Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/8X4BbYJpCzL1XWWHuax9d5EyOsE.roa
File: 8X4BbYJpCzL1XWWHuax9d5EyOsE.roa (raw, json)
Hash identifier: VEJpL8DZ/jRDtUijHnuKFiI5dr0jef5rLuV7EDmx61I=
Subject key identifier: F1:7E:01:6D:82:69:0B:32:F5:5D:65:87:B9:AC:7D:77:91:32:3A:C1
Certificate issuer: /CN=b7733e9de9485b44671c8e511da221e4153c711b
Certificate serial: 018D4B44D8D700DE6FB730031EE051C91A2D
Authority key identifier: B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/8X4BbYJpCzL1XWWHuax9d5EyOsE.roa
Signing time: Sat 27 Jan 2024 14:13:39 +0000
ROA not before: Sat 27 Jan 2024 14:13:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209828
IP address blocks: 91.241.48.0/24 maxlen: 24
91.241.49.0/24 maxlen: 24
91.241.50.0/24 maxlen: 24
91.241.51.0/24 maxlen: 24
194.5.236.0/24 maxlen: 24
194.5.237.0/24 maxlen: 24
2a0c:8dc0::/29 maxlen: 32
2a0c:8dc0::/30 maxlen: 30
2a0c:8dc4::/32 maxlen: 32
2a0c:8dc5::/32 maxlen: 32
2a0c:8dc6::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 27 Jan 2024 14:44:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4b:44:d8:d7:00:de:6f:b7:30:03:1e:e0:51:c9:1a:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7733e9de9485b44671c8e511da221e4153c711b
Validity
Not Before: Jan 27 14:13:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f17e016d82690b32f55d6587b9ac7d7791323ac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:74:b8:8c:ae:7d:51:f7:51:ba:15:af:6c:a5:
b1:54:8d:e1:f1:d7:96:7c:a4:90:ab:2f:5e:6f:4e:
fc:a0:cf:b1:e7:3b:bf:fe:e2:1e:90:53:4f:e4:8d:
78:ca:b6:67:9a:74:b1:ad:30:59:2d:2e:02:c8:57:
93:5f:cc:96:52:75:a7:a6:82:1f:02:52:c0:a5:d6:
de:e3:1a:09:34:8d:44:be:1c:99:e8:3b:7f:93:58:
04:2c:b0:f5:57:a1:91:8f:d0:04:1a:b9:57:1e:74:
1f:b0:8b:c4:6b:4c:21:ad:2a:7e:72:02:24:9a:ac:
3d:1e:49:d7:2a:7d:12:3b:05:aa:f6:33:f1:7d:ea:
b7:e7:14:1a:4e:45:20:48:e5:90:5b:3e:b3:25:5f:
d0:85:c4:3d:0d:db:6d:82:a5:8c:e2:75:41:97:43:
75:50:6f:8c:51:f8:c8:6c:32:4c:eb:76:9f:5c:49:
2a:e6:ec:c6:37:e8:d5:6d:7c:d3:73:f8:8e:4e:fe:
f1:fe:a5:26:93:6e:f6:66:83:cd:67:91:a0:90:0d:
f4:60:85:94:f7:3c:44:6c:b3:39:e0:20:4c:60:5a:
30:0c:81:58:6b:f9:98:d1:66:63:d0:71:dc:ae:d6:
47:cf:93:c9:28:54:24:cf:f2:4e:51:62:62:80:c7:
03:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:7E:01:6D:82:69:0B:32:F5:5D:65:87:B9:AC:7D:77:91:32:3A:C1
X509v3 Authority Key Identifier:
keyid:B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/8X4BbYJpCzL1XWWHuax9d5EyOsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.48.0/22
194.5.236.0/23
IPv6:
2a0c:8dc0::/29
Signature Algorithm: sha256WithRSAEncryption
22:9a:bc:f8:6a:e3:45:98:fa:4e:ee:f7:35:ff:cf:9d:56:41:
67:ec:a9:de:fd:bc:07:27:9b:bb:ce:a6:0c:f7:03:b2:8f:db:
a5:90:50:e3:79:9f:e7:dd:91:1e:a2:23:ca:e7:4d:13:b3:b2:
ad:10:ce:e3:74:3d:93:cc:eb:54:37:31:2e:e3:66:7a:86:0a:
ad:1b:38:da:f3:af:07:16:73:5b:f8:28:c9:97:ce:a3:53:23:
87:2e:ce:68:0c:b2:00:bd:ca:e0:8c:eb:4a:15:9f:86:92:c2:
90:12:d8:19:fe:39:1e:e5:f4:5b:cb:90:aa:14:ec:26:fe:bc:
34:ca:eb:7a:59:c4:fc:26:f0:74:56:d0:8b:ec:6e:56:4e:63:
e6:f9:19:15:b7:6e:ef:ac:1e:a8:25:7d:61:ce:0e:3b:20:1f:
38:e7:c3:01:e3:80:24:e6:25:28:e9:ac:65:e4:65:37:d6:2e:
98:3d:a1:0d:f1:c2:30:a7:4e:70:d1:41:c5:44:0e:af:96:49:
db:69:a9:bb:18:ea:bf:67:c6:e9:09:80:a9:27:34:96:12:68:
b6:12:d3:4a:b0:77:2d:52:eb:1c:5f:96:92:82:af:d7:3d:6c:
f3:9d:ac:9a:53:70:29:4c:4e:5f:8f:ab:2e:76:71:3e:48:4a:
24:bf:84:6a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY1LRNjXAN5vtzADHuBRyRotMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzMzZTlkZTk0ODViNDQ2NzFjOGU1MTFkYTIyMWU0MTUz
YzcxMWIwHhcNMjQwMTI3MTQxMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTdlMDE2ZDgyNjkwYjMyZjU1ZDY1ODdiOWFjN2Q3NzkxMzIzYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynS4jK59UfdRuhWvbKWxVI3h8deW
fKSQqy9eb078oM+x5zu//uIekFNP5I14yrZnmnSxrTBZLS4CyFeTX8yWUnWnpoIf
AlLApdbe4xoJNI1EvhyZ6Dt/k1gELLD1V6GRj9AEGrlXHnQfsIvEa0whrSp+cgIk
mqw9HknXKn0SOwWq9jPxfeq35xQaTkUgSOWQWz6zJV/QhcQ9DdttgqWM4nVBl0N1
UG+MUfjIbDJM63afXEkq5uzGN+jVbXzTc/iOTv7x/qUmk272ZoPNZ5GgkA30YIWU
9zxEbLM54CBMYFowDIFYa/mY0WZj0HHcrtZHz5PJKFQkz/JOUWJigMcDtQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPF+AW2CaQsy9V1lh7msfXeRMjrBMB8GA1UdIwQY
MBaAFLdzPp3pSFtEZxyOUR2iIeQVPHEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUt
NTE4Y2QxNDcxM2ViLzEvOFg0QmJZSnBDekwxWFdXSHVheDlkNUV5T3NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUtNTE4Y2QxNDcxM2Vi
LzEvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW/EwAwQB
wgXsMA0EAgACMAcDBQMqDI3AMA0GCSqGSIb3DQEBCwUAA4IBAQAimrz4auNFmPpO
7vc1/8+dVkFn7Kne/bwHJ5u7zqYM9wOyj9ulkFDjeZ/n3ZEeoiPK500Ts7KtEM7j
dD2TzOtUNzEu42Z6hgqtGzja868HFnNb+CjJl86jUyOHLs5oDLIAvcrgjOtKFZ+G
ksKQEtgZ/jke5fRby5CqFOwm/rw0yut6WcT8JvB0VtCL7G5WTmPm+RkVt27vrB6o
JX1hzg47IB8458MB44Ak5iUo6axl5GU31i6YPaEN8cIwp05w0UHFRA6vlknbaam7
GOq/Z8bpCYCpJzSWEmi2EtNKsHctUuscX5aSgq/XPWzznayaU3ApTE5fj6sudnE+
SEokv4Rq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:22 2024 by rpki-client on console-fra.rpki-client.org