Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/DfQGcue_zIHXZ31CsKArxUdQuj4.roa
File: DfQGcue_zIHXZ31CsKArxUdQuj4.roa (raw, json)
Hash identifier: UE2e6sR4iOFuatjl3zo2ElFLTJ0LsQIaxobkqaM7DsI=
Subject key identifier: 0D:F4:06:72:E7:BF:CC:81:D7:67:7D:42:B0:A0:2B:C5:47:50:BA:3E
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0189C169BAE06CB6EC2DE9AB3CE80F451FE5
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/DfQGcue_zIHXZ31CsKArxUdQuj4.roa
Signing time: Fri 04 Aug 2023 16:37:59 +0000
ROA not before: Fri 04 Aug 2023 16:37:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 265753
IP address blocks: 91.242.81.0/24 maxlen: 24
91.242.107.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Nov 2023 15:38:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c1:69:ba:e0:6c:b6:ec:2d:e9:ab:3c:e8:0f:45:1f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Aug 4 16:37:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0df40672e7bfcc81d7677d42b0a02bc54750ba3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:79:e7:d8:d2:b6:6d:c5:c4:18:1b:b0:ee:c1:
5d:22:4f:0f:dd:0e:7e:de:a8:d9:94:d1:2f:96:87:
8c:19:48:d2:6c:e5:20:b6:06:7b:62:41:97:b4:75:
df:1a:5e:2d:82:ed:73:98:9f:31:65:d4:5b:21:bb:
91:c1:2b:2a:5b:e7:d4:76:07:d2:26:97:4d:77:8b:
d8:26:a8:71:16:b1:66:c1:e2:a1:87:5c:48:95:1a:
1a:29:f0:f8:b3:8d:55:66:0f:65:73:44:a1:5c:0e:
2e:04:4f:b1:39:90:45:23:3b:a9:d5:c8:c6:d1:14:
66:b5:13:75:59:94:b4:d9:a7:3b:b1:e6:a3:09:3b:
ae:47:c1:5a:58:4e:2e:74:18:5f:2e:86:9e:b7:ac:
91:e0:07:1d:80:71:d1:22:bd:c9:2b:a7:2f:d4:d6:
25:b6:75:99:53:9e:c3:30:75:be:6c:6d:12:b6:b0:
aa:74:c0:56:78:1c:ea:79:3d:19:99:18:27:9c:2f:
ff:b7:25:bb:c5:07:73:43:9b:a1:9a:c4:39:58:82:
e9:05:4d:0c:07:ea:ae:dd:5b:d9:0c:ca:3c:42:e0:
0a:c7:0d:a4:51:2c:8b:ad:05:6c:d2:a0:1a:5c:5b:
0c:b7:d7:85:93:94:9a:a8:84:ee:80:b7:5e:44:15:
da:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F4:06:72:E7:BF:CC:81:D7:67:7D:42:B0:A0:2B:C5:47:50:BA:3E
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/DfQGcue_zIHXZ31CsKArxUdQuj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.71.0/24
91.242.81.0/24
91.242.107.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:b8:bc:f4:c1:4b:a2:75:2a:4e:7c:7d:10:a5:b5:c8:5a:2d:
bd:eb:1a:f4:20:9b:20:72:f5:05:b8:bd:d6:0f:7e:0b:2e:f4:
bc:3f:50:9a:cb:f6:e8:5c:a9:8b:d4:c6:60:ff:47:b7:a7:33:
14:44:b4:78:25:00:ea:0e:bc:61:65:87:d1:d9:f8:1d:40:b1:
96:d2:43:d7:81:de:b8:e3:fb:4b:17:2e:ca:b7:76:a1:01:4e:
36:95:9a:c2:fd:61:a8:8a:9b:08:be:11:d8:ee:7f:1e:87:44:
47:a5:1c:c9:ab:d3:b2:b4:0b:26:4a:d5:d9:71:ac:de:3a:8b:
c7:78:32:b6:1d:10:6f:9f:05:7e:a8:f1:15:02:3c:87:4e:7f:
a7:1d:09:14:ff:59:23:2a:21:49:7c:86:c9:a9:a9:d8:93:f9:
5f:ae:79:9c:fa:a2:f3:56:ff:a3:08:bb:8c:b3:8e:3d:67:6d:
23:c6:88:e2:c1:01:78:b2:cc:aa:d4:73:46:1f:65:d4:db:27:
84:c3:ee:6d:f3:aa:e0:e1:f3:c1:48:51:2f:13:57:44:1d:af:
ea:82:59:dc:89:6f:5c:38:90:cd:95:f3:da:25:d3:1b:7a:33:
57:2a:22:00:9f:9d:c0:3b:9f:c1:bd:d3:27:0b:80:76:3e:36:
1f:2b:1a:99
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnBabrgbLbsLemrPOgPRR/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwODA0MTYzNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGY0MDY3MmU3YmZjYzgxZDc2NzdkNDJiMGEwMmJjNTQ3NTBiYTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHnn2NK2bcXEGBuw7sFdIk8P3Q5+
3qjZlNEvloeMGUjSbOUgtgZ7YkGXtHXfGl4tgu1zmJ8xZdRbIbuRwSsqW+fUdgfS
JpdNd4vYJqhxFrFmweKhh1xIlRoaKfD4s41VZg9lc0ShXA4uBE+xOZBFIzup1cjG
0RRmtRN1WZS02ac7seajCTuuR8FaWE4udBhfLoaet6yR4AcdgHHRIr3JK6cv1NYl
tnWZU57DMHW+bG0StrCqdMBWeBzqeT0ZmRgnnC//tyW7xQdzQ5uhmsQ5WILpBU0M
B+qu3VvZDMo8QuAKxw2kUSyLrQVs0qAaXFsMt9eFk5SaqITugLdeRBXaWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA30BnLnv8yB12d9QrCgK8VHULo+MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvRGZRR2N1ZV96SUhYWjMxQ3NLQXJ4VWRRdWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW/JHAwQA
W/JRAwQAW/JrMA0GCSqGSIb3DQEBCwUAA4IBAQCsuLz0wUuidSpOfH0QpbXIWi29
6xr0IJsgcvUFuL3WD34LLvS8P1Cay/boXKmL1MZg/0e3pzMURLR4JQDqDrxhZYfR
2fgdQLGW0kPXgd644/tLFy7Kt3ahAU42lZrC/WGoipsIvhHY7n8eh0RHpRzJq9Oy
tAsmStXZcazeOovHeDK2HRBvnwV+qPEVAjyHTn+nHQkU/1kjKiFJfIbJqanYk/lf
rnmc+qLzVv+jCLuMs449Z20jxojiwQF4ssyq1HNGH2XU2yeEw+5t86rg4fPBSFEv
E1dEHa/qglnciW9cOJDNlfPaJdMbejNXKiIAn53AO5/BvdMnC4B2PjYfKxqZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org