Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/QTc5fR_hvTsNl6VrPPkz3uvikB4.roa
File: QTc5fR_hvTsNl6VrPPkz3uvikB4.roa (raw, json)
Hash identifier: K+ip/dDc73fylduNvXlPNhjQOLm1VIexzCuee/XDWr0=
Subject key identifier: 41:37:39:7D:1F:E1:BD:3B:0D:97:A5:6B:3C:F9:33:DE:EB:E2:90:1E
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018809DB560FB5468F58988D4CCBC12E830D
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/QTc5fR_hvTsNl6VrPPkz3uvikB4.roa
Signing time: Thu 11 May 2023 08:09:09 +0000
ROA not before: Thu 11 May 2023 08:09:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202943
IP address blocks: 91.242.83.0/24 maxlen: 24
91.242.82.0/24 maxlen: 24
91.242.82.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 22 Jun 2023 16:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:09:db:56:0f:b5:46:8f:58:98:8d:4c:cb:c1:2e:83:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: May 11 08:09:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4137397d1fe1bd3b0d97a56b3cf933deebe2901e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e1:b2:ab:12:60:57:a5:f9:03:7f:54:3e:08:
9e:73:62:6b:02:4d:93:58:a0:71:c4:63:a1:10:42:
12:76:e2:a8:96:95:42:44:4e:c4:06:57:ba:57:12:
d4:c7:b6:ad:1f:43:87:72:e5:8b:c9:d4:e2:0c:1d:
bd:10:86:12:d5:40:9e:06:fd:a0:98:69:ad:0b:1e:
83:ef:65:ef:bd:dd:fe:0f:70:8d:fd:e7:5c:bd:7f:
12:8b:59:45:1c:cc:4a:c3:3b:30:c7:bc:6e:2e:73:
1e:21:5e:f5:60:3d:64:b1:63:e5:95:1c:dd:29:44:
52:c6:37:7f:be:49:1a:e5:81:be:34:48:b4:2d:82:
e0:e2:dc:65:cf:6e:b1:40:ae:03:dd:48:ba:4b:de:
cc:c4:5d:ae:02:93:f7:bf:71:5d:14:6e:68:1f:1b:
55:19:98:53:3e:1a:bd:c6:30:69:7e:82:6e:0e:fa:
0d:98:b5:13:41:31:e4:f8:df:79:40:08:4a:ee:0b:
18:d0:cf:3b:b4:d4:ac:ad:b2:bb:54:34:f1:c0:72:
87:3d:96:bc:75:51:fa:cb:67:28:ec:1a:c9:af:86:
15:63:23:1e:c3:b0:5b:cd:7f:f5:5e:24:e0:ad:b7:
cc:46:54:5f:3c:82:5b:9e:7c:a1:6d:f6:a6:66:ef:
96:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:37:39:7D:1F:E1:BD:3B:0D:97:A5:6B:3C:F9:33:DE:EB:E2:90:1E
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/QTc5fR_hvTsNl6VrPPkz3uvikB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.82.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:ae:1a:ad:c5:fb:69:09:db:43:88:d2:81:96:68:a7:3a:1e:
7a:46:ba:c2:d9:83:8a:ab:bd:ea:2b:00:a1:2d:7d:4a:5a:58:
44:32:45:e9:e3:1f:b0:25:7c:62:17:fb:2e:b3:5c:96:5d:52:
70:c3:59:f1:31:22:98:01:3e:30:28:cd:77:8b:36:19:8f:22:
8b:17:0d:c7:61:d0:6b:28:8e:00:58:ad:2b:39:a2:9c:28:d4:
b0:16:c0:f1:ea:d2:89:58:5f:4e:f2:4d:e9:71:d8:17:b6:54:
d5:90:74:1f:b8:33:32:73:72:17:b5:f8:82:63:28:91:b4:ba:
24:dd:ec:7c:a0:71:69:eb:fb:1e:5b:d3:1f:f7:85:87:3f:d2:
6f:eb:61:3f:5a:2b:31:ce:78:05:1c:85:3d:4a:61:41:7a:03:
57:2d:ee:d5:ab:03:a4:77:df:87:3f:f8:e6:13:45:9f:0c:8f:
47:0d:67:b5:54:53:62:19:f2:73:a3:4f:da:a7:dc:6a:e6:f3:
86:37:36:03:90:79:90:69:da:e9:ac:5a:47:13:77:72:84:b3:
35:55:e5:1b:a9:c6:02:f0:5c:c4:ef:14:2a:15:06:73:1f:d4:
03:e5:6f:96:ae:b1:ec:1f:4f:72:e7:cb:0f:94:16:15:8a:7f:
05:0f:c1:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgJ21YPtUaPWJiNTMvBLoMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwNTExMDgwOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTM3Mzk3ZDFmZTFiZDNiMGQ5N2E1NmIzY2Y5MzNkZWViZTI5MDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+GyqxJgV6X5A39UPgiec2JrAk2T
WKBxxGOhEEISduKolpVCRE7EBle6VxLUx7atH0OHcuWLydTiDB29EIYS1UCeBv2g
mGmtCx6D72Xvvd3+D3CN/edcvX8Si1lFHMxKwzswx7xuLnMeIV71YD1ksWPllRzd
KURSxjd/vkka5YG+NEi0LYLg4txlz26xQK4D3Ui6S97MxF2uApP3v3FdFG5oHxtV
GZhTPhq9xjBpfoJuDvoNmLUTQTHk+N95QAhK7gsY0M87tNSsrbK7VDTxwHKHPZa8
dVH6y2co7BrJr4YVYyMew7BbzX/1XiTgrbfMRlRfPIJbnnyhbfamZu+W0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEE3OX0f4b07DZelazz5M97r4pAeMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvUVRjNWZSX2h2VHNObDZWclBQa3ozdXZpa0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW/JSMA0G
CSqGSIb3DQEBCwUAA4IBAQAarhqtxftpCdtDiNKBlminOh56RrrC2YOKq73qKwCh
LX1KWlhEMkXp4x+wJXxiF/sus1yWXVJww1nxMSKYAT4wKM13izYZjyKLFw3HYdBr
KI4AWK0rOaKcKNSwFsDx6tKJWF9O8k3pcdgXtlTVkHQfuDMyc3IXtfiCYyiRtLok
3ex8oHFp6/seW9Mf94WHP9Jv62E/WisxzngFHIU9SmFBegNXLe7VqwOkd9+HP/jm
E0WfDI9HDWe1VFNiGfJzo0/ap9xq5vOGNzYDkHmQadrprFpHE3dyhLM1VeUbqcYC
8FzE7xQqFQZzH9QD5W+WrrHsH09y58sPlBYVin8FD8HL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org