Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/4OTXdRrdfbxi5xtuHcNlViNUiRc.roa
File: 4OTXdRrdfbxi5xtuHcNlViNUiRc.roa (raw, json)
Hash identifier: wDiOn+kR7HFU+Ri8nQvjRvC60NaODiTvy5DlXAtaOis=
Subject key identifier: E0:E4:D7:75:1A:DD:7D:BC:62:E7:1B:6E:1D:C3:65:56:23:54:89:17
Certificate issuer: /CN=3ebcb79ef58a1c98e151f60c51426f74eb1c3938
Certificate serial: 018CC500271DCD1C89B9DFB9968A4C102514
Authority key identifier: 3E:BC:B7:9E:F5:8A:1C:98:E1:51:F6:0C:51:42:6F:74:EB:1C:39:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pry3nvWKHJjhUfYMUUJvdOscOTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/4OTXdRrdfbxi5xtuHcNlViNUiRc.roa
Signing time: Mon 01 Jan 2024 12:29:30 +0000
ROA not before: Mon 01 Jan 2024 12:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210107
IP address blocks: 91.217.219.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:27:1d:cd:1c:89:b9:df:b9:96:8a:4c:10:25:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ebcb79ef58a1c98e151f60c51426f74eb1c3938
Validity
Not Before: Jan 1 12:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0e4d7751add7dbc62e71b6e1dc3655623548917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e4:09:60:a8:0c:79:6d:2e:b4:ff:93:10:79:
c3:00:0d:38:b1:3c:e7:a2:20:39:f3:0f:40:10:2b:
c2:b8:d9:95:aa:b9:f9:ae:db:e1:63:73:d0:e9:0b:
3b:41:a0:8f:68:91:c7:b5:87:47:04:55:a4:da:47:
d7:7a:53:56:ca:38:a8:64:4b:42:fb:6c:f5:be:c1:
79:d5:a1:1c:2d:d6:3c:c9:c7:a7:fb:03:53:d5:82:
29:8d:56:17:68:b5:c5:1a:16:2b:ea:c9:04:7d:17:
e6:5a:b2:91:2e:8a:62:66:72:68:bc:c6:4d:ad:95:
42:0c:a5:70:09:02:a1:76:4c:f0:44:aa:e2:cc:b1:
bb:b9:21:31:5f:ba:6d:07:ad:cb:18:2d:a8:cd:76:
02:ad:b8:0a:8e:93:0c:06:3e:9d:56:ab:58:7b:19:
3c:d4:99:fd:fe:e9:f7:5c:a9:e8:80:4c:7e:56:ce:
4c:a7:c4:1c:6e:c5:41:e0:71:79:cc:3b:84:b0:e1:
4a:18:86:a7:18:6b:0c:c2:d2:75:04:08:7c:cf:23:
a6:c5:89:72:2c:a3:bc:a3:32:89:2d:33:b2:9b:c0:
ca:58:6b:18:da:27:fc:72:0f:79:fe:70:0e:32:52:
af:3a:f8:f3:93:91:62:15:04:68:f7:33:5a:27:ed:
8e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E4:D7:75:1A:DD:7D:BC:62:E7:1B:6E:1D:C3:65:56:23:54:89:17
X509v3 Authority Key Identifier:
keyid:3E:BC:B7:9E:F5:8A:1C:98:E1:51:F6:0C:51:42:6F:74:EB:1C:39:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pry3nvWKHJjhUfYMUUJvdOscOTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/4OTXdRrdfbxi5xtuHcNlViNUiRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/Pry3nvWKHJjhUfYMUUJvdOscOTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.219.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:b0:b6:4e:5c:d9:96:7a:e3:95:e6:c2:8c:fb:0b:87:b4:7f:
32:19:f3:bd:9f:7e:d8:b1:97:f9:b2:1b:9a:fe:86:10:6b:d6:
3e:1b:2f:e2:01:09:bf:18:ab:4a:48:cb:76:63:5c:da:18:e9:
16:37:20:d5:8c:b3:48:71:13:0e:82:83:59:5b:0f:f5:da:9e:
b6:dc:74:6d:55:ac:3e:ef:cb:bc:b8:94:38:a1:aa:1e:d7:83:
4f:15:4c:cc:89:6f:d7:af:e9:3f:88:5e:c2:a5:36:44:72:d0:
7e:ab:2e:5f:b7:26:a5:31:a8:8a:92:dc:85:07:87:52:12:b5:
c7:b4:42:31:d5:84:f0:66:45:01:97:a1:d8:50:cc:9a:04:26:
8b:2b:12:68:4e:61:a6:be:15:af:e5:0b:4a:32:34:d5:34:d4:
18:93:55:d9:15:cb:c0:89:14:5e:30:b9:44:c9:f0:41:71:9f:
4e:b8:76:01:3b:38:44:0e:c9:40:7c:86:8d:1f:8c:dd:ee:34:
eb:9f:42:46:aa:05:38:19:b2:50:67:9f:41:8e:ad:06:5f:1e:
83:d7:97:83:06:a3:c6:d6:4e:24:c4:bf:c2:32:60:f3:df:8b:
c0:23:aa:4c:5c:66:8d:d3:b5:10:bd:1c:73:a5:33:64:ce:29:
a8:2a:77:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFACcdzRyJud+5lopMECUUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYmNiNzllZjU4YTFjOThlMTUxZjYwYzUxNDI2Zjc0ZWIx
YzM5MzgwHhcNMjQwMTAxMTIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGU0ZDc3NTFhZGQ3ZGJjNjJlNzFiNmUxZGMzNjU1NjIzNTQ4OTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+QJYKgMeW0utP+TEHnDAA04sTzn
oiA58w9AECvCuNmVqrn5rtvhY3PQ6Qs7QaCPaJHHtYdHBFWk2kfXelNWyjioZEtC
+2z1vsF51aEcLdY8ycen+wNT1YIpjVYXaLXFGhYr6skEfRfmWrKRLopiZnJovMZN
rZVCDKVwCQKhdkzwRKrizLG7uSExX7ptB63LGC2ozXYCrbgKjpMMBj6dVqtYexk8
1Jn9/un3XKnogEx+Vs5Mp8QcbsVB4HF5zDuEsOFKGIanGGsMwtJ1BAh8zyOmxYly
LKO8ozKJLTOym8DKWGsY2if8cg95/nAOMlKvOvjzk5FiFQRo9zNaJ+2OdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFODk13Ua3X28Yucbbh3DZVYjVIkXMB8GA1UdIwQY
MBaAFD68t571ihyY4VH2DFFCb3TrHDk4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJ5M252V0tISmpoVWZZTVVVSnZkT3NjT1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kZDllZDEtMDJjZC00YjM1LWEzYjQt
ZTlmNzlkZmJkMmU2LzEvNE9UWGRScmRmYnhpNXh0dUhjTmxWaU5VaVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kZDllZDEtMDJjZC00YjM1LWEzYjQtZTlmNzlkZmJkMmU2
LzEvUHJ5M252V0tISmpoVWZZTVVVSnZkT3NjT1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9nbMA0G
CSqGSIb3DQEBCwUAA4IBAQAvsLZOXNmWeuOV5sKM+wuHtH8yGfO9n37YsZf5shua
/oYQa9Y+Gy/iAQm/GKtKSMt2Y1zaGOkWNyDVjLNIcRMOgoNZWw/12p623HRtVaw+
78u8uJQ4oaoe14NPFUzMiW/Xr+k/iF7CpTZEctB+qy5ftyalMaiKktyFB4dSErXH
tEIx1YTwZkUBl6HYUMyaBCaLKxJoTmGmvhWv5QtKMjTVNNQYk1XZFcvAiRReMLlE
yfBBcZ9OuHYBOzhEDslAfIaNH4zd7jTrn0JGqgU4GbJQZ59Bjq0GXx6D15eDBqPG
1k4kxL/CMmDz34vAI6pMXGaN07UQvRxzpTNkzimoKnfU
-----END CERTIFICATE-----
Generated at Wed Jan 3 22:58:41 2024 by rpki-client on console-fra.rpki-client.org