Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/_ebDiPmAa-5XlpE18NvKwJKd0OI.roa
File: _ebDiPmAa-5XlpE18NvKwJKd0OI.roa (raw, json)
Hash identifier: 8sVwrCzlzfsJipmBxhc5YPombEIhqYaa8JxNd1+QYI0=
Subject key identifier: FD:E6:C3:88:F9:80:6B:EE:57:96:91:35:F0:DB:CA:C0:92:9D:D0:E2
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018CC4934359D69A1576D0983B1D8DC81D1C
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/_ebDiPmAa-5XlpE18NvKwJKd0OI.roa
Signing time: Mon 01 Jan 2024 10:30:34 +0000
ROA not before: Mon 01 Jan 2024 10:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398343
IP address blocks: 91.216.185.0/24 maxlen: 24
86.105.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 11:16:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:43:59:d6:9a:15:76:d0:98:3b:1d:8d:c8:1d:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 1 10:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fde6c388f9806bee57969135f0dbcac0929dd0e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:eb:29:d6:fb:d0:79:64:62:88:a0:e4:9c:a7:
78:22:18:b5:d0:17:dd:1b:40:43:a5:5b:1b:3a:cc:
03:6f:ea:1b:a9:ea:e3:27:5b:3b:6f:4e:73:db:b6:
99:30:5b:6e:41:5d:c0:d4:8d:48:8a:bb:d0:39:c6:
a2:c4:da:b4:63:fb:7c:2f:99:6a:b3:59:4a:e2:44:
bc:5d:cb:cd:bd:e6:e8:63:95:81:ad:63:9f:40:3a:
55:52:91:c6:20:72:c1:f6:2e:c5:cc:24:2c:a8:17:
81:05:44:fe:84:b8:a3:21:c8:94:81:bf:c5:55:83:
31:da:1c:fa:6b:54:5a:96:0b:5e:91:61:00:fe:e9:
a9:9d:92:23:c3:70:ff:f0:9c:e0:40:40:f4:4d:e6:
1b:af:0a:33:20:10:9a:7d:81:a9:af:2b:f8:f3:4a:
12:8f:9c:1c:1d:95:8f:31:27:fe:c6:79:8a:22:3f:
97:21:77:21:7b:1c:81:ce:f7:4d:9a:7e:c0:01:3d:
4d:ec:be:39:6d:62:0b:4d:54:e4:2b:cb:33:66:ad:
fe:62:31:ed:7e:0f:72:7e:1d:4f:b0:21:c7:f1:52:
c4:24:67:4b:9d:1c:e8:43:f1:ce:1f:c2:34:33:78:
91:88:7b:40:a6:2c:ce:ef:c6:90:7f:28:b2:75:50:
18:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:E6:C3:88:F9:80:6B:EE:57:96:91:35:F0:DB:CA:C0:92:9D:D0:E2
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/_ebDiPmAa-5XlpE18NvKwJKd0OI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.4.0/24
91.216.185.0/24
Signature Algorithm: sha256WithRSAEncryption
44:32:ab:03:47:38:66:ce:c0:35:15:f9:23:e2:4c:db:74:8e:
b4:6c:1f:c6:1d:e9:f0:86:98:46:9b:d2:8d:d7:5e:e0:b4:13:
72:16:3b:31:22:00:9f:ba:21:18:e8:a0:50:d6:c5:6d:4d:94:
3a:8d:ee:7e:d1:5d:91:fc:e9:89:70:97:9d:3e:9f:8f:8e:f3:
be:6e:f2:8f:81:bc:e8:74:a5:e4:49:dd:b5:1f:08:46:ad:03:
ce:b2:6c:a9:b5:8e:35:26:cc:55:68:d4:ed:31:92:b0:76:13:
2e:b3:50:20:b3:6e:dd:16:df:25:49:eb:bb:ca:6f:83:12:66:
69:fe:61:42:15:79:c1:95:a0:31:af:c0:6e:d8:ef:da:85:d4:
0a:ee:e3:7d:77:e4:cc:20:c3:26:5c:09:7e:cb:e4:87:2b:81:
bd:77:9e:24:ab:f0:47:32:d4:9d:9b:24:45:30:cd:bd:c5:eb:
63:fe:bd:a1:1a:30:af:df:5d:02:30:63:0e:d2:14:8a:f5:62:
ea:c7:fd:cf:dd:fc:c6:22:78:4a:44:20:9b:4c:da:25:2e:f6:
1e:33:5e:6f:50:ab:5c:40:07:b5:a9:1b:47:02:28:57:93:2f:
c2:0f:0e:56:39:23:06:e5:04:d1:8c:13:c4:0f:ba:74:dc:07:
68:73:bf:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEk0NZ1poVdtCYOx2NyB0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMTAxMTAzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGU2YzM4OGY5ODA2YmVlNTc5NjkxMzVmMGRiY2FjMDkyOWRkMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmesp1vvQeWRiiKDknKd4Ihi10Bfd
G0BDpVsbOswDb+obqerjJ1s7b05z27aZMFtuQV3A1I1IirvQOcaixNq0Y/t8L5lq
s1lK4kS8XcvNveboY5WBrWOfQDpVUpHGIHLB9i7FzCQsqBeBBUT+hLijIciUgb/F
VYMx2hz6a1RalgtekWEA/umpnZIjw3D/8JzgQED0TeYbrwozIBCafYGpryv480oS
j5wcHZWPMSf+xnmKIj+XIXchexyBzvdNmn7AAT1N7L45bWILTVTkK8szZq3+YjHt
fg9yfh1PsCHH8VLEJGdLnRzoQ/HOH8I0M3iRiHtApizO78aQfyiydVAYzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP3mw4j5gGvuV5aRNfDbysCSndDiMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvX2ViRGlQbUFhLTVYbHBFMThOdkt3SktkME9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVmkEAwQA
W9i5MA0GCSqGSIb3DQEBCwUAA4IBAQBEMqsDRzhmzsA1Ffkj4kzbdI60bB/GHenw
hphGm9KN117gtBNyFjsxIgCfuiEY6KBQ1sVtTZQ6je5+0V2R/OmJcJedPp+PjvO+
bvKPgbzodKXkSd21HwhGrQPOsmyptY41JsxVaNTtMZKwdhMus1Ags27dFt8lSeu7
ym+DEmZp/mFCFXnBlaAxr8Bu2O/ahdQK7uN9d+TMIMMmXAl+y+SHK4G9d54kq/BH
MtSdmyRFMM29xetj/r2hGjCv310CMGMO0hSK9WLqx/3P3fzGInhKRCCbTNolLvYe
M15vUKtcQAe1qRtHAihXky/CDw5WOSMG5QTRjBPED7p03Adoc78R
-----END CERTIFICATE-----
Generated at Mon Apr 15 14:34:13 2024 by rpki-client on console-ams.rpki-client.org