Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/lD4ILG2TKZ9Yg981x-axWq9hhQA.roa
File: lD4ILG2TKZ9Yg981x-axWq9hhQA.roa (raw, json)
Hash identifier: oDs+n+rIda34DbqYvmSyjTid5h7vBSjNdC/dXFutXvk=
Subject key identifier: 94:3E:08:2C:6D:93:29:9F:58:83:DF:35:C7:E6:B1:5A:AF:61:85:00
Certificate issuer: /CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Certificate serial: 01856D0A951AF5F1BC39CDC8675DD423C25B
Authority key identifier: 39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/lD4ILG2TKZ9Yg981x-axWq9hhQA.roa
Signing time: Sun 01 Jan 2023 11:14:47 +0000
ROA not before: Sun 01 Jan 2023 11:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206409
IP address blocks: 90.158.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:95:1a:f5:f1:bc:39:cd:c8:67:5d:d4:23:c2:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Validity
Not Before: Jan 1 11:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=943e082c6d93299f5883df35c7e6b15aaf618500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b0:41:b8:62:88:a9:6f:0e:e7:d6:b4:f1:6e:
a8:86:ff:1d:d8:80:d9:99:a7:97:79:61:7f:df:17:
84:55:16:a4:b4:e2:e6:0a:6b:f5:54:d3:14:09:76:
4d:50:37:d2:f9:d3:10:e7:24:91:9a:85:a4:c7:4f:
d8:43:b3:07:64:7d:46:88:42:7f:5f:1c:df:95:02:
73:88:18:7d:99:b8:11:ee:e0:3d:ae:b1:65:60:65:
dd:17:ee:7b:7b:a8:ac:ec:15:de:b5:51:df:ce:51:
68:a4:ee:03:f5:15:9c:00:79:bb:89:7a:b1:14:e5:
1b:9d:dd:39:38:60:cd:f6:0f:75:20:b5:7e:46:ea:
24:eb:4c:eb:6f:26:bc:fa:52:7d:f8:e8:e0:4e:9e:
18:f4:ad:31:2a:b7:b5:48:ec:90:1f:a5:ae:88:28:
02:51:ab:94:dc:3a:b2:95:b8:00:4a:08:c5:5f:c3:
e4:b1:eb:fd:76:0b:33:e0:80:4e:a1:70:52:9d:42:
a3:1e:ed:9c:6d:46:24:ff:a6:a0:59:09:0e:33:d3:
17:ec:50:3c:1d:d6:08:ad:3c:98:c3:34:1a:6f:f3:
4c:33:40:59:c9:94:11:77:d0:71:b5:f9:a0:f7:3b:
c4:19:7d:92:0b:91:85:94:6b:54:3d:9f:a0:3e:a2:
15:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:3E:08:2C:6D:93:29:9F:58:83:DF:35:C7:E6:B1:5A:AF:61:85:00
X509v3 Authority Key Identifier:
keyid:39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/lD4ILG2TKZ9Yg981x-axWq9hhQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.158.17.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:00:7d:51:2f:10:82:82:dd:46:a7:1c:bf:b6:b0:e4:81:ad:
f8:dc:40:be:54:50:db:b6:d4:10:c7:a4:a0:55:e2:28:66:77:
25:c3:75:32:d4:79:c4:ab:ba:03:ee:2c:d6:d8:0c:43:eb:f9:
2c:38:7c:c0:8e:b6:08:3f:f0:c0:ac:32:d1:25:82:25:cd:04:
11:4b:ca:c3:65:d6:8e:d4:24:4b:32:f9:5e:30:6f:df:08:19:
19:dd:a3:db:dc:85:80:71:1e:5c:ca:29:8c:fc:c2:b9:77:95:
11:48:40:4f:43:61:66:c1:80:60:bd:9f:a7:b3:16:b3:65:9b:
67:81:16:2b:b2:33:1e:a1:57:9c:30:70:af:ab:42:1c:32:33:
f4:eb:7b:40:c4:e5:c8:4b:29:98:f0:f2:d6:1b:23:eb:b2:7f:
09:2b:70:50:72:4b:cd:9f:92:9f:ef:4b:b5:db:85:c0:ae:2c:
51:c1:8b:70:27:c3:85:cf:31:ed:f2:36:9f:31:ff:66:d9:6c:
f2:1f:96:27:cb:7b:10:92:4f:50:f5:c0:14:42:c4:04:26:f8:
9c:3a:4c:6b:8a:93:36:46:e7:56:d1:13:f6:24:70:b5:10:51:
fb:4f:44:74:cc:7c:56:a2:b1:2e:36:b8:37:9b:25:30:1b:f1:
55:65:29:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCpUa9fG8Oc3IZ13UI8JbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MTlmMmFkOTE1ODRiYWZmMDQ2NzQ0N2JhYzhmYjk3OGQx
ZjlkZDMwHhcNMjMwMTAxMTExNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDNlMDgyYzZkOTMyOTlmNTg4M2RmMzVjN2U2YjE1YWFmNjE4NTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrBBuGKIqW8O59a08W6ohv8d2IDZ
maeXeWF/3xeEVRaktOLmCmv1VNMUCXZNUDfS+dMQ5ySRmoWkx0/YQ7MHZH1GiEJ/
XxzflQJziBh9mbgR7uA9rrFlYGXdF+57e6is7BXetVHfzlFopO4D9RWcAHm7iXqx
FOUbnd05OGDN9g91ILV+Ruok60zrbya8+lJ9+OjgTp4Y9K0xKre1SOyQH6WuiCgC
UauU3DqylbgASgjFX8Pksev9dgsz4IBOoXBSnUKjHu2cbUYk/6agWQkOM9MX7FA8
HdYIrTyYwzQab/NMM0BZyZQRd9Bxtfmg9zvEGX2SC5GFlGtUPZ+gPqIVMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQ+CCxtkymfWIPfNcfmsVqvYYUAMB8GA1UdIwQY
MBaAFDkZ8q2RWEuv8EZ0R7rI+5eNH53TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUt
MzJhYTY3MzFjMjkxLzEvbEQ0SUxHMlRLWjlZZzk4MXgtYXhXcTloaFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUtMzJhYTY3MzFjMjkx
LzEvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWp4RMA0G
CSqGSIb3DQEBCwUAA4IBAQArAH1RLxCCgt1Gpxy/trDkga343EC+VFDbttQQx6Sg
VeIoZnclw3Uy1HnEq7oD7izW2AxD6/ksOHzAjrYIP/DArDLRJYIlzQQRS8rDZdaO
1CRLMvleMG/fCBkZ3aPb3IWAcR5cyimM/MK5d5URSEBPQ2FmwYBgvZ+nsxazZZtn
gRYrsjMeoVecMHCvq0IcMjP063tAxOXISymY8PLWGyPrsn8JK3BQckvNn5Kf70u1
24XArixRwYtwJ8OFzzHt8jafMf9m2WzyH5Yny3sQkk9Q9cAUQsQEJvicOkxripM2
RudW0RP2JHC1EFH7T0R0zHxWorEuNrg3myUwG/FVZSm0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:14 2024 by rpki-client on console-fra.rpki-client.org