Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/p0iZ_BSBFRLxgSOPRO2c2n0Otv0.roa
File: p0iZ_BSBFRLxgSOPRO2c2n0Otv0.roa (raw, json)
Hash identifier: diERH/Ib0E8Hz+IIQehHGci12hWU9PShJgheNMsdY0g=
Subject key identifier: A7:48:99:FC:14:81:15:12:F1:81:23:8F:44:ED:9C:DA:7D:0E:B6:FD
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0192E2A86C7808630B03B60256E40331D908
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/p0iZ_BSBFRLxgSOPRO2c2n0Otv0.roa
Signing time: Thu 31 Oct 2024 12:59:01 +0000
ROA not before: Thu 31 Oct 2024 12:59:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63018
IP address blocks: 91.235.166.0/24 maxlen: 24
91.235.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Oct 2024 14:18:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e2:a8:6c:78:08:63:0b:03:b6:02:56:e4:03:31:d9:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Oct 31 12:59:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a74899fc14811512f181238f44ed9cda7d0eb6fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e0:5b:ad:3c:94:c5:6d:9f:c7:4d:4a:35:04:
b2:19:d6:47:6e:1a:86:32:d8:08:fd:56:cc:18:a4:
62:67:f7:a7:a5:56:1f:cf:18:c2:ba:08:e6:d9:33:
47:07:4e:25:e6:8e:be:ab:23:b8:f9:74:f7:f6:d7:
df:8c:5f:3c:47:86:50:29:19:40:33:dd:96:42:ea:
6f:4f:07:71:d6:43:95:1d:6f:1c:fa:26:74:ee:5b:
73:cd:75:74:42:2e:22:e8:75:4b:a3:af:96:bc:cb:
09:5d:1c:81:5f:fd:7e:10:2e:4a:87:6b:95:17:a1:
b5:68:02:17:d2:78:e4:ab:0d:56:d6:fd:5e:77:52:
84:64:d6:d3:9d:ca:84:22:8e:b9:cb:10:ef:a5:a0:
0d:09:73:12:f6:21:af:45:37:ef:19:3c:81:80:0f:
d3:70:cd:f3:8e:c5:77:18:bd:07:90:21:b5:75:d0:
7c:40:0b:dd:d8:0b:ab:7d:9c:96:7c:26:39:ad:d4:
b0:a6:bd:b4:bc:8f:f3:15:78:a1:b1:f0:c4:fa:b3:
dd:56:e4:f7:8e:50:dc:4e:68:4a:24:67:7f:01:7d:
9a:af:87:a7:b4:6f:44:36:f0:81:0e:8e:39:23:0e:
c4:0b:0d:e5:dd:40:97:c7:84:50:87:15:e1:dc:30:
26:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:48:99:FC:14:81:15:12:F1:81:23:8F:44:ED:9C:DA:7D:0E:B6:FD
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/p0iZ_BSBFRLxgSOPRO2c2n0Otv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.166.0/23
Signature Algorithm: sha256WithRSAEncryption
43:c6:fd:55:fe:61:95:3c:db:35:81:4a:15:ea:3a:dd:ff:cd:
f2:34:b1:74:cc:d5:ef:32:6b:4b:6b:b4:e1:6b:cb:f0:6d:98:
0d:87:74:e4:2f:8c:9f:58:a9:bb:8f:95:02:dd:1f:a5:19:c0:
05:8e:d1:37:da:f1:74:0c:b7:85:ac:c2:0e:4f:b6:85:d9:91:
a2:21:5f:8f:6c:a4:cf:67:43:67:fa:e6:22:68:c5:fb:8f:d1:
86:89:e8:fc:68:b5:61:cc:d5:4c:38:9f:92:be:ae:57:60:75:
b1:d7:d8:3d:07:0c:78:0f:e9:98:03:b9:a0:7e:ec:f1:03:43:
9a:4f:02:64:2c:0f:da:d1:a0:da:54:0c:9d:23:c8:1b:fe:6c:
9a:b9:bf:6a:28:55:ec:25:18:bf:ce:cc:a1:34:b7:7a:87:cb:
56:b0:df:38:2a:44:36:8d:b3:a9:7d:b6:f0:a8:28:74:5a:8c:
af:93:4b:c0:12:1e:af:d5:e6:c3:78:d0:32:f1:62:2f:7d:d8:
7a:85:c0:c8:60:3c:f4:13:7e:8f:5f:67:2c:24:d1:0b:71:21:
54:a4:78:c6:0b:10:54:c5:fe:91:4e:f7:b3:03:b1:b5:28:f8:
65:61:be:bf:b7:da:f2:aa:14:53:e9:e8:c3:30:f8:65:eb:43:
7a:b0:3f:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLiqGx4CGMLA7YCVuQDMdkIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQxMDMxMTI1OTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzQ4OTlmYzE0ODExNTEyZjE4MTIzOGY0NGVkOWNkYTdkMGViNmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuBbrTyUxW2fx01KNQSyGdZHbhqG
MtgI/VbMGKRiZ/enpVYfzxjCugjm2TNHB04l5o6+qyO4+XT39tffjF88R4ZQKRlA
M92WQupvTwdx1kOVHW8c+iZ07ltzzXV0Qi4i6HVLo6+WvMsJXRyBX/1+EC5Kh2uV
F6G1aAIX0njkqw1W1v1ed1KEZNbTncqEIo65yxDvpaANCXMS9iGvRTfvGTyBgA/T
cM3zjsV3GL0HkCG1ddB8QAvd2AurfZyWfCY5rdSwpr20vI/zFXihsfDE+rPdVuT3
jlDcTmhKJGd/AX2ar4entG9ENvCBDo45Iw7ECw3l3UCXx4RQhxXh3DAm6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKdImfwUgRUS8YEjj0TtnNp9Drb9MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvcDBpWl9CU0JGUkx4Z1NPUFJPMmMybjBPdHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+umMA0G
CSqGSIb3DQEBCwUAA4IBAQBDxv1V/mGVPNs1gUoV6jrd/83yNLF0zNXvMmtLa7Th
a8vwbZgNh3TkL4yfWKm7j5UC3R+lGcAFjtE32vF0DLeFrMIOT7aF2ZGiIV+PbKTP
Z0Nn+uYiaMX7j9GGiej8aLVhzNVMOJ+Svq5XYHWx19g9Bwx4D+mYA7mgfuzxA0Oa
TwJkLA/a0aDaVAydI8gb/myaub9qKFXsJRi/zsyhNLd6h8tWsN84KkQ2jbOpfbbw
qCh0Woyvk0vAEh6v1ebDeNAy8WIvfdh6hcDIYDz0E36PX2csJNELcSFUpHjGCxBU
xf6RTvezA7G1KPhlYb6/t9ryqhRT6ejDMPhl60N6sD+Z
-----END CERTIFICATE-----
Generated at Thu Oct 31 17:47:13 2024 by rpki-client on console-fra.rpki-client.org