Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/92c1cf-5a22-453c-907f-eb1f8715eec0/1/DOQJvvd9-v5atVbOAtuquN6IjrU.roa
File: DOQJvvd9-v5atVbOAtuquN6IjrU.roa (raw, json)
Hash identifier: qsnjMowNUQ3neqaboz22Qm4SsjWPoMf7AeSy3X2Se0s=
Subject key identifier: 0C:E4:09:BE:F7:7D:FA:FE:5A:B5:56:CE:02:DB:AA:B8:DE:88:8E:B5
Certificate issuer: /CN=b3d66297c5cdbd36d86849ddeae7985979f450ca
Certificate serial: 018BA90DD51C60D8C24A0CACB57CD6AEFC38
Authority key identifier: B3:D6:62:97:C5:CD:BD:36:D8:68:49:DD:EA:E7:98:59:79:F4:50:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9Zil8XNvTbYaEnd6ueYWXn0UMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/92c1cf-5a22-453c-907f-eb1f8715eec0/1/DOQJvvd9-v5atVbOAtuquN6IjrU.roa
Signing time: Tue 07 Nov 2023 09:12:17 +0000
ROA not before: Tue 07 Nov 2023 09:12:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216108
IP address blocks: 91.241.15.0/24 maxlen: 24
2a01:9c00:c001::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:0d:d5:1c:60:d8:c2:4a:0c:ac:b5:7c:d6:ae:fc:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d66297c5cdbd36d86849ddeae7985979f450ca
Validity
Not Before: Nov 7 09:12:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ce409bef77dfafe5ab556ce02dbaab8de888eb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b3:71:37:51:45:f7:40:c2:73:80:a1:bc:ec:
a5:e3:21:94:9e:83:f6:e4:fd:41:db:99:ff:21:a9:
c3:84:d3:ca:65:f4:41:c9:a3:7a:e8:40:2d:4d:24:
1e:9d:95:3c:a2:e6:d0:ce:43:17:82:68:10:15:00:
29:47:a5:58:61:f9:f0:f2:16:34:3a:ef:7c:87:71:
6e:5d:8b:6f:84:94:30:95:89:69:7d:a2:f1:80:9d:
ac:7d:00:d1:cc:c5:cc:94:7a:a7:28:0b:f2:70:d6:
78:cc:44:98:ae:4e:e5:23:38:c0:13:4a:cf:ca:87:
05:86:81:8d:92:82:0a:76:1e:ca:8d:59:2f:df:a6:
07:70:f4:01:22:3f:70:bb:d0:69:87:e4:d6:5c:dd:
3c:d2:32:cc:00:26:e7:a7:84:3e:a5:9d:04:24:66:
47:4a:d9:1e:98:43:67:27:0b:f4:6a:62:62:c9:fd:
33:be:d7:4d:49:d7:a2:ba:a0:a9:b1:6e:d0:c9:2b:
1f:72:db:48:3e:e9:e9:cc:b2:9f:0c:78:2a:da:02:
ff:aa:de:33:c1:ca:49:4f:5c:4e:ee:80:1d:12:66:
6b:8a:bf:1f:09:93:00:5b:29:de:84:f4:f8:da:e8:
57:74:f5:77:6c:97:cb:4a:cf:e4:fe:1d:8a:31:3d:
f5:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E4:09:BE:F7:7D:FA:FE:5A:B5:56:CE:02:DB:AA:B8:DE:88:8E:B5
X509v3 Authority Key Identifier:
keyid:B3:D6:62:97:C5:CD:BD:36:D8:68:49:DD:EA:E7:98:59:79:F4:50:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9Zil8XNvTbYaEnd6ueYWXn0UMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/92c1cf-5a22-453c-907f-eb1f8715eec0/1/DOQJvvd9-v5atVbOAtuquN6IjrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/92c1cf-5a22-453c-907f-eb1f8715eec0/1/s9Zil8XNvTbYaEnd6ueYWXn0UMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.15.0/24
IPv6:
2a01:9c00:c001::/48
Signature Algorithm: sha256WithRSAEncryption
8d:9b:62:44:e7:67:12:ed:d1:12:4f:c4:1f:24:28:42:d4:fa:
6b:de:f4:6c:5e:9b:5f:2d:81:1f:f2:d0:f0:7d:43:1c:26:a1:
b0:31:78:fb:f2:47:4b:92:49:b0:ea:d5:53:07:c5:91:31:18:
e0:44:cd:eb:49:aa:06:8f:92:71:f4:7d:d4:69:21:54:90:ac:
d2:74:14:24:f7:f0:c5:ef:4b:b0:8a:33:e6:28:bc:ca:95:a4:
d8:14:b7:9c:f2:19:44:d6:4e:0b:ac:fd:6f:fb:d3:0e:e5:1e:
62:d5:47:93:17:76:2e:4c:1a:f4:07:e6:7e:f8:b9:4f:8d:39:
9c:8b:e6:10:89:ef:ac:8c:96:6c:59:fa:ef:92:1f:c1:50:75:
4a:2d:e3:3a:bb:01:73:e1:ea:19:94:52:b4:ad:1e:2a:fb:2a:
7c:28:29:3c:b9:49:df:3b:e3:3e:5d:52:df:5c:9f:8b:e3:02:
7d:95:90:86:b6:4f:e7:ad:20:37:7b:61:0f:84:a6:25:2d:d4:
14:c3:0a:07:d0:0c:b5:be:ce:60:02:c6:c8:e8:a5:1b:cb:d9:
5c:6d:79:d7:73:e7:13:09:78:31:f3:a2:95:ad:6c:99:74:ae:
39:b7:a5:fd:ea:83:ef:68:48:83:fb:2b:b3:1c:aa:a3:89:1b:
4e:90:b8:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYupDdUcYNjCSgystXzWrvw4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDY2Mjk3YzVjZGJkMzZkODY4NDlkZGVhZTc5ODU5Nzlm
NDUwY2EwHhcNMjMxMTA3MDkxMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2U0MDliZWY3N2RmYWZlNWFiNTU2Y2UwMmRiYWFiOGRlODg4ZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbNxN1FF90DCc4ChvOyl4yGUnoP2
5P1B25n/IanDhNPKZfRByaN66EAtTSQenZU8oubQzkMXgmgQFQApR6VYYfnw8hY0
Ou98h3FuXYtvhJQwlYlpfaLxgJ2sfQDRzMXMlHqnKAvycNZ4zESYrk7lIzjAE0rP
yocFhoGNkoIKdh7KjVkv36YHcPQBIj9wu9Bph+TWXN080jLMACbnp4Q+pZ0EJGZH
StkemENnJwv0amJiyf0zvtdNSdeiuqCpsW7QySsfcttIPunpzLKfDHgq2gL/qt4z
wcpJT1xO7oAdEmZrir8fCZMAWynehPT42uhXdPV3bJfLSs/k/h2KMT31DQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAzkCb73ffr+WrVWzgLbqrjeiI61MB8GA1UdIwQY
MBaAFLPWYpfFzb022GhJ3ernmFl59FDKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlaaWw4WE52VGJZYUVuZDZ1ZVlXWG4wVU1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85MmMxY2YtNWEyMi00NTNjLTkwN2Yt
ZWIxZjg3MTVlZWMwLzEvRE9RSnZ2ZDktdjVhdFZiT0F0dXF1TjZJanJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85MmMxY2YtNWEyMi00NTNjLTkwN2YtZWIxZjg3MTVlZWMw
LzEvczlaaWw4WE52VGJZYUVuZDZ1ZVlXWG4wVU1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW/EPMA8E
AgACMAkDBwAqAZwAwAEwDQYJKoZIhvcNAQELBQADggEBAI2bYkTnZxLt0RJPxB8k
KELU+mve9Gxem18tgR/y0PB9QxwmobAxePvyR0uSSbDq1VMHxZExGOBEzetJqgaP
knH0fdRpIVSQrNJ0FCT38MXvS7CKM+YovMqVpNgUt5zyGUTWTgus/W/70w7lHmLV
R5MXdi5MGvQH5n74uU+NOZyL5hCJ76yMlmxZ+u+SH8FQdUot4zq7AXPh6hmUUrSt
Hir7KnwoKTy5Sd874z5dUt9cn4vjAn2VkIa2T+etIDd7YQ+EpiUt1BTDCgfQDLW+
zmACxsjopRvL2Vxteddz5xMJeDHzopWtbJl0rjm3pf3qg+9oSIP7K7McqqOJG06Q
uGo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:56 2024 by rpki-client on console-ams.rpki-client.org