Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/o_MR9x1ZSvzk_N6H8PQ8UkDe5YI.roa
File: o_MR9x1ZSvzk_N6H8PQ8UkDe5YI.roa (raw, json)
Hash identifier: J8N+LuEs/0UOAnja+ICE5WqQBMux2Fq/lCvYWX6rk3k=
Subject key identifier: A3:F3:11:F7:1D:59:4A:FC:E4:FC:DE:87:F0:F4:3C:52:40:DE:E5:82
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01856BDCAD236ACB752AEC2B20B5A293FCD3
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/o_MR9x1ZSvzk_N6H8PQ8UkDe5YI.roa
Signing time: Sun 01 Jan 2023 05:45:02 +0000
ROA not before: Sun 01 Jan 2023 05:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201011
IP address blocks: 91.238.41.0/24 maxlen: 24
91.238.42.0/24 maxlen: 24
91.238.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Jun 2023 15:19:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:ad:23:6a:cb:75:2a:ec:2b:20:b5:a2:93:fc:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3f311f71d594afce4fcde87f0f43c5240dee582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0f:5f:3e:00:37:f9:96:7f:c5:52:c6:84:ba:
41:a5:04:f4:85:18:78:7e:4b:d7:a6:ba:64:b4:b4:
79:22:1a:d5:86:5e:3f:04:96:70:de:6f:d2:73:dc:
75:99:d5:87:eb:5d:78:23:2d:6f:d6:9a:7a:d5:c7:
70:53:f6:a9:3d:aa:d1:bd:46:8b:d5:ac:6f:b8:60:
17:44:fd:53:19:43:f0:ea:85:13:48:94:1f:ec:de:
21:ba:c5:9a:0e:77:50:77:88:35:3f:97:1c:df:a9:
48:38:5e:a7:de:69:27:c2:d7:40:3e:d8:c2:18:23:
64:f1:32:8f:65:04:64:b5:02:47:c0:a5:28:ad:16:
0f:22:d0:b9:94:70:f3:c4:e7:0b:8c:e6:a3:7c:50:
bb:28:67:af:ce:6b:eb:e4:88:a5:26:bb:f2:82:de:
c2:bf:25:5a:4f:6d:d6:50:2c:51:4a:24:17:d9:47:
a5:a7:99:7a:c1:6f:96:37:a4:1a:4d:2e:cf:ae:bc:
e4:30:b2:99:df:b4:11:ac:be:1f:73:a0:21:8f:61:
d5:be:54:1d:b8:6b:d3:41:87:68:c4:0b:3a:81:00:
3f:52:dc:af:4c:0f:34:bd:0c:fe:42:fe:d7:9e:9c:
13:cc:cf:24:0f:aa:c3:ba:20:71:ce:32:ee:62:c1:
fb:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F3:11:F7:1D:59:4A:FC:E4:FC:DE:87:F0:F4:3C:52:40:DE:E5:82
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/o_MR9x1ZSvzk_N6H8PQ8UkDe5YI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.41.0-91.238.43.255
Signature Algorithm: sha256WithRSAEncryption
31:db:68:06:b1:a0:44:93:a9:94:52:d8:7e:fc:fb:1d:a9:70:
a1:7e:49:93:7d:47:81:0f:68:b1:00:4f:9a:1e:82:50:d9:f2:
7d:2a:8e:fc:bf:f8:09:5f:94:f8:6a:df:ed:f7:77:57:6e:29:
25:5f:b2:36:e4:d2:92:0f:3c:82:de:06:35:6b:43:a4:05:27:
7c:1d:7c:22:56:2b:e7:fa:72:5a:a6:3e:33:e2:0f:e0:39:1f:
f8:1b:1f:7e:3e:cb:39:52:15:8e:12:ee:58:a1:81:0e:49:bf:
10:b4:59:37:ba:72:fa:ee:84:60:1c:7e:77:d5:51:f3:52:ec:
e0:d3:31:c4:84:41:30:ef:2c:6d:6d:69:34:a4:72:9d:7d:26:
af:72:13:46:4b:29:e4:50:a3:fe:9f:9f:72:86:15:f2:80:c4:
6c:91:73:d2:af:1d:76:96:f3:b9:ac:01:be:08:4b:91:ab:0d:
8e:33:6f:c4:57:17:18:7b:a2:b8:67:30:50:95:1c:39:ef:8a:
6d:25:fa:92:03:a8:65:6c:f0:8b:d0:7e:dd:34:8d:e3:fb:60:
50:bd:76:92:3b:58:62:db:b0:7b:19:38:23:c6:68:d7:b4:c7:
4b:50:ef:c4:a3:6e:3b:0f:74:bd:af:94:3c:70:97:50:cd:0a:
01:91:c1:fb
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVr3K0jast1KuwrILWik/zTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTAxMDU0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2YzMTFmNzFkNTk0YWZjZTRmY2RlODdmMGY0M2M1MjQwZGVlNTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoA9fPgA3+ZZ/xVLGhLpBpQT0hRh4
fkvXprpktLR5IhrVhl4/BJZw3m/Sc9x1mdWH6114Iy1v1pp61cdwU/apParRvUaL
1axvuGAXRP1TGUPw6oUTSJQf7N4husWaDndQd4g1P5cc36lIOF6n3mknwtdAPtjC
GCNk8TKPZQRktQJHwKUorRYPItC5lHDzxOcLjOajfFC7KGevzmvr5IilJrvygt7C
vyVaT23WUCxRSiQX2Uelp5l6wW+WN6QaTS7PrrzkMLKZ37QRrL4fc6Ahj2HVvlQd
uGvTQYdoxAs6gQA/UtyvTA80vQz+Qv7XnpwTzM8kD6rDuiBxzjLuYsH7WQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKPzEfcdWUr85Pzeh/D0PFJA3uWCMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvb19NUjl4MVpTdnprX042SDhQUThVa0RlNVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABb7ikD
BAJb7igwDQYJKoZIhvcNAQELBQADggEBADHbaAaxoESTqZRS2H78+x2pcKF+SZN9
R4EPaLEAT5oeglDZ8n0qjvy/+AlflPhq3+33d1duKSVfsjbk0pIPPILeBjVrQ6QF
J3wdfCJWK+f6clqmPjPiD+A5H/gbH34+yzlSFY4S7lihgQ5JvxC0WTe6cvruhGAc
fnfVUfNS7ODTMcSEQTDvLG1taTSkcp19Jq9yE0ZLKeRQo/6fn3KGFfKAxGyRc9Kv
HXaW87msAb4IS5GrDY4zb8RXFxh7orhnMFCVHDnvim0l+pIDqGVs8IvQft00jeP7
YFC9dpI7WGLbsHsZOCPGaNe0x0tQ78SjbjsPdL2vlDxwl1DNCgGRwfs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org