Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/EIFH9kWlZ1tPVqdTjw0qEbhhILI.roa
File: EIFH9kWlZ1tPVqdTjw0qEbhhILI.roa (raw, json)
Hash identifier: xjcZD5S3VwRK7P9xLndDu74nD03nfTgb08Jf15NTS5U=
Subject key identifier: 10:81:47:F6:45:A5:67:5B:4F:56:A7:53:8F:0D:2A:11:B8:61:20:B2
Certificate issuer: /CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765
Certificate serial: 0185A4FEDDF3B4C99D2F3D76B111A318F58F
Authority key identifier: B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/EIFH9kWlZ1tPVqdTjw0qEbhhILI.roa
Signing time: Thu 12 Jan 2023 08:00:44 +0000
ROA not before: Thu 12 Jan 2023 08:00:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 91.214.171.0/24 maxlen: 24
91.214.170.0/24 maxlen: 24
91.214.169.0/24 maxlen: 24
91.214.168.0/22 maxlen: 22
91.214.168.0/24 maxlen: 24
91.213.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a4:fe:dd:f3:b4:c9:9d:2f:3d:76:b1:11:a3:18:f5:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765
Validity
Not Before: Jan 12 08:00:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=108147f645a5675b4f56a7538f0d2a11b86120b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:40:fb:8f:54:9c:30:65:f0:f0:dd:bf:64:57:
4f:8d:c3:a5:ba:d0:6c:d3:2e:38:ec:3f:25:67:9a:
e8:3e:2f:7e:db:85:63:fe:33:2d:04:fd:ec:7b:1b:
5e:cb:bf:b3:49:43:49:62:80:88:52:5e:4e:68:4c:
2f:f3:dc:ae:33:3b:dd:00:74:6b:dc:84:ee:47:55:
e5:ae:99:1d:80:70:a0:d8:79:31:76:c9:e6:0f:05:
f4:c8:8c:79:66:46:18:db:07:83:bb:25:81:76:cf:
b1:10:eb:2c:bf:41:ad:b6:b1:b0:fb:da:17:aa:f4:
b7:83:4e:c4:e4:e4:17:d0:a1:f3:f9:73:92:18:f0:
09:ce:fd:5c:c0:81:16:58:97:7f:70:af:8d:01:a3:
ab:94:df:80:a2:be:11:75:b1:3c:4c:6d:16:15:e6:
8f:f4:86:a9:e4:08:2b:8e:de:95:80:2c:64:3d:b7:
07:9f:6e:9f:86:46:37:21:4f:bc:e2:ac:c2:76:de:
04:dc:68:61:c5:f1:b1:a9:b2:00:c2:31:02:81:22:
4a:d6:3e:2a:e8:cd:67:12:4e:77:af:0a:c6:96:bc:
15:55:fa:29:94:5b:5d:29:fe:d6:52:cb:45:fe:ee:
ed:65:c8:1b:e9:ad:fc:9c:78:12:f4:d3:a3:e4:f5:
80:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:81:47:F6:45:A5:67:5B:4F:56:A7:53:8F:0D:2A:11:B8:61:20:B2
X509v3 Authority Key Identifier:
keyid:B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/EIFH9kWlZ1tPVqdTjw0qEbhhILI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.4.0/24
91.214.168.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:4a:d9:61:a7:3b:a7:4a:f2:33:f9:c6:ac:e5:d8:d1:ef:a1:
66:6e:1f:f5:88:b8:9d:be:66:70:41:85:87:7e:5c:d2:79:ac:
18:ae:a9:13:d9:df:ac:6a:9f:3f:9a:f6:80:0c:f8:a4:67:b7:
11:8f:32:70:c0:44:60:84:02:37:06:c6:da:6d:41:96:e7:93:
17:7a:3e:3b:ad:f3:97:5e:b7:8c:3d:e6:8f:b8:5a:36:09:2e:
cc:7f:76:c1:8d:6c:04:63:d2:6e:95:ff:c2:a9:45:e7:b7:f5:
c4:b7:da:80:d8:fb:dd:ef:67:35:d1:df:fb:ed:b7:bd:d1:b6:
37:ed:9d:38:57:76:68:1c:ed:98:22:16:36:d9:30:0a:a6:7b:
43:31:aa:f3:20:f8:fa:f5:4f:b1:37:b4:36:fa:d8:65:19:58:
a8:d8:69:ef:c5:84:7a:2b:97:fe:f4:c1:e9:e3:5b:a8:81:8a:
03:c0:13:03:05:7f:30:fb:ef:88:75:b2:27:19:bb:a1:0a:fd:
04:ee:c8:79:d5:21:79:d2:cd:91:31:9e:f3:6d:0d:e6:f0:8b:
3a:19:fc:47:69:62:37:89:ba:62:eb:83:a6:56:00:f4:50:40:
e9:4a:49:de:b6:aa:1a:2b:a2:b7:d5:58:29:ca:87:be:5c:23:
c7:d6:60:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWk/t3ztMmdLz12sRGjGPWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZWYxOWJjYjIzYTJmMDRjNTg2YWMxMzExYTkxYmM3Y2Ey
YTk3NjUwHhcNMjMwMTEyMDgwMDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDgxNDdmNjQ1YTU2NzViNGY1NmE3NTM4ZjBkMmExMWI4NjEyMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkD7j1ScMGXw8N2/ZFdPjcOlutBs
0y447D8lZ5roPi9+24Vj/jMtBP3sextey7+zSUNJYoCIUl5OaEwv89yuMzvdAHRr
3ITuR1XlrpkdgHCg2HkxdsnmDwX0yIx5ZkYY2weDuyWBds+xEOssv0GttrGw+9oX
qvS3g07E5OQX0KHz+XOSGPAJzv1cwIEWWJd/cK+NAaOrlN+Aor4RdbE8TG0WFeaP
9Iap5Agrjt6VgCxkPbcHn26fhkY3IU+84qzCdt4E3GhhxfGxqbIAwjECgSJK1j4q
6M1nEk53rwrGlrwVVfoplFtdKf7WUstF/u7tZcgb6a38nHgS9NOj5PWAjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBCBR/ZFpWdbT1anU48NKhG4YSCyMB8GA1UdIwQY
MBaAFLDvGbyyOi8ExYasExGpG8fKKpdlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1Njkt
ZDAwMDNhNmI1MjI0LzEvRUlGSDlrV2xaMXRQVnFkVGp3MHFFYmhoSUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1NjktZDAwMDNhNmI1MjI0
LzEvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9UEAwQC
W9aoMA0GCSqGSIb3DQEBCwUAA4IBAQAfStlhpzunSvIz+cas5djR76Fmbh/1iLid
vmZwQYWHflzSeawYrqkT2d+sap8/mvaADPikZ7cRjzJwwERghAI3BsbabUGW55MX
ej47rfOXXreMPeaPuFo2CS7Mf3bBjWwEY9Julf/CqUXnt/XEt9qA2Pvd72c10d/7
7be90bY37Z04V3ZoHO2YIhY22TAKpntDMarzIPj69U+xN7Q2+thlGVio2GnvxYR6
K5f+9MHp41uogYoDwBMDBX8w+++IdbInGbuhCv0E7sh51SF50s2RMZ7zbQ3m8Is6
GfxHaWI3ibpi64OmVgD0UEDpSknetqoaK6K31Vgpyoe+XCPH1mBg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:39 2024 by rpki-client on console-ams.rpki-client.org