Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/GfYWJoRtqdY194_DmdmTV6BzabA.roa
File: GfYWJoRtqdY194_DmdmTV6BzabA.roa (raw, json)
Hash identifier: 0KD5hHjnKhfqE9h02vY5EpevgPrGybqyhQGXyLQE8G8=
Subject key identifier: 19:F6:16:26:84:6D:A9:D6:35:F7:8F:C3:99:D9:93:57:A0:73:69:B0
Certificate issuer: /CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765
Certificate serial: 018CC5DC08D9530C8966D0C3B4500ED77682
Authority key identifier: B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/GfYWJoRtqdY194_DmdmTV6BzabA.roa
Signing time: Mon 01 Jan 2024 16:29:40 +0000
ROA not before: Mon 01 Jan 2024 16:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 91.214.171.0/24 maxlen: 24
91.214.170.0/24 maxlen: 24
91.214.169.0/24 maxlen: 24
91.214.168.0/22 maxlen: 22
91.214.168.0/24 maxlen: 24
91.213.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 12:12:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:08:d9:53:0c:89:66:d0:c3:b4:50:0e:d7:76:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765
Validity
Not Before: Jan 1 16:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19f61626846da9d635f78fc399d99357a07369b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a3:39:df:f7:27:0d:1a:e4:0e:ab:d2:72:05:
f9:1a:9e:c2:bd:79:b1:f1:8c:f8:bf:08:72:8d:3d:
58:c9:e4:cf:0a:3e:9e:fb:da:83:72:44:46:7d:9b:
b0:3b:0b:7c:49:2b:b1:ec:ab:14:de:88:90:60:9d:
0a:97:55:fc:60:c9:ac:a4:65:57:6a:a6:05:fb:47:
f4:7b:44:b2:38:bb:65:e5:e4:bd:64:7c:f0:52:2b:
5c:6f:7c:1c:ce:c1:ed:1a:97:10:af:8e:bb:e8:35:
06:e5:bf:25:8a:33:37:b6:6e:35:14:6e:c8:eb:5c:
43:54:05:4b:da:34:96:a3:87:78:ea:cc:cd:20:ee:
28:c9:3c:cd:cd:7d:0f:59:08:4d:16:c4:5f:dd:93:
4f:a8:e9:7f:6a:7b:06:0d:fb:6d:46:f5:a8:03:3a:
55:bb:ab:ca:78:e9:19:46:47:47:c8:c1:f2:18:a4:
5d:20:66:3d:d5:21:d4:f3:79:53:5a:62:f1:8c:8c:
8e:67:e8:eb:68:64:33:6d:21:12:32:49:84:73:1a:
b5:d4:8f:17:68:40:82:7c:8b:2c:ff:65:2e:d1:51:
f4:56:a5:e5:b5:59:6e:f6:f3:29:65:2e:c7:e9:ab:
cc:fe:9b:21:45:63:36:e8:ea:17:10:ac:9b:e6:ee:
82:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:F6:16:26:84:6D:A9:D6:35:F7:8F:C3:99:D9:93:57:A0:73:69:B0
X509v3 Authority Key Identifier:
keyid:B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/GfYWJoRtqdY194_DmdmTV6BzabA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.4.0/24
91.214.168.0/22
Signature Algorithm: sha256WithRSAEncryption
76:e7:76:d2:2a:f4:41:b0:95:8c:a0:3d:69:4c:89:99:8d:1e:
86:68:1c:79:37:c9:91:96:62:20:61:e9:90:84:4f:28:8a:5f:
2f:c3:0e:da:ba:fb:f7:91:c2:89:d3:01:8b:68:0d:2e:df:94:
40:e4:fa:fb:86:36:2e:24:86:f5:1e:86:32:55:e2:b5:c5:d8:
2b:95:83:31:a2:e8:c4:eb:b1:65:ba:74:6c:6f:cf:57:4b:aa:
e2:1d:cd:3f:a6:56:18:71:6d:39:88:18:42:28:b4:f0:b8:fb:
68:ee:f8:56:85:24:28:6a:a3:6d:2c:7b:21:23:85:fb:53:06:
30:cf:f7:53:20:d8:36:a1:4a:82:a2:6b:6a:56:26:14:cb:90:
47:03:12:e6:55:df:8f:69:db:88:46:95:d5:53:f3:c2:3d:55:
80:5b:4a:2a:26:5f:d1:e1:fa:90:3c:99:a8:2e:dd:a6:c9:50:
71:e9:16:9d:12:8a:5b:a7:b8:38:b8:70:cb:0c:38:74:23:8f:
ee:b3:f0:bd:81:1d:e3:5e:2f:da:b1:2d:9c:56:76:17:d3:7f:
10:b6:15:ad:51:37:a8:a6:c2:a9:19:09:d6:d3:b5:16:50:e1:
ef:09:2c:c0:f6:1a:97:25:da:72:71:cf:c9:5a:81:3b:b7:cb:
d8:c9:6b:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3AjZUwyJZtDDtFAO13aCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZWYxOWJjYjIzYTJmMDRjNTg2YWMxMzExYTkxYmM3Y2Ey
YTk3NjUwHhcNMjQwMTAxMTYyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWY2MTYyNjg0NmRhOWQ2MzVmNzhmYzM5OWQ5OTM1N2EwNzM2OWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKM53/cnDRrkDqvScgX5Gp7CvXmx
8Yz4vwhyjT1YyeTPCj6e+9qDckRGfZuwOwt8SSux7KsU3oiQYJ0Kl1X8YMmspGVX
aqYF+0f0e0SyOLtl5eS9ZHzwUitcb3wczsHtGpcQr4676DUG5b8lijM3tm41FG7I
61xDVAVL2jSWo4d46szNIO4oyTzNzX0PWQhNFsRf3ZNPqOl/ansGDfttRvWoAzpV
u6vKeOkZRkdHyMHyGKRdIGY91SHU83lTWmLxjIyOZ+jraGQzbSESMkmEcxq11I8X
aECCfIss/2Uu0VH0VqXltVlu9vMpZS7H6avM/pshRWM26OoXEKyb5u6CDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBn2FiaEbanWNfePw5nZk1egc2mwMB8GA1UdIwQY
MBaAFLDvGbyyOi8ExYasExGpG8fKKpdlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1Njkt
ZDAwMDNhNmI1MjI0LzEvR2ZZV0pvUnRxZFkxOTRfRG1kbVRWNkJ6YWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1NjktZDAwMDNhNmI1MjI0
LzEvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9UEAwQC
W9aoMA0GCSqGSIb3DQEBCwUAA4IBAQB253bSKvRBsJWMoD1pTImZjR6GaBx5N8mR
lmIgYemQhE8oil8vww7auvv3kcKJ0wGLaA0u35RA5Pr7hjYuJIb1HoYyVeK1xdgr
lYMxoujE67FlunRsb89XS6riHc0/plYYcW05iBhCKLTwuPto7vhWhSQoaqNtLHsh
I4X7UwYwz/dTINg2oUqComtqViYUy5BHAxLmVd+PaduIRpXVU/PCPVWAW0oqJl/R
4fqQPJmoLt2myVBx6RadEopbp7g4uHDLDDh0I4/us/C9gR3jXi/asS2cVnYX038Q
thWtUTeopsKpGQnW07UWUOHvCSzA9hqXJdpycc/JWoE7t8vYyWu8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:39 2024 by rpki-client on console-ams.rpki-client.org