Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/2fcecd-1b6c-4ae9-9d36-6d3812aa5eb5/1/v338tWyOYt2k45IjZfz0U44OekU.roa
File: v338tWyOYt2k45IjZfz0U44OekU.roa (raw, json)
Hash identifier: 1xFJvzce9h6E01tjmoNEm3GGxaV8itOgvgvqu4JmP7A=
Subject key identifier: BF:7D:FC:B5:6C:8E:62:DD:A4:E3:92:23:65:FC:F4:53:8E:0E:7A:45
Certificate issuer: /CN=0239a40bef930438d53cd07f07ff9153e2fb9be8
Certificate serial: 018CC50048B7B23FEB6E1748CDFA7D51EE49
Authority key identifier: 02:39:A4:0B:EF:93:04:38:D5:3C:D0:7F:07:FF:91:53:E2:FB:9B:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjmkC--TBDjVPNB_B_-RU-L7m-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/2fcecd-1b6c-4ae9-9d36-6d3812aa5eb5/1/v338tWyOYt2k45IjZfz0U44OekU.roa
Signing time: Mon 01 Jan 2024 12:29:39 +0000
ROA not before: Mon 01 Jan 2024 12:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 17012
IP address blocks: 91.243.72.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 07:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:48:b7:b2:3f:eb:6e:17:48:cd:fa:7d:51:ee:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0239a40bef930438d53cd07f07ff9153e2fb9be8
Validity
Not Before: Jan 1 12:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf7dfcb56c8e62dda4e3922365fcf4538e0e7a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:78:e6:b9:ad:6c:fa:8f:17:dd:80:82:39:40:
83:4f:b6:76:04:fc:04:cf:ab:5c:09:39:ce:97:16:
22:fd:2c:0c:3b:f4:2e:5f:28:61:1d:d1:2d:62:f6:
e1:05:20:78:4a:66:e6:41:fd:2e:78:7f:ba:67:95:
01:f7:ce:51:b7:2e:43:6a:2e:3d:6f:80:6b:10:ee:
af:03:e7:7b:b2:4a:b8:67:bd:45:5a:63:ef:da:06:
4a:9a:c4:de:67:02:25:13:31:f5:aa:15:04:55:4d:
b1:19:37:0a:2b:3f:c1:9f:00:ea:f7:72:b0:47:66:
cd:02:24:2c:4f:f9:0e:92:73:dd:f1:4d:e7:55:d0:
65:f1:b9:16:21:7c:44:9c:ca:19:83:d9:ab:95:0d:
95:34:97:95:7a:a2:f3:cf:4d:8d:fe:58:66:2c:4a:
c6:ae:3d:29:3c:44:c9:16:f7:c6:41:53:04:9c:15:
b1:e6:cd:e3:77:41:c9:ba:3f:2d:2c:b1:f9:65:6c:
21:79:42:dd:ac:29:8e:b5:f0:b8:05:93:e4:86:96:
88:3a:9d:5e:10:ea:d7:73:b4:b5:b7:16:5a:b8:ab:
53:9f:90:80:aa:f2:cf:0c:78:c8:6c:12:fc:ec:40:
d8:31:bc:09:30:1e:43:9e:bd:e1:dc:be:8e:1f:0e:
74:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:7D:FC:B5:6C:8E:62:DD:A4:E3:92:23:65:FC:F4:53:8E:0E:7A:45
X509v3 Authority Key Identifier:
keyid:02:39:A4:0B:EF:93:04:38:D5:3C:D0:7F:07:FF:91:53:E2:FB:9B:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjmkC--TBDjVPNB_B_-RU-L7m-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2fcecd-1b6c-4ae9-9d36-6d3812aa5eb5/1/v338tWyOYt2k45IjZfz0U44OekU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2fcecd-1b6c-4ae9-9d36-6d3812aa5eb5/1/AjmkC--TBDjVPNB_B_-RU-L7m-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.72.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:b5:8e:c9:92:fe:1c:f6:a3:ca:a6:5d:8c:7e:22:33:97:75:
98:02:68:a9:dc:26:6f:97:70:ca:e5:0c:3e:80:cd:ec:3e:31:
37:d8:59:fa:20:fb:b6:87:36:fb:5e:f5:0b:4c:6b:ba:43:65:
a9:04:69:a2:0b:01:25:18:e3:ab:a6:04:e4:09:4f:11:ff:b7:
d6:8d:04:ae:c0:0c:7d:c9:af:e4:ce:ae:47:93:d9:c3:96:c1:
a0:82:c2:12:b1:68:80:70:fa:7b:16:76:3c:b4:93:f0:1d:c2:
66:bd:8c:f8:c2:11:26:bb:0d:7a:96:7b:b1:f3:e9:17:11:27:
6d:e0:dd:35:1f:35:1a:a6:75:6a:60:47:87:cf:f5:4f:f7:7d:
ff:cb:b8:df:b1:ed:39:80:a5:62:a7:ba:12:79:1e:7c:1e:4d:
fd:d6:61:e9:88:f8:eb:c2:a8:13:99:02:a0:3e:43:cf:ff:3a:
c4:06:ab:75:90:ad:53:f9:5c:9d:7e:65:fd:32:82:d6:a6:78:
aa:bf:0c:7e:79:0c:ce:0c:f3:0b:9e:94:69:95:45:1f:ce:7a:
bc:4f:b3:78:44:29:da:61:91:72:9c:57:a9:54:17:c2:73:05:
95:f3:6b:3c:df:8c:b4:05:55:e2:58:2a:57:ac:76:79:af:2d:
88:5a:f7:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAEi3sj/rbhdIzfp9Ue5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzlhNDBiZWY5MzA0MzhkNTNjZDA3ZjA3ZmY5MTUzZTJm
YjliZTgwHhcNMjQwMTAxMTIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjdkZmNiNTZjOGU2MmRkYTRlMzkyMjM2NWZjZjQ1MzhlMGU3YTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHjmua1s+o8X3YCCOUCDT7Z2BPwE
z6tcCTnOlxYi/SwMO/QuXyhhHdEtYvbhBSB4SmbmQf0ueH+6Z5UB985Rty5Dai49
b4BrEO6vA+d7skq4Z71FWmPv2gZKmsTeZwIlEzH1qhUEVU2xGTcKKz/BnwDq93Kw
R2bNAiQsT/kOknPd8U3nVdBl8bkWIXxEnMoZg9mrlQ2VNJeVeqLzz02N/lhmLErG
rj0pPETJFvfGQVMEnBWx5s3jd0HJuj8tLLH5ZWwheULdrCmOtfC4BZPkhpaIOp1e
EOrXc7S1txZauKtTn5CAqvLPDHjIbBL87EDYMbwJMB5Dnr3h3L6OHw50aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL99/LVsjmLdpOOSI2X89FOODnpFMB8GA1UdIwQY
MBaAFAI5pAvvkwQ41TzQfwf/kVPi+5voMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpta0MtLVRCRGpWUE5CX0JfLVJVLUw3bS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8yZmNlY2QtMWI2Yy00YWU5LTlkMzYt
NmQzODEyYWE1ZWI1LzEvdjMzOHRXeU9ZdDJrNDVJalpmejBVNDRPZWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8yZmNlY2QtMWI2Yy00YWU5LTlkMzYtNmQzODEyYWE1ZWI1
LzEvQWpta0MtLVRCRGpWUE5CX0JfLVJVLUw3bS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW/NIMA0G
CSqGSIb3DQEBCwUAA4IBAQBctY7Jkv4c9qPKpl2MfiIzl3WYAmip3CZvl3DK5Qw+
gM3sPjE32Fn6IPu2hzb7XvULTGu6Q2WpBGmiCwElGOOrpgTkCU8R/7fWjQSuwAx9
ya/kzq5Hk9nDlsGggsISsWiAcPp7FnY8tJPwHcJmvYz4whEmuw16lnux8+kXESdt
4N01HzUapnVqYEeHz/VP933/y7jfse05gKVip7oSeR58Hk391mHpiPjrwqgTmQKg
PkPP/zrEBqt1kK1T+VydfmX9MoLWpniqvwx+eQzODPMLnpRplUUfznq8T7N4RCna
YZFynFepVBfCcwWV82s834y0BVXiWCpXrHZ5ry2IWveH
-----END CERTIFICATE-----
Generated at Mon Sep 23 09:33:21 2024 by rpki-client on console-fra.rpki-client.org