Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/0XFZJK5r-TXG6fbxBsebUjmaAiU.roa
File: 0XFZJK5r-TXG6fbxBsebUjmaAiU.roa (raw, json)
Hash identifier: cPS0aio09nfl0s5D941L0RmPf23nRHzeZfzZ/tAS8tM=
Subject key identifier: D1:71:59:24:AE:6B:F9:35:C6:E9:F6:F1:06:C7:9B:52:39:9A:02:25
Certificate issuer: /CN=ffbcae2b290c801d57d09d025a9348e16706f182
Certificate serial: 01856E01F719BA0AB6511B60FFDC82CE82FA
Authority key identifier: FF:BC:AE:2B:29:0C:80:1D:57:D0:9D:02:5A:93:48:E1:67:06:F1:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_7yuKykMgB1X0J0CWpNI4WcG8YI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/0XFZJK5r-TXG6fbxBsebUjmaAiU.roa
Signing time: Sun 01 Jan 2023 15:45:00 +0000
ROA not before: Sun 01 Jan 2023 15:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44124
IP address blocks: 91.209.149.0/24 maxlen: 24
91.209.151.0/24 maxlen: 24
194.50.253.0/24 maxlen: 24
91.209.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jul 2023 08:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:f7:19:ba:0a:b6:51:1b:60:ff:dc:82:ce:82:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffbcae2b290c801d57d09d025a9348e16706f182
Validity
Not Before: Jan 1 15:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1715924ae6bf935c6e9f6f106c79b52399a0225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:9d:cd:05:80:0f:d0:28:02:26:d1:59:6c:c4:
86:a6:7a:47:1a:98:cb:8c:ba:d6:db:b6:b9:87:86:
fe:3d:e0:30:94:c4:4a:c1:dc:97:62:cd:ee:71:37:
27:75:83:3c:90:e1:76:48:7d:4c:c6:8e:1b:f1:25:
c7:6d:87:d2:a8:81:90:7e:7c:cf:1a:f5:1e:cb:cd:
eb:88:d8:d6:97:26:e5:e8:ea:02:ef:18:0c:6f:b8:
f2:38:d2:60:36:13:81:19:0d:20:b1:af:49:11:59:
b0:ae:8d:c4:38:b1:e5:9f:77:cc:ff:f2:5b:d0:cd:
13:08:f6:17:b8:59:e6:14:66:82:2c:45:df:ec:1f:
e7:e4:33:f9:2a:29:2c:79:8a:8e:1a:85:8f:78:f8:
38:25:7e:44:30:11:dd:78:ea:79:d4:ff:f7:83:f2:
a6:f4:ae:06:05:b4:ad:8b:50:d9:ed:64:78:2b:76:
18:dd:85:bf:6a:45:3c:b7:30:5a:ac:db:5d:77:10:
6b:49:28:dd:b1:7b:68:ad:f1:11:ea:61:c6:b3:08:
95:46:ab:7f:07:a5:ab:a0:66:ab:93:34:08:3f:a9:
33:8c:e9:49:73:6f:00:96:68:c6:85:9a:ef:7d:3d:
07:35:64:92:87:3b:a1:0f:ab:05:7b:67:2b:78:27:
80:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:71:59:24:AE:6B:F9:35:C6:E9:F6:F1:06:C7:9B:52:39:9A:02:25
X509v3 Authority Key Identifier:
keyid:FF:BC:AE:2B:29:0C:80:1D:57:D0:9D:02:5A:93:48:E1:67:06:F1:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_7yuKykMgB1X0J0CWpNI4WcG8YI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/0XFZJK5r-TXG6fbxBsebUjmaAiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/_7yuKykMgB1X0J0CWpNI4WcG8YI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.115.0/24
91.209.149.0/24
91.209.151.0/24
194.50.253.0/24
Signature Algorithm: sha256WithRSAEncryption
46:c6:74:2a:1b:91:ce:3c:03:ed:1a:62:02:97:06:c9:2c:c5:
56:20:67:80:70:45:51:f2:c4:a3:2f:2f:27:fb:71:d3:2d:02:
e3:f0:e3:b7:66:d5:ea:4e:5c:c1:35:d1:56:a7:45:0c:5a:c6:
60:e7:3a:e1:58:c9:5b:e8:39:7d:2e:0d:ab:ce:0b:c7:44:36:
29:d4:c5:17:aa:0f:89:04:28:94:3b:f3:8c:f3:c6:2b:81:b1:
ae:9b:f0:45:7d:40:fd:5d:8d:15:2e:34:93:52:50:3e:c5:52:
44:0f:f6:67:01:59:95:1c:9a:80:99:d0:40:8a:1c:7c:64:27:
cc:15:79:c4:7c:b7:43:e9:40:5c:29:5d:be:63:4a:f1:01:95:
78:91:1b:a1:15:96:99:f2:2f:42:f2:de:02:3e:8a:ac:28:66:
0e:a1:6c:0f:c8:11:1b:5c:bc:8a:4f:0b:18:3b:87:9f:9d:18:
52:0d:36:d9:cb:04:e5:bf:ec:f4:8b:5d:d2:81:bf:f2:3f:a3:
c8:d3:12:1d:71:13:73:b9:e3:82:b1:eb:b7:72:03:48:24:de:
63:4d:54:28:05:11:d8:7b:5f:49:51:fd:63:9a:7d:0f:10:70:
a8:69:ed:6f:8c:1d:bf:7d:6a:de:c5:81:fa:a3:b7:ae:1c:b6:
62:d0:e4:96
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVuAfcZugq2URtg/9yCzoL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYmNhZTJiMjkwYzgwMWQ1N2QwOWQwMjVhOTM0OGUxNjcw
NmYxODIwHhcNMjMwMTAxMTU0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTcxNTkyNGFlNmJmOTM1YzZlOWY2ZjEwNmM3OWI1MjM5OWEwMjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZ3NBYAP0CgCJtFZbMSGpnpHGpjL
jLrW27a5h4b+PeAwlMRKwdyXYs3ucTcndYM8kOF2SH1Mxo4b8SXHbYfSqIGQfnzP
GvUey83riNjWlybl6OoC7xgMb7jyONJgNhOBGQ0gsa9JEVmwro3EOLHln3fM//Jb
0M0TCPYXuFnmFGaCLEXf7B/n5DP5KikseYqOGoWPePg4JX5EMBHdeOp51P/3g/Km
9K4GBbSti1DZ7WR4K3YY3YW/akU8tzBarNtddxBrSSjdsXtorfER6mHGswiVRqt/
B6WroGarkzQIP6kzjOlJc28AlmjGhZrvfT0HNWSShzuhD6sFe2creCeAIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNFxWSSua/k1xun28QbHm1I5mgIlMB8GA1UdIwQY
MBaAFP+8rispDIAdV9CdAlqTSOFnBvGCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzd5dUt5a01nQjFYMEowQ1dwTkk0V2NHOFlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81OWJjZDEtMWUwYi00ODVkLTk1MTAt
MDk2YWY0NzhmMDRiLzEvMFhGWkpLNXItVFhHNmZieEJzZWJVam1hQWlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81OWJjZDEtMWUwYi00ODVkLTk1MTAtMDk2YWY0NzhmMDRi
LzEvXzd5dUt5a01nQjFYMEowQ1dwTkk0V2NHOFlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW9FzAwQA
W9GVAwQAW9GXAwQAwjL9MA0GCSqGSIb3DQEBCwUAA4IBAQBGxnQqG5HOPAPtGmIC
lwbJLMVWIGeAcEVR8sSjLy8n+3HTLQLj8OO3ZtXqTlzBNdFWp0UMWsZg5zrhWMlb
6Dl9Lg2rzgvHRDYp1MUXqg+JBCiUO/OM88YrgbGum/BFfUD9XY0VLjSTUlA+xVJE
D/ZnAVmVHJqAmdBAihx8ZCfMFXnEfLdD6UBcKV2+Y0rxAZV4kRuhFZaZ8i9C8t4C
PoqsKGYOoWwPyBEbXLyKTwsYO4efnRhSDTbZywTlv+z0i13Sgb/yP6PI0xIdcRNz
ueOCseu3cgNIJN5jTVQoBRHYe19JUf1jmn0PEHCoae1vjB2/fWrexYH6o7euHLZi
0OSW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:08 2024 by rpki-client on console-ams.rpki-client.org