Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/fwdQgXMXA39CEQnvodwURFNas3Y.roa
File: fwdQgXMXA39CEQnvodwURFNas3Y.roa (raw, json)
Hash identifier: 0MG7E5UFHIJmrjdz6uN70yWKHcdI3YaqR6lvAkr4wh8=
Subject key identifier: 7F:07:50:81:73:17:03:7F:42:11:09:EF:A1:DC:14:44:53:5A:B3:76
Certificate issuer: /CN=07f231365985828d5a9663ed1b440624b24fec13
Certificate serial: 01856F021E1385AC99B528BB1F7250271FE7
Authority key identifier: 07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/fwdQgXMXA39CEQnvodwURFNas3Y.roa
Signing time: Sun 01 Jan 2023 20:24:47 +0000
ROA not before: Sun 01 Jan 2023 20:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.199.32.0/24 maxlen: 24
91.199.44.0/24 maxlen: 24
91.199.42.0/24 maxlen: 24
91.199.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Feb 2023 10:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:1e:13:85:ac:99:b5:28:bb:1f:72:50:27:1f:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07f231365985828d5a9663ed1b440624b24fec13
Validity
Not Before: Jan 1 20:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f0750817317037f421109efa1dc1444535ab376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d8:d1:45:de:c2:f1:63:13:c2:dd:f8:43:45:
51:69:17:f9:2d:58:02:a5:b6:9a:0a:95:20:70:bc:
71:25:5d:eb:a8:57:2f:1e:7a:d1:f1:5a:ef:b2:8a:
eb:bf:61:52:79:0c:d8:23:7a:20:45:04:fe:96:20:
dd:23:58:9e:99:1a:df:a7:88:07:1e:a2:9e:a0:9b:
a4:27:d2:a9:22:a4:98:c3:60:57:6a:05:a6:07:0c:
63:c6:f8:6d:94:e4:7d:54:fd:8f:51:f2:06:57:14:
23:9e:2f:6e:c8:c0:1b:0a:8a:4d:e9:f2:29:ad:3d:
a6:51:a4:33:06:3a:de:c8:0e:b4:48:9e:ff:43:be:
b3:d4:59:ab:62:6d:d8:c9:5e:e7:e6:d4:57:12:35:
c8:15:f9:6d:1e:56:62:e4:d4:e9:e4:19:42:b5:01:
9d:c5:0d:cb:94:b1:52:53:75:a6:0f:fc:54:3b:6d:
c0:2d:f9:4b:71:8e:d4:f4:e5:26:de:47:4b:52:aa:
75:4d:d4:27:c1:c8:e4:80:f9:5a:12:57:f2:bf:8e:
14:53:f5:b7:a4:9b:9a:49:7a:d1:83:98:59:8d:dd:
3c:e4:07:cd:29:f0:6c:9c:27:69:18:ec:a3:9a:fc:
3d:4c:6c:68:4f:f7:f7:47:11:ca:df:8a:ba:93:8b:
24:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:07:50:81:73:17:03:7F:42:11:09:EF:A1:DC:14:44:53:5A:B3:76
X509v3 Authority Key Identifier:
keyid:07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/fwdQgXMXA39CEQnvodwURFNas3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/B_IxNlmFgo1almPtG0QGJLJP7BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.32.0/24
91.199.42.0/24
91.199.44.0/24
91.199.47.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:4b:3f:12:0e:00:d3:c7:e5:2b:55:87:6d:46:dc:4d:5d:fd:
77:27:26:02:24:b6:16:ff:cd:4a:6c:1b:a9:98:4c:70:89:db:
a6:a1:18:a2:19:7d:3d:9b:a4:f2:fc:31:dd:46:82:03:ce:62:
7c:2b:b8:a7:54:15:b6:eb:e7:55:68:58:3d:97:d0:14:bb:55:
f2:c5:dd:1f:92:4a:a4:a6:25:0a:0a:94:87:ef:54:95:2d:cd:
31:03:b1:c2:6d:c1:9d:7c:3d:73:43:12:45:20:f5:83:70:c6:
43:48:07:b2:7b:eb:0b:e9:82:e8:f2:a4:61:58:dc:68:35:98:
a5:b9:52:38:83:6d:5e:db:90:c9:4b:e3:ce:96:62:0d:9d:6b:
09:ab:19:7a:20:2f:d7:e0:44:a6:33:0a:67:13:19:a5:52:f5:
bf:f2:e7:a3:d0:ee:98:81:7a:68:13:99:2a:29:01:b0:15:92:
30:29:86:0a:6a:09:a2:cf:cf:27:a5:5e:26:55:18:33:f0:65:
e0:fa:ef:34:c4:75:f3:de:31:48:9a:88:db:aa:44:23:a3:d2:
8f:f2:29:0c:e9:c7:e1:79:ca:18:85:5d:91:a0:94:3e:f0:d4:
6b:a9:0a:7b:4d:11:7b:91:8a:d6:59:ee:a3:99:cf:a1:ae:97:
03:42:7d:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvAh4ThayZtSi7H3JQJx/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjIzMTM2NTk4NTgyOGQ1YTk2NjNlZDFiNDQwNjI0YjI0
ZmVjMTMwHhcNMjMwMTAxMjAyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjA3NTA4MTczMTcwMzdmNDIxMTA5ZWZhMWRjMTQ0NDUzNWFiMzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdjRRd7C8WMTwt34Q0VRaRf5LVgC
pbaaCpUgcLxxJV3rqFcvHnrR8Vrvsorrv2FSeQzYI3ogRQT+liDdI1iemRrfp4gH
HqKeoJukJ9KpIqSYw2BXagWmBwxjxvhtlOR9VP2PUfIGVxQjni9uyMAbCopN6fIp
rT2mUaQzBjreyA60SJ7/Q76z1FmrYm3YyV7n5tRXEjXIFfltHlZi5NTp5BlCtQGd
xQ3LlLFSU3WmD/xUO23ALflLcY7U9OUm3kdLUqp1TdQnwcjkgPlaElfyv44UU/W3
pJuaSXrRg5hZjd085AfNKfBsnCdpGOyjmvw9TGxoT/f3RxHK34q6k4sk9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH8HUIFzFwN/QhEJ76HcFERTWrN2MB8GA1UdIwQY
MBaAFAfyMTZZhYKNWpZj7RtEBiSyT+wTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzct
MDg1ZmEwYTU2MDUyLzEvZndkUWdYTVhBMzlDRVFudm9kd1VSRk5hczNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzctMDg1ZmEwYTU2MDUy
LzEvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8cgAwQA
W8cqAwQAW8csAwQAW8cvMA0GCSqGSIb3DQEBCwUAA4IBAQDKSz8SDgDTx+UrVYdt
RtxNXf13JyYCJLYW/81KbBupmExwidumoRiiGX09m6Ty/DHdRoIDzmJ8K7inVBW2
6+dVaFg9l9AUu1Xyxd0fkkqkpiUKCpSH71SVLc0xA7HCbcGdfD1zQxJFIPWDcMZD
SAeye+sL6YLo8qRhWNxoNZiluVI4g21e25DJS+POlmINnWsJqxl6IC/X4ESmMwpn
ExmlUvW/8uej0O6YgXpoE5kqKQGwFZIwKYYKagmiz88npV4mVRgz8GXg+u80xHXz
3jFImojbqkQjo9KP8ikM6cfhecoYhV2RoJQ+8NRrqQp7TRF7kYrWWe6jmc+hrpcD
Qn3z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:58 2024 by rpki-client on console-fra.rpki-client.org