Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/lOcMKmWAc6-ixmfrTuypj2yz34g.roa
File: lOcMKmWAc6-ixmfrTuypj2yz34g.roa (raw, json)
Hash identifier: duxLNaGTQCnsoQA9Zxc8J3/y7lY4SzLnapj1dT/3TXg=
Subject key identifier: 94:E7:0C:2A:65:80:73:AF:A2:C6:67:EB:4E:EC:A9:8F:6C:B3:DF:88
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 018AACF98D2DF1A382B9D8E4DCD384F9502A
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/lOcMKmWAc6-ixmfrTuypj2yz34g.roa
Signing time: Tue 19 Sep 2023 10:25:50 +0000
ROA not before: Tue 19 Sep 2023 10:25:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 188.191.96.0/24 maxlen: 24
188.191.100.0/24 maxlen: 24
188.191.107.0/24 maxlen: 24
91.225.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Oct 2023 19:58:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:f9:8d:2d:f1:a3:82:b9:d8:e4:dc:d3:84:f9:50:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Sep 19 10:25:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94e70c2a658073afa2c667eb4eeca98f6cb3df88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2a:43:26:9a:db:6d:b1:09:58:22:a5:7c:53:
12:da:3c:b7:7e:72:05:98:75:e6:14:af:eb:75:bf:
1d:98:60:48:6d:01:9d:2f:20:0e:19:6d:71:c4:60:
e5:2a:5c:62:c2:94:9a:89:ec:9d:e3:45:6a:3c:7a:
3e:36:74:37:54:95:2b:c2:08:39:cc:5b:26:6a:5d:
71:8a:d8:c0:ee:62:bb:49:0d:72:28:b0:03:69:56:
cd:0d:aa:59:64:b5:dd:f5:62:0f:19:a5:67:28:cb:
09:9c:85:08:d3:5f:08:a1:e9:29:81:10:ee:67:23:
34:f5:b4:c0:16:96:70:d0:d2:a9:5b:cb:2e:a6:5e:
05:84:a9:0a:f8:48:d6:91:8a:c9:79:0d:77:4a:b7:
fd:a4:ae:6f:44:d2:79:52:ec:d5:07:73:f0:d4:d1:
b8:97:36:4c:21:4c:d4:b0:50:1e:d1:03:4d:ff:9a:
34:41:3f:a7:a3:c9:36:58:77:21:6d:87:3c:bc:cb:
13:d5:2b:58:9b:a5:7c:8a:4a:be:7d:e5:64:6f:98:
70:a7:eb:49:c3:12:aa:d8:17:2e:f6:79:70:e9:d7:
59:05:7a:61:71:09:66:e2:ab:6e:80:40:91:c1:ec:
5d:bc:6b:f9:d0:8e:2e:fc:2e:bc:be:2c:33:23:f3:
4f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E7:0C:2A:65:80:73:AF:A2:C6:67:EB:4E:EC:A9:8F:6C:B3:DF:88
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/lOcMKmWAc6-ixmfrTuypj2yz34g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.225.0/24
188.191.96.0/24
188.191.100.0/24
188.191.107.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:44:06:2e:49:53:2c:d5:aa:ec:e4:f2:29:65:ee:71:eb:74:
2b:d8:7b:c6:1b:26:4f:c4:4b:67:96:49:25:d4:73:70:c9:93:
1f:a3:f4:13:14:87:01:d3:4b:b9:cd:fd:22:7f:39:bc:f5:ca:
6e:58:09:d5:f5:92:cf:28:52:92:03:dd:2b:de:63:f7:80:f0:
f3:1d:be:7a:bd:44:b7:f4:33:18:42:8f:25:72:94:cf:49:93:
81:69:d1:5a:bd:69:f9:09:98:57:36:94:32:0f:bc:08:66:7d:
69:60:3e:81:8e:48:21:c0:21:12:08:7f:61:dd:65:d5:67:3d:
6b:52:b6:24:b1:12:97:5b:1e:53:45:37:8b:34:a4:6d:81:80:
9e:5c:72:2a:0b:b9:a5:59:db:02:70:98:2a:c8:64:97:a7:63:
4b:c0:57:b0:ea:2e:cb:37:06:d3:e2:50:3c:3f:f6:13:9a:02:
6a:3e:13:e1:83:c2:6a:46:bc:10:67:75:bb:5d:e2:6c:e7:ba:
d4:9b:83:97:4b:3f:9e:b9:db:97:63:19:be:5b:3d:f8:e6:d2:
89:b5:e7:ad:fe:3a:49:69:94:dc:8f:7c:da:5b:17:ca:f9:a7:
a3:30:5d:c7:3c:14:30:ae:58:25:d0:ce:76:4b:60:27:bc:06:
90:c5:fb:d5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYqs+Y0t8aOCudjk3NOE+VAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwOTE5MTAyNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGU3MGMyYTY1ODA3M2FmYTJjNjY3ZWI0ZWVjYTk4ZjZjYjNkZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSpDJprbbbEJWCKlfFMS2jy3fnIF
mHXmFK/rdb8dmGBIbQGdLyAOGW1xxGDlKlxiwpSaieyd40VqPHo+NnQ3VJUrwgg5
zFsmal1xitjA7mK7SQ1yKLADaVbNDapZZLXd9WIPGaVnKMsJnIUI018IoekpgRDu
ZyM09bTAFpZw0NKpW8supl4FhKkK+EjWkYrJeQ13Srf9pK5vRNJ5UuzVB3Pw1NG4
lzZMIUzUsFAe0QNN/5o0QT+no8k2WHchbYc8vMsT1StYm6V8ikq+feVkb5hwp+tJ
wxKq2Bcu9nlw6ddZBXphcQlm4qtugECRwexdvGv50I4u/C68viwzI/NPRQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJTnDCplgHOvosZn607sqY9ss9+IMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvbE9jTUttV0FjNi1peG1mclR1eXBqMnl6MzRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+HhAwQA
vL9gAwQAvL9kAwQAvL9rMA0GCSqGSIb3DQEBCwUAA4IBAQB+RAYuSVMs1ars5PIp
Ze5x63Qr2HvGGyZPxEtnlkkl1HNwyZMfo/QTFIcB00u5zf0ifzm89cpuWAnV9ZLP
KFKSA90r3mP3gPDzHb56vUS39DMYQo8lcpTPSZOBadFavWn5CZhXNpQyD7wIZn1p
YD6BjkghwCESCH9h3WXVZz1rUrYksRKXWx5TRTeLNKRtgYCeXHIqC7mlWdsCcJgq
yGSXp2NLwFew6i7LNwbT4lA8P/YTmgJqPhPhg8JqRrwQZ3W7XeJs57rUm4OXSz+e
uduXYxm+Wz345tKJteet/jpJaZTcj3zaWxfK+aejMF3HPBQwrlgl0M52S2AnvAaQ
xfvV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org