Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/a68387-861a-4b93-a3fc-adadd6295822/1/ex8hwMVG98PkPwkpbRc2ehEFcRw.roa
File: ex8hwMVG98PkPwkpbRc2ehEFcRw.roa (raw, json)
Hash identifier: 3mra5uo/vOaHkEs+EPZsnHLJiYqvvJWmCNCWpkGCf1A=
Subject key identifier: 7B:1F:21:C0:C5:46:F7:C3:E4:3F:09:29:6D:17:36:7A:11:05:71:1C
Certificate issuer: /CN=adb365acf6f918499707dda13f033e2cd6110308
Certificate serial: 0185711E80AB258F96A9A25DF1FC7CB94DB9
Authority key identifier: AD:B3:65:AC:F6:F9:18:49:97:07:DD:A1:3F:03:3E:2C:D6:11:03:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rbNlrPb5GEmXB92hPwM-LNYRAwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/a68387-861a-4b93-a3fc-adadd6295822/1/ex8hwMVG98PkPwkpbRc2ehEFcRw.roa
Signing time: Mon 02 Jan 2023 06:15:02 +0000
ROA not before: Mon 02 Jan 2023 06:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15600
IP address blocks: 91.138.0.0/18 maxlen: 24
185.90.108.0/22 maxlen: 22
2a05:dcc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:80:ab:25:8f:96:a9:a2:5d:f1:fc:7c:b9:4d:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adb365acf6f918499707dda13f033e2cd6110308
Validity
Not Before: Jan 2 06:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b1f21c0c546f7c3e43f09296d17367a1105711c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:81:a0:cf:36:ca:15:eb:42:bc:bb:91:d9:0e:
0d:65:6d:76:64:74:0d:15:11:c1:e0:b1:97:84:5d:
9b:89:7b:66:54:0a:43:fd:33:ed:68:12:68:0b:17:
d7:5c:c7:25:17:ed:19:ff:b7:a5:79:79:fa:6f:70:
50:a3:cc:a6:fc:56:37:8f:de:33:98:e6:b7:23:2e:
ef:11:be:d8:36:81:eb:9e:98:cd:d1:ac:f0:19:6c:
04:71:20:f6:a4:a9:0b:e7:09:d1:0a:e5:1f:80:33:
0a:97:bf:d5:ff:9e:59:a2:c1:41:c2:33:9d:e2:48:
a0:47:c9:68:6c:23:d5:8f:99:74:95:7d:cf:0a:97:
8a:73:9f:c0:a4:fb:3d:20:b1:99:74:81:c7:d4:03:
7b:af:10:fb:b7:06:a3:f6:83:3e:47:81:c2:bb:c4:
8a:8c:2d:88:b1:87:87:8a:c1:ca:84:58:a1:be:4a:
be:e4:74:00:55:2b:ce:86:b0:d0:27:97:d5:a8:71:
49:66:c2:b1:a6:7b:af:d4:28:88:94:a5:8b:f7:2b:
6e:19:66:8d:79:d5:17:28:26:fd:94:b4:42:f1:81:
be:81:e1:7a:8d:e3:a3:f7:3e:da:87:c6:f6:bd:17:
72:73:15:8f:32:42:ad:96:45:0d:c3:27:48:e3:78:
f9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:1F:21:C0:C5:46:F7:C3:E4:3F:09:29:6D:17:36:7A:11:05:71:1C
X509v3 Authority Key Identifier:
keyid:AD:B3:65:AC:F6:F9:18:49:97:07:DD:A1:3F:03:3E:2C:D6:11:03:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rbNlrPb5GEmXB92hPwM-LNYRAwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a68387-861a-4b93-a3fc-adadd6295822/1/ex8hwMVG98PkPwkpbRc2ehEFcRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a68387-861a-4b93-a3fc-adadd6295822/1/rbNlrPb5GEmXB92hPwM-LNYRAwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.138.0.0/18
185.90.108.0/22
IPv6:
2a05:dcc0::/29
Signature Algorithm: sha256WithRSAEncryption
2b:eb:9c:dd:03:76:d2:1b:8f:7f:71:df:bf:cc:c8:86:aa:e8:
ad:82:03:b0:61:fd:c5:b1:5a:b4:4b:87:3e:d3:4d:9d:dd:98:
c6:da:a8:76:76:c6:2d:a5:1e:93:3e:3d:2f:23:a4:c0:58:b5:
47:c4:24:4c:66:fa:a9:93:4c:11:3c:e7:4d:16:ec:f7:36:65:
5c:47:02:ee:d2:f9:1e:b2:99:fb:50:c1:ff:c2:7b:8b:db:32:
7a:20:a1:e3:af:6c:f4:e6:f7:24:09:07:8a:6d:db:66:bb:26:
33:3a:ae:f1:eb:0d:09:3e:19:09:9e:e2:1c:43:69:54:32:83:
f7:a9:59:df:9d:4a:25:b5:97:47:ef:cb:e1:92:db:dd:14:ad:
ed:05:5d:ad:8e:f0:4f:1b:1c:9c:b8:13:37:ca:e6:ec:02:6e:
79:1b:71:3b:f0:49:2e:0a:f5:da:03:8b:23:56:5c:2b:1c:99:
2e:04:8d:6e:70:e9:c5:f8:07:a5:fb:75:ef:d7:2f:bd:13:fe:
bf:ac:19:ff:49:25:28:cf:18:81:0d:9c:01:ca:42:6b:30:9c:
fe:c0:1d:26:81:cd:9a:c5:44:20:96:61:43:07:cd:5b:70:51:
d9:af:de:1a:64:e5:fd:f2:06:eb:f5:5b:c4:11:58:a7:f6:6b:
51:61:cd:a1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxHoCrJY+WqaJd8fx8uU25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYjM2NWFjZjZmOTE4NDk5NzA3ZGRhMTNmMDMzZTJjZDYx
MTAzMDgwHhcNMjMwMTAyMDYxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjFmMjFjMGM1NDZmN2MzZTQzZjA5Mjk2ZDE3MzY3YTExMDU3MTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YGgzzbKFetCvLuR2Q4NZW12ZHQN
FRHB4LGXhF2biXtmVApD/TPtaBJoCxfXXMclF+0Z/7eleXn6b3BQo8ym/FY3j94z
mOa3Iy7vEb7YNoHrnpjN0azwGWwEcSD2pKkL5wnRCuUfgDMKl7/V/55ZosFBwjOd
4kigR8lobCPVj5l0lX3PCpeKc5/ApPs9ILGZdIHH1AN7rxD7twaj9oM+R4HCu8SK
jC2IsYeHisHKhFihvkq+5HQAVSvOhrDQJ5fVqHFJZsKxpnuv1CiIlKWL9ytuGWaN
edUXKCb9lLRC8YG+geF6jeOj9z7ah8b2vRdycxWPMkKtlkUNwydI43j5rwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHsfIcDFRvfD5D8JKW0XNnoRBXEcMB8GA1UdIwQY
MBaAFK2zZaz2+RhJlwfdoT8DPizWEQMIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmJObHJQYjVHRW1YQjkyaFB3TS1MTllSQXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hNjgzODctODYxYS00YjkzLWEzZmMt
YWRhZGQ2Mjk1ODIyLzEvZXg4aHdNVkc5OFBrUHdrcGJSYzJlaEVGY1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hNjgzODctODYxYS00YjkzLWEzZmMtYWRhZGQ2Mjk1ODIy
LzEvcmJObHJQYjVHRW1YQjkyaFB3TS1MTllSQXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGW4oAAwQC
uVpsMA0EAgACMAcDBQMqBdzAMA0GCSqGSIb3DQEBCwUAA4IBAQAr65zdA3bSG49/
cd+/zMiGquitggOwYf3FsVq0S4c+002d3ZjG2qh2dsYtpR6TPj0vI6TAWLVHxCRM
Zvqpk0wRPOdNFuz3NmVcRwLu0vkespn7UMH/wnuL2zJ6IKHjr2z05vckCQeKbdtm
uyYzOq7x6w0JPhkJnuIcQ2lUMoP3qVnfnUoltZdH78vhktvdFK3tBV2tjvBPGxyc
uBM3yubsAm55G3E78EkuCvXaA4sjVlwrHJkuBI1ucOnF+Ael+3Xv1y+9E/6/rBn/
SSUozxiBDZwBykJrMJz+wB0mgc2axUQglmFDB81bcFHZr94aZOX98gbr9VvEEVin
9mtRYc2h
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:07 2024 by rpki-client on console-ams.rpki-client.org