Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/b4AJw42soAiibi8jyJfaE4vcEew.roa
File: b4AJw42soAiibi8jyJfaE4vcEew.roa (raw, json)
Hash identifier: +JCD67rbO2X2FFoyMTAUI3YtE6Hx+nW3vRK4ew1ic9I=
Subject key identifier: 6F:80:09:C3:8D:AC:A0:08:A2:6E:2F:23:C8:97:DA:13:8B:DC:11:EC
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0188A0BD7964F125D624236F7C544B8903E7
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/b4AJw42soAiibi8jyJfaE4vcEew.roa
Signing time: Fri 09 Jun 2023 15:19:11 +0000
ROA not before: Fri 09 Jun 2023 15:19:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201011
IP address blocks: 91.238.42.0/23 maxlen: 24
91.238.41.0/24 maxlen: 24
91.238.43.0/24 maxlen: 24
91.238.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Jun 2023 15:20:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a0:bd:79:64:f1:25:d6:24:23:6f:7c:54:4b:89:03:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jun 9 15:19:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f8009c38daca008a26e2f23c897da138bdc11ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:02:23:c3:d3:5c:82:3f:c5:f0:34:c6:a1:ae:
ea:1f:aa:1b:43:93:55:9f:77:e3:3a:6d:0f:43:1f:
50:4e:86:19:da:d5:93:02:b7:6e:a9:5e:c6:4a:c0:
0d:fd:70:1a:f3:14:03:c4:1e:26:6e:a7:c9:49:bc:
1e:8e:8d:3e:04:2c:4c:8a:19:f2:a9:df:87:e5:63:
1f:5d:de:3e:36:45:b3:1f:f3:3f:d2:70:77:70:40:
54:86:92:00:7d:6f:51:1b:ee:86:8c:98:d8:62:95:
37:88:2c:ac:8d:af:83:1a:05:fe:34:d4:d7:57:55:
b8:fd:f9:25:1b:2b:c8:a2:da:b2:10:b9:2f:25:9e:
cf:5e:64:7b:ff:e7:2f:93:ec:79:38:4c:54:e4:c9:
4d:9a:c4:66:1f:e3:d4:89:53:3e:df:42:25:98:cb:
8c:2d:c1:2e:48:b5:a7:f6:83:c5:fb:df:bc:c9:d8:
3e:09:3c:c9:05:90:19:c6:f3:35:25:fd:bb:02:a4:
6d:98:4f:9f:82:64:a6:0d:89:e1:8a:60:05:b6:b8:
73:e3:61:b3:d3:b1:bd:59:12:fc:c9:38:dc:b7:5e:
5f:f5:76:e8:c7:14:48:b9:5f:89:c2:83:a5:14:8d:
ad:9e:a3:3b:cd:49:43:61:2e:c0:73:df:a6:c8:99:
91:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:80:09:C3:8D:AC:A0:08:A2:6E:2F:23:C8:97:DA:13:8B:DC:11:EC
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/b4AJw42soAiibi8jyJfaE4vcEew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.41.0-91.238.43.255
Signature Algorithm: sha256WithRSAEncryption
84:37:ef:ad:03:aa:92:ac:e5:9d:27:dd:c4:5d:89:52:e8:c4:
bc:21:3e:87:a0:e5:54:e7:1c:42:9e:3b:30:2a:d4:e0:85:74:
77:ca:d9:0f:32:c9:c6:a2:ba:3f:13:b0:14:4b:4e:de:e5:cc:
76:d0:8f:13:c5:70:7a:8d:c6:ce:7e:36:b8:56:77:0f:1d:6a:
08:a7:e3:e8:f5:93:f8:1d:82:0f:eb:52:b7:ed:a3:66:3d:a7:
70:51:18:c8:af:bd:83:7a:11:80:31:1c:9e:a1:4f:88:ee:90:
91:07:68:2f:4d:17:e2:8f:85:c4:9f:29:a9:0a:c2:7c:a5:75:
64:bd:0f:9d:be:cb:89:f3:be:3b:1e:8e:73:c9:a5:c5:66:35:
17:a8:b6:2b:89:d1:2c:b4:32:9a:d5:7d:10:09:cb:e2:d0:77:
b5:66:6d:94:ba:4e:62:71:88:ca:0b:88:ec:fe:bf:b5:6c:4c:
66:9c:c8:46:1e:99:e6:02:bf:eb:37:b2:e7:d0:ab:43:f0:4f:
a9:c3:f0:6b:c4:75:b9:58:d7:76:45:4e:f4:32:6e:f3:ee:39:
b7:bf:62:4b:df:6d:b7:5e:5f:82:5b:a5:b7:5e:4a:c6:a1:7b:
19:86:ee:ce:64:25:8f:71:d5:71:4e:68:ee:76:2e:66:9a:46:
c5:5d:c8:1b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYigvXlk8SXWJCNvfFRLiQPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNjA5MTUxOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjgwMDljMzhkYWNhMDA4YTI2ZTJmMjNjODk3ZGExMzhiZGMxMWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggIjw9Ncgj/F8DTGoa7qH6obQ5NV
n3fjOm0PQx9QToYZ2tWTArduqV7GSsAN/XAa8xQDxB4mbqfJSbwejo0+BCxMihny
qd+H5WMfXd4+NkWzH/M/0nB3cEBUhpIAfW9RG+6GjJjYYpU3iCysja+DGgX+NNTX
V1W4/fklGyvIotqyELkvJZ7PXmR7/+cvk+x5OExU5MlNmsRmH+PUiVM+30IlmMuM
LcEuSLWn9oPF+9+8ydg+CTzJBZAZxvM1Jf27AqRtmE+fgmSmDYnhimAFtrhz42Gz
07G9WRL8yTjct15f9XboxxRIuV+JwoOlFI2tnqM7zUlDYS7Ac9+myJmRDQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFG+ACcONrKAIom4vI8iX2hOL3BHsMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvYjRBSnc0MnNvQWlpYmk4anlKZmFFNHZjRWV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABb7ikD
BAJb7igwDQYJKoZIhvcNAQELBQADggEBAIQ3760DqpKs5Z0n3cRdiVLoxLwhPoeg
5VTnHEKeOzAq1OCFdHfK2Q8yycaiuj8TsBRLTt7lzHbQjxPFcHqNxs5+NrhWdw8d
agin4+j1k/gdgg/rUrfto2Y9p3BRGMivvYN6EYAxHJ6hT4jukJEHaC9NF+KPhcSf
KakKwnyldWS9D52+y4nzvjsejnPJpcVmNReotiuJ0Sy0MprVfRAJy+LQd7VmbZS6
TmJxiMoLiOz+v7VsTGacyEYemeYCv+s3sufQq0PwT6nD8GvEdblY13ZFTvQybvPu
Obe/YkvfbbdeX4JbpbdeSsahexmG7s5kJY9x1XFOaO52LmaaRsVdyBs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org