Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/c4a70e-f7a8-4aa0-98c6-23e09652b3d8/1/PTXTfU7vI70MrEIXExZxLHf5v7w.roa
File: PTXTfU7vI70MrEIXExZxLHf5v7w.roa (raw, json)
Hash identifier: 0QPJ7b4qmQB6YGW4IEIsfR6rKlaIl8PJnsJdL+G0htg=
Subject key identifier: 3D:35:D3:7D:4E:EF:23:BD:0C:AC:42:17:13:16:71:2C:77:F9:BF:BC
Certificate issuer: /CN=63c05afa0dc9a5f8f618c3ed2eec672ec38f6fef
Certificate serial: 01856B6E9BE11651D253878654C65E42D772
Authority key identifier: 63:C0:5A:FA:0D:C9:A5:F8:F6:18:C3:ED:2E:EC:67:2E:C3:8F:6F:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y8Ba-g3Jpfj2GMPtLuxnLsOPb-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/c4a70e-f7a8-4aa0-98c6-23e09652b3d8/1/PTXTfU7vI70MrEIXExZxLHf5v7w.roa
Signing time: Sun 01 Jan 2023 03:44:49 +0000
ROA not before: Sun 01 Jan 2023 03:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57350
IP address blocks: 91.231.217.0/24 maxlen: 24
91.231.216.0/24 maxlen: 24
185.41.116.0/23 maxlen: 23
185.41.118.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:6e:9b:e1:16:51:d2:53:87:86:54:c6:5e:42:d7:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63c05afa0dc9a5f8f618c3ed2eec672ec38f6fef
Validity
Not Before: Jan 1 03:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d35d37d4eef23bd0cac42171316712c77f9bfbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f9:a6:28:52:71:a9:4d:18:08:a4:da:7b:e8:
78:95:14:45:bd:71:25:81:d1:74:9b:eb:f8:d1:f9:
ec:d0:14:9f:ea:e5:99:7e:23:35:1d:2f:c4:96:f4:
f6:88:0d:0e:c9:2f:8b:f7:f7:f5:72:42:19:d9:58:
ba:dd:c7:8a:bc:81:c5:fa:20:32:d9:eb:6f:97:be:
f7:9a:40:e4:63:0d:66:aa:2a:2c:55:81:49:72:25:
c1:69:c2:87:bd:f2:6f:f2:5b:e6:d1:de:c2:84:fb:
4f:54:65:67:82:e9:a1:dc:33:5e:d8:c8:8f:41:ff:
99:5d:15:de:d5:67:e8:1a:da:d7:be:1b:87:c7:e6:
ee:10:5a:2e:12:cd:0a:ef:fd:58:12:b6:1e:33:63:
a7:72:e0:68:91:41:26:42:30:fe:d0:70:61:5a:99:
50:d8:7e:cf:93:68:f0:81:bb:50:ad:b5:10:9a:8c:
92:91:1b:80:61:fb:3c:1a:7d:62:30:09:44:b8:52:
cc:a0:74:39:70:22:30:29:91:37:e3:2d:f3:d8:73:
03:41:67:99:f4:95:a1:d4:30:c9:ca:a6:7a:0d:28:
18:5d:32:ae:34:26:b6:17:5e:bf:ba:ac:e9:73:95:
a8:d8:38:ad:a6:0c:6f:29:a7:f6:e7:0d:3a:a4:ed:
a4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:35:D3:7D:4E:EF:23:BD:0C:AC:42:17:13:16:71:2C:77:F9:BF:BC
X509v3 Authority Key Identifier:
keyid:63:C0:5A:FA:0D:C9:A5:F8:F6:18:C3:ED:2E:EC:67:2E:C3:8F:6F:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y8Ba-g3Jpfj2GMPtLuxnLsOPb-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/c4a70e-f7a8-4aa0-98c6-23e09652b3d8/1/PTXTfU7vI70MrEIXExZxLHf5v7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/c4a70e-f7a8-4aa0-98c6-23e09652b3d8/1/Y8Ba-g3Jpfj2GMPtLuxnLsOPb-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.216.0/23
185.41.116.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:13:f3:81:89:37:3a:6a:4f:b8:0c:8d:55:6e:3e:83:df:9d:
4f:09:bc:76:80:1c:d1:2f:4c:41:eb:84:43:47:27:91:b5:6a:
f7:fd:4d:a8:42:45:25:46:3d:0f:72:80:31:57:57:53:23:e1:
47:5b:b4:c3:34:37:86:f8:cd:6b:f6:58:6a:17:96:12:5a:fd:
16:ba:4a:6d:59:23:a8:3d:a0:27:42:58:af:94:0a:c4:f4:f5:
16:95:18:b3:c0:a1:ad:17:04:3d:7e:de:51:1c:26:8b:a3:32:
00:25:54:34:a7:7c:f0:c4:ae:9a:6d:26:1b:9a:a1:eb:16:a6:
23:56:fb:2f:4d:ce:f7:32:53:6a:7d:b3:ca:a7:dd:e7:7e:04:
a0:6d:41:d4:17:ca:de:ca:da:f0:2f:8d:4f:47:38:f0:42:4c:
4f:02:fa:69:e1:4a:6a:99:50:7f:c4:99:b4:6c:7b:f2:7d:0f:
3d:87:4d:2a:e4:d4:06:7e:e9:91:9e:f1:c6:dc:03:97:41:44:
5d:28:24:56:d5:d8:d9:47:66:bd:69:70:35:3a:b3:4a:b5:c8:
1a:ce:94:37:2b:c2:2c:b3:00:4d:49:f8:ac:0b:79:19:85:28:
76:dd:81:63:f1:ea:5d:85:19:b0:bc:6d:92:30:ed:98:58:6c:
c0:b0:2f:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrbpvhFlHSU4eGVMZeQtdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYzA1YWZhMGRjOWE1ZjhmNjE4YzNlZDJlZWM2NzJlYzM4
ZjZmZWYwHhcNMjMwMTAxMDM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDM1ZDM3ZDRlZWYyM2JkMGNhYzQyMTcxMzE2NzEyYzc3ZjliZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvmmKFJxqU0YCKTae+h4lRRFvXEl
gdF0m+v40fns0BSf6uWZfiM1HS/ElvT2iA0OyS+L9/f1ckIZ2Vi63ceKvIHF+iAy
2etvl773mkDkYw1mqiosVYFJciXBacKHvfJv8lvm0d7ChPtPVGVngumh3DNe2MiP
Qf+ZXRXe1WfoGtrXvhuHx+buEFouEs0K7/1YErYeM2OncuBokUEmQjD+0HBhWplQ
2H7Pk2jwgbtQrbUQmoySkRuAYfs8Gn1iMAlEuFLMoHQ5cCIwKZE34y3z2HMDQWeZ
9JWh1DDJyqZ6DSgYXTKuNCa2F16/uqzpc5Wo2DitpgxvKaf25w06pO2kewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD01031O7yO9DKxCFxMWcSx3+b+8MB8GA1UdIwQY
MBaAFGPAWvoNyaX49hjD7S7sZy7Dj2/vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWThCYS1nM0pwZmoyR01QdEx1eG5Mc09QYi04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9jNGE3MGUtZjdhOC00YWEwLTk4YzYt
MjNlMDk2NTJiM2Q4LzEvUFRYVGZVN3ZJNzBNckVJWEV4WnhMSGY1djd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9jNGE3MGUtZjdhOC00YWEwLTk4YzYtMjNlMDk2NTJiM2Q4
LzEvWThCYS1nM0pwZmoyR01QdEx1eG5Mc09QYi04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+fYAwQC
uSl0MA0GCSqGSIb3DQEBCwUAA4IBAQAdE/OBiTc6ak+4DI1Vbj6D351PCbx2gBzR
L0xB64RDRyeRtWr3/U2oQkUlRj0PcoAxV1dTI+FHW7TDNDeG+M1r9lhqF5YSWv0W
ukptWSOoPaAnQlivlArE9PUWlRizwKGtFwQ9ft5RHCaLozIAJVQ0p3zwxK6abSYb
mqHrFqYjVvsvTc73MlNqfbPKp93nfgSgbUHUF8reytrwL41PRzjwQkxPAvpp4Upq
mVB/xJm0bHvyfQ89h00q5NQGfumRnvHG3AOXQURdKCRW1djZR2a9aXA1OrNKtcga
zpQ3K8IsswBNSfisC3kZhSh23YFj8epdhRmwvG2SMO2YWGzAsC/+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:39 2024 by rpki-client on console-fra.rpki-client.org