Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/i39urkRC-HZvSaEEumlNXeY1Xuo.roa
File: i39urkRC-HZvSaEEumlNXeY1Xuo.roa (raw, json)
Hash identifier: FSZ0RlZmMjROFJDGkXrNsHlPOmJzASEura9KjVh4n4o=
Subject key identifier: 8B:7F:6E:AE:44:42:F8:76:6F:49:A1:04:BA:69:4D:5D:E6:35:5E:EA
Certificate issuer: /CN=1008ba5429a709bc58ecdbae3f17e1bc9d3a4d5c
Certificate serial: 018CC42540EE547EDA6DD6623F0A732F2CD3
Authority key identifier: 10:08:BA:54:29:A7:09:BC:58:EC:DB:AE:3F:17:E1:BC:9D:3A:4D:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EAi6VCmnCbxY7NuuPxfhvJ06TVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/i39urkRC-HZvSaEEumlNXeY1Xuo.roa
Signing time: Mon 01 Jan 2024 08:30:24 +0000
ROA not before: Mon 01 Jan 2024 08:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48408
IP address blocks: 91.209.133.0/24 maxlen: 24
185.142.224.0/22 maxlen: 24
109.233.104.0/22 maxlen: 22
2a07:3140::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 18 Jul 2024 20:58:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:40:ee:54:7e:da:6d:d6:62:3f:0a:73:2f:2c:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1008ba5429a709bc58ecdbae3f17e1bc9d3a4d5c
Validity
Not Before: Jan 1 08:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b7f6eae4442f8766f49a104ba694d5de6355eea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9d:0b:04:ac:87:a6:8f:0d:af:86:f1:60:68:
29:21:9f:f2:35:7f:9e:c2:92:ff:0f:d7:28:8c:d7:
46:f0:0e:f9:75:d4:9d:45:28:ce:90:67:18:4f:5e:
73:df:1b:23:ee:05:90:08:a6:85:23:4d:f7:31:29:
db:d3:8f:9e:ab:20:ba:02:40:68:d9:b5:29:c4:51:
40:95:9e:03:2d:57:7e:bd:42:ba:8b:bb:ef:23:c6:
45:76:28:bd:81:1a:05:e3:82:4b:a3:32:d7:39:83:
61:3a:6a:f0:3d:f0:39:9d:a7:93:f3:2c:23:52:3d:
cc:69:23:64:b7:4e:64:e4:47:7a:11:6a:b2:8b:af:
9d:26:5e:d5:b2:6d:25:a5:74:82:7a:84:8a:2c:df:
4b:b5:85:f1:38:56:e1:de:e5:4f:16:d4:a9:c1:86:
b4:68:8c:d0:d5:0b:64:00:1d:cb:b2:54:1a:87:9a:
2e:9f:62:c3:eb:ea:51:f5:a4:14:dd:d6:84:f7:4c:
1d:43:e3:dd:91:06:65:50:bd:1f:21:70:20:a7:77:
2d:cb:59:14:00:13:02:75:c0:6d:56:86:35:25:8f:
06:f0:21:58:df:32:c4:bc:76:2a:73:31:5c:b3:63:
d1:a5:af:e1:bb:04:f3:e0:30:07:3e:89:da:92:ed:
ae:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:7F:6E:AE:44:42:F8:76:6F:49:A1:04:BA:69:4D:5D:E6:35:5E:EA
X509v3 Authority Key Identifier:
keyid:10:08:BA:54:29:A7:09:BC:58:EC:DB:AE:3F:17:E1:BC:9D:3A:4D:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EAi6VCmnCbxY7NuuPxfhvJ06TVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/i39urkRC-HZvSaEEumlNXeY1Xuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/EAi6VCmnCbxY7NuuPxfhvJ06TVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.133.0/24
109.233.104.0/22
185.142.224.0/22
IPv6:
2a07:3140::/29
Signature Algorithm: sha256WithRSAEncryption
b4:f9:fc:82:09:d8:16:23:3a:78:cc:db:a7:89:ed:93:c2:77:
e3:2c:a7:49:b8:40:15:49:7a:18:24:7b:79:fe:88:9e:72:41:
20:82:5c:dd:b3:80:fe:4e:6f:85:04:7c:30:ff:41:da:9a:0a:
f3:f8:36:de:f1:ab:15:6d:16:fd:71:f9:2d:db:89:04:81:5e:
1a:83:b3:9b:2e:51:0f:4f:39:bc:17:6a:72:15:81:13:1f:28:
af:34:f3:2c:ae:05:c3:9c:9d:9c:a1:29:95:55:79:bc:33:61:
1d:10:39:12:e3:aa:4a:d9:34:ed:a3:4e:2a:c4:ec:57:ad:3b:
67:23:5f:18:99:7f:3d:0e:45:5f:4e:9f:51:76:bd:bb:f9:c9:
ab:2d:40:03:f3:2c:6a:eb:37:46:d8:16:e0:1d:1e:e5:78:3b:
c2:c4:ce:e7:1e:84:4e:92:66:21:d0:5a:2b:ed:77:9f:78:6c:
67:e8:25:3a:98:49:91:53:e1:05:36:51:4c:e8:28:e0:b7:ab:
6a:ec:1a:13:83:b9:39:f2:69:e2:00:28:a6:2b:c6:29:73:41:
e0:12:88:ed:14:5e:fa:86:16:29:91:2b:0e:34:88:ae:89:54:
30:9d:16:58:4e:2a:05:43:c0:12:bb:e9:77:72:a0:20:64:95:
59:63:04:1b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEJUDuVH7abdZiPwpzLyzTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMDhiYTU0MjlhNzA5YmM1OGVjZGJhZTNmMTdlMWJjOWQz
YTRkNWMwHhcNMjQwMTAxMDgzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjdmNmVhZTQ0NDJmODc2NmY0OWExMDRiYTY5NGQ1ZGU2MzU1ZWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJ0LBKyHpo8Nr4bxYGgpIZ/yNX+e
wpL/D9cojNdG8A75ddSdRSjOkGcYT15z3xsj7gWQCKaFI033MSnb04+eqyC6AkBo
2bUpxFFAlZ4DLVd+vUK6i7vvI8ZFdii9gRoF44JLozLXOYNhOmrwPfA5naeT8ywj
Uj3MaSNkt05k5Ed6EWqyi6+dJl7Vsm0lpXSCeoSKLN9LtYXxOFbh3uVPFtSpwYa0
aIzQ1QtkAB3LslQah5oun2LD6+pR9aQU3daE90wdQ+PdkQZlUL0fIXAgp3cty1kU
ABMCdcBtVoY1JY8G8CFY3zLEvHYqczFcs2PRpa/huwTz4DAHPonaku2uGQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIt/bq5EQvh2b0mhBLppTV3mNV7qMB8GA1UdIwQY
MBaAFBAIulQppwm8WOzbrj8X4bydOk1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUFpNlZDbW5DYnhZN051dVB4Zmh2SjA2VFZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82MTIzYzQtMmJjNS00ZGY5LWFkMTMt
ZTFkOTliODcwNmU0LzEvaTM5dXJrUkMtSFp2U2FFRXVtbE5YZVkxWHVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82MTIzYzQtMmJjNS00ZGY5LWFkMTMtZTFkOTliODcwNmU0
LzEvRUFpNlZDbW5DYnhZN051dVB4Zmh2SjA2VFZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9GFAwQC
beloAwQCuY7gMA0EAgACMAcDBQMqBzFAMA0GCSqGSIb3DQEBCwUAA4IBAQC0+fyC
CdgWIzp4zNunie2TwnfjLKdJuEAVSXoYJHt5/oieckEgglzds4D+Tm+FBHww/0Ha
mgrz+Dbe8asVbRb9cfkt24kEgV4ag7ObLlEPTzm8F2pyFYETHyivNPMsrgXDnJ2c
oSmVVXm8M2EdEDkS46pK2TTto04qxOxXrTtnI18YmX89DkVfTp9Rdr27+cmrLUAD
8yxq6zdG2BbgHR7leDvCxM7nHoROkmYh0For7XefeGxn6CU6mEmRU+EFNlFM6Cjg
t6tq7BoTg7k58mniACimK8Ypc0HgEojtFF76hhYpkSsONIiuiVQwnRZYTioFQ8AS
u+l3cqAgZJVZYwQb
-----END CERTIFICATE-----
Generated at Thu Jul 18 22:48:44 2024 by rpki-client on console-fra.rpki-client.org