Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/40a9b5-e899-4a8a-ac4f-966fa96beff2/1/3UwUaP4fQhxhX8i3hb8NuqEoUqg.roa
File: 3UwUaP4fQhxhX8i3hb8NuqEoUqg.roa (raw, json)
Hash identifier: nGndTHQ+vIlP5I+hhqMPGpQHPdycgYEqM4JtI08obQ0=
Subject key identifier: DD:4C:14:68:FE:1F:42:1C:61:5F:C8:B7:85:BF:0D:BA:A1:28:52:A8
Certificate issuer: /CN=326f51ca23982103ffe34f9890d0b74e8fa781af
Certificate serial: 018BF621559591DE3F854F41DBEEA6C059C6
Authority key identifier: 32:6F:51:CA:23:98:21:03:FF:E3:4F:98:90:D0:B7:4E:8F:A7:81:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mm9RyiOYIQP_40-YkNC3To-nga8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/40a9b5-e899-4a8a-ac4f-966fa96beff2/1/3UwUaP4fQhxhX8i3hb8NuqEoUqg.roa
Signing time: Wed 22 Nov 2023 08:24:21 +0000
ROA not before: Wed 22 Nov 2023 08:24:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57689
IP address blocks: 91.213.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:21:55:95:91:de:3f:85:4f:41:db:ee:a6:c0:59:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=326f51ca23982103ffe34f9890d0b74e8fa781af
Validity
Not Before: Nov 22 08:24:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd4c1468fe1f421c615fc8b785bf0dbaa12852a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:11:0f:e5:63:43:4d:c1:b0:dd:31:3f:36:01:
78:57:08:54:f4:22:ac:00:3b:81:a0:1b:8b:33:6c:
d8:04:5f:ec:4c:ce:ed:2d:b9:e8:95:8d:08:6c:6e:
4c:69:b7:37:f1:62:64:bc:65:9a:1d:95:58:fa:ed:
f3:a2:06:70:e0:ed:2e:e3:7d:ab:f0:e7:7f:ba:3a:
6f:99:85:7e:1c:1d:ba:f4:44:6e:bf:8f:d3:c8:bc:
89:df:2e:e4:05:f3:9d:76:ac:58:35:0c:82:f1:6f:
f5:ed:bd:47:36:b5:99:16:e1:ae:6c:6d:4f:dd:cb:
91:b5:06:14:a5:e0:d9:fa:0e:93:c1:10:87:16:4c:
ea:e6:3c:48:65:fd:cc:19:37:b3:d4:f9:e4:01:6a:
cd:dc:ef:90:8c:72:ae:c7:7f:55:e9:f5:af:b8:2d:
7c:17:a8:d4:3e:8a:57:eb:6d:36:07:d1:96:22:d1:
74:1a:77:97:21:cf:df:a2:a0:22:77:11:77:07:88:
1e:98:c2:1d:58:79:a7:1c:a8:c1:92:21:0c:85:07:
81:47:3a:40:b0:c2:c3:4c:5d:fc:7c:0b:bc:7c:de:
2e:db:6c:39:b9:ab:02:96:5d:33:c3:e8:3b:bc:bf:
27:d3:5a:a4:51:ef:ea:3c:2c:a5:e5:e6:a0:79:00:
b6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4C:14:68:FE:1F:42:1C:61:5F:C8:B7:85:BF:0D:BA:A1:28:52:A8
X509v3 Authority Key Identifier:
keyid:32:6F:51:CA:23:98:21:03:FF:E3:4F:98:90:D0:B7:4E:8F:A7:81:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mm9RyiOYIQP_40-YkNC3To-nga8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/40a9b5-e899-4a8a-ac4f-966fa96beff2/1/3UwUaP4fQhxhX8i3hb8NuqEoUqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/40a9b5-e899-4a8a-ac4f-966fa96beff2/1/Mm9RyiOYIQP_40-YkNC3To-nga8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.18.0/24
Signature Algorithm: sha256WithRSAEncryption
91:f7:d2:1e:08:4c:00:6a:0f:8e:c9:7d:34:a7:89:02:29:5d:
8b:6e:92:1d:9b:44:c5:92:62:6a:72:01:94:8b:5e:1c:27:57:
4f:ff:23:76:45:a1:f5:7b:52:56:d8:44:65:74:af:af:e7:12:
c9:14:41:80:26:c4:9b:9c:0b:db:42:38:11:01:43:e0:7c:ab:
19:4b:7c:06:22:61:f4:0c:49:65:7c:de:e6:41:f8:75:2c:e3:
d3:8d:43:8f:cf:f6:bc:62:4a:5b:ea:37:14:7d:14:3b:f1:42:
e7:2b:a8:4a:07:9b:80:40:36:e0:2d:91:c9:b6:5e:8e:a1:32:
e3:80:4b:7a:c2:c1:b9:83:e3:03:81:9a:e1:97:a6:63:8c:c3:
b0:9b:f9:a1:75:5e:58:37:a9:a1:55:80:62:4f:ba:d8:89:4e:
63:b2:59:f5:9c:01:24:4f:5a:58:53:6f:77:ea:cd:19:20:b9:
57:0d:91:08:fa:b7:02:b5:3c:70:26:70:23:46:52:64:d5:ee:
b9:29:21:49:07:e3:7a:10:25:71:6f:a7:8c:42:51:e4:f6:c9:
3b:b4:29:f6:34:36:3d:f3:34:f2:a5:8b:d0:60:5a:b8:76:28:
db:19:e4:8a:2a:74:bd:9e:38:f7:01:8d:2e:97:fe:ea:93:df:
fd:a7:2c:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv2IVWVkd4/hU9B2+6mwFnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNmY1MWNhMjM5ODIxMDNmZmUzNGY5ODkwZDBiNzRlOGZh
NzgxYWYwHhcNMjMxMTIyMDgyNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDRjMTQ2OGZlMWY0MjFjNjE1ZmM4Yjc4NWJmMGRiYWExMjg1MmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvREP5WNDTcGw3TE/NgF4VwhU9CKs
ADuBoBuLM2zYBF/sTM7tLbnolY0IbG5Mabc38WJkvGWaHZVY+u3zogZw4O0u432r
8Od/ujpvmYV+HB269ERuv4/TyLyJ3y7kBfOddqxYNQyC8W/17b1HNrWZFuGubG1P
3cuRtQYUpeDZ+g6TwRCHFkzq5jxIZf3MGTez1PnkAWrN3O+QjHKux39V6fWvuC18
F6jUPopX6202B9GWItF0GneXIc/foqAidxF3B4gemMIdWHmnHKjBkiEMhQeBRzpA
sMLDTF38fAu8fN4u22w5uasCll0zw+g7vL8n01qkUe/qPCyl5eageQC2uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1MFGj+H0IcYV/It4W/DbqhKFKoMB8GA1UdIwQY
MBaAFDJvUcojmCED/+NPmJDQt06Pp4GvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW05UnlpT1lJUVBfNDAtWWtOQzNUby1uZ2E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS80MGE5YjUtZTg5OS00YThhLWFjNGYt
OTY2ZmE5NmJlZmYyLzEvM1V3VWFQNGZRaHhoWDhpM2hiOE51cUVvVXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS80MGE5YjUtZTg5OS00YThhLWFjNGYtOTY2ZmE5NmJlZmYy
LzEvTW05UnlpT1lJUVBfNDAtWWtOQzNUby1uZ2E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9USMA0G
CSqGSIb3DQEBCwUAA4IBAQCR99IeCEwAag+OyX00p4kCKV2LbpIdm0TFkmJqcgGU
i14cJ1dP/yN2RaH1e1JW2ERldK+v5xLJFEGAJsSbnAvbQjgRAUPgfKsZS3wGImH0
DEllfN7mQfh1LOPTjUOPz/a8Ykpb6jcUfRQ78ULnK6hKB5uAQDbgLZHJtl6OoTLj
gEt6wsG5g+MDgZrhl6ZjjMOwm/mhdV5YN6mhVYBiT7rYiU5jsln1nAEkT1pYU293
6s0ZILlXDZEI+rcCtTxwJnAjRlJk1e65KSFJB+N6ECVxb6eMQlHk9sk7tCn2NDY9
8zTypYvQYFq4dijbGeSKKnS9njj3AY0ul/7qk9/9pywT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:44 2024 by rpki-client on console-ams.rpki-client.org