Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/G8ifSQWVwxbdMc7H-ME99PiR6u8.roa
File: G8ifSQWVwxbdMc7H-ME99PiR6u8.roa (raw, json)
Hash identifier: BV83rKEo+MKruefUY7lTC41PVFsoyHQmIamCIIEynas=
Subject key identifier: 1B:C8:9F:49:05:95:C3:16:DD:31:CE:C7:F8:C1:3D:F4:F8:91:EA:EF
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018897836AD96D94B59EB8311F6B18C6646F
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/G8ifSQWVwxbdMc7H-ME99PiR6u8.roa
Signing time: Wed 07 Jun 2023 20:19:12 +0000
ROA not before: Wed 07 Jun 2023 20:19:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206150
IP address blocks: 91.238.42.0/23 maxlen: 23
91.245.91.0/24 maxlen: 24
176.103.121.0/24 maxlen: 24
64.43.72.0/24 maxlen: 24
91.234.120.0/24 maxlen: 24
91.234.121.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:97:83:6a:d9:6d:94:b5:9e:b8:31:1f:6b:18:c6:64:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jun 7 20:19:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bc89f490595c316dd31cec7f8c13df4f891eaef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5e:37:81:72:aa:e4:29:3b:1b:1b:54:5a:aa:
45:96:a2:82:d6:f4:ed:ab:2c:1b:55:3c:d9:cd:45:
0f:21:f4:a3:22:9d:de:39:9f:c2:37:11:04:d0:90:
1c:e4:65:3c:3c:20:bd:0a:a0:44:2f:b8:4a:02:19:
85:3d:45:02:66:84:66:6f:09:98:b4:84:dc:01:8b:
f5:7d:1d:ee:e2:f9:11:8a:53:74:6d:97:1e:74:b6:
cb:20:f3:b9:8a:a7:f8:b0:64:3e:99:80:11:4b:c4:
95:74:75:1c:f8:35:e5:22:74:5e:eb:64:cf:43:e4:
8a:92:39:ac:ac:ee:7a:79:7c:23:eb:83:45:c5:91:
d7:5a:02:15:0a:e4:12:50:a7:58:24:fd:13:29:56:
5b:a0:7a:25:fb:75:4c:cf:11:4c:76:d8:99:90:ca:
3b:89:7f:1f:42:f8:ea:68:9e:fd:77:81:8f:a0:39:
0c:fa:dd:66:a8:84:84:04:e7:32:2e:a3:53:35:1e:
f3:7f:cb:a3:38:8a:aa:de:ca:99:60:0b:8b:68:03:
80:b9:01:04:91:d7:7e:e1:d7:80:11:65:fd:e5:f3:
f7:9d:6f:73:d4:ed:8a:7c:e5:c5:02:ef:03:99:36:
6a:ee:27:6e:72:c0:47:a5:f7:f9:6c:ef:6f:d0:6b:
12:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C8:9F:49:05:95:C3:16:DD:31:CE:C7:F8:C1:3D:F4:F8:91:EA:EF
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/G8ifSQWVwxbdMc7H-ME99PiR6u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.72.0/24
91.234.120.0/23
91.238.42.0/23
91.245.91.0/24
176.103.121.0/24
Signature Algorithm: sha256WithRSAEncryption
90:63:51:41:25:31:d6:eb:cd:2d:4a:e6:9f:94:85:0e:72:d8:
7d:af:81:11:04:a6:3f:5f:99:b9:d2:ca:8f:b6:d6:5c:0e:9f:
14:37:aa:23:f5:00:e7:67:ee:b8:59:fa:a5:a9:3a:76:e1:37:
f2:6a:e3:65:fa:5e:dc:2b:47:dc:29:c1:03:15:30:a1:be:1c:
26:3f:7e:9c:28:6c:11:4a:29:ca:fa:e5:be:1c:6b:34:65:f3:
2a:4b:bb:04:d4:5d:8c:6e:49:62:24:e8:11:b6:79:f6:85:ef:
d5:26:2f:a4:e5:fc:cc:e4:68:00:fa:1f:f1:93:f6:03:e1:d4:
c8:53:e8:92:23:35:5f:fe:05:63:aa:52:bd:a3:a4:18:ab:94:
21:a8:18:43:08:83:9e:61:0f:14:ca:90:eb:f4:b9:77:f0:6f:
1e:9b:6b:41:a9:56:c8:25:5f:87:be:29:48:da:2e:b1:c2:da:
44:0e:1f:11:c5:6c:a9:bc:f8:09:9d:22:14:f3:e6:a6:a3:3b:
10:62:12:71:c0:5f:81:38:4d:1e:bd:b0:6a:97:d2:0c:08:d2:
33:f0:ee:14:02:1f:1e:f3:a3:8f:42:d7:e6:4b:56:c2:65:30:
d3:31:00:59:8c:9f:ce:9e:01:ae:e1:d1:5b:fe:0d:fb:c6:44:
c4:39:28:76
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYiXg2rZbZS1nrgxH2sYxmRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNjA3MjAxOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmM4OWY0OTA1OTVjMzE2ZGQzMWNlYzdmOGMxM2RmNGY4OTFlYWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy143gXKq5Ck7GxtUWqpFlqKC1vTt
qywbVTzZzUUPIfSjIp3eOZ/CNxEE0JAc5GU8PCC9CqBEL7hKAhmFPUUCZoRmbwmY
tITcAYv1fR3u4vkRilN0bZcedLbLIPO5iqf4sGQ+mYARS8SVdHUc+DXlInRe62TP
Q+SKkjmsrO56eXwj64NFxZHXWgIVCuQSUKdYJP0TKVZboHol+3VMzxFMdtiZkMo7
iX8fQvjqaJ79d4GPoDkM+t1mqISEBOcyLqNTNR7zf8ujOIqq3sqZYAuLaAOAuQEE
kdd+4deAEWX95fP3nW9z1O2KfOXFAu8DmTZq7iducsBHpff5bO9v0GsSswIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBvIn0kFlcMW3THOx/jBPfT4kervMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvRzhpZlNRV1Z3eGJkTWM3SC1NRTk5UGlSNnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAQCtIAwQB
W+p4AwQBW+4qAwQAW/VbAwQAsGd5MA0GCSqGSIb3DQEBCwUAA4IBAQCQY1FBJTHW
680tSuaflIUOcth9r4ERBKY/X5m50sqPttZcDp8UN6oj9QDnZ+64WfqlqTp24Tfy
auNl+l7cK0fcKcEDFTChvhwmP36cKGwRSinK+uW+HGs0ZfMqS7sE1F2MbkliJOgR
tnn2he/VJi+k5fzM5GgA+h/xk/YD4dTIU+iSIzVf/gVjqlK9o6QYq5QhqBhDCIOe
YQ8UypDr9Ll38G8em2tBqVbIJV+HvilI2i6xwtpEDh8RxWypvPgJnSIU8+amozsQ
YhJxwF+BOE0evbBql9IMCNIz8O4UAh8e86OPQtfmS1bCZTDTMQBZjJ/OngGu4dFb
/g37xkTEOSh2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:42 2023 by rpki-client on console-ams.rpki-client.org