Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/w2d3-heIIW0WiS9Qhtuzel0_B1s.roa
File: w2d3-heIIW0WiS9Qhtuzel0_B1s.roa (raw, json)
Hash identifier: yuUmFhj/kgENBkxCE1naNSZsEIfY0kgoYdTmpOiSQ94=
Subject key identifier: C3:67:77:FA:17:88:21:6D:16:89:2F:50:86:DB:B3:7A:5D:3F:07:5B
Certificate issuer: /CN=07f231365985828d5a9663ed1b440624b24fec13
Certificate serial: 0187796E41D57FB5A39EBC709DB988DCB085
Authority key identifier: 07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/w2d3-heIIW0WiS9Qhtuzel0_B1s.roa
Signing time: Thu 13 Apr 2023 07:04:41 +0000
ROA not before: Thu 13 Apr 2023 07:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.199.32.0/24 maxlen: 24
91.199.44.0/24 maxlen: 24
91.199.42.0/24 maxlen: 24
91.199.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 May 2023 08:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:79:6e:41:d5:7f:b5:a3:9e:bc:70:9d:b9:88:dc:b0:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07f231365985828d5a9663ed1b440624b24fec13
Validity
Not Before: Apr 13 07:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c36777fa1788216d16892f5086dbb37a5d3f075b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6e:b3:42:80:e8:6d:15:a0:70:5e:1c:d7:d9:
a7:40:92:a7:a6:5a:b3:29:c2:6d:9e:9e:67:03:5d:
69:3c:18:d7:27:31:13:d9:40:5e:b5:e4:83:59:c8:
b8:28:87:68:df:f4:b6:d0:f7:b6:75:b2:dc:7f:7b:
b2:3b:01:83:16:c7:08:1d:30:3c:4a:7f:08:4a:55:
fe:2b:d9:26:f9:83:15:71:01:e3:5b:b1:f7:16:39:
26:1a:56:56:2c:37:44:d8:76:a7:44:3d:4a:ee:30:
05:31:70:2e:99:86:e8:c5:ce:ae:6d:55:40:17:5e:
19:e0:48:84:c9:78:73:ef:94:e2:e2:41:0a:9e:cf:
1f:e6:1e:20:41:59:a6:2f:ef:92:3e:21:cc:62:dd:
37:f6:b6:9e:51:7e:2a:a0:fa:e3:69:25:2c:a4:c7:
e7:e8:19:7c:21:54:d8:9b:18:e6:51:f9:a0:d4:07:
b5:cd:00:6a:a3:8f:21:78:99:6e:57:31:2c:e4:87:
91:d3:1b:ee:3b:de:92:ec:97:89:37:9d:f0:6f:1e:
9d:f0:06:c4:31:79:89:d7:c3:ad:e6:d4:dc:6e:7d:
48:55:19:72:3a:b6:3a:c3:de:81:19:22:26:98:2d:
41:6c:0d:be:07:90:56:db:61:ed:92:db:58:21:9f:
c9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:67:77:FA:17:88:21:6D:16:89:2F:50:86:DB:B3:7A:5D:3F:07:5B
X509v3 Authority Key Identifier:
keyid:07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/w2d3-heIIW0WiS9Qhtuzel0_B1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/B_IxNlmFgo1almPtG0QGJLJP7BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.32.0/24
91.199.42.0/24
91.199.44.0/24
91.199.47.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:1c:d3:2a:63:97:59:59:53:30:92:03:bc:b2:e3:7d:c8:ee:
0c:36:fe:47:92:48:73:be:2d:02:33:51:b3:a5:f1:1d:cc:b8:
36:30:94:64:1b:12:4a:6e:61:9f:4b:52:e3:aa:6d:0f:57:3f:
e6:79:b8:91:a9:06:1e:17:30:11:d9:2c:8e:cd:99:f1:3c:ea:
6d:ad:5f:29:1c:d4:96:f0:a8:e5:c2:90:17:bb:32:0a:60:15:
ce:56:c2:63:a3:70:e3:69:e3:c1:da:6e:06:d9:1a:31:6a:c3:
4e:c1:fb:dd:f3:8c:77:82:a6:17:f6:e6:df:7c:c9:cd:90:2b:
d2:69:4e:d9:11:c1:45:6b:34:bc:24:e1:03:bb:82:4b:18:6f:
d7:5d:fb:4f:44:5f:50:20:ec:e0:06:22:45:2f:32:53:18:54:
b2:d0:45:8d:d7:60:f4:9d:eb:c9:88:5e:84:33:fb:a2:97:c4:
a5:2f:18:6a:5d:3e:88:a1:82:41:17:b1:80:80:e4:3f:0f:88:
ee:43:f0:2b:77:7d:1b:80:95:75:46:3c:b4:0d:e4:84:0a:6c:
77:4a:6d:d5:df:ee:f5:db:e6:45:0c:cd:1e:5f:cc:9d:10:a4:
5f:41:8d:54:2e:10:2a:37:8f:b7:70:73:58:21:27:50:2d:94:
fd:22:fc:6e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYd5bkHVf7WjnrxwnbmI3LCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjIzMTM2NTk4NTgyOGQ1YTk2NjNlZDFiNDQwNjI0YjI0
ZmVjMTMwHhcNMjMwNDEzMDcwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzY3NzdmYTE3ODgyMTZkMTY4OTJmNTA4NmRiYjM3YTVkM2YwNzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAom6zQoDobRWgcF4c19mnQJKnplqz
KcJtnp5nA11pPBjXJzET2UBeteSDWci4KIdo3/S20Pe2dbLcf3uyOwGDFscIHTA8
Sn8ISlX+K9km+YMVcQHjW7H3FjkmGlZWLDdE2HanRD1K7jAFMXAumYboxc6ubVVA
F14Z4EiEyXhz75Ti4kEKns8f5h4gQVmmL++SPiHMYt039raeUX4qoPrjaSUspMfn
6Bl8IVTYmxjmUfmg1Ae1zQBqo48heJluVzEs5IeR0xvuO96S7JeJN53wbx6d8AbE
MXmJ18Ot5tTcbn1IVRlyOrY6w96BGSImmC1BbA2+B5BW22HtkttYIZ/JywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMNnd/oXiCFtFokvUIbbs3pdPwdbMB8GA1UdIwQY
MBaAFAfyMTZZhYKNWpZj7RtEBiSyT+wTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzct
MDg1ZmEwYTU2MDUyLzEvdzJkMy1oZUlJVzBXaVM5UWh0dXplbDBfQjFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzctMDg1ZmEwYTU2MDUy
LzEvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8cgAwQA
W8cqAwQAW8csAwQAW8cvMA0GCSqGSIb3DQEBCwUAA4IBAQANHNMqY5dZWVMwkgO8
suN9yO4MNv5Hkkhzvi0CM1GzpfEdzLg2MJRkGxJKbmGfS1Ljqm0PVz/mebiRqQYe
FzAR2SyOzZnxPOptrV8pHNSW8KjlwpAXuzIKYBXOVsJjo3DjaePB2m4G2RoxasNO
wfvd84x3gqYX9ubffMnNkCvSaU7ZEcFFazS8JOEDu4JLGG/XXftPRF9QIOzgBiJF
LzJTGFSy0EWN12D0nevJiF6EM/uil8SlLxhqXT6IoYJBF7GAgOQ/D4juQ/Ard30b
gJV1Rjy0DeSECmx3Sm3V3+712+ZFDM0eX8ydEKRfQY1ULhAqN4+3cHNYISdQLZT9
Ivxu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:58 2024 by rpki-client on console-fra.rpki-client.org