Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/R_60jTH1MRcEoHzOeSFTcs1b8v0.roa
File: R_60jTH1MRcEoHzOeSFTcs1b8v0.roa (raw, json)
Hash identifier: 1Xc8KARAFDKrySaofIKM7Eu6JM9fQx2IvS0lBjYGkZU=
Subject key identifier: 47:FE:B4:8D:31:F5:31:17:04:A0:7C:CE:79:21:53:72:CD:5B:F2:FD
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 018CC8DF948AF1AB4044C430464F9CE94F58
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/R_60jTH1MRcEoHzOeSFTcs1b8v0.roa
Signing time: Tue 02 Jan 2024 06:32:24 +0000
ROA not before: Tue 02 Jan 2024 06:32:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42708
IP address blocks: 194.76.224.0/24 maxlen: 24
91.242.219.0/24 maxlen: 24
109.230.199.0/24 maxlen: 24
2a0b:7140:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Apr 2024 08:27:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:94:8a:f1:ab:40:44:c4:30:46:4f:9c:e9:4f:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 2 06:32:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47feb48d31f5311704a07cce79215372cd5bf2fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:96:20:2f:98:1c:37:b0:86:e9:eb:bd:ab:d4:
09:0e:31:e9:fa:8d:11:69:b1:d7:ee:5e:c7:ac:2e:
91:d0:42:a2:2b:69:34:74:e5:ee:4c:c6:54:65:b4:
83:ea:28:f7:2d:46:9f:21:28:45:bc:5f:dd:5a:7e:
70:a3:b4:f0:f4:f8:93:3e:5a:68:61:36:7c:9c:99:
8c:a8:86:25:25:25:b0:d7:ec:e3:55:50:29:c3:e5:
9e:b8:23:7d:71:e4:a0:9b:11:9c:1a:b6:20:9c:1d:
9e:65:02:67:d9:18:d7:8b:86:98:0c:9b:5a:05:88:
ef:d5:ac:ea:65:be:ee:fe:b9:76:17:34:2d:7b:3d:
c1:02:65:b3:5f:d5:80:0c:f1:ea:33:bd:61:99:54:
85:b3:d6:b2:c5:a6:ed:57:35:b9:5f:ef:e9:e2:85:
6d:6c:4a:b3:3c:ee:71:84:65:65:c5:28:61:e1:d2:
9e:c0:d4:22:7f:05:ec:05:43:41:11:81:a6:9e:36:
28:d1:b8:d3:69:15:62:00:2b:20:b1:22:54:39:30:
26:ab:f4:ce:70:c2:1d:34:c9:b3:a9:e6:26:f6:cb:
ee:5d:d7:0c:fb:02:71:3b:5e:74:c3:a0:36:03:0c:
dc:19:2a:41:64:80:41:9d:de:5c:a3:35:ac:97:fc:
b0:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:FE:B4:8D:31:F5:31:17:04:A0:7C:CE:79:21:53:72:CD:5B:F2:FD
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/R_60jTH1MRcEoHzOeSFTcs1b8v0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.219.0/24
109.230.199.0/24
194.76.224.0/24
IPv6:
2a0b:7140:3::/48
Signature Algorithm: sha256WithRSAEncryption
13:e1:2e:c5:81:f5:59:8c:93:2e:64:7c:ca:bd:ea:9a:fb:d7:
d1:e4:2c:18:90:c6:fc:74:43:bc:79:58:44:e1:e5:57:ff:75:
f4:df:c8:4b:5d:86:22:8e:75:47:f3:0d:30:8d:c5:29:6d:be:
70:81:fd:3d:88:6b:3d:e1:25:be:77:a3:aa:6f:5f:af:80:c5:
f6:8e:e0:1f:9f:77:cc:cf:9c:53:60:fb:ed:ef:6d:5a:2f:88:
30:d4:d9:49:0b:3c:2d:b9:82:e1:79:c1:d0:c8:ec:c6:f2:d9:
43:e0:1e:88:3d:0c:fe:dc:a8:67:a8:ac:a7:ab:58:b8:0c:72:
7d:b8:92:dd:fd:93:5f:86:47:c1:8d:14:52:3e:89:8a:8d:b9:
ee:20:e5:ec:2a:5a:44:40:f9:02:e9:8a:e0:4f:21:c3:c6:e2:
b0:99:20:29:f3:f6:0a:36:bf:a9:f4:3b:51:ac:ba:6f:62:1f:
75:91:5a:33:d6:20:70:88:44:5a:d5:70:ad:e5:16:42:35:ed:
de:95:af:c8:87:36:bf:9c:12:d5:4e:02:bf:b9:e7:8a:2e:5d:
7f:bb:ba:26:b3:ae:04:26:b6:5d:9a:b2:1f:6d:4f:29:03:58:
ab:29:55:09:c6:ba:f0:79:62:0e:c4:20:80:3f:a0:1b:3f:78:
76:0b:62:55
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzI35SK8atARMQwRk+c6U9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjQwMTAyMDYzMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2ZlYjQ4ZDMxZjUzMTE3MDRhMDdjY2U3OTIxNTM3MmNkNWJmMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5YgL5gcN7CG6eu9q9QJDjHp+o0R
abHX7l7HrC6R0EKiK2k0dOXuTMZUZbSD6ij3LUafIShFvF/dWn5wo7Tw9PiTPlpo
YTZ8nJmMqIYlJSWw1+zjVVApw+WeuCN9ceSgmxGcGrYgnB2eZQJn2RjXi4aYDJta
BYjv1azqZb7u/rl2FzQtez3BAmWzX9WADPHqM71hmVSFs9ayxabtVzW5X+/p4oVt
bEqzPO5xhGVlxShh4dKewNQifwXsBUNBEYGmnjYo0bjTaRViACsgsSJUOTAmq/TO
cMIdNMmzqeYm9svuXdcM+wJxO150w6A2AwzcGSpBZIBBnd5cozWsl/yw2QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEf+tI0x9TEXBKB8znkhU3LNW/L9MB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvUl82MGpUSDFNUmNFb0h6T2VTRlRjczFiOHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAW/LbAwQA
bebHAwQAwkzgMA8EAgACMAkDBwAqC3FAAAMwDQYJKoZIhvcNAQELBQADggEBABPh
LsWB9VmMky5kfMq96pr719HkLBiQxvx0Q7x5WETh5Vf/dfTfyEtdhiKOdUfzDTCN
xSltvnCB/T2Iaz3hJb53o6pvX6+AxfaO4B+fd8zPnFNg++3vbVoviDDU2UkLPC25
guF5wdDI7Mby2UPgHog9DP7cqGeorKerWLgMcn24kt39k1+GR8GNFFI+iYqNue4g
5ewqWkRA+QLpiuBPIcPG4rCZICnz9go2v6n0O1Gsum9iH3WRWjPWIHCIRFrVcK3l
FkI17d6Vr8iHNr+cEtVOAr+554ouXX+7uiazrgQmtl2ash9tTykDWKspVQnGuvB5
Yg7EIIA/oBs/eHYLYlU=
-----END CERTIFICATE-----
Generated at Thu Apr 11 11:10:56 2024 by rpki-client on console-fra.rpki-client.org