Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/70j7ZL_hvdbC4Mq_IipXefyF1eM.roa
File: 70j7ZL_hvdbC4Mq_IipXefyF1eM.roa (raw, json)
Hash identifier: C0qim1d/dQs0sESobaMI6NQE4dNyk1yiikF5Y5SLtXk=
Subject key identifier: EF:48:FB:64:BF:E1:BD:D6:C2:E0:CA:BF:22:2A:57:79:FC:85:D5:E3
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018B7120C9180E26B1082FED3745E8E97B9E
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/70j7ZL_hvdbC4Mq_IipXefyF1eM.roa
Signing time: Fri 27 Oct 2023 12:34:15 +0000
ROA not before: Fri 27 Oct 2023 12:34:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204229
IP address blocks: 91.238.40.0/23 maxlen: 23
91.245.188.0/22 maxlen: 22
64.43.73.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:71:20:c9:18:0e:26:b1:08:2f:ed:37:45:e8:e9:7b:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Oct 27 12:34:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef48fb64bfe1bdd6c2e0cabf222a5779fc85d5e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c0:79:7a:e9:ca:12:18:06:dd:a4:1e:22:ba:
e2:6f:e9:e2:2f:e9:51:fa:fd:97:83:15:9d:ad:2f:
88:43:8e:08:be:bd:af:42:46:77:aa:2d:39:7d:aa:
60:52:21:b5:11:c4:85:f4:cf:17:c6:66:e4:75:99:
c1:a2:9f:24:c2:e9:09:65:95:ca:da:f3:e6:68:f0:
32:64:c9:6c:95:ed:48:b7:51:b3:75:a2:ab:36:4a:
d1:00:37:fa:22:c9:5b:b3:d9:24:18:76:1d:85:9d:
64:0e:5b:8d:2e:1d:98:37:e6:90:52:9d:11:66:fa:
27:a7:8f:a8:43:bb:ed:30:b2:d5:c8:86:a6:ba:1c:
17:94:4c:c4:a8:fd:78:d0:92:e4:29:1d:87:0e:fd:
1a:ba:f5:55:74:a0:2a:3d:51:47:0f:fe:e5:77:94:
bf:74:39:f5:da:06:f1:4a:7f:7a:16:35:04:91:56:
e9:18:a3:8f:e4:48:6c:84:1a:ce:e7:36:b4:49:f6:
2d:97:06:a2:6a:a6:e2:cc:b2:b5:d4:3c:3b:f5:2b:
8b:9b:ff:05:23:6a:35:96:0a:09:6c:e1:12:b4:42:
f4:4a:35:0c:a5:79:b8:52:bf:ed:f4:ca:f9:e1:76:
e0:b8:69:1f:6c:a0:a0:24:ad:db:ac:2c:61:41:71:
c3:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:48:FB:64:BF:E1:BD:D6:C2:E0:CA:BF:22:2A:57:79:FC:85:D5:E3
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/70j7ZL_hvdbC4Mq_IipXefyF1eM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.73.0/24
91.238.40.0/23
91.245.188.0/22
Signature Algorithm: sha256WithRSAEncryption
69:3a:b9:9e:2a:60:de:bc:7f:0b:be:a4:62:71:c9:15:3b:fb:
ad:38:f5:63:25:43:1e:96:56:4d:7a:44:72:b8:8c:b0:e9:a5:
5f:13:08:04:f8:38:5c:fc:52:17:0d:b9:6a:e4:52:18:9a:a4:
bf:0d:a4:8b:48:5b:7b:af:1a:25:37:62:9d:38:36:38:51:b9:
04:06:98:a1:1b:ce:85:54:a6:f3:22:20:c1:55:f2:1a:06:07:
e8:57:1c:5e:90:1d:7c:68:c3:36:65:03:9d:a5:0b:82:25:bb:
2e:f4:b4:31:8d:13:07:f9:3e:5a:ae:48:b9:2b:e4:0c:6b:e0:
7d:92:93:bf:66:ac:93:60:2e:07:08:97:2a:74:df:ba:cd:ac:
ea:69:62:12:b9:59:81:43:71:bd:82:00:ae:90:3d:cc:5c:72:
0e:51:06:25:71:da:8a:72:e6:b8:3f:ad:05:70:26:c9:ec:25:
52:34:23:ce:cc:de:39:0d:0b:43:35:12:72:30:34:55:d9:06:
cd:1e:8f:97:7c:15:eb:b8:d5:bb:7e:de:50:58:c1:51:53:fe:
02:58:a3:93:ca:cc:e9:f0:63:31:6e:ba:2e:8a:f9:ee:a0:22:
07:e1:ed:ac:c1:dc:1f:97:85:dd:84:a7:f0:8e:b8:2b:ab:cc:
3e:ea:8a:04
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtxIMkYDiaxCC/tN0Xo6XueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMxMDI3MTIzNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjQ4ZmI2NGJmZTFiZGQ2YzJlMGNhYmYyMjJhNTc3OWZjODVkNWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMB5eunKEhgG3aQeIrrib+niL+lR
+v2XgxWdrS+IQ44Ivr2vQkZ3qi05fapgUiG1EcSF9M8XxmbkdZnBop8kwukJZZXK
2vPmaPAyZMlsle1It1GzdaKrNkrRADf6Islbs9kkGHYdhZ1kDluNLh2YN+aQUp0R
Zvonp4+oQ7vtMLLVyIamuhwXlEzEqP140JLkKR2HDv0auvVVdKAqPVFHD/7ld5S/
dDn12gbxSn96FjUEkVbpGKOP5EhshBrO5za0SfYtlwaiaqbizLK11Dw79SuLm/8F
I2o1lgoJbOEStEL0SjUMpXm4Ur/t9Mr54XbguGkfbKCgJK3brCxhQXHDOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO9I+2S/4b3WwuDKvyIqV3n8hdXjMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvNzBqN1pMX2h2ZGJDNE1xX0lpcFhlZnlGMWVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAQCtJAwQB
W+4oAwQCW/W8MA0GCSqGSIb3DQEBCwUAA4IBAQBpOrmeKmDevH8LvqRicckVO/ut
OPVjJUMellZNekRyuIyw6aVfEwgE+Dhc/FIXDblq5FIYmqS/DaSLSFt7rxolN2Kd
ODY4UbkEBpihG86FVKbzIiDBVfIaBgfoVxxekB18aMM2ZQOdpQuCJbsu9LQxjRMH
+T5arki5K+QMa+B9kpO/ZqyTYC4HCJcqdN+6zazqaWISuVmBQ3G9ggCukD3MXHIO
UQYlcdqKcua4P60FcCbJ7CVSNCPOzN45DQtDNRJyMDRV2QbNHo+XfBXruNW7ft5Q
WMFRU/4CWKOTyszp8GMxbrouivnuoCIH4e2swdwfl4XdhKfwjrgrq8w+6ooE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org