Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/1jKHj70Ix_8B9_ZqtRzYkA3svas.roa
File: 1jKHj70Ix_8B9_ZqtRzYkA3svas.roa (raw, json)
Hash identifier: CinSvLGybI4fhVml1lX5Xu197VTMUySH737/fZdTlAY=
Subject key identifier: D6:32:87:8F:BD:08:C7:FF:01:F7:F6:6A:B5:1C:D8:90:0D:EC:BD:AB
Certificate issuer: /CN=3ad734cf90c773428806b968209515b914831a9d
Certificate serial: 0191B762ABCE550EC1D8DE18B16F3ED8C6F4
Authority key identifier: 3A:D7:34:CF:90:C7:73:42:88:06:B9:68:20:95:15:B9:14:83:1A:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Otc0z5DHc0KIBrloIJUVuRSDGp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/1jKHj70Ix_8B9_ZqtRzYkA3svas.roa
Signing time: Tue 03 Sep 2024 10:16:22 +0000
ROA not before: Tue 03 Sep 2024 10:16:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.191.21.0/24 maxlen: 24
188.95.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Sep 2024 08:39:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:62:ab:ce:55:0e:c1:d8:de:18:b1:6f:3e:d8:c6:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad734cf90c773428806b968209515b914831a9d
Validity
Not Before: Sep 3 10:16:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d632878fbd08c7ff01f7f66ab51cd8900decbdab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f2:3e:dc:86:b1:bc:ed:1f:ce:8b:73:18:62:
8c:e8:f1:9a:b4:b4:7d:b2:09:e4:16:a2:63:b1:71:
2f:90:eb:55:ec:af:a4:11:78:0e:21:c2:50:5a:4a:
7e:fb:26:1a:ef:c5:cb:c5:59:4d:ac:3a:56:9e:66:
d2:95:1b:09:f6:7c:38:84:22:cd:37:9f:a9:f3:af:
cf:c4:60:75:03:cc:38:c2:a6:76:15:f8:2c:28:2c:
8b:0d:e3:bb:c2:34:fb:db:56:70:de:31:65:95:65:
54:55:8b:7e:e3:bf:34:7e:ab:4c:09:d3:4a:34:b8:
ce:13:79:9d:37:77:37:35:04:cd:3a:b5:db:94:9e:
6b:78:19:4e:71:63:3c:c3:77:1a:36:d9:ce:1b:a2:
18:c6:ea:98:1e:15:96:20:67:51:eb:26:ef:62:93:
15:8a:f5:22:b4:46:35:46:19:91:f4:c1:74:bf:90:
e0:98:5e:13:e3:b6:1b:e9:c9:54:40:b3:33:23:40:
c8:8b:80:2b:ca:c9:6e:fc:31:2e:85:2e:69:8c:ed:
ad:bd:00:9b:31:11:bb:a3:48:96:6b:29:53:84:82:
cc:fa:7b:b6:02:1a:16:ad:26:f5:7a:52:28:b1:61:
21:07:a3:4f:dc:b8:21:41:8c:d0:cd:8a:f5:10:90:
04:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:32:87:8F:BD:08:C7:FF:01:F7:F6:6A:B5:1C:D8:90:0D:EC:BD:AB
X509v3 Authority Key Identifier:
keyid:3A:D7:34:CF:90:C7:73:42:88:06:B9:68:20:95:15:B9:14:83:1A:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Otc0z5DHc0KIBrloIJUVuRSDGp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/1jKHj70Ix_8B9_ZqtRzYkA3svas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/Otc0z5DHc0KIBrloIJUVuRSDGp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.21.0/24
188.95.69.0/24
Signature Algorithm: sha256WithRSAEncryption
09:c1:f3:5d:61:21:a9:72:73:6f:4c:2c:39:38:2e:d2:6e:3c:
b7:b4:98:d0:eb:ae:e6:5e:cb:73:bb:5f:76:56:84:a8:97:e9:
bc:ae:be:49:b9:02:d7:27:7a:86:a5:44:96:38:5c:bf:7f:8d:
af:3b:2c:2d:9a:bf:af:0c:65:20:3f:18:4c:05:4f:cc:e2:e5:
03:3f:88:8c:63:d0:97:3a:e0:18:03:c0:df:13:af:29:4d:10:
60:82:63:3b:57:0e:9d:8a:6b:af:ea:40:28:3e:57:65:1a:ed:
2c:24:7e:e3:f0:cd:15:b3:18:51:7a:0d:17:41:90:45:ce:3f:
c6:4c:af:a7:f4:8d:a5:e0:87:4f:0f:ca:b5:cf:8b:bb:7b:16:
bf:e8:17:5e:4b:20:2d:0c:b0:db:a0:41:0f:40:3c:4c:df:61:
69:ed:b8:4b:72:2c:7d:64:a4:e6:5e:61:19:22:3a:e9:81:7b:
87:99:77:01:40:10:fd:08:44:cb:5d:97:9e:00:dc:b2:86:f8:
23:bc:1b:df:77:d7:5f:76:e0:a6:7c:b8:3b:29:a1:a7:f0:df:
3d:78:73:88:91:c2:24:f5:85:04:3c:06:a4:0e:d2:17:0d:8b:
fb:6c:69:d8:f5:c2:45:d5:38:18:f0:86:71:ad:aa:f1:4f:4d:
1f:90:98:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZG3YqvOVQ7B2N4YsW8+2Mb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDczNGNmOTBjNzczNDI4ODA2Yjk2ODIwOTUxNWI5MTQ4
MzFhOWQwHhcNMjQwOTAzMTAxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjMyODc4ZmJkMDhjN2ZmMDFmN2Y2NmFiNTFjZDg5MDBkZWNiZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/I+3IaxvO0fzotzGGKM6PGatLR9
sgnkFqJjsXEvkOtV7K+kEXgOIcJQWkp++yYa78XLxVlNrDpWnmbSlRsJ9nw4hCLN
N5+p86/PxGB1A8w4wqZ2FfgsKCyLDeO7wjT721Zw3jFllWVUVYt+4780fqtMCdNK
NLjOE3mdN3c3NQTNOrXblJ5reBlOcWM8w3caNtnOG6IYxuqYHhWWIGdR6ybvYpMV
ivUitEY1RhmR9MF0v5DgmF4T47Yb6clUQLMzI0DIi4Aryslu/DEuhS5pjO2tvQCb
MRG7o0iWaylThILM+nu2AhoWrSb1elIosWEhB6NP3LghQYzQzYr1EJAEiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNYyh4+9CMf/Aff2arUc2JAN7L2rMB8GA1UdIwQY
MBaAFDrXNM+Qx3NCiAa5aCCVFbkUgxqdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RjMHo1REhjMEtJQnJsb0lKVVZ1UlNER3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lYmYzODEtMDBjOC00ODBkLWE2NmMt
NzZhMWQ0ZDgzMTk3LzEvMWpLSGo3MEl4XzhCOV9acXRSellrQTNzdmFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lYmYzODEtMDBjOC00ODBkLWE2NmMtNzZhMWQ0ZDgzMTk3
LzEvT3RjMHo1REhjMEtJQnJsb0lKVVZ1UlNER3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAub8VAwQA
vF9FMA0GCSqGSIb3DQEBCwUAA4IBAQAJwfNdYSGpcnNvTCw5OC7Sbjy3tJjQ667m
Xstzu192VoSol+m8rr5JuQLXJ3qGpUSWOFy/f42vOywtmr+vDGUgPxhMBU/M4uUD
P4iMY9CXOuAYA8DfE68pTRBggmM7Vw6dimuv6kAoPldlGu0sJH7j8M0VsxhReg0X
QZBFzj/GTK+n9I2l4IdPD8q1z4u7exa/6BdeSyAtDLDboEEPQDxM32Fp7bhLcix9
ZKTmXmEZIjrpgXuHmXcBQBD9CETLXZeeANyyhvgjvBvfd9dfduCmfLg7KaGn8N89
eHOIkcIk9YUEPAakDtIXDYv7bGnY9cJF1TgY8IZxrarxT00fkJi3
-----END CERTIFICATE-----
Generated at Sun Sep 15 11:19:27 2024 by rpki-client on console-ams.rpki-client.org