Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/iWbwLHgIsZ9LopwNPIlBZgLHL_g.roa
File: iWbwLHgIsZ9LopwNPIlBZgLHL_g.roa (raw, json)
Hash identifier: 7KN76YyLpPSfB6KsTgPXIG6Zhm2eNaq9hU3C87t3J3c=
Subject key identifier: 89:66:F0:2C:78:08:B1:9F:4B:A2:9C:0D:3C:89:41:66:02:C7:2F:F8
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DC280430983F40362CB62F5A8EB41F22B
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/iWbwLHgIsZ9LopwNPIlBZgLHL_g.roa
Signing time: Mon 19 Feb 2024 17:53:22 +0000
ROA not before: Mon 19 Feb 2024 17:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 91.247.166.0/24 maxlen: 24
91.247.173.0/24 maxlen: 24
194.105.60.0/24 maxlen: 24
194.107.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 16:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c2:80:43:09:83:f4:03:62:cb:62:f5:a8:eb:41:f2:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 19 17:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8966f02c7808b19f4ba29c0d3c89416602c72ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:14:0b:0b:d4:5a:23:8d:85:10:7e:77:ee:b8:
24:d9:53:c6:0a:bd:f9:a3:47:62:ab:f4:22:a7:29:
73:b0:62:bb:61:3f:44:c8:8a:aa:5b:f1:d0:22:32:
3f:32:57:d0:c4:92:09:87:97:a1:4f:24:fb:b0:38:
5c:0c:41:38:9b:b8:0f:24:ca:28:31:10:2f:f9:65:
bd:22:68:c5:af:61:b0:92:a8:60:bc:6a:03:ac:a7:
76:2d:e6:57:af:0d:13:d5:98:56:15:3b:5d:cc:91:
ae:d1:d7:a5:a0:66:33:47:6c:5e:3c:5c:f5:74:1b:
c3:9d:8c:a3:0a:99:ad:a5:dc:0d:d7:cc:0c:01:4b:
e9:82:bf:6e:e6:45:56:93:22:78:af:a9:fe:63:e0:
9d:88:dd:b1:29:de:ba:8c:6f:e0:9a:f0:49:d9:b0:
a7:b5:ef:12:05:5e:9e:b3:3a:a1:ec:8e:8d:d9:cc:
3b:25:5f:11:d1:5f:c5:6c:39:a0:40:b0:c8:26:6a:
80:29:fe:33:72:74:04:e7:9f:cf:6f:ac:ea:2c:4f:
48:b8:40:a4:1b:d5:67:4c:3f:9f:e9:4c:5e:e8:24:
ed:67:23:af:68:90:e7:e7:8c:1e:65:50:0f:74:30:
5d:a4:36:91:0d:66:fd:a3:a1:bf:45:1d:9d:de:4c:
dd:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:66:F0:2C:78:08:B1:9F:4B:A2:9C:0D:3C:89:41:66:02:C7:2F:F8
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/iWbwLHgIsZ9LopwNPIlBZgLHL_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.166.0/24
91.247.173.0/24
194.105.60.0/24
194.107.92.0/24
Signature Algorithm: sha256WithRSAEncryption
47:a5:cf:de:1d:f8:a5:6b:5d:15:4d:8e:9a:0b:34:a9:bd:f6:
8c:59:1b:46:7a:76:b3:b5:ae:20:8c:a7:49:9f:22:50:59:ca:
47:b1:2b:f0:e5:dc:e5:2b:bc:5f:30:e3:d4:d6:5c:cd:b4:25:
6e:4f:55:aa:d3:cc:15:af:b7:b8:17:4f:01:c9:ae:59:fd:ed:
9c:e0:0e:8a:e3:fd:d6:64:66:18:63:f8:f2:2c:13:3b:61:d0:
f0:98:60:0f:73:d4:69:60:b6:97:3f:c5:70:fa:61:55:7e:5e:
d1:eb:95:cc:62:4d:1e:e7:1b:c1:06:c8:52:a2:d4:af:4d:e1:
1a:38:46:ae:57:82:48:fe:6d:6b:73:c9:20:29:f3:b0:c6:53:
69:2f:6a:47:14:49:68:c9:a6:bb:98:5b:89:12:bd:6d:f4:e3:
ef:e7:ba:6f:af:4d:ee:50:f1:df:57:09:06:f3:c8:c3:a1:f1:
94:93:4c:02:1b:f4:d8:15:09:a6:32:79:20:a9:d6:1b:0a:a1:
87:a9:76:58:af:99:d3:0c:c6:fa:bf:03:2a:fe:bd:58:8e:54:
33:89:c7:3b:2b:ff:8f:9b:0d:04:33:b2:dd:4a:4a:1c:4d:a2:
c3:69:20:3a:b3:6c:03:9d:a4:5d:c2:74:de:85:a8:7c:0f:ff:
18:3c:46:78
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY3CgEMJg/QDYsti9ajrQfIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjE5MTc1MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTY2ZjAyYzc4MDhiMTlmNGJhMjljMGQzYzg5NDE2NjAyYzcyZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihQLC9RaI42FEH537rgk2VPGCr35
o0diq/QipylzsGK7YT9EyIqqW/HQIjI/MlfQxJIJh5ehTyT7sDhcDEE4m7gPJMoo
MRAv+WW9ImjFr2GwkqhgvGoDrKd2LeZXrw0T1ZhWFTtdzJGu0deloGYzR2xePFz1
dBvDnYyjCpmtpdwN18wMAUvpgr9u5kVWkyJ4r6n+Y+CdiN2xKd66jG/gmvBJ2bCn
te8SBV6eszqh7I6N2cw7JV8R0V/FbDmgQLDIJmqAKf4zcnQE55/Pb6zqLE9IuECk
G9VnTD+f6Uxe6CTtZyOvaJDn54weZVAPdDBdpDaRDWb9o6G/RR2d3kzdhQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIlm8Cx4CLGfS6KcDTyJQWYCxy/4MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvaVdid0xIZ0lzWjlMb3B3TlBJbEJaZ0xITF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW/emAwQA
W/etAwQAwmk8AwQAwmtcMA0GCSqGSIb3DQEBCwUAA4IBAQBHpc/eHfila10VTY6a
CzSpvfaMWRtGenazta4gjKdJnyJQWcpHsSvw5dzlK7xfMOPU1lzNtCVuT1Wq08wV
r7e4F08Bya5Z/e2c4A6K4/3WZGYYY/jyLBM7YdDwmGAPc9RpYLaXP8Vw+mFVfl7R
65XMYk0e5xvBBshSotSvTeEaOEauV4JI/m1rc8kgKfOwxlNpL2pHFEloyaa7mFuJ
Er1t9OPv57pvr03uUPHfVwkG88jDofGUk0wCG/TYFQmmMnkgqdYbCqGHqXZYr5nT
DMb6vwMq/r1YjlQzicc7K/+Pmw0EM7LdSkocTaLDaSA6s2wDnaRdwnTehah8D/8Y
PEZ4
-----END CERTIFICATE-----
Generated at Tue Feb 20 20:55:24 2024 by rpki-client on console-ams.rpki-client.org