Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/JtVPH0DWhjo53eNkwCwEJktEBho.roa
File: JtVPH0DWhjo53eNkwCwEJktEBho.roa (raw, json)
Hash identifier: TmTLAHUQiYUax7AgfJBpG5RlBIWtuI1aaxVtcFp208s=
Subject key identifier: 26:D5:4F:1F:40:D6:86:3A:39:DD:E3:64:C0:2C:04:26:4B:44:06:1A
Certificate issuer: /CN=3ee5a1dd0cee874c06e1ea1f72827d97cbc67187
Certificate serial: 018573FDF2D8732746A5D4D322F8C9BF7679
Authority key identifier: 3E:E5:A1:DD:0C:EE:87:4C:06:E1:EA:1F:72:82:7D:97:CB:C6:71:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/JtVPH0DWhjo53eNkwCwEJktEBho.roa
Signing time: Mon 02 Jan 2023 19:38:20 +0000
ROA not before: Mon 02 Jan 2023 19:38:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198611
IP address blocks: 91.237.70.0/24 maxlen: 24
91.231.205.0/24 maxlen: 24
91.237.68.0/24 maxlen: 24
91.237.71.0/24 maxlen: 24
91.237.69.0/24 maxlen: 24
2001:67c:16f8::/48 maxlen: 48
2001:67c:2ad8::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:fd:f2:d8:73:27:46:a5:d4:d3:22:f8:c9:bf:76:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee5a1dd0cee874c06e1ea1f72827d97cbc67187
Validity
Not Before: Jan 2 19:38:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26d54f1f40d6863a39dde364c02c04264b44061a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:54:d3:a6:99:92:83:01:5e:7f:bd:64:2f:fa:
dd:72:74:f5:46:02:33:06:81:67:a8:fe:0c:22:2b:
c5:7d:15:d7:94:60:40:7a:5a:45:0f:0f:57:a6:97:
0f:c1:b0:93:89:ea:0b:57:c6:88:98:f3:0d:47:a3:
ed:4c:2f:fc:c3:62:c5:2c:f3:88:7b:ba:6a:ea:0d:
4b:07:7b:7d:ab:55:a3:ac:08:ac:c0:2f:8b:7d:c2:
65:d9:46:02:e9:71:f2:8e:72:21:1c:c8:96:95:fe:
21:2f:aa:75:18:76:fa:fc:e3:a3:b1:42:20:9b:55:
7f:65:b8:36:db:a8:02:b4:30:8e:6c:73:1d:68:0a:
b1:2e:ea:5a:a0:ca:10:c9:47:7e:09:9e:bb:c5:6a:
fb:bc:f2:6e:8a:5c:d2:ac:2e:15:c0:0e:1b:b8:99:
91:2f:38:36:e2:80:9d:09:3c:f3:8d:13:d0:a9:a4:
9f:fd:5e:21:de:b1:82:ed:07:07:1d:5d:12:ac:3c:
b6:3e:d9:77:30:04:d4:7b:eb:f3:68:29:f0:ce:5f:
3a:c9:ec:b6:e7:10:35:21:d8:af:c5:9e:24:f5:5b:
91:04:06:26:c8:6e:e4:d1:a1:14:6f:53:d5:d1:58:
e1:0f:48:27:d1:a6:90:54:eb:35:87:60:5a:42:41:
91:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:D5:4F:1F:40:D6:86:3A:39:DD:E3:64:C0:2C:04:26:4B:44:06:1A
X509v3 Authority Key Identifier:
keyid:3E:E5:A1:DD:0C:EE:87:4C:06:E1:EA:1F:72:82:7D:97:CB:C6:71:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/JtVPH0DWhjo53eNkwCwEJktEBho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.205.0/24
91.237.68.0/22
IPv6:
2001:67c:16f8::/48
2001:67c:2ad8::/48
Signature Algorithm: sha256WithRSAEncryption
8e:1c:c3:cd:a5:da:09:03:e4:ad:7f:e0:9e:21:24:87:d9:0a:
44:8d:86:4a:eb:82:f9:c5:b1:07:32:fe:63:f7:67:ff:84:30:
99:50:78:ab:6c:74:2b:6f:05:46:ad:c4:32:d9:d0:20:7c:4a:
a0:cf:01:49:d2:4c:1d:e8:b8:22:b5:9a:98:3d:e3:ee:16:b1:
c8:85:9d:cb:d0:0c:93:d1:c1:4c:59:3c:44:21:1a:df:b4:f6:
ab:23:54:0f:27:b7:a2:f8:23:56:78:c4:04:50:89:51:1d:c2:
0a:c7:a7:35:a4:12:63:65:85:eb:83:fc:5a:c6:95:80:6f:af:
93:87:35:dc:fc:a8:10:91:e8:0d:42:c3:a3:b6:0a:a7:e3:9c:
35:ac:ef:34:88:1b:e5:d2:8f:3f:fc:6d:01:ad:a7:cd:c0:5c:
87:23:fd:1b:1b:5f:b8:7a:ab:8d:a4:f8:4b:ce:55:a9:06:99:
d6:e7:bb:09:e8:de:7d:48:35:01:12:37:7d:8d:9d:06:58:82:
11:00:e1:b9:51:ae:0a:a4:de:e6:06:6d:c6:9d:e2:14:db:6a:
07:54:48:fe:ee:0b:87:3a:30:64:ed:05:9e:e2:dc:24:75:59:
84:b9:84:32:37:d0:19:6d:d5:30:d2:8b:6b:72:ed:ab:72:95:
87:6b:f2:84
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVz/fLYcydGpdTTIvjJv3Z5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTVhMWRkMGNlZTg3NGMwNmUxZWExZjcyODI3ZDk3Y2Jj
NjcxODcwHhcNMjMwMTAyMTkzODIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmQ1NGYxZjQwZDY4NjNhMzlkZGUzNjRjMDJjMDQyNjRiNDQwNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVTTppmSgwFef71kL/rdcnT1RgIz
BoFnqP4MIivFfRXXlGBAelpFDw9XppcPwbCTieoLV8aImPMNR6PtTC/8w2LFLPOI
e7pq6g1LB3t9q1WjrAiswC+LfcJl2UYC6XHyjnIhHMiWlf4hL6p1GHb6/OOjsUIg
m1V/Zbg226gCtDCObHMdaAqxLupaoMoQyUd+CZ67xWr7vPJuilzSrC4VwA4buJmR
Lzg24oCdCTzzjRPQqaSf/V4h3rGC7QcHHV0SrDy2Ptl3MATUe+vzaCnwzl86yey2
5xA1IdivxZ4k9VuRBAYmyG7k0aEUb1PV0VjhD0gn0aaQVOs1h2BaQkGRFQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCbVTx9A1oY6Od3jZMAsBCZLRAYaMB8GA1UdIwQY
MBaAFD7lod0M7odMBuHqH3KCfZfLxnGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVXaDNRenVoMHdHNGVvZmNvSjlsOHZHY1ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny85NWZmZDktMTlkMy00NTE3LThjNDct
YzYxNjYxZDFiNzFiLzEvSnRWUEgwRFdoam81M2VOa3dDd0VKa3RFQmhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny85NWZmZDktMTlkMy00NTE3LThjNDctYzYxNjYxZDFiNzFi
LzEvUHVXaDNRenVoMHdHNGVvZmNvSjlsOHZHY1ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAW+fNAwQC
W+1EMBgEAgACMBIDBwAgAQZ8FvgDBwAgAQZ8KtgwDQYJKoZIhvcNAQELBQADggEB
AI4cw82l2gkD5K1/4J4hJIfZCkSNhkrrgvnFsQcy/mP3Z/+EMJlQeKtsdCtvBUat
xDLZ0CB8SqDPAUnSTB3ouCK1mpg94+4WsciFncvQDJPRwUxZPEQhGt+09qsjVA8n
t6L4I1Z4xARQiVEdwgrHpzWkEmNlheuD/FrGlYBvr5OHNdz8qBCR6A1Cw6O2Cqfj
nDWs7zSIG+XSjz/8bQGtp83AXIcj/RsbX7h6q42k+EvOVakGmdbnuwno3n1INQES
N32NnQZYghEA4blRrgqk3uYGbcad4hTbagdUSP7uC4c6MGTtBZ7i3CR1WYS5hDI3
0Blt1TDSi2ty7atylYdr8oQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:43 2024 by rpki-client on console-ams.rpki-client.org