Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/9b81fe-67d2-4948-b4b1-2b785b72b4f4/1/kEtr8HG-pS-loQ3M1aXmY221DjM.roa
File: kEtr8HG-pS-loQ3M1aXmY221DjM.roa (raw, json)
Hash identifier: h1IxSFkO6dqvRBhxsI0A0EncglbD3+tuocoGspN0lO8=
Subject key identifier: 90:4B:6B:F0:71:BE:A5:2F:A5:A1:0D:CC:D5:A5:E6:63:6D:B5:0E:33
Certificate issuer: /CN=8f156e69f9444c2b06687256085b6a7a4e9887f6
Certificate serial: 018615E84AEF770914C5A40661C9A822F8FC
Authority key identifier: 8F:15:6E:69:F9:44:4C:2B:06:68:72:56:08:5B:6A:7A:4E:98:87:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jxVuaflETCsGaHJWCFtqek6Yh_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/9b81fe-67d2-4948-b4b1-2b785b72b4f4/1/kEtr8HG-pS-loQ3M1aXmY221DjM.roa
Signing time: Fri 03 Feb 2023 06:13:10 +0000
ROA not before: Fri 03 Feb 2023 06:13:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51200
IP address blocks: 91.230.137.0/24 maxlen: 24
91.230.136.0/22 maxlen: 22
91.230.136.0/24 maxlen: 24
91.230.139.0/24 maxlen: 24
91.230.138.0/24 maxlen: 24
2001:67c:2b88::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:15:e8:4a:ef:77:09:14:c5:a4:06:61:c9:a8:22:f8:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f156e69f9444c2b06687256085b6a7a4e9887f6
Validity
Not Before: Feb 3 06:13:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=904b6bf071bea52fa5a10dccd5a5e6636db50e33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a0:38:24:1c:fc:ca:d0:47:58:1d:a1:75:dd:
08:90:63:85:19:28:bd:88:25:10:de:2a:83:1a:19:
0e:1e:f3:0b:03:19:fe:cb:ec:f3:03:c6:6e:d7:b5:
79:dc:46:ab:9f:84:bf:4e:aa:d8:39:70:12:e4:b7:
c5:08:c6:6f:5e:c1:4d:00:f8:0e:7a:f3:d4:45:39:
63:0e:07:02:8f:ff:ba:2a:21:c9:84:dd:2c:6e:63:
bc:1e:7b:43:62:e4:9e:78:20:d2:9d:2d:d3:cb:84:
bc:43:d3:41:6f:be:83:75:20:24:9f:ea:cd:32:28:
bd:5a:4a:81:b9:1f:66:1a:0a:2e:a5:0d:f1:c3:f0:
1c:6f:70:d6:07:35:c5:c7:8a:84:9e:c3:a9:05:18:
96:ba:ab:a9:1b:00:fb:38:a0:8c:f0:4a:0c:12:5c:
10:a6:41:d2:73:81:99:51:f7:eb:6c:be:77:eb:84:
0e:31:21:47:ad:bb:c9:af:a6:e3:c3:ef:57:30:cb:
16:d4:5d:6d:4c:f2:62:14:9a:3e:10:5a:13:4d:b3:
ee:0f:07:7d:2b:5a:6b:43:a8:19:c9:33:69:34:9d:
48:c6:c4:51:20:c3:06:d4:26:ae:04:1a:5d:a4:6a:
ff:dd:3c:43:36:26:88:a9:45:97:c0:93:ed:3c:d3:
85:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4B:6B:F0:71:BE:A5:2F:A5:A1:0D:CC:D5:A5:E6:63:6D:B5:0E:33
X509v3 Authority Key Identifier:
keyid:8F:15:6E:69:F9:44:4C:2B:06:68:72:56:08:5B:6A:7A:4E:98:87:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jxVuaflETCsGaHJWCFtqek6Yh_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9b81fe-67d2-4948-b4b1-2b785b72b4f4/1/kEtr8HG-pS-loQ3M1aXmY221DjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9b81fe-67d2-4948-b4b1-2b785b72b4f4/1/jxVuaflETCsGaHJWCFtqek6Yh_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.136.0/22
IPv6:
2001:67c:2b88::/48
Signature Algorithm: sha256WithRSAEncryption
43:7a:8a:93:51:33:09:98:cb:b2:68:ca:a8:b6:1f:25:0b:6c:
17:2a:d4:85:a2:71:e2:8d:21:b1:51:47:b2:fd:a6:03:31:5e:
2e:f9:f0:07:91:05:98:6d:d0:68:66:62:32:07:87:82:1e:01:
fe:40:b8:39:4c:88:64:c8:0a:9d:e3:05:71:43:4c:4f:f0:af:
80:f0:12:1c:c2:19:20:68:c9:8f:5e:b5:1e:b4:33:53:ad:6f:
70:57:26:1c:32:1b:8e:d4:7e:47:77:3f:59:38:9a:f7:14:26:
be:d8:41:97:94:3f:e8:17:b5:bf:d2:5a:6a:1b:a9:e6:6a:02:
f8:57:97:3c:d6:fd:2a:a4:28:56:1f:29:74:2e:44:0b:9e:3d:
a8:3b:a5:af:c4:6e:6b:c4:8c:f6:d5:82:e7:e6:59:bb:6c:b2:
31:ba:6f:40:74:fc:cd:cc:a7:7e:02:af:4b:d8:39:22:6a:89:
cf:b2:c4:80:aa:69:3d:cf:94:9d:4b:8d:b0:f6:a9:cc:37:46:
d7:c8:c7:d4:da:ba:86:ba:ac:2e:28:dc:6f:ee:62:41:3f:42:
7e:2a:72:06:64:b4:cb:9a:be:ea:0e:4f:b8:66:fb:07:21:13:
60:6d:79:de:42:27:c8:50:cf:02:bc:99:e6:ab:97:5a:e1:a1:
42:b2:1c:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYV6ErvdwkUxaQGYcmoIvj8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMTU2ZTY5Zjk0NDRjMmIwNjY4NzI1NjA4NWI2YTdhNGU5
ODg3ZjYwHhcNMjMwMjAzMDYxMzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDRiNmJmMDcxYmVhNTJmYTVhMTBkY2NkNWE1ZTY2MzZkYjUwZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKA4JBz8ytBHWB2hdd0IkGOFGSi9
iCUQ3iqDGhkOHvMLAxn+y+zzA8Zu17V53Earn4S/TqrYOXAS5LfFCMZvXsFNAPgO
evPURTljDgcCj/+6KiHJhN0sbmO8HntDYuSeeCDSnS3Ty4S8Q9NBb76DdSAkn+rN
Mii9WkqBuR9mGgoupQ3xw/Acb3DWBzXFx4qEnsOpBRiWuqupGwD7OKCM8EoMElwQ
pkHSc4GZUffrbL5364QOMSFHrbvJr6bjw+9XMMsW1F1tTPJiFJo+EFoTTbPuDwd9
K1prQ6gZyTNpNJ1IxsRRIMMG1CauBBpdpGr/3TxDNiaIqUWXwJPtPNOFswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJBLa/BxvqUvpaENzNWl5mNttQ4zMB8GA1UdIwQY
MBaAFI8Vbmn5REwrBmhyVghbanpOmIf2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanhWdWFmbEVUQ3NHYUhKV0NGdHFlazZZaF9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85YjgxZmUtNjdkMi00OTQ4LWI0YjEt
MmI3ODViNzJiNGY0LzEva0V0cjhIRy1wUy1sb1EzTTFhWG1ZMjIxRGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85YjgxZmUtNjdkMi00OTQ4LWI0YjEtMmI3ODViNzJiNGY0
LzEvanhWdWFmbEVUQ3NHYUhKV0NGdHFlazZZaF9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW+aIMA8E
AgACMAkDBwAgAQZ8K4gwDQYJKoZIhvcNAQELBQADggEBAEN6ipNRMwmYy7Joyqi2
HyULbBcq1IWiceKNIbFRR7L9pgMxXi758AeRBZht0GhmYjIHh4IeAf5AuDlMiGTI
Cp3jBXFDTE/wr4DwEhzCGSBoyY9etR60M1Otb3BXJhwyG47Ufkd3P1k4mvcUJr7Y
QZeUP+gXtb/SWmobqeZqAvhXlzzW/SqkKFYfKXQuRAuePag7pa/EbmvEjPbVgufm
WbtssjG6b0B0/M3Mp34Cr0vYOSJqic+yxICqaT3PlJ1LjbD2qcw3RtfIx9Tauoa6
rC4o3G/uYkE/Qn4qcgZktMuavuoOT7hm+wchE2Bted5CJ8hQzwK8mearl1rhoUKy
HJs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org