Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JsQ6T23I_3GDWZYZSXRREiPj8sI.roa
File: JsQ6T23I_3GDWZYZSXRREiPj8sI.roa (raw, json)
Hash identifier: DeQa2DKLXofmFEbERwKckLn/5dz69IiNmxb4yDqyAqk=
Subject key identifier: 26:C4:3A:4F:6D:C8:FF:71:83:59:96:19:49:74:51:12:23:E3:F2:C2
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0191BDB7296BC36A239EE2107FCD854014D1
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JsQ6T23I_3GDWZYZSXRREiPj8sI.roa
Signing time: Wed 04 Sep 2024 15:46:23 +0000
ROA not before: Wed 04 Sep 2024 15:46:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 91.242.71.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Sep 2024 15:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:b7:29:6b:c3:6a:23:9e:e2:10:7f:cd:85:40:14:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 4 15:46:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26c43a4f6dc8ff71835996194974511223e3f2c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:11:f3:4a:13:92:b1:c8:8c:f3:ed:f1:fd:f7:
f5:96:d6:14:18:6c:eb:0a:34:db:d1:dd:c9:3b:fc:
5a:26:9d:38:52:a7:94:64:d2:b6:e1:84:c5:ef:df:
3f:d4:f0:61:80:06:1f:9c:53:d3:e6:89:9b:93:1f:
bb:01:a1:47:51:fe:78:21:43:95:97:2c:16:d8:22:
84:09:2f:30:fc:ff:30:c5:c2:3d:e2:d6:9f:bb:41:
1e:a2:d5:6d:c8:74:56:07:56:bc:b2:7a:e5:4c:55:
53:4a:05:9e:d3:e2:62:a8:f5:18:17:23:8b:d6:9b:
aa:0c:81:8b:22:91:e2:4f:b3:01:d1:61:d6:34:0a:
12:23:30:b8:6d:fe:06:d1:8f:72:cf:49:5f:cf:8d:
fb:03:8f:10:e0:6c:77:1a:03:83:e6:c6:af:b3:38:
9f:be:b5:e6:fc:bb:d3:ef:9f:ff:29:e4:ed:6c:94:
e6:aa:b9:38:ee:35:c5:c5:9c:77:dd:cb:e9:70:76:
4b:89:91:e5:1f:98:66:1c:ac:6a:5e:34:b4:31:cc:
d3:ea:fd:8a:5c:f6:fe:7d:84:ad:fa:0f:8b:8f:55:
3c:62:ea:f4:c9:27:a6:eb:0f:a7:ab:c2:f0:5f:08:
57:99:c4:a0:99:a8:7d:73:e8:38:47:43:55:0c:91:
1a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:C4:3A:4F:6D:C8:FF:71:83:59:96:19:49:74:51:12:23:E3:F2:C2
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JsQ6T23I_3GDWZYZSXRREiPj8sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.71.0-91.242.73.255
91.242.75.0/24
185.40.105.0/24
194.180.238.0/24
Signature Algorithm: sha256WithRSAEncryption
86:fe:78:f3:e6:a2:9b:fb:ef:58:09:11:ab:2b:1c:b9:54:4b:
d8:ea:8e:d5:f1:28:58:71:2b:9a:21:c7:24:95:b0:66:88:3e:
e6:e4:b3:0f:fd:b9:b9:c2:74:76:16:22:e4:fc:0c:a6:5d:3f:
b4:fe:59:fd:c8:f4:f7:bb:aa:46:b4:46:89:7d:1c:83:e1:f6:
39:9f:f7:57:22:ff:8d:79:8e:e8:ba:de:0b:e8:f8:57:cb:0b:
e9:08:c9:9c:67:6d:a0:29:3b:d6:8c:d9:7e:2a:45:42:b3:9b:
6c:99:cc:b0:7a:6f:59:3e:9e:b2:9e:99:95:7f:79:2a:28:7d:
3b:c2:59:93:82:a4:e4:ee:de:6e:12:4b:41:47:db:b9:37:dc:
1f:f4:80:07:d0:37:00:fa:b7:1d:a3:3f:bd:31:85:f9:51:f8:
b3:c5:8d:2b:44:fb:2a:f7:fb:91:d4:28:5d:22:df:e0:37:98:
8e:25:91:89:d4:01:81:5e:be:ed:78:d0:54:07:18:a1:20:95:
8e:f7:d2:9e:fb:3a:b9:a5:69:2a:ad:1e:09:7d:d2:f6:62:16:
f3:91:7f:8d:e8:ef:24:29:1a:3b:cf:a9:a4:a5:e8:93:56:f4:
82:3b:80:d3:70:9b:17:06:04:1f:c0:9d:5e:83:b9:9e:8e:57:
3d:12:f5:10
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZG9tylrw2ojnuIQf82FQBTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwOTA0MTU0NjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmM0M2E0ZjZkYzhmZjcxODM1OTk2MTk0OTc0NTExMjIzZTNmMmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhHzShOSsciM8+3x/ff1ltYUGGzr
CjTb0d3JO/xaJp04UqeUZNK24YTF798/1PBhgAYfnFPT5ombkx+7AaFHUf54IUOV
lywW2CKECS8w/P8wxcI94tafu0EeotVtyHRWB1a8snrlTFVTSgWe0+JiqPUYFyOL
1puqDIGLIpHiT7MB0WHWNAoSIzC4bf4G0Y9yz0lfz437A48Q4Gx3GgOD5savszif
vrXm/LvT75//KeTtbJTmqrk47jXFxZx33cvpcHZLiZHlH5hmHKxqXjS0MczT6v2K
XPb+fYSt+g+Lj1U8Yur0ySem6w+nq8LwXwhXmcSgmah9c+g4R0NVDJEaUQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCbEOk9tyP9xg1mWGUl0URIj4/LCMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvSnNRNlQyM0lfM0dEV1pZWlNYUlJFaVBqOHNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABb8kcD
BAFb8kgDBABb8ksDBAC5KGkDBADCtO4wDQYJKoZIhvcNAQELBQADggEBAIb+ePPm
opv771gJEasrHLlUS9jqjtXxKFhxK5ohxySVsGaIPubksw/9ubnCdHYWIuT8DKZd
P7T+Wf3I9Pe7qka0Rol9HIPh9jmf91ci/415jui63gvo+FfLC+kIyZxnbaApO9aM
2X4qRUKzm2yZzLB6b1k+nrKemZV/eSoofTvCWZOCpOTu3m4SS0FH27k33B/0gAfQ
NwD6tx2jP70xhflR+LPFjStE+yr3+5HUKF0i3+A3mI4lkYnUAYFevu140FQHGKEg
lY730p77OrmlaSqtHgl90vZiFvORf43o7yQpGjvPqaSl6JNW9II7gNNwmxcGBB/A
nV6DuZ6OVz0S9RA=
-----END CERTIFICATE-----
Generated at Sat Sep 7 17:17:19 2024 by rpki-client on console-fra.rpki-client.org