Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/02610f-6913-4049-97f0-a2eda946ed29/1/iwPoTvGPvqJEnZt0VV4meazHrDY.roa
File: iwPoTvGPvqJEnZt0VV4meazHrDY.roa (raw, json)
Hash identifier: i30+GO5FZhd8c2aDoiC7R7FB0/WULZa/6l9i3uaMfbA=
Subject key identifier: 8B:03:E8:4E:F1:8F:BE:A2:44:9D:9B:74:55:5E:26:79:AC:C7:AC:36
Certificate issuer: /CN=6951d4551d26a51c0f92b77c2d378fb34758b877
Certificate serial: 018AAC7A4A1A5BC838BF7087C4DA3A554B0F
Authority key identifier: 69:51:D4:55:1D:26:A5:1C:0F:92:B7:7C:2D:37:8F:B3:47:58:B8:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aVHUVR0mpRwPkrd8LTePs0dYuHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/02610f-6913-4049-97f0-a2eda946ed29/1/iwPoTvGPvqJEnZt0VV4meazHrDY.roa
Signing time: Tue 19 Sep 2023 08:06:50 +0000
ROA not before: Tue 19 Sep 2023 08:06:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196658
IP address blocks: 91.213.102.0/24 maxlen: 24
146.0.88.0/21 maxlen: 21
185.195.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:7a:4a:1a:5b:c8:38:bf:70:87:c4:da:3a:55:4b:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6951d4551d26a51c0f92b77c2d378fb34758b877
Validity
Not Before: Sep 19 08:06:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b03e84ef18fbea2449d9b74555e2679acc7ac36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:21:96:a3:ea:d7:0e:59:ad:f4:5d:d1:28:9e:
de:fe:4a:0f:5f:c2:1e:70:b7:a6:4d:88:15:a6:02:
1e:67:dc:6c:6a:30:99:36:a1:cd:1b:32:49:ec:4a:
ef:fb:82:42:82:e1:69:f1:c5:ae:e4:62:c3:db:b0:
d5:66:2d:ea:b5:0f:c3:b2:38:b9:1e:76:d6:5f:f1:
e1:8e:f0:0b:1b:7c:8b:ca:8f:f5:5b:61:5f:f7:0d:
57:6e:40:b0:b0:8f:1b:54:37:05:5f:5c:75:6a:58:
74:43:a2:e3:9a:63:9f:b3:52:43:96:f8:98:d8:24:
3a:83:31:43:a8:94:b2:0b:bf:53:d3:82:80:be:98:
e6:ef:23:b5:fe:95:f5:af:de:ac:4e:21:36:88:99:
94:9f:08:98:1c:cb:70:32:22:f4:54:c9:e9:a3:9e:
bf:b2:00:66:4c:0d:cc:a6:9f:6e:eb:5d:71:4f:e6:
8a:df:a1:0a:c1:98:37:6c:f3:0a:ed:9f:54:8f:8c:
4b:4f:1f:5c:d5:2a:d8:26:cf:ce:bb:82:d3:13:fe:
2b:53:b2:b6:a7:ef:49:44:21:8b:e3:17:a2:4a:dc:
39:a5:ae:36:4b:20:47:22:a7:73:e7:e0:b3:eb:58:
67:c4:1b:f4:10:4a:5f:e6:9c:89:d4:e2:02:4b:af:
81:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:03:E8:4E:F1:8F:BE:A2:44:9D:9B:74:55:5E:26:79:AC:C7:AC:36
X509v3 Authority Key Identifier:
keyid:69:51:D4:55:1D:26:A5:1C:0F:92:B7:7C:2D:37:8F:B3:47:58:B8:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVHUVR0mpRwPkrd8LTePs0dYuHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/02610f-6913-4049-97f0-a2eda946ed29/1/iwPoTvGPvqJEnZt0VV4meazHrDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/02610f-6913-4049-97f0-a2eda946ed29/1/aVHUVR0mpRwPkrd8LTePs0dYuHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.102.0/24
146.0.88.0/21
185.195.88.0/22
Signature Algorithm: sha256WithRSAEncryption
13:4a:3f:6d:22:e8:fb:d4:20:2f:63:27:7b:f3:e5:06:6f:5c:
19:9c:c5:c9:b1:94:6c:b2:51:60:7d:46:f4:cb:e1:5c:82:c5:
c5:44:22:29:ef:22:5c:6d:da:e0:f4:7d:9a:13:9e:f9:83:46:
c2:17:61:85:14:45:ea:56:81:41:19:84:85:b3:e0:4b:6a:ae:
a4:f6:ab:fc:73:8f:a8:a6:71:54:56:5d:14:03:dd:09:db:7d:
94:ad:da:c8:1d:9f:7c:6e:f3:71:07:cc:ec:4e:8d:aa:57:09:
66:dd:7a:a7:24:6a:6b:f9:eb:cd:6d:8f:18:21:82:ea:6d:61:
12:bd:70:b6:5d:5e:c9:cc:9d:ec:a7:16:41:f8:16:11:d2:d4:
af:78:13:9d:2e:c4:7d:38:47:4d:02:f4:e3:30:ee:1d:14:1f:
8b:91:04:96:79:83:ea:32:69:47:89:9b:ba:eb:f7:af:72:47:
8e:3a:54:ef:c3:ce:c3:45:91:fb:9b:3b:a4:2c:d1:5d:87:70:
b4:cc:07:85:8c:01:68:24:3a:f2:85:87:49:45:49:0c:56:fc:
8f:ae:a5:76:fc:1d:06:97:2f:f4:dd:58:3b:b0:c4:6b:ef:38:
73:bb:a8:8f:6d:c3:c1:0e:6a:ee:c1:fb:27:27:04:31:15:4f:
f9:95:7e:ad
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqsekoaW8g4v3CHxNo6VUsPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTFkNDU1MWQyNmE1MWMwZjkyYjc3YzJkMzc4ZmIzNDc1
OGI4NzcwHhcNMjMwOTE5MDgwNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjAzZTg0ZWYxOGZiZWEyNDQ5ZDliNzQ1NTVlMjY3OWFjYzdhYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSGWo+rXDlmt9F3RKJ7e/koPX8Ie
cLemTYgVpgIeZ9xsajCZNqHNGzJJ7Erv+4JCguFp8cWu5GLD27DVZi3qtQ/Dsji5
HnbWX/HhjvALG3yLyo/1W2Ff9w1XbkCwsI8bVDcFX1x1alh0Q6LjmmOfs1JDlviY
2CQ6gzFDqJSyC79T04KAvpjm7yO1/pX1r96sTiE2iJmUnwiYHMtwMiL0VMnpo56/
sgBmTA3Mpp9u611xT+aK36EKwZg3bPMK7Z9Uj4xLTx9c1SrYJs/Ou4LTE/4rU7K2
p+9JRCGL4xeiStw5pa42SyBHIqdz5+Cz61hnxBv0EEpf5pyJ1OICS6+BHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIsD6E7xj76iRJ2bdFVeJnmsx6w2MB8GA1UdIwQY
MBaAFGlR1FUdJqUcD5K3fC03j7NHWLh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZIVVZSMG1wUndQa3JkOExUZVBzMGRZdUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wMjYxMGYtNjkxMy00MDQ5LTk3ZjAt
YTJlZGE5NDZlZDI5LzEvaXdQb1R2R1B2cUpFblp0MFZWNG1lYXpIckRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wMjYxMGYtNjkxMy00MDQ5LTk3ZjAtYTJlZGE5NDZlZDI5
LzEvYVZIVVZSMG1wUndQa3JkOExUZVBzMGRZdUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9VmAwQD
kgBYAwQCucNYMA0GCSqGSIb3DQEBCwUAA4IBAQATSj9tIuj71CAvYyd78+UGb1wZ
nMXJsZRsslFgfUb0y+FcgsXFRCIp7yJcbdrg9H2aE575g0bCF2GFFEXqVoFBGYSF
s+BLaq6k9qv8c4+opnFUVl0UA90J232UrdrIHZ98bvNxB8zsTo2qVwlm3XqnJGpr
+evNbY8YIYLqbWESvXC2XV7JzJ3spxZB+BYR0tSveBOdLsR9OEdNAvTjMO4dFB+L
kQSWeYPqMmlHiZu66/evckeOOlTvw87DRZH7mzukLNFdh3C0zAeFjAFoJDryhYdJ
RUkMVvyPrqV2/B0Gly/03Vg7sMRr7zhzu6iPbcPBDmruwfsnJwQxFU/5lX6t
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:02 2024 by rpki-client on console-ams.rpki-client.org