Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/lBNXPRlhxIMi6rFrFhGicXLlEXg.roa
File: lBNXPRlhxIMi6rFrFhGicXLlEXg.roa (raw, json)
Hash identifier: KrCFV564RbhJeg/oStWH5RoUICxiyKkRPeTJiusorIk=
Subject key identifier: 94:13:57:3D:19:61:C4:83:22:EA:B1:6B:16:11:A2:71:72:E5:11:78
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 0187FACECCAC896437AF87A21A677E23BFE5
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/lBNXPRlhxIMi6rFrFhGicXLlEXg.roa
Signing time: Mon 08 May 2023 10:01:09 +0000
ROA not before: Mon 08 May 2023 10:01:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 91.213.189.0/24 maxlen: 24
91.208.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 May 2023 05:56:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fa:ce:cc:ac:89:64:37:af:87:a2:1a:67:7e:23:bf:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: May 8 10:01:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9413573d1961c48322eab16b1611a27172e51178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:52:ae:f2:6f:c8:05:97:13:3f:31:b1:a0:26:
97:9b:86:42:40:27:8c:eb:06:55:7e:56:58:3e:9d:
cf:86:6f:e4:5a:cf:65:cd:93:7a:33:dc:0b:7e:07:
0f:28:4c:9b:67:53:70:b5:d3:00:5e:93:5c:74:87:
83:95:83:88:f3:da:49:21:e9:80:bd:3a:6a:ba:78:
39:fd:5f:7b:c7:61:4d:b3:de:4d:05:7f:43:3e:4a:
fc:78:5e:a7:6e:ad:34:ed:5c:5c:7b:00:db:2d:bb:
d6:65:20:0c:28:f9:a4:7d:43:16:bd:df:e6:e8:32:
c8:c7:14:9b:a1:3e:35:9f:fd:5b:c1:ba:31:e2:d6:
6b:6b:52:fd:e5:c8:df:bd:18:ea:44:c6:8e:aa:bd:
de:e4:eb:fe:e2:fe:28:6f:80:51:95:62:b4:69:ea:
39:1b:57:d2:1a:87:48:19:b3:82:31:38:35:ea:ff:
55:48:a0:c3:97:87:d2:eb:a6:05:94:29:d4:d9:9d:
85:43:b9:db:30:ed:7a:33:2f:a7:87:0d:ba:d7:fb:
21:c3:43:33:c5:9a:c2:c6:76:b8:08:81:01:f1:a0:
a6:6b:47:ba:df:d7:bb:9e:73:c1:02:2a:f7:94:87:
6c:76:e2:ff:11:f8:b4:b7:92:b7:9b:58:94:9d:87:
71:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:13:57:3D:19:61:C4:83:22:EA:B1:6B:16:11:A2:71:72:E5:11:78
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/lBNXPRlhxIMi6rFrFhGicXLlEXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.109.0/24
91.213.189.0/24
Signature Algorithm: sha256WithRSAEncryption
86:63:66:d6:bb:ae:08:de:1f:3e:0c:da:4d:54:73:1a:bf:aa:
11:3c:79:8b:9a:b5:41:1c:93:89:86:ed:e1:15:9c:33:9e:12:
b4:22:70:bc:47:2f:67:d5:59:69:b9:f1:ed:b8:5b:78:5d:cf:
15:31:21:ce:17:91:86:13:b3:d4:cc:ad:6e:67:ef:38:78:a0:
d1:e8:62:0f:ed:29:57:ff:9c:43:2f:02:5b:18:2c:fb:fd:6a:
42:8e:02:21:f0:99:80:0a:a2:a3:41:c4:aa:c9:6c:13:a3:14:
30:3c:d0:af:e7:6c:3a:2f:6e:a2:01:42:7f:ec:30:92:83:19:
bf:7f:8a:fb:d2:52:50:77:3c:1f:db:22:0c:7c:a3:5b:62:9d:
6a:a9:90:c5:26:75:a2:27:c4:a0:49:a4:d9:62:fa:81:88:f3:
fd:01:c3:8d:9b:cf:77:ba:32:a2:fd:3b:29:73:a3:1a:3f:23:
53:ba:57:80:a5:6c:07:a0:c7:10:ce:06:25:41:6e:c5:f0:ab:
3a:77:c9:fc:b6:f6:ef:a0:02:e0:57:57:d4:0b:de:3c:b4:71:
0c:b3:b2:75:d4:eb:50:62:15:ba:37:44:0f:e6:86:0c:37:00:
c8:a2:51:db:13:b2:6f:1d:11:bc:8b:cd:6f:78:0c:b6:21:6a:
06:9a:89:3c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYf6zsysiWQ3r4eiGmd+I7/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwNTA4MTAwMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDEzNTczZDE5NjFjNDgzMjJlYWIxNmIxNjExYTI3MTcyZTUxMTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFKu8m/IBZcTPzGxoCaXm4ZCQCeM
6wZVflZYPp3Phm/kWs9lzZN6M9wLfgcPKEybZ1NwtdMAXpNcdIeDlYOI89pJIemA
vTpqung5/V97x2FNs95NBX9DPkr8eF6nbq007VxcewDbLbvWZSAMKPmkfUMWvd/m
6DLIxxSboT41n/1bwbox4tZra1L95cjfvRjqRMaOqr3e5Ov+4v4ob4BRlWK0aeo5
G1fSGodIGbOCMTg16v9VSKDDl4fS66YFlCnU2Z2FQ7nbMO16My+nhw261/shw0Mz
xZrCxna4CIEB8aCma0e639e7nnPBAir3lIdsduL/Efi0t5K3m1iUnYdxPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJQTVz0ZYcSDIuqxaxYRonFy5RF4MB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvbEJOWFBSbGh4SU1pNnJGckZoR2ljWExsRVhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9BtAwQA
W9W9MA0GCSqGSIb3DQEBCwUAA4IBAQCGY2bWu64I3h8+DNpNVHMav6oRPHmLmrVB
HJOJhu3hFZwznhK0InC8Ry9n1VlpufHtuFt4Xc8VMSHOF5GGE7PUzK1uZ+84eKDR
6GIP7SlX/5xDLwJbGCz7/WpCjgIh8JmACqKjQcSqyWwToxQwPNCv52w6L26iAUJ/
7DCSgxm/f4r70lJQdzwf2yIMfKNbYp1qqZDFJnWiJ8SgSaTZYvqBiPP9AcONm893
ujKi/Tspc6MaPyNTuleApWwHoMcQzgYlQW7F8Ks6d8n8tvbvoALgV1fUC948tHEM
s7J11OtQYhW6N0QP5oYMNwDIolHbE7JvHRG8i81veAy2IWoGmok8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:13 2024 by rpki-client on console-fra.rpki-client.org