Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/RxIQp-ebTcuN6-9y797ryu3x2VM.roa
File: RxIQp-ebTcuN6-9y797ryu3x2VM.roa (raw, json)
Hash identifier: 34wgeDi0pfq5tWd/QT9DbK0cM13mXybZCblBxf0dwEw=
Subject key identifier: 47:12:10:A7:E7:9B:4D:CB:8D:EB:EF:72:EF:DE:EB:CA:ED:F1:D9:53
Certificate issuer: /CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765
Certificate serial: 018B23B43A6ECFCCBAC770EBDAD7E7BF22AF
Authority key identifier: B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/RxIQp-ebTcuN6-9y797ryu3x2VM.roa
Signing time: Thu 12 Oct 2023 11:44:55 +0000
ROA not before: Thu 12 Oct 2023 11:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6730
IP address blocks: 91.214.170.0/24 maxlen: 24
91.214.171.0/24 maxlen: 24
91.214.168.0/24 maxlen: 24
91.214.168.0/22 maxlen: 22
91.214.169.0/24 maxlen: 24
91.213.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:b4:3a:6e:cf:cc:ba:c7:70:eb:da:d7:e7:bf:22:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765
Validity
Not Before: Oct 12 11:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=471210a7e79b4dcb8debef72efdeebcaedf1d953
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2f:53:99:64:12:50:ef:13:12:09:89:f9:76:
2d:9c:df:f8:4d:24:63:d8:b7:7e:dc:22:6b:05:54:
80:d2:0f:79:45:34:92:47:d6:0d:e3:08:ae:40:0e:
77:34:1c:30:a9:b3:02:b2:80:6c:be:7e:e2:82:30:
a8:24:aa:d1:c1:37:83:62:ef:8b:aa:88:14:00:3f:
b9:96:9e:64:87:cf:b9:70:34:32:d8:a7:4b:97:0c:
8c:a1:25:8e:b5:3b:a1:20:05:8c:d8:0c:95:43:2e:
e3:77:a4:27:a1:42:ec:df:75:8d:18:be:3a:36:38:
04:30:99:48:7c:74:0f:87:68:1c:33:03:f9:03:19:
a5:88:b5:01:71:8b:ff:8b:b4:c4:1d:1a:b7:70:2d:
78:2c:c9:79:0d:63:9f:41:61:c0:6e:29:1f:ff:21:
97:bd:d9:bc:88:15:49:90:8d:91:2d:a6:91:7e:7e:
fd:fc:0a:98:6e:78:20:25:cc:37:ca:0d:58:7e:b0:
1c:b8:7f:78:bd:5d:8f:3d:7b:ea:31:59:71:b9:01:
b4:45:bc:3d:2a:19:87:15:d3:77:f2:83:94:e6:dd:
58:33:bd:92:97:31:90:16:48:36:7f:29:33:b8:71:
97:e0:8a:ff:85:dd:08:52:c3:3d:e3:94:6f:10:81:
62:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:12:10:A7:E7:9B:4D:CB:8D:EB:EF:72:EF:DE:EB:CA:ED:F1:D9:53
X509v3 Authority Key Identifier:
keyid:B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/RxIQp-ebTcuN6-9y797ryu3x2VM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.4.0/24
91.214.168.0/22
Signature Algorithm: sha256WithRSAEncryption
80:22:89:8b:17:03:46:83:2a:7d:18:53:79:70:4e:46:8b:1c:
eb:90:4b:80:23:f8:28:be:21:35:3f:05:ce:28:bf:12:f3:b4:
0b:51:1d:69:b5:1b:b4:93:fc:6e:b7:89:5d:21:97:1d:c4:20:
55:fc:8f:bc:ac:ed:6e:10:d4:b8:f0:d3:d1:5c:26:c8:fe:60:
83:17:b1:4e:0a:71:51:0e:90:b7:45:39:08:d3:43:44:8c:68:
96:d2:7a:be:9d:77:47:fa:99:17:99:96:73:3e:3b:f8:31:92:
38:de:f5:96:24:da:50:a1:30:ad:e2:3c:4d:5a:2f:76:c8:76:
38:44:b4:12:11:5a:85:65:81:fb:f8:1b:a7:ef:4d:65:9c:0e:
2d:d6:7e:e5:f0:98:ec:0c:25:af:1d:d6:8c:5c:62:b4:fc:df:
88:c4:ad:c8:74:38:3c:d7:68:08:62:20:34:7a:b3:77:93:91:
53:87:a0:69:4b:fa:c2:59:c9:08:94:54:7b:33:c5:15:0d:e4:
5d:51:8a:f3:61:e7:29:75:8b:b7:eb:10:19:8f:56:ee:3c:d2:
3d:fa:6a:12:e1:76:a7:45:75:98:81:fe:67:6f:9b:19:31:06:
fb:71:0c:fd:77:c3:98:46:a8:61:52:9e:f7:bb:44:16:bf:0b:
53:91:ee:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsjtDpuz8y6x3Dr2tfnvyKvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZWYxOWJjYjIzYTJmMDRjNTg2YWMxMzExYTkxYmM3Y2Ey
YTk3NjUwHhcNMjMxMDEyMTE0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzEyMTBhN2U3OWI0ZGNiOGRlYmVmNzJlZmRlZWJjYWVkZjFkOTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAly9TmWQSUO8TEgmJ+XYtnN/4TSRj
2Ld+3CJrBVSA0g95RTSSR9YN4wiuQA53NBwwqbMCsoBsvn7igjCoJKrRwTeDYu+L
qogUAD+5lp5kh8+5cDQy2KdLlwyMoSWOtTuhIAWM2AyVQy7jd6QnoULs33WNGL46
NjgEMJlIfHQPh2gcMwP5AxmliLUBcYv/i7TEHRq3cC14LMl5DWOfQWHAbikf/yGX
vdm8iBVJkI2RLaaRfn79/AqYbnggJcw3yg1YfrAcuH94vV2PPXvqMVlxuQG0Rbw9
KhmHFdN38oOU5t1YM72SlzGQFkg2fykzuHGX4Ir/hd0IUsM945RvEIFiAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEcSEKfnm03Ljevvcu/e68rt8dlTMB8GA1UdIwQY
MBaAFLDvGbyyOi8ExYasExGpG8fKKpdlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1Njkt
ZDAwMDNhNmI1MjI0LzEvUnhJUXAtZWJUY3VONi05eTc5N3J5dTN4MlZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1NjktZDAwMDNhNmI1MjI0
LzEvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9UEAwQC
W9aoMA0GCSqGSIb3DQEBCwUAA4IBAQCAIomLFwNGgyp9GFN5cE5GixzrkEuAI/go
viE1PwXOKL8S87QLUR1ptRu0k/xut4ldIZcdxCBV/I+8rO1uENS48NPRXCbI/mCD
F7FOCnFRDpC3RTkI00NEjGiW0nq+nXdH+pkXmZZzPjv4MZI43vWWJNpQoTCt4jxN
Wi92yHY4RLQSEVqFZYH7+Bun701lnA4t1n7l8JjsDCWvHdaMXGK0/N+IxK3IdDg8
12gIYiA0erN3k5FTh6BpS/rCWckIlFR7M8UVDeRdUYrzYecpdYu36xAZj1buPNI9
+moS4XanRXWYgf5nb5sZMQb7cQz9d8OYRqhhUp73u0QWvwtTke4n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:07 2024 by rpki-client on console-fra.rpki-client.org