Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/IdiwaEtqnZZ3qgHmgTWnOtCgVGM.roa
File: IdiwaEtqnZZ3qgHmgTWnOtCgVGM.roa (raw, json)
Hash identifier: PKMWMxTJmVaOADB6687Fbiq+x5rKhrPy6A3AkAE7Ss4=
Subject key identifier: 21:D8:B0:68:4B:6A:9D:96:77:AA:01:E6:81:35:A7:3A:D0:A0:54:63
Certificate issuer: /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial: 0186FEBC20A308A20C588081790DA85BBFCA
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/IdiwaEtqnZZ3qgHmgTWnOtCgVGM.roa
Signing time: Mon 20 Mar 2023 11:16:27 +0000
ROA not before: Mon 20 Mar 2023 11:16:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 91.193.252.0/24 maxlen: 24
93.89.218.0/24 maxlen: 24
93.89.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Mar 2023 06:57:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fe:bc:20:a3:08:a2:0c:58:80:81:79:0d:a8:5b:bf:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Validity
Not Before: Mar 20 11:16:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21d8b0684b6a9d9677aa01e68135a73ad0a05463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:55:9b:d0:56:b7:43:6d:37:84:ec:29:3b:ea:
71:cc:51:2c:47:84:20:91:8f:93:52:de:c4:2a:68:
71:5f:a0:70:92:4a:49:5d:1e:48:44:81:aa:0a:2a:
2d:51:c8:32:20:3d:1c:68:94:cd:4e:5b:ee:74:e4:
28:12:f8:1d:e5:2b:d2:59:e9:8d:d7:8d:c0:f1:62:
f4:30:bf:14:5e:cb:2b:ed:fb:63:82:e1:cd:2b:06:
28:96:0f:5b:c4:46:4c:db:e5:9f:85:79:76:c6:fd:
06:4e:c9:73:23:68:f6:91:83:fd:72:a2:19:db:49:
5b:4e:c9:42:6d:a9:34:7c:cd:dc:55:55:3f:8f:94:
b2:a4:10:3b:b8:ca:4c:a1:56:83:bb:7e:30:95:8e:
78:43:85:40:c9:36:13:77:81:b0:35:18:6f:0c:ea:
cf:07:ab:05:3e:c3:e5:00:12:7f:d0:27:51:aa:ec:
a3:90:32:e0:1e:cd:27:c1:2e:a8:52:b4:a7:c8:d2:
9c:c7:3a:0c:d9:23:89:3a:59:2e:a7:ae:18:a6:83:
b9:33:5f:03:68:05:68:f5:9d:46:1a:48:29:4f:5c:
0e:77:6f:0e:34:d8:83:1c:e4:ef:09:b5:ed:16:b8:
87:82:95:1f:29:d2:b8:e8:c1:5d:32:89:88:fa:eb:
aa:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D8:B0:68:4B:6A:9D:96:77:AA:01:E6:81:35:A7:3A:D0:A0:54:63
X509v3 Authority Key Identifier:
keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/IdiwaEtqnZZ3qgHmgTWnOtCgVGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.252.0/24
93.89.215.0/24
93.89.218.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:55:6a:fd:28:af:e1:26:05:59:ec:7c:74:3b:dc:7f:ad:7c:
61:e2:4c:81:47:ec:45:a8:be:87:c4:80:52:7c:f7:49:7c:3f:
f7:90:b1:ce:ed:c5:aa:7f:83:d5:b5:4c:a8:cc:1f:ef:97:c0:
21:fe:98:4d:b2:65:3d:50:fc:04:7c:70:70:3b:b6:1b:c6:5c:
62:d0:a3:17:ee:eb:cc:7f:d3:99:f7:20:51:67:db:48:2a:c2:
27:92:48:6c:f0:fb:31:25:be:88:3d:d6:50:20:35:d8:86:67:
bc:4c:93:61:1d:17:df:c6:67:26:63:90:5f:47:32:ed:03:d6:
b4:26:e3:51:f5:68:43:6b:7f:92:ce:43:fb:1e:78:b2:f7:d8:
69:c0:7e:d1:1e:2d:5c:64:d8:be:9f:14:23:6c:f3:2e:e8:25:
f9:37:a6:3a:9a:da:4f:c6:39:40:20:6d:d5:20:03:b5:af:b8:
19:19:f8:9a:b4:c8:ae:ed:3d:2c:77:7c:fc:78:a8:38:50:f6:
ad:6e:ed:e6:a3:40:a1:cc:c7:57:31:ea:38:cb:cf:e8:c0:d6:
bb:aa:cb:d4:a7:4b:97:0b:f1:da:50:ec:ea:af:e4:ec:0c:2b:
d0:ed:88:69:4a:03:3b:7b:8a:5e:6e:b7:d2:1b:ce:ba:39:97:
58:fc:43:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYb+vCCjCKIMWICBeQ2oW7/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjMwMzIwMTExNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWQ4YjA2ODRiNmE5ZDk2NzdhYTAxZTY4MTM1YTczYWQwYTA1NDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlWb0Fa3Q203hOwpO+pxzFEsR4Qg
kY+TUt7EKmhxX6BwkkpJXR5IRIGqCiotUcgyID0caJTNTlvudOQoEvgd5SvSWemN
143A8WL0ML8UXssr7ftjguHNKwYolg9bxEZM2+WfhXl2xv0GTslzI2j2kYP9cqIZ
20lbTslCbak0fM3cVVU/j5SypBA7uMpMoVaDu34wlY54Q4VAyTYTd4GwNRhvDOrP
B6sFPsPlABJ/0CdRquyjkDLgHs0nwS6oUrSnyNKcxzoM2SOJOlkup64YpoO5M18D
aAVo9Z1GGkgpT1wOd28ONNiDHOTvCbXtFriHgpUfKdK46MFdMomI+uuqPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCHYsGhLap2Wd6oB5oE1pzrQoFRjMB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvSWRpd2FFdHFuWlozcWdIbWdUV25PdENnVkdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8H8AwQA
XVnXAwQAXVnaMA0GCSqGSIb3DQEBCwUAA4IBAQBKVWr9KK/hJgVZ7Hx0O9x/rXxh
4kyBR+xFqL6HxIBSfPdJfD/3kLHO7cWqf4PVtUyozB/vl8Ah/phNsmU9UPwEfHBw
O7Ybxlxi0KMX7uvMf9OZ9yBRZ9tIKsInkkhs8PsxJb6IPdZQIDXYhme8TJNhHRff
xmcmY5BfRzLtA9a0JuNR9WhDa3+SzkP7Hniy99hpwH7RHi1cZNi+nxQjbPMu6CX5
N6Y6mtpPxjlAIG3VIAO1r7gZGfiatMiu7T0sd3z8eKg4UPatbu3mo0ChzMdXMeo4
y8/owNa7qsvUp0uXC/HaUOzqr+TsDCvQ7YhpSgM7e4pebrfSG866OZdY/EMW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:25 2024 by rpki-client on console-ams.rpki-client.org