Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/4h4MGgF4s-ox5i1f7A80KZyNo4M.roa
File: 4h4MGgF4s-ox5i1f7A80KZyNo4M.roa (raw, json)
Hash identifier: ZSoTQa1cRUxH2danLquR8SIq+Nk2hpWqq4uVgFZBmTo=
Subject key identifier: E2:1E:0C:1A:01:78:B3:EA:31:E6:2D:5F:EC:0F:34:29:9C:8D:A3:83
Certificate issuer: /CN=cec3b347a216bc437b0bd4cf0bc8cda65e8c2d3b
Certificate serial: 018824B53D4AFF883AE9C4E5D45AF6633AE7
Authority key identifier: CE:C3:B3:47:A2:16:BC:43:7B:0B:D4:CF:0B:C8:CD:A6:5E:8C:2D:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsOzR6IWvEN7C9TPC8jNpl6MLTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/4h4MGgF4s-ox5i1f7A80KZyNo4M.roa
Signing time: Tue 16 May 2023 13:17:17 +0000
ROA not before: Tue 16 May 2023 13:17:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 91.102.185.0/24 maxlen: 24
91.102.184.0/24 maxlen: 24
91.102.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:b5:3d:4a:ff:88:3a:e9:c4:e5:d4:5a:f6:63:3a:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec3b347a216bc437b0bd4cf0bc8cda65e8c2d3b
Validity
Not Before: May 16 13:17:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e21e0c1a0178b3ea31e62d5fec0f34299c8da383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ec:1a:40:23:5b:ec:7d:61:ff:25:fe:26:ab:
d2:da:24:00:ce:8b:5b:f0:33:cc:54:1e:41:82:b0:
0d:c1:74:f1:7b:f1:54:11:2c:b5:0e:8b:3e:8b:b4:
2d:c9:24:f1:0f:ec:2b:11:bc:26:95:63:23:17:31:
6b:b9:35:44:6d:06:6a:5b:12:90:8f:37:e4:5b:1b:
5a:a8:b0:e1:fa:95:2d:20:11:40:ed:8f:f1:98:b3:
ab:92:07:5a:ce:dd:b5:37:fd:3d:e1:91:99:d8:dd:
3e:db:d4:4e:e2:ae:db:74:59:d0:6c:1f:37:c7:99:
50:31:91:28:63:d0:ff:4d:fa:b5:7b:e3:08:a0:f9:
7b:12:72:dd:8a:ab:71:47:4b:82:28:43:a0:55:44:
bc:ac:8e:7d:ab:5b:36:9e:7e:5c:9a:48:98:18:ac:
d2:7a:81:1a:d3:d4:03:2e:7f:c4:cb:6c:bf:a1:f5:
41:f3:06:9d:44:02:e9:3b:cc:ca:1d:57:71:3d:15:
a1:e3:3e:f3:9b:b2:39:2d:bb:68:5e:55:82:a7:43:
82:4f:c6:17:23:fa:f7:6c:2f:d8:1e:10:95:9b:dc:
57:b4:6b:c7:1f:61:9c:33:c9:27:fd:eb:7f:dc:d7:
36:0b:4a:2c:09:0b:d1:60:88:f5:cf:19:7f:7c:41:
c1:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:1E:0C:1A:01:78:B3:EA:31:E6:2D:5F:EC:0F:34:29:9C:8D:A3:83
X509v3 Authority Key Identifier:
keyid:CE:C3:B3:47:A2:16:BC:43:7B:0B:D4:CF:0B:C8:CD:A6:5E:8C:2D:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsOzR6IWvEN7C9TPC8jNpl6MLTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/4h4MGgF4s-ox5i1f7A80KZyNo4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/zsOzR6IWvEN7C9TPC8jNpl6MLTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.184.0-91.102.186.255
Signature Algorithm: sha256WithRSAEncryption
2f:25:4e:77:95:e2:7c:0d:ac:eb:de:c2:2e:87:bf:cb:f5:f9:
0d:62:85:cf:c3:29:68:d9:b4:ea:3e:21:24:b7:27:22:58:d3:
35:d9:69:32:12:d9:59:f0:33:90:b2:a7:52:0a:ae:8e:3b:0a:
3c:ad:75:60:d7:7f:aa:2d:c3:54:c4:30:21:c1:8b:24:4e:f3:
da:19:04:a3:1c:60:5f:43:f4:0b:4c:00:97:b2:a4:69:38:8c:
0c:70:b5:7c:56:c3:2a:a6:a2:6f:ee:85:e0:8d:a7:22:ca:2e:
9f:de:a4:55:34:45:c2:f1:de:29:d8:b9:70:d0:f9:50:d7:34:
f2:4b:ba:ed:cc:a5:4a:df:79:5e:a2:46:77:96:15:9b:ee:0a:
72:2e:a1:32:16:9e:91:86:a1:55:b7:91:29:06:36:6e:c1:e7:
f1:94:b4:c7:a8:93:1f:de:80:59:67:df:a7:ea:8c:c3:9a:f8:
1c:b8:b7:1b:88:a3:1f:66:04:18:df:7e:b5:85:79:bf:5f:c6:
f0:6d:82:50:d4:27:53:6f:65:29:88:98:f4:fc:a5:53:ac:46:
6a:b6:97:a3:bb:df:4a:ec:ea:08:9d:1e:34:10:37:31:10:e5:
91:13:23:ca:b4:7b:d8:22:e2:75:e7:61:62:e3:5a:c5:eb:71:
01:aa:3b:82
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYgktT1K/4g66cTl1Fr2YzrnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzNiMzQ3YTIxNmJjNDM3YjBiZDRjZjBiYzhjZGE2NWU4
YzJkM2IwHhcNMjMwNTE2MTMxNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjFlMGMxYTAxNzhiM2VhMzFlNjJkNWZlYzBmMzQyOTljOGRhMzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uwaQCNb7H1h/yX+JqvS2iQAzotb
8DPMVB5BgrANwXTxe/FUESy1Dos+i7QtySTxD+wrEbwmlWMjFzFruTVEbQZqWxKQ
jzfkWxtaqLDh+pUtIBFA7Y/xmLOrkgdazt21N/094ZGZ2N0+29RO4q7bdFnQbB83
x5lQMZEoY9D/Tfq1e+MIoPl7EnLdiqtxR0uCKEOgVUS8rI59q1s2nn5cmkiYGKzS
eoEa09QDLn/Ey2y/ofVB8wadRALpO8zKHVdxPRWh4z7zm7I5LbtoXlWCp0OCT8YX
I/r3bC/YHhCVm9xXtGvHH2GcM8kn/et/3Nc2C0osCQvRYIj1zxl/fEHBfQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOIeDBoBeLPqMeYtX+wPNCmcjaODMB8GA1UdIwQY
MBaAFM7Ds0eiFrxDewvUzwvIzaZejC07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNPelI2SVd2RU43QzlUUEM4ak5wbDZNTFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny83YTY4M2ItZmE3OC00MTEyLWI2YjYt
MTU1ZmIzZmUyODdlLzEvNGg0TUdnRjRzLW94NWkxZjdBODBLWnlObzRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny83YTY4M2ItZmE3OC00MTEyLWI2YjYtMTU1ZmIzZmUyODdl
LzEvenNPelI2SVd2RU43QzlUUEM4ak5wbDZNTFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANbZrgD
BABbZrowDQYJKoZIhvcNAQELBQADggEBAC8lTneV4nwNrOvewi6Hv8v1+Q1ihc/D
KWjZtOo+ISS3JyJY0zXZaTIS2VnwM5Cyp1IKro47CjytdWDXf6otw1TEMCHBiyRO
89oZBKMcYF9D9AtMAJeypGk4jAxwtXxWwyqmom/uheCNpyLKLp/epFU0RcLx3inY
uXDQ+VDXNPJLuu3MpUrfeV6iRneWFZvuCnIuoTIWnpGGoVW3kSkGNm7B5/GUtMeo
kx/egFln36fqjMOa+By4txuIox9mBBjffrWFeb9fxvBtglDUJ1NvZSmImPT8pVOs
Rmq2l6O730rs6gidHjQQNzEQ5ZETI8q0e9gi4nXnYWLjWsXrcQGqO4I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:42 2024 by rpki-client on console-ams.rpki-client.org