Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/brN4qnDwBeU9kQX3-4QJs1t4X3A.roa
File: brN4qnDwBeU9kQX3-4QJs1t4X3A.roa (raw, json)
Hash identifier: vMsONKuij0KAF8MHMFzFETvGe7XHY8UZPjiBiIo7Isk=
Subject key identifier: 6E:B3:78:AA:70:F0:05:E5:3D:91:05:F7:FB:84:09:B3:5B:78:5F:70
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 0185B396004B4BC9C25F4E6BDD4C7F645606
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/brN4qnDwBeU9kQX3-4QJs1t4X3A.roa
Signing time: Sun 15 Jan 2023 04:00:30 +0000
ROA not before: Sun 15 Jan 2023 04:00:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 91.228.231.0/24 maxlen: 24
91.228.251.0/24 maxlen: 24
91.229.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Jan 2023 04:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b3:96:00:4b:4b:c9:c2:5f:4e:6b:dd:4c:7f:64:56:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 15 04:00:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6eb378aa70f005e53d9105f7fb8409b35b785f70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:db:ae:c4:0f:20:71:89:4b:4c:c0:29:d5:46:
25:ed:34:94:fc:ca:9f:a6:17:56:8e:04:7e:bf:89:
67:00:c7:69:e9:d1:50:fe:2b:60:dd:73:8c:9b:3c:
84:e8:a7:7b:cb:5c:66:c5:81:2c:43:f1:51:41:ad:
fe:7c:5a:da:df:c6:53:9d:b9:36:fb:e5:90:8c:11:
0d:bb:7f:bb:74:5a:d8:fc:a7:30:97:9a:43:4b:02:
a4:96:3d:51:79:94:f4:8d:09:1a:4e:2d:a5:67:08:
bc:3d:71:9f:3e:61:69:72:db:b4:17:86:07:14:ed:
11:40:c4:d3:25:13:aa:6a:1f:b2:af:5f:58:44:d7:
88:73:28:70:ca:d8:ba:88:f9:d1:0e:a0:fa:1d:b0:
0e:2a:fa:48:16:5a:e2:2a:7a:0b:37:b7:85:8a:c4:
30:2c:a7:00:37:a3:10:c9:1a:57:09:b0:56:61:2b:
3f:b5:a5:01:fb:89:74:58:9c:eb:6b:7f:fd:ac:6b:
8c:a2:58:34:41:d3:4d:6f:eb:e9:de:6f:9f:ed:3f:
ff:69:36:14:cd:0c:b1:87:d0:55:c4:e5:9e:c1:5f:
0b:8c:82:d0:4b:e1:aa:a8:7c:af:d6:ea:9b:98:f1:
47:7c:bd:e2:af:49:15:f0:a4:3d:b9:e7:dd:61:7d:
5d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B3:78:AA:70:F0:05:E5:3D:91:05:F7:FB:84:09:B3:5B:78:5F:70
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/brN4qnDwBeU9kQX3-4QJs1t4X3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.231.0/24
91.228.251.0/24
91.229.25.0/24
Signature Algorithm: sha256WithRSAEncryption
16:dd:04:7c:0f:a9:0d:98:94:0e:96:a9:48:78:48:0a:8e:82:
dc:8f:3b:99:2b:f5:df:30:a9:e9:79:7a:5a:68:99:98:6f:1a:
0d:31:11:f1:f6:7a:c6:59:d7:d2:ec:6c:03:de:3d:9a:86:7c:
71:de:7d:50:a6:a4:49:33:f4:28:96:e6:3d:07:de:57:25:2b:
82:a9:11:0d:e0:eb:3b:b2:dc:8b:bb:70:54:1f:d7:8d:e4:15:
23:1c:57:0e:9a:a3:a7:58:03:13:b6:83:39:6f:6f:9d:55:79:
49:f2:88:f5:7e:9e:94:14:eb:0d:a2:06:25:6a:0c:1c:76:6c:
87:5a:bc:a8:6e:7b:50:eb:0b:7e:6a:a0:71:58:45:94:3c:8a:
06:1d:d3:cd:1f:65:2d:42:40:10:37:92:9d:d1:7e:72:c0:a8:
39:bc:2d:e4:5f:89:86:5a:38:ca:a8:e9:01:9e:12:11:d8:66:
b2:03:e0:cf:40:61:74:90:37:de:f5:88:86:4e:41:85:44:6f:
a7:30:67:a3:57:a7:de:1f:30:e7:d8:05:2d:0f:51:9f:aa:a8:
c6:99:24:7c:90:d3:69:00:83:34:56:a8:c5:6e:c4:b4:31:77:
cc:b6:3d:56:c2:a6:19:3b:8d:b8:72:25:af:e2:30:d9:68:e8:
1d:f1:b7:75
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWzlgBLS8nCX05r3Ux/ZFYGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwMTE1MDQwMDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWIzNzhhYTcwZjAwNWU1M2Q5MTA1ZjdmYjg0MDliMzViNzg1ZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNuuxA8gcYlLTMAp1UYl7TSU/Mqf
phdWjgR+v4lnAMdp6dFQ/itg3XOMmzyE6Kd7y1xmxYEsQ/FRQa3+fFra38ZTnbk2
++WQjBENu3+7dFrY/Kcwl5pDSwKklj1ReZT0jQkaTi2lZwi8PXGfPmFpctu0F4YH
FO0RQMTTJROqah+yr19YRNeIcyhwyti6iPnRDqD6HbAOKvpIFlriKnoLN7eFisQw
LKcAN6MQyRpXCbBWYSs/taUB+4l0WJzra3/9rGuMolg0QdNNb+vp3m+f7T//aTYU
zQyxh9BVxOWewV8LjILQS+GqqHyv1uqbmPFHfL3ir0kV8KQ9uefdYX1d5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG6zeKpw8AXlPZEF9/uECbNbeF9wMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvYnJONHFuRHdCZVU5a1FYMy00UUpzMXQ0WDNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+TnAwQA
W+T7AwQAW+UZMA0GCSqGSIb3DQEBCwUAA4IBAQAW3QR8D6kNmJQOlqlIeEgKjoLc
jzuZK/XfMKnpeXpaaJmYbxoNMRHx9nrGWdfS7GwD3j2ahnxx3n1QpqRJM/QoluY9
B95XJSuCqREN4Os7styLu3BUH9eN5BUjHFcOmqOnWAMTtoM5b2+dVXlJ8oj1fp6U
FOsNogYlagwcdmyHWryobntQ6wt+aqBxWEWUPIoGHdPNH2UtQkAQN5Kd0X5ywKg5
vC3kX4mGWjjKqOkBnhIR2GayA+DPQGF0kDfe9YiGTkGFRG+nMGejV6feHzDn2AUt
D1GfqqjGmSR8kNNpAIM0VqjFbsS0MXfMtj1WwqYZO424ciWv4jDZaOgd8bd1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:24 2024 by rpki-client on console-ams.rpki-client.org