:
9b:34:df:b7:7d:9e:b1:29:dc:c4:22:3a:2c:12:93:
1c:3d:79:52:a5:75:3d:94:7e:4f:6f:e9:5a:dc:0a:
fb:79:41:93:e9:d7:3f:16:a4:2f:15:44:71:78:29:
96:ad:67:26:0e:24:3a:2b:25:40:00:44:e9:7c:81:
2d:da:d9:ff:91:2d:06:99:f0:aa:1f:bd:b7:58:dc:
4f:20:4e:76:77:b5:5e:cb:6d:67:7e:95:3a:2a:0c:
b2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:48:7D:D7:FC:0B:B7:55:5A:76:34:70:08:A5:96:BA:AA:AE:41:D6
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/1Eh91_wLt1VadjRwCKWWuqquQdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.86.0-91.242.96.255
91.242.106.0/24
Signature Algorithm: sha256WithRSAEncryption
48:b6:32:04:10:5e:b4:2b:70:f4:fc:85:88:fa:cd:88:e7:38:
67:c7:9c:d3:f0:9d:9a:6c:a7:e1:7d:63:4e:eb:fa:57:9a:24:
ca:7b:50:36:39:5f:a7:96:b2:b0:e4:cb:0e:52:d9:a4:56:d6:
c0:68:87:93:04:be:0c:4b:fd:9a:d0:0d:d6:70:55:20:d9:35:
83:63:ff:5c:01:49:1d:ae:85:a7:33:25:01:49:76:f5:b4:c3:
86:a9:f0:79:d5:34:d8:63:67:e9:ee:72:9b:7d:f4:62:2e:57:
66:d7:f7:47:fe:8d:bc:73:22:d8:6f:d3:8b:2e:88:b0:d9:09:
ee:aa:ae:69:99:2e:f5:ef:d8:fa:0d:7c:b8:73:04:d8:7d:d3:
c5:fa:58:a1:e5:e8:6e:85:ca:a6:0a:17:eb:07:45:c9:f5:c2:
df:2a:c5:23:6e:58:36:d7:2a:f1:b3:71:18:ad:f5:20:4e:0c:
75:b4:1f:fd:52:b1:7f:b1:82:37:ca:85:19:d3:de:33:54:4d:
c5:3c:a8:9e:7c:87:7c:45:7a:d8:df:aa:0c:9c:2a:89:82:b3:
52:76:33:8f:5a:09:98:9e:f1:a3:2c:0c:8d:c6:42:8d:2e:0e:
06:f8:e3:6e:5f:e3:27:0e:99:9e:65:69:81:83:5a:1b:94:78:
01:93:74:7b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzC2y6t7MDdOUO/GwYQHfZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDQ4N2RkN2ZjMGJiNzU1NWE3NjM0NzAwOGE1OTZiYWFhYWU0MWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3CjnDYjNA3jE0e55WFrBzLMggfi
japfrD3Q+ReJ9ygYUevToMTd1NS3BWq/gSKJtMorwsk8aAPeifLLfZhPuL+Elp1l
9GWhXKChielwUbbc9G4A/aAMqCbRn0PjoFHhx7Ni1XezJuqfngEX25oLICiqyq4i
KyUcETPoTxZBBTmLe2XMOOuwscl86Ib0V9HIHqsSXi7zqbD5FgcT48d+u8FFRGWb
NN+3fZ6xKdzEIjosEpMcPXlSpXU9lH5Pb+la3Ar7eUGT6dc/FqQvFURxeCmWrWcm
DiQ6KyVAAETpfIEt2tn/kS0GmfCqH723WNxPIE52d7Vey21nfpU6KgyyPQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNRIfdf8C7dVWnY0cAillrqqrkHWMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvMUVoOTFfd0x0MVZhZGpSd0NLV1d1cXF1UWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAFb8lYD
BABb8mADBABb8mowDQYJKoZIhvcNAQELBQADggEBAEi2MgQQXrQrcPT8hYj6zYjn
OGfHnNPwnZpsp+F9Y07r+leaJMp7UDY5X6eWsrDkyw5S2aRW1sBoh5MEvgxL/ZrQ
DdZwVSDZNYNj/1wBSR2uhaczJQFJdvW0w4ap8HnVNNhjZ+nucpt99GIuV2bX90f+
jbxzIthv04suiLDZCe6qrmmZLvXv2PoNfLhzBNh908X6WKHl6G6FyqYKF+sHRcn1
wt8qxSNuWDbXKvGzcRit9SBODHW0H/1SsX+xgjfKhRnT3jNUTcU8qJ58h3xFetjf
qgycKomCs1J2M49aCZie8aMsDI3GQo0uDgb4425f4ycOmZ5laYGDWhuUeAGTdHs=
-----END CERTIFICATE-----
Generated at Tue Mar 12 00:00:42 2024 by rpki-client on console-fra.rpki-client.org