Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/PIkfL31iQQVok1ZSrBVLBIdGRSY.roa
File: PIkfL31iQQVok1ZSrBVLBIdGRSY.roa (raw, json)
Hash identifier: CB77u7iNKZ7TZ81nwocgXeHI9uPKQdiPLSWl6zJzAaA=
Subject key identifier: 3C:89:1F:2F:7D:62:41:05:68:93:56:52:AC:15:4B:04:87:46:45:26
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 0191B7FAA5EB7BE96529A1CB41B053A8F719
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/PIkfL31iQQVok1ZSrBVLBIdGRSY.roa
Signing time: Tue 03 Sep 2024 13:02:22 +0000
ROA not before: Tue 03 Sep 2024 13:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47694
IP address blocks: 91.211.16.0/22 maxlen: 24
91.211.19.0/24 maxlen: 24
176.124.0.0/19 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 10:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:fa:a5:eb:7b:e9:65:29:a1:cb:41:b0:53:a8:f7:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Sep 3 13:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c891f2f7d62410568935652ac154b0487464526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4d:fd:17:a3:8e:d3:77:9a:7f:fc:08:d5:44:
f3:32:ae:ef:59:bb:18:67:9f:8e:ff:e7:39:54:ab:
b1:2b:a3:cd:06:9a:f9:9b:3f:94:ec:55:3d:de:e3:
ec:ab:3c:de:79:ed:a3:a6:90:66:d5:72:eb:de:c6:
37:5d:7c:71:be:72:4d:25:62:08:09:4a:22:90:a9:
2d:85:5a:22:aa:48:a0:d0:77:79:c8:4f:03:9e:07:
47:38:49:9a:e6:81:1c:d2:21:2c:cc:41:a6:95:b1:
48:3b:03:9d:93:6c:e8:86:b1:bd:3b:c2:df:21:ea:
9e:c7:7f:ba:32:c8:44:77:aa:41:cb:46:38:8a:4a:
b4:7f:18:7d:2e:9d:b1:bf:73:cc:d7:03:35:5c:55:
28:80:30:d7:ba:10:60:63:f4:93:11:7c:9f:b7:3b:
31:a5:32:a5:8e:06:a9:96:ea:85:54:90:c0:72:11:
40:41:9f:78:dd:53:b9:fd:a6:46:e2:85:79:61:f3:
b3:ba:c0:6a:71:b7:12:37:34:f4:0b:a4:8d:8e:bd:
f0:5b:ac:ce:21:9e:4f:eb:63:47:be:f0:f3:be:d5:
71:a3:87:70:ec:ed:e5:f4:fd:22:6e:45:d8:e7:52:
67:c8:c7:7f:da:bd:08:a1:fe:6d:6a:e5:f6:17:ac:
f6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:89:1F:2F:7D:62:41:05:68:93:56:52:AC:15:4B:04:87:46:45:26
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/PIkfL31iQQVok1ZSrBVLBIdGRSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.16.0/22
176.124.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:6e:c5:2f:58:13:81:28:7c:06:f7:58:07:b4:99:28:33:f4:
83:e8:f1:57:f8:02:0c:8d:4a:a6:86:ef:a1:79:10:ba:0e:76:
32:ae:49:fe:d1:42:6b:91:f2:e3:d6:04:4c:e1:70:95:06:e5:
39:a7:73:10:b7:27:27:2c:14:f7:b5:22:03:44:36:0a:5f:2e:
de:a2:5d:97:f5:a5:54:e5:08:4e:72:2f:9f:f0:d0:4f:cf:36:
36:20:03:66:1d:1a:92:78:c6:bc:9f:da:16:f2:ed:4c:8b:1d:
fa:6b:29:88:07:7e:97:89:57:64:69:ed:2f:e9:6d:ec:55:ba:
6a:da:f3:3f:86:42:a1:7c:c4:82:81:24:6d:e9:e6:4a:9a:b7:
36:06:2c:d0:70:c9:0c:b8:a8:67:b3:51:11:9d:4e:d0:80:af:
f7:92:ba:8a:7c:e6:7a:6b:30:85:44:c9:08:fd:1c:64:29:28:
62:39:a8:ee:d4:0d:ea:65:27:d5:3d:c5:d4:32:ec:f7:4f:56:
25:72:b4:6c:88:97:f8:2c:92:f2:c5:dc:cd:1b:a5:8c:61:78:
6e:ec:3f:e9:a9:f1:9d:67:76:04:fa:e6:a7:6d:a3:5c:5c:e9:
47:bf:03:86:89:5a:ed:9a:ef:ad:dd:09:4a:70:77:92:62:07:
d3:af:2e:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZG3+qXre+llKaHLQbBTqPcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjQwOTAzMTMwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzg5MWYyZjdkNjI0MTA1Njg5MzU2NTJhYzE1NGIwNDg3NDY0NTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn039F6OO03eaf/wI1UTzMq7vWbsY
Z5+O/+c5VKuxK6PNBpr5mz+U7FU93uPsqzzeee2jppBm1XLr3sY3XXxxvnJNJWII
CUoikKkthVoiqkig0Hd5yE8DngdHOEma5oEc0iEszEGmlbFIOwOdk2zohrG9O8Lf
Ieqex3+6MshEd6pBy0Y4ikq0fxh9Lp2xv3PM1wM1XFUogDDXuhBgY/STEXyftzsx
pTKljgapluqFVJDAchFAQZ943VO5/aZG4oV5YfOzusBqcbcSNzT0C6SNjr3wW6zO
IZ5P62NHvvDzvtVxo4dw7O3l9P0ibkXY51JnyMd/2r0Iof5tauX2F6z2jQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDyJHy99YkEFaJNWUqwVSwSHRkUmMB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvUElrZkwzMWlRUVZvazFaU3JCVkxCSWRHUlNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9MQAwQF
sHwAMA0GCSqGSIb3DQEBCwUAA4IBAQBtbsUvWBOBKHwG91gHtJkoM/SD6PFX+AIM
jUqmhu+heRC6DnYyrkn+0UJrkfLj1gRM4XCVBuU5p3MQtycnLBT3tSIDRDYKXy7e
ol2X9aVU5QhOci+f8NBPzzY2IANmHRqSeMa8n9oW8u1Mix36aymIB36XiVdkae0v
6W3sVbpq2vM/hkKhfMSCgSRt6eZKmrc2BizQcMkMuKhns1ERnU7QgK/3krqKfOZ6
azCFRMkI/RxkKShiOaju1A3qZSfVPcXUMuz3T1YlcrRsiJf4LJLyxdzNG6WMYXhu
7D/pqfGdZ3YE+uanbaNcXOlHvwOGiVrtmu+t3QlKcHeSYgfTry5g
-----END CERTIFICATE-----
Generated at Thu Sep 12 14:04:23 2024 by rpki-client on console-ams.rpki-client.org