Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/7YFPiwGnc9lUvOuhDeEXVqVuycs.roa
File: 7YFPiwGnc9lUvOuhDeEXVqVuycs.roa (raw, json)
Hash identifier: CvOo7eYyNy0ng56A4DpqJFUMNqPdhV3ehOGhFlcoCCs=
Subject key identifier: ED:81:4F:8B:01:A7:73:D9:54:BC:EB:A1:0D:E1:17:56:A5:6E:C9:CB
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018CC86FBE3DBF389AA68487B5D6573550E8
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/7YFPiwGnc9lUvOuhDeEXVqVuycs.roa
Signing time: Tue 02 Jan 2024 04:30:15 +0000
ROA not before: Tue 02 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22773
IP address blocks: 91.245.184.0/22 maxlen: 22
193.36.208.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Apr 2024 11:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:be:3d:bf:38:9a:a6:84:87:b5:d6:57:35:50:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed814f8b01a773d954bceba10de11756a56ec9cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b4:17:5c:88:cf:02:cc:b8:4b:45:7d:58:b9:
98:93:74:a2:cd:41:cb:87:fe:40:b0:a9:7b:26:a2:
2c:f2:c4:85:9f:dc:43:cc:f0:0a:7f:8b:21:a2:34:
8e:a1:7c:05:14:d8:c9:df:e4:a0:08:25:14:76:cb:
ae:a4:e3:ae:fb:8c:de:e6:18:22:b9:73:37:2c:90:
32:94:34:89:94:51:2e:3d:19:77:5e:17:48:be:aa:
dd:24:13:ea:e9:6d:c8:28:e1:80:e3:6e:e7:01:f4:
4f:a7:3c:7a:17:e0:24:2f:6c:3e:50:a6:5c:b2:ad:
03:69:46:e6:66:bf:e6:e5:c9:05:1c:8b:a7:d0:09:
42:cf:de:54:e3:a6:80:1e:36:d8:ae:bb:09:7e:87:
79:1a:8f:70:a5:28:ec:c3:21:63:bf:c7:28:6e:f6:
ef:73:24:f6:3d:c9:ed:c4:4e:11:0f:ab:e5:5f:11:
0b:f9:9e:8f:e0:38:07:31:58:c4:e0:26:1d:f9:da:
33:db:1c:88:23:c4:56:a8:83:a5:4b:47:6a:e0:f5:
d2:51:c9:c9:d9:06:28:05:50:09:71:2e:ef:46:11:
31:6b:ca:09:4f:d5:8e:1c:92:c9:37:36:89:ac:08:
4a:7e:aa:df:bf:ab:fd:f8:bf:63:2c:e0:55:c8:c7:
5d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:81:4F:8B:01:A7:73:D9:54:BC:EB:A1:0D:E1:17:56:A5:6E:C9:CB
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/7YFPiwGnc9lUvOuhDeEXVqVuycs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.184.0/22
193.36.208.0/21
Signature Algorithm: sha256WithRSAEncryption
29:90:7b:c3:4f:b1:c3:79:8f:2b:3e:98:d4:20:7c:38:bc:c3:
da:87:e5:48:b4:1c:e2:11:b6:5e:6e:a7:ec:be:b3:02:0c:f0:
72:e8:40:3e:4f:cf:88:86:e5:08:78:e6:e5:98:d5:07:70:1f:
4c:ec:c9:8a:b4:16:8b:d0:3b:02:0b:65:aa:fc:c8:55:40:ff:
30:89:08:15:02:33:26:c8:2a:51:cb:8b:83:30:9e:3c:71:7a:
48:06:ed:79:88:32:cb:0d:98:72:d3:59:aa:34:c6:17:06:81:
00:44:e2:cd:b4:01:1c:73:e4:5a:33:ec:f4:67:76:06:0d:8d:
b0:b7:dc:f6:78:69:40:b9:24:4e:1e:48:b9:44:68:5e:56:45:
12:53:a5:95:ed:17:15:45:34:fb:89:01:10:5c:53:fc:f8:51:
09:aa:79:13:2d:98:87:07:5a:65:67:33:0c:84:d6:f3:34:7f:
1e:36:75:46:fc:35:28:2e:75:27:5b:05:2b:c6:14:d1:75:db:
81:db:67:e1:31:5f:6e:9e:b5:65:0a:5b:af:4b:0b:39:a8:f4:
0d:c8:b2:c8:95:e7:60:d7:b0:6b:ab:bd:c3:e2:d1:e7:0f:06:
f5:44:82:97:13:8f:56:69:71:cf:49:fb:81:63:14:df:84:be:
c7:a1:93:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIb749vziapoSHtdZXNVDoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwMTAyMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDgxNGY4YjAxYTc3M2Q5NTRiY2ViYTEwZGUxMTc1NmE1NmVjOWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLQXXIjPAsy4S0V9WLmYk3SizUHL
h/5AsKl7JqIs8sSFn9xDzPAKf4shojSOoXwFFNjJ3+SgCCUUdsuupOOu+4ze5hgi
uXM3LJAylDSJlFEuPRl3XhdIvqrdJBPq6W3IKOGA427nAfRPpzx6F+AkL2w+UKZc
sq0DaUbmZr/m5ckFHIun0AlCz95U46aAHjbYrrsJfod5Go9wpSjswyFjv8cobvbv
cyT2PcntxE4RD6vlXxEL+Z6P4DgHMVjE4CYd+doz2xyII8RWqIOlS0dq4PXSUcnJ
2QYoBVAJcS7vRhExa8oJT9WOHJLJNzaJrAhKfqrfv6v9+L9jLOBVyMddLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO2BT4sBp3PZVLzroQ3hF1albsnLMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvN1lGUGl3R25jOWxVdk91aERlRVhWcVZ1eWNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW/W4AwQD
wSTQMA0GCSqGSIb3DQEBCwUAA4IBAQApkHvDT7HDeY8rPpjUIHw4vMPah+VItBzi
EbZebqfsvrMCDPBy6EA+T8+IhuUIeOblmNUHcB9M7MmKtBaL0DsCC2Wq/MhVQP8w
iQgVAjMmyCpRy4uDMJ48cXpIBu15iDLLDZhy01mqNMYXBoEAROLNtAEcc+RaM+z0
Z3YGDY2wt9z2eGlAuSROHki5RGheVkUSU6WV7RcVRTT7iQEQXFP8+FEJqnkTLZiH
B1plZzMMhNbzNH8eNnVG/DUoLnUnWwUrxhTRdduB22fhMV9unrVlCluvSws5qPQN
yLLIledg17Brq73D4tHnDwb1RIKXE49WaXHPSfuBYxTfhL7HoZMe
-----END CERTIFICATE-----
Generated at Tue Apr 2 14:44:00 2024 by rpki-client on console-ams.rpki-client.org