Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/dc1d09-9f69-471b-be7a-52008d1cb9b6/1/RlJD9ES8J0G_b7K2yoQxIwRc11M.roa
File: RlJD9ES8J0G_b7K2yoQxIwRc11M.roa (raw, json)
Hash identifier: RyfVxPPg1aV0lfEks9sTUjzSvG31LicSLbwaLHr/sx0=
Subject key identifier: 46:52:43:F4:44:BC:27:41:BF:6F:B2:B6:CA:84:31:23:04:5C:D7:53
Certificate issuer: /CN=c7389ce826bc8d26869b452f3cd936902c552fbf
Certificate serial: 018570B08540C0C34A914A9C069FD353BD83
Authority key identifier: C7:38:9C:E8:26:BC:8D:26:86:9B:45:2F:3C:D9:36:90:2C:55:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xzic6Ca8jSaGm0UvPNk2kCxVL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/dc1d09-9f69-471b-be7a-52008d1cb9b6/1/RlJD9ES8J0G_b7K2yoQxIwRc11M.roa
Signing time: Mon 02 Jan 2023 04:14:54 +0000
ROA not before: Mon 02 Jan 2023 04:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34563
IP address blocks: 91.216.70.0/24 maxlen: 24
193.42.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:85:40:c0:c3:4a:91:4a:9c:06:9f:d3:53:bd:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7389ce826bc8d26869b452f3cd936902c552fbf
Validity
Not Before: Jan 2 04:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=465243f444bc2741bf6fb2b6ca843123045cd753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:26:56:9f:d1:c5:34:68:99:ed:c6:f6:48:5e:
53:66:86:ac:a0:9f:07:80:5c:dc:d2:cf:67:8b:13:
88:1a:0d:97:5f:6b:d7:aa:bb:99:3d:d6:ce:ce:4b:
75:8c:12:48:c7:e5:54:62:b8:fc:95:8e:01:1c:de:
60:8a:97:92:c4:d2:a9:c3:fd:43:f1:35:bc:d3:60:
01:94:dc:84:0f:04:8a:23:27:16:e7:ad:ee:ce:33:
01:6d:ef:d5:e9:f2:73:ff:d6:92:f8:77:ce:98:a9:
6c:44:eb:d7:76:a0:79:0f:ca:54:7f:93:69:c7:2c:
03:0a:67:e3:49:51:f1:ce:10:f7:83:6f:d1:cf:a4:
7b:2f:fa:87:d4:00:ff:86:78:dd:98:3a:1c:e2:fe:
25:d4:89:42:8c:e2:a7:be:be:f7:06:6b:65:b0:0c:
3e:ac:78:ce:4e:2d:9a:d5:1c:ce:fa:63:7f:aa:6e:
55:c7:ed:96:9d:9c:2b:df:cd:8b:a8:5a:7b:37:b0:
6b:3a:3e:bd:77:fc:ea:ea:f1:da:dd:e7:b9:3e:93:
05:7b:27:df:e1:87:b6:d2:ab:c7:02:a5:4f:b7:7a:
7d:0a:5e:2a:65:4d:65:74:a7:d9:0a:5e:77:d7:4f:
a8:4c:98:f3:46:dd:38:c1:54:e3:45:ec:92:f5:53:
c4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:52:43:F4:44:BC:27:41:BF:6F:B2:B6:CA:84:31:23:04:5C:D7:53
X509v3 Authority Key Identifier:
keyid:C7:38:9C:E8:26:BC:8D:26:86:9B:45:2F:3C:D9:36:90:2C:55:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xzic6Ca8jSaGm0UvPNk2kCxVL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/dc1d09-9f69-471b-be7a-52008d1cb9b6/1/RlJD9ES8J0G_b7K2yoQxIwRc11M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/dc1d09-9f69-471b-be7a-52008d1cb9b6/1/xzic6Ca8jSaGm0UvPNk2kCxVL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.70.0/24
193.42.222.0/24
Signature Algorithm: sha256WithRSAEncryption
64:a4:cb:b9:80:e9:23:21:4a:e9:d4:75:ee:ba:41:c8:0d:8b:
d4:bf:a5:f9:7f:5a:34:93:f0:04:b4:77:4e:f6:d2:a7:20:2c:
5a:f4:2d:31:ef:47:f4:04:cc:67:da:d9:e6:75:ee:91:e2:43:
5c:7f:03:f0:13:cd:ed:6a:23:cd:fe:1e:2f:1d:94:a3:0f:71:
c6:76:cf:1c:8c:f5:fe:a4:e4:ad:de:66:ce:49:b0:5a:3b:79:
9e:c0:6a:cd:e2:2d:6c:00:f8:03:76:ab:9b:6a:03:9a:41:58:
6b:01:a4:d8:9c:a1:60:ec:61:43:12:61:b2:ea:65:dd:08:61:
58:95:2f:b3:67:8d:39:2e:2d:55:f8:45:e7:de:e2:e3:c3:9f:
21:f8:2b:b3:eb:6e:09:7e:75:cb:52:87:ce:d0:92:05:ef:5d:
c1:c5:c8:76:39:b2:f7:c2:f0:10:49:3b:3d:4d:29:c1:08:7e:
6b:1b:f5:d0:6e:e4:ef:60:d9:cf:0f:52:5e:88:43:9c:b3:4f:
6a:65:9a:f7:f4:94:28:03:60:35:66:78:5a:a4:96:61:e2:01:
16:6b:f2:c4:7d:9c:23:39:2c:69:aa:92:de:99:d2:af:11:02:
2e:89:e7:9d:99:02:76:42:1c:e4:6b:f0:2c:fe:1c:cf:eb:24:
da:9a:a4:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwsIVAwMNKkUqcBp/TU72DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3Mzg5Y2U4MjZiYzhkMjY4NjliNDUyZjNjZDkzNjkwMmM1
NTJmYmYwHhcNMjMwMTAyMDQxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjUyNDNmNDQ0YmMyNzQxYmY2ZmIyYjZjYTg0MzEyMzA0NWNkNzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSZWn9HFNGiZ7cb2SF5TZoasoJ8H
gFzc0s9nixOIGg2XX2vXqruZPdbOzkt1jBJIx+VUYrj8lY4BHN5gipeSxNKpw/1D
8TW802ABlNyEDwSKIycW563uzjMBbe/V6fJz/9aS+HfOmKlsROvXdqB5D8pUf5Np
xywDCmfjSVHxzhD3g2/Rz6R7L/qH1AD/hnjdmDoc4v4l1IlCjOKnvr73BmtlsAw+
rHjOTi2a1RzO+mN/qm5Vx+2WnZwr382LqFp7N7BrOj69d/zq6vHa3ee5PpMFeyff
4Ye20qvHAqVPt3p9Cl4qZU1ldKfZCl5310+oTJjzRt04wVTjReyS9VPEeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEZSQ/REvCdBv2+ytsqEMSMEXNdTMB8GA1UdIwQY
MBaAFMc4nOgmvI0mhptFLzzZNpAsVS+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHppYzZDYThqU2FHbTBVdlBOazJrQ3hWTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kYzFkMDktOWY2OS00NzFiLWJlN2Et
NTIwMDhkMWNiOWI2LzEvUmxKRDlFUzhKMEdfYjdLMnlvUXhJd1JjMTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kYzFkMDktOWY2OS00NzFiLWJlN2EtNTIwMDhkMWNiOWI2
LzEveHppYzZDYThqU2FHbTBVdlBOazJrQ3hWTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9hGAwQA
wSreMA0GCSqGSIb3DQEBCwUAA4IBAQBkpMu5gOkjIUrp1HXuukHIDYvUv6X5f1o0
k/AEtHdO9tKnICxa9C0x70f0BMxn2tnmde6R4kNcfwPwE83taiPN/h4vHZSjD3HG
ds8cjPX+pOSt3mbOSbBaO3mewGrN4i1sAPgDdqubagOaQVhrAaTYnKFg7GFDEmGy
6mXdCGFYlS+zZ405Li1V+EXn3uLjw58h+Cuz624JfnXLUofO0JIF713Bxch2ObL3
wvAQSTs9TSnBCH5rG/XQbuTvYNnPD1JeiEOcs09qZZr39JQoA2A1ZnhapJZh4gEW
a/LEfZwjOSxpqpLemdKvEQIuieedmQJ2Qhzka/As/hzP6yTamqQJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:34 2024 by rpki-client on console-fra.rpki-client.org