Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/7Uw69YKfTHnLl-lk9hldQvqigvE.roa
File: 7Uw69YKfTHnLl-lk9hldQvqigvE.roa (raw, json)
Hash identifier: oYINn8/Twc/IKF7RPj0kHMWBHq4laMHKc7o2aliu9xo=
Subject key identifier: ED:4C:3A:F5:82:9F:4C:79:CB:97:E9:64:F6:19:5D:42:FA:A2:82:F1
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018CCAEADC4C62B9E07627996844424A6EA4
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/7Uw69YKfTHnLl-lk9hldQvqigvE.roa
Signing time: Tue 02 Jan 2024 16:03:58 +0000
ROA not before: Tue 02 Jan 2024 16:03:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 91.243.176.0/24 maxlen: 24
185.81.181.0/24 maxlen: 24
89.46.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 22:11:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:ea:dc:4c:62:b9:e0:76:27:99:68:44:42:4a:6e:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Jan 2 16:03:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed4c3af5829f4c79cb97e964f6195d42faa282f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b4:1d:f0:f7:81:d9:d7:ce:34:8e:d4:9f:f1:
3b:3c:e4:9a:6d:97:b4:b2:f3:45:06:37:90:03:ac:
ad:52:82:c5:e4:83:e3:52:1f:01:b4:59:22:a4:6a:
8b:2b:a0:7c:9a:d0:7f:6e:7a:bc:7c:bc:56:b5:4b:
9f:7d:43:2b:75:74:eb:70:4d:09:65:29:21:0c:b3:
a7:8c:79:fa:b1:74:01:df:37:9c:f3:d5:3e:f1:44:
6d:69:fc:a8:51:d8:77:ea:b2:05:07:4b:95:9f:d2:
16:b0:f1:1e:82:3e:15:04:80:0f:17:33:1b:af:3e:
a2:03:fd:27:33:9f:ce:90:23:3d:dd:87:41:4c:8f:
9b:d1:72:67:14:a1:44:3f:5d:57:26:a6:7c:9d:45:
d2:e0:67:38:ab:43:2d:49:78:73:7a:d5:31:1a:50:
d5:bb:ca:f1:2a:05:27:be:75:67:5c:b1:b7:8b:86:
6c:a3:4f:97:89:6a:e8:98:f9:05:f0:66:f5:65:7a:
30:00:e8:8e:dc:ec:c2:06:be:16:a1:a3:f0:38:b9:
92:fb:3e:12:dc:2e:97:66:2c:8e:45:2c:8e:79:71:
a7:c6:d9:0f:ba:02:ea:8d:12:8f:05:29:34:1a:90:
26:59:76:b7:06:2d:d6:c9:f8:a0:14:35:51:bd:e1:
eb:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:4C:3A:F5:82:9F:4C:79:CB:97:E9:64:F6:19:5D:42:FA:A2:82:F1
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/7Uw69YKfTHnLl-lk9hldQvqigvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.8.0/24
91.243.176.0/24
185.81.181.0/24
Signature Algorithm: sha256WithRSAEncryption
76:d0:d8:5e:1c:b4:a1:5a:63:07:55:7f:96:07:04:c3:04:18:
a6:49:84:3c:a3:db:0f:92:1d:0f:84:a5:05:3a:4f:30:28:29:
74:58:e3:b3:7d:95:f7:1f:db:ae:ce:f4:b0:81:75:1f:17:ac:
65:08:bc:10:d1:86:5a:52:a1:ed:72:79:8c:1a:b6:16:10:72:
9e:67:e5:7f:fa:85:fb:99:e5:6a:c8:7a:09:9d:d8:54:e2:0d:
c7:3d:9f:e4:fa:4b:fc:74:ee:76:64:82:bf:a7:12:96:88:04:
4b:8f:5c:97:de:3b:96:35:32:2f:31:27:75:a5:cf:be:41:3a:
9e:21:18:39:fc:18:b8:f5:e8:e7:07:49:86:5c:f9:d9:07:6a:
06:81:e8:52:2d:b6:5c:a6:53:32:b3:dd:40:60:87:cf:c5:ce:
7b:ce:e8:5b:31:d1:3e:18:65:bc:79:1f:f3:85:c3:65:e3:77:
84:4e:e3:4c:b3:62:f4:fa:ac:35:c1:ad:9c:90:72:37:64:d7:
e7:2d:77:29:97:04:2f:58:f9:9f:40:a8:1e:4a:20:55:11:06:
2c:d1:8b:39:ce:4c:33:4f:b2:5b:e7:93:24:7c:7a:74:97:a8:
ef:99:f5:d2:f8:b7:dd:58:31:ed:7b:29:4f:09:f6:1f:37:fc:
b0:4b:a5:58
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzK6txMYrngdieZaERCSm6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjQwMTAyMTYwMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDRjM2FmNTgyOWY0Yzc5Y2I5N2U5NjRmNjE5NWQ0MmZhYTI4MmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLQd8PeB2dfONI7Un/E7POSabZe0
svNFBjeQA6ytUoLF5IPjUh8BtFkipGqLK6B8mtB/bnq8fLxWtUuffUMrdXTrcE0J
ZSkhDLOnjHn6sXQB3zec89U+8URtafyoUdh36rIFB0uVn9IWsPEegj4VBIAPFzMb
rz6iA/0nM5/OkCM93YdBTI+b0XJnFKFEP11XJqZ8nUXS4Gc4q0MtSXhzetUxGlDV
u8rxKgUnvnVnXLG3i4Zso0+XiWromPkF8Gb1ZXowAOiO3OzCBr4WoaPwOLmS+z4S
3C6XZiyORSyOeXGnxtkPugLqjRKPBSk0GpAmWXa3Bi3WyfigFDVRveHrBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO1MOvWCn0x5y5fpZPYZXUL6ooLxMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvN1V3NjlZS2ZUSG5MbC1sazlobGRRdnFpZ3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWS4IAwQA
W/OwAwQAuVG1MA0GCSqGSIb3DQEBCwUAA4IBAQB20NheHLShWmMHVX+WBwTDBBim
SYQ8o9sPkh0PhKUFOk8wKCl0WOOzfZX3H9uuzvSwgXUfF6xlCLwQ0YZaUqHtcnmM
GrYWEHKeZ+V/+oX7meVqyHoJndhU4g3HPZ/k+kv8dO52ZIK/pxKWiARLj1yX3juW
NTIvMSd1pc++QTqeIRg5/Bi49ejnB0mGXPnZB2oGgehSLbZcplMys91AYIfPxc57
zuhbMdE+GGW8eR/zhcNl43eETuNMs2L0+qw1wa2ckHI3ZNfnLXcplwQvWPmfQKge
SiBVEQYs0Ys5zkwzT7Jb55MkfHp0l6jvmfXS+LfdWDHteylPCfYfN/ywS6VY
-----END CERTIFICATE-----
Generated at Thu Mar 14 01:05:23 2024 by rpki-client on console-ams.rpki-client.org