Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/01eafc-d65a-4a77-ba73-f2c48faf7f3d/1/10nI0-_uz7s_g0K8TmTrkG69PA0.roa
File: 10nI0-_uz7s_g0K8TmTrkG69PA0.roa (raw, json)
Hash identifier: VzOLyNak572ZmzRzcRzB6hwYtTLHPZcvDogpNU1a4w0=
Subject key identifier: D7:49:C8:D3:EF:EE:CF:BB:3F:83:42:BC:4E:64:EB:90:6E:BD:3C:0D
Certificate issuer: /CN=39429eb0bd8703be2e5f0accc281bf221604b0ce
Certificate serial: 018A92AE97485CD1E51FBAF67DAD19223F9D
Authority key identifier: 39:42:9E:B0:BD:87:03:BE:2E:5F:0A:CC:C2:81:BF:22:16:04:B0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OUKesL2HA74uXwrMwoG_IhYEsM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/01eafc-d65a-4a77-ba73-f2c48faf7f3d/1/10nI0-_uz7s_g0K8TmTrkG69PA0.roa
Signing time: Thu 14 Sep 2023 07:53:50 +0000
ROA not before: Thu 14 Sep 2023 07:53:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39232
IP address blocks: 91.242.0.0/19 maxlen: 19
91.242.0.0/20 maxlen: 20
91.242.16.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:92:ae:97:48:5c:d1:e5:1f:ba:f6:7d:ad:19:22:3f:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39429eb0bd8703be2e5f0accc281bf221604b0ce
Validity
Not Before: Sep 14 07:53:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d749c8d3efeecfbb3f8342bc4e64eb906ebd3c0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e1:87:c3:39:75:9a:58:4e:97:b9:03:b2:21:
7e:47:13:ed:98:c5:e5:10:20:a8:9a:af:fa:84:c9:
46:a9:3a:06:95:a9:93:ab:18:f9:fb:a6:df:68:b4:
34:20:f0:1f:db:48:57:d1:d2:5c:ec:f2:c3:0a:77:
5e:18:8c:d5:d2:83:6b:9e:72:26:08:67:d1:6f:5d:
41:0f:6f:5b:60:a8:b7:e2:ad:d1:01:54:6f:a8:a1:
e5:d9:0e:2f:5f:97:08:d2:d7:bb:95:ba:ea:63:de:
9f:e2:76:2a:08:de:9d:25:39:71:f3:0b:33:be:38:
c5:c7:73:f6:6f:00:bd:50:5b:71:a1:eb:3f:c7:c6:
d4:10:d3:14:ab:5e:4e:c0:7f:6e:8a:03:e8:c1:de:
be:9d:f0:11:1e:a9:6d:4f:4f:23:c9:98:1e:b1:8c:
78:d2:b0:4d:94:d3:d2:2d:c9:57:72:1e:46:58:af:
29:d3:4f:62:ab:da:61:97:c4:37:7d:ad:9d:ed:93:
10:69:dc:d6:94:5b:1e:a9:13:ee:78:5d:62:29:f4:
35:4c:39:ee:8c:a1:ee:bf:43:f0:0e:73:76:25:7a:
84:3d:ca:a1:27:57:af:53:cb:6a:29:a8:39:b2:0e:
ea:fb:86:62:67:5f:ec:c7:3d:33:f2:d2:d9:e1:36:
98:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:49:C8:D3:EF:EE:CF:BB:3F:83:42:BC:4E:64:EB:90:6E:BD:3C:0D
X509v3 Authority Key Identifier:
keyid:39:42:9E:B0:BD:87:03:BE:2E:5F:0A:CC:C2:81:BF:22:16:04:B0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUKesL2HA74uXwrMwoG_IhYEsM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/01eafc-d65a-4a77-ba73-f2c48faf7f3d/1/10nI0-_uz7s_g0K8TmTrkG69PA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/01eafc-d65a-4a77-ba73-f2c48faf7f3d/1/OUKesL2HA74uXwrMwoG_IhYEsM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.0.0/19
Signature Algorithm: sha256WithRSAEncryption
01:2b:d1:98:da:a3:5b:57:e3:23:d4:e8:de:ab:a0:e1:db:e4:
4e:a6:a2:f5:d0:9a:2d:2d:4b:23:f0:31:f4:64:b0:41:40:27:
1c:8f:ea:9a:84:20:1c:df:9b:0e:4a:05:98:eb:75:49:93:06:
38:92:8a:b7:34:16:e4:01:06:8c:21:7c:f8:24:0a:75:a4:ce:
cc:cb:a1:bc:1d:51:d9:53:84:df:f4:4b:66:c1:21:93:95:31:
38:52:21:d0:13:bf:9c:34:83:de:41:8a:67:01:dd:a2:37:f7:
ec:de:1d:22:1f:b8:83:78:ef:21:fd:d6:31:f9:95:e9:0a:a3:
81:94:5a:ea:a0:5a:d2:d3:a7:cb:d4:73:50:05:33:95:32:7a:
73:b0:3e:cf:7e:67:d4:d7:5e:9c:50:59:91:12:58:71:17:de:
98:68:0a:8d:5b:c7:09:78:07:e1:2e:d9:7c:b7:b7:fe:eb:24:
d1:45:26:91:38:00:0b:9e:8b:b8:d0:1b:3f:02:71:93:22:36:
d4:9c:4e:0d:11:0f:51:ab:42:ee:52:88:c7:08:43:74:b1:71:
03:56:7c:c7:5d:65:6c:95:43:6e:49:19:08:b4:22:15:6a:c5:
26:c0:8b:02:ad:03:8b:f5:15:dc:28:c6:c9:c1:0c:be:cc:95:
bf:64:13:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqSrpdIXNHlH7r2fa0ZIj+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NDI5ZWIwYmQ4NzAzYmUyZTVmMGFjY2MyODFiZjIyMTYw
NGIwY2UwHhcNMjMwOTE0MDc1MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzQ5YzhkM2VmZWVjZmJiM2Y4MzQyYmM0ZTY0ZWI5MDZlYmQzYzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuGHwzl1mlhOl7kDsiF+RxPtmMXl
ECComq/6hMlGqToGlamTqxj5+6bfaLQ0IPAf20hX0dJc7PLDCndeGIzV0oNrnnIm
CGfRb11BD29bYKi34q3RAVRvqKHl2Q4vX5cI0te7lbrqY96f4nYqCN6dJTlx8wsz
vjjFx3P2bwC9UFtxoes/x8bUENMUq15OwH9uigPowd6+nfARHqltT08jyZgesYx4
0rBNlNPSLclXch5GWK8p009iq9phl8Q3fa2d7ZMQadzWlFseqRPueF1iKfQ1TDnu
jKHuv0PwDnN2JXqEPcqhJ1evU8tqKag5sg7q+4ZiZ1/sxz0z8tLZ4TaYWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNdJyNPv7s+7P4NCvE5k65BuvTwNMB8GA1UdIwQY
MBaAFDlCnrC9hwO+Ll8KzMKBvyIWBLDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1VLZXNMMkhBNzR1WHdyTXdvR19JaFlFc000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wMWVhZmMtZDY1YS00YTc3LWJhNzMt
ZjJjNDhmYWY3ZjNkLzEvMTBuSTAtX3V6N3NfZzBLOFRtVHJrRzY5UEEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wMWVhZmMtZDY1YS00YTc3LWJhNzMtZjJjNDhmYWY3ZjNk
LzEvT1VLZXNMMkhBNzR1WHdyTXdvR19JaFlFc000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFW/IAMA0G
CSqGSIb3DQEBCwUAA4IBAQABK9GY2qNbV+Mj1Ojeq6Dh2+ROpqL10JotLUsj8DH0
ZLBBQCccj+qahCAc35sOSgWY63VJkwY4koq3NBbkAQaMIXz4JAp1pM7My6G8HVHZ
U4Tf9EtmwSGTlTE4UiHQE7+cNIPeQYpnAd2iN/fs3h0iH7iDeO8h/dYx+ZXpCqOB
lFrqoFrS06fL1HNQBTOVMnpzsD7PfmfU116cUFmRElhxF96YaAqNW8cJeAfhLtl8
t7f+6yTRRSaROAALnou40Bs/AnGTIjbUnE4NEQ9Rq0LuUojHCEN0sXEDVnzHXWVs
lUNuSRkItCIVasUmwIsCrQOL9RXcKMbJwQy+zJW/ZBO3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:02 2024 by rpki-client on console-ams.rpki-client.org