Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/b5f6af-3c83-4cb5-b5eb-ba14843c549c/1/3n8j6XmXZm3jkSMtuPZEcNmsaPI.roa
File: 3n8j6XmXZm3jkSMtuPZEcNmsaPI.roa (raw, json)
Hash identifier: GWZqkt3HExddhZiyXAIVPTs/thJLLs1mtTAnypn/7T0=
Subject key identifier: DE:7F:23:E9:79:97:66:6D:E3:91:23:2D:B8:F6:44:70:D9:AC:68:F2
Certificate issuer: /CN=502c37e7ecb59b667fa82ecf093e5ed87661a8e2
Certificate serial: 018E3DA3222D68E80CA7B50143923F1919B4
Authority key identifier: 50:2C:37:E7:EC:B5:9B:66:7F:A8:2E:CF:09:3E:5E:D8:76:61:A8:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UCw35-y1m2Z_qC7PCT5e2HZhqOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/b5f6af-3c83-4cb5-b5eb-ba14843c549c/1/3n8j6XmXZm3jkSMtuPZEcNmsaPI.roa
Signing time: Thu 14 Mar 2024 15:44:45 +0000
ROA not before: Thu 14 Mar 2024 15:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12480
IP address blocks: 91.220.159.0/24 maxlen: 24
91.221.120.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 14:06:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3d:a3:22:2d:68:e8:0c:a7:b5:01:43:92:3f:19:19:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=502c37e7ecb59b667fa82ecf093e5ed87661a8e2
Validity
Not Before: Mar 14 15:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de7f23e97997666de391232db8f64470d9ac68f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4a:d8:ab:af:6c:ad:4a:80:94:0c:4f:16:f0:
f9:c3:72:57:5c:4c:ce:cd:80:7e:8c:26:10:73:26:
83:e2:8b:bc:0b:ef:aa:6b:88:c8:c2:14:d6:76:ea:
f5:cd:6a:0f:25:5f:1e:d9:8f:df:84:7a:5f:19:80:
fa:1e:42:9c:47:24:c4:e4:a8:70:d0:60:c9:75:4f:
56:92:17:dc:1e:49:2f:de:b6:c5:e0:ef:73:b0:27:
45:4a:26:86:73:17:3f:6b:b3:83:4e:45:77:a6:2f:
2b:72:a7:44:87:ea:47:21:d8:37:e2:ed:37:25:7f:
76:13:d7:25:e6:97:ba:25:bb:3a:e3:25:3f:36:f8:
e0:42:a9:15:52:b9:3c:1e:cf:17:a9:84:32:d3:d6:
81:53:1f:78:b6:51:fe:53:72:98:ed:2a:2a:20:0a:
ec:d8:bd:0f:97:c9:d8:99:03:7d:2b:74:15:09:a7:
69:e3:09:19:32:3f:32:ec:71:eb:e8:36:f6:ec:42:
00:ea:0b:fe:b4:5f:43:7c:23:bf:ef:de:f6:5d:ff:
65:dd:84:76:84:7c:bf:1b:0b:71:e5:aa:f9:9a:13:
88:63:00:b3:62:5a:05:24:85:1f:05:d9:3e:5a:22:
00:e8:73:7b:8f:26:e5:34:e3:81:3e:7a:0b:ec:d1:
1f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:7F:23:E9:79:97:66:6D:E3:91:23:2D:B8:F6:44:70:D9:AC:68:F2
X509v3 Authority Key Identifier:
keyid:50:2C:37:E7:EC:B5:9B:66:7F:A8:2E:CF:09:3E:5E:D8:76:61:A8:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UCw35-y1m2Z_qC7PCT5e2HZhqOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/b5f6af-3c83-4cb5-b5eb-ba14843c549c/1/3n8j6XmXZm3jkSMtuPZEcNmsaPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/b5f6af-3c83-4cb5-b5eb-ba14843c549c/1/UCw35-y1m2Z_qC7PCT5e2HZhqOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.159.0/24
91.221.120.0/23
Signature Algorithm: sha256WithRSAEncryption
72:3d:fe:11:50:97:d9:b8:66:8d:5d:41:71:ab:6b:28:22:d5:
77:9d:b4:5f:7b:33:ef:aa:18:17:97:06:d8:3d:ac:6a:f7:41:
f8:13:a8:0e:66:8b:81:59:cc:9a:3c:75:7c:a0:19:79:87:e2:
64:c8:c3:04:5c:d6:4a:82:00:4d:fb:3f:f2:53:6d:34:33:16:
9a:40:fa:82:20:ee:5e:90:b8:41:4f:92:5c:ee:85:80:e7:f7:
62:fb:1d:55:88:b2:a1:d5:03:6d:de:72:39:82:b5:4a:6a:68:
99:9d:70:87:1b:04:d0:2f:2d:a4:15:ee:19:4a:db:bd:6e:18:
cb:7c:15:f3:66:73:18:73:41:e6:bb:19:08:69:77:2f:8b:10:
e8:30:ce:ea:ef:43:cb:ca:87:1c:f4:9c:94:55:37:2f:ec:d5:
51:cf:52:ed:46:65:cf:af:4d:b6:1e:a4:94:2d:49:2a:84:69:
1a:0f:55:e1:90:8f:1c:5a:00:86:22:50:d8:25:76:08:57:84:
bc:8e:83:b0:af:3f:2d:d8:28:ab:f3:86:6d:29:79:ae:52:10:
fa:6f:74:ed:e2:b5:8d:7e:8c:b0:71:9c:6a:ba:fa:b0:88:cb:
61:fe:b7:2a:89:6f:4e:54:86:f9:b1:e7:ee:4f:48:a8:36:d0:
73:ae:cd:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY49oyItaOgMp7UBQ5I/GRm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMmMzN2U3ZWNiNTliNjY3ZmE4MmVjZjA5M2U1ZWQ4NzY2
MWE4ZTIwHhcNMjQwMzE0MTU0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTdmMjNlOTc5OTc2NjZkZTM5MTIzMmRiOGY2NDQ3MGQ5YWM2OGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUrYq69srUqAlAxPFvD5w3JXXEzO
zYB+jCYQcyaD4ou8C++qa4jIwhTWdur1zWoPJV8e2Y/fhHpfGYD6HkKcRyTE5Khw
0GDJdU9WkhfcHkkv3rbF4O9zsCdFSiaGcxc/a7ODTkV3pi8rcqdEh+pHIdg34u03
JX92E9cl5pe6Jbs64yU/NvjgQqkVUrk8Hs8XqYQy09aBUx94tlH+U3KY7SoqIArs
2L0Pl8nYmQN9K3QVCadp4wkZMj8y7HHr6Db27EIA6gv+tF9DfCO/7972Xf9l3YR2
hHy/Gwtx5ar5mhOIYwCzYloFJIUfBdk+WiIA6HN7jyblNOOBPnoL7NEfRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN5/I+l5l2Zt45EjLbj2RHDZrGjyMB8GA1UdIwQY
MBaAFFAsN+fstZtmf6guzwk+Xth2YajiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUN3MzUteTFtMlpfcUM3UENUNWUySFpocU9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9iNWY2YWYtM2M4My00Y2I1LWI1ZWIt
YmExNDg0M2M1NDljLzEvM244ajZYbVhabTNqa1NNdHVQWkVjTm1zYVBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9iNWY2YWYtM2M4My00Y2I1LWI1ZWItYmExNDg0M2M1NDlj
LzEvVUN3MzUteTFtMlpfcUM3UENUNWUySFpocU9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9yfAwQB
W914MA0GCSqGSIb3DQEBCwUAA4IBAQByPf4RUJfZuGaNXUFxq2soItV3nbRfezPv
qhgXlwbYPaxq90H4E6gOZouBWcyaPHV8oBl5h+JkyMMEXNZKggBN+z/yU200Mxaa
QPqCIO5ekLhBT5Jc7oWA5/di+x1ViLKh1QNt3nI5grVKamiZnXCHGwTQLy2kFe4Z
Stu9bhjLfBXzZnMYc0HmuxkIaXcvixDoMM7q70PLyocc9JyUVTcv7NVRz1LtRmXP
r022HqSULUkqhGkaD1XhkI8cWgCGIlDYJXYIV4S8joOwrz8t2Cir84ZtKXmuUhD6
b3Tt4rWNfoywcZxquvqwiMth/rcqiW9OVIb5sefuT0ioNtBzrs2b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:05 2024 by rpki-client on console-fra.rpki-client.org