Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/77c074-da25-45e8-9d26-54c16b9cc118/1/3STjqV8bVF0IVCKK77Eb55PaxC4.roa
File: 3STjqV8bVF0IVCKK77Eb55PaxC4.roa (raw, json)
Hash identifier: U8/3o3UgEhbYVHRLMvc/rt17hZLnPNMIhEu3R92j0D4=
Subject key identifier: DD:24:E3:A9:5F:1B:54:5D:08:54:22:8A:EF:B1:1B:E7:93:DA:C4:2E
Certificate issuer: /CN=66719ec516f11540da4c4e7e4b7f5b377d9fd25b
Certificate serial: 018968A899DF53631FF67C87C2AB8AE2DB6A
Authority key identifier: 66:71:9E:C5:16:F1:15:40:DA:4C:4E:7E:4B:7F:5B:37:7D:9F:D2:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZnGexRbxFUDaTE5-S39bN32f0ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/77c074-da25-45e8-9d26-54c16b9cc118/1/3STjqV8bVF0IVCKK77Eb55PaxC4.roa
Signing time: Tue 18 Jul 2023 11:00:27 +0000
ROA not before: Tue 18 Jul 2023 11:00:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8685
IP address blocks: 91.195.138.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:68:a8:99:df:53:63:1f:f6:7c:87:c2:ab:8a:e2:db:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66719ec516f11540da4c4e7e4b7f5b377d9fd25b
Validity
Not Before: Jul 18 11:00:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd24e3a95f1b545d0854228aefb11be793dac42e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ea:c0:6c:9f:48:2f:ea:a2:86:37:7a:c5:a8:
bf:da:9a:ff:e5:bd:28:c2:57:9b:51:dd:c6:35:80:
7c:49:a1:ca:11:15:6b:7e:da:b3:8c:9a:48:f1:8a:
5b:86:57:f0:9d:31:e8:a6:83:00:c2:2a:e3:b1:0a:
dc:2c:6c:e7:eb:0f:13:46:f9:c0:29:ee:0b:e2:7e:
d2:42:79:26:59:8a:7d:1e:5c:0b:2c:38:41:90:8a:
c4:81:fc:5a:72:6d:da:db:03:b7:50:c5:9d:a2:80:
05:2b:21:56:72:67:a2:2b:29:93:a0:82:0f:f0:e3:
04:14:e3:c8:43:f9:1c:07:99:38:8d:4a:b5:aa:7c:
69:07:2b:e5:20:a6:cc:f0:c4:2c:cb:89:f6:20:dc:
b7:1e:0c:3e:bd:53:a1:c0:5e:d9:c4:88:0b:1d:2e:
76:e9:35:68:54:b7:b3:83:98:38:e7:2b:fa:0f:de:
8e:8c:62:b9:66:03:6a:9d:74:04:97:4d:e7:41:bf:
e2:cc:d3:c3:d9:1b:e4:48:f4:7c:63:44:c8:a8:c4:
d6:51:2f:75:0a:08:a5:ea:f7:42:87:af:f1:20:fd:
4f:42:f2:71:0f:60:dd:a0:83:31:46:9e:24:07:9d:
45:a1:32:86:07:8b:69:9a:65:77:90:32:86:44:25:
c9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:24:E3:A9:5F:1B:54:5D:08:54:22:8A:EF:B1:1B:E7:93:DA:C4:2E
X509v3 Authority Key Identifier:
keyid:66:71:9E:C5:16:F1:15:40:DA:4C:4E:7E:4B:7F:5B:37:7D:9F:D2:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZnGexRbxFUDaTE5-S39bN32f0ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/77c074-da25-45e8-9d26-54c16b9cc118/1/3STjqV8bVF0IVCKK77Eb55PaxC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/77c074-da25-45e8-9d26-54c16b9cc118/1/ZnGexRbxFUDaTE5-S39bN32f0ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.138.0/23
Signature Algorithm: sha256WithRSAEncryption
02:70:2b:27:db:2c:b0:e3:0b:1d:3d:f7:d8:6a:3a:ed:30:38:
97:0c:eb:ff:3c:59:d1:85:1a:fc:4d:7c:32:1d:b3:96:af:58:
6c:de:78:b6:89:10:44:20:1f:29:f7:94:ec:b0:a6:5b:61:1a:
91:e4:64:e5:c9:65:b2:aa:84:31:43:49:c1:21:f2:9d:9b:80:
30:fd:1e:ac:a0:91:fe:62:c2:aa:82:ac:89:57:91:e0:7c:d3:
70:23:f7:a0:67:72:ac:3f:16:e4:a1:a1:cb:04:3a:c1:c8:44:
d1:e1:b1:aa:9a:64:7a:40:3a:77:53:53:54:33:97:bc:77:9a:
2c:e4:c5:f1:78:b1:51:56:f0:8d:f8:bd:85:ff:ba:94:8f:c5:
18:51:64:ba:bb:22:b5:e2:f5:51:cf:a8:6a:32:b8:2a:99:6b:
d1:c5:09:40:c5:d4:9c:c9:77:f2:78:a9:cf:de:83:08:be:2f:
6c:9e:52:e8:7f:de:53:4f:29:ae:43:86:2c:ca:24:06:50:e1:
31:0b:dd:f5:15:ff:a5:f7:03:05:cd:4d:c1:d0:22:22:ba:3b:
93:1d:86:0b:45:10:9d:89:77:33:a6:0e:86:65:b3:0c:b5:9b:
50:54:46:28:ce:16:bc:8e:68:f8:23:40:dc:68:29:97:de:3f:
bd:e0:0a:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYloqJnfU2Mf9nyHwquK4ttqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NzE5ZWM1MTZmMTE1NDBkYTRjNGU3ZTRiN2Y1YjM3N2Q5
ZmQyNWIwHhcNMjMwNzE4MTEwMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDI0ZTNhOTVmMWI1NDVkMDg1NDIyOGFlZmIxMWJlNzkzZGFjNDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+rAbJ9IL+qihjd6xai/2pr/5b0o
wlebUd3GNYB8SaHKERVrftqzjJpI8YpbhlfwnTHopoMAwirjsQrcLGzn6w8TRvnA
Ke4L4n7SQnkmWYp9HlwLLDhBkIrEgfxacm3a2wO3UMWdooAFKyFWcmeiKymToIIP
8OMEFOPIQ/kcB5k4jUq1qnxpByvlIKbM8MQsy4n2INy3Hgw+vVOhwF7ZxIgLHS52
6TVoVLezg5g45yv6D96OjGK5ZgNqnXQEl03nQb/izNPD2RvkSPR8Y0TIqMTWUS91
Cgil6vdCh6/xIP1PQvJxD2DdoIMxRp4kB51FoTKGB4tpmmV3kDKGRCXJJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN0k46lfG1RdCFQiiu+xG+eT2sQuMB8GA1UdIwQY
MBaAFGZxnsUW8RVA2kxOfkt/Wzd9n9JbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm5HZXhSYnhGVURhVEU1LVMzOWJOMzJmMGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC83N2MwNzQtZGEyNS00NWU4LTlkMjYt
NTRjMTZiOWNjMTE4LzEvM1NUanFWOGJWRjBJVkNLSzc3RWI1NVBheEM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC83N2MwNzQtZGEyNS00NWU4LTlkMjYtNTRjMTZiOWNjMTE4
LzEvWm5HZXhSYnhGVURhVEU1LVMzOWJOMzJmMGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8OKMA0G
CSqGSIb3DQEBCwUAA4IBAQACcCsn2yyw4wsdPffYajrtMDiXDOv/PFnRhRr8TXwy
HbOWr1hs3ni2iRBEIB8p95TssKZbYRqR5GTlyWWyqoQxQ0nBIfKdm4Aw/R6soJH+
YsKqgqyJV5HgfNNwI/egZ3KsPxbkoaHLBDrByETR4bGqmmR6QDp3U1NUM5e8d5os
5MXxeLFRVvCN+L2F/7qUj8UYUWS6uyK14vVRz6hqMrgqmWvRxQlAxdScyXfyeKnP
3oMIvi9snlLof95TTymuQ4YsyiQGUOExC931Ff+l9wMFzU3B0CIiujuTHYYLRRCd
iXczpg6GZbMMtZtQVEYozha8jmj4I0DcaCmX3j+94Ar1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:50 2024 by rpki-client on console-ams.rpki-client.org