Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/b5v6YBL0ISpGl_IdZvjS8fc0_8s.roa
File: b5v6YBL0ISpGl_IdZvjS8fc0_8s.roa (raw, json)
Hash identifier: Sywni3TU+IQsfS5TX3o/SLHnBNi8WPUGkxSE2OfrBio=
Subject key identifier: 6F:9B:FA:60:12:F4:21:2A:46:97:F2:1D:66:F8:D2:F1:F7:34:FF:CB
Certificate issuer: /CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Certificate serial: 018D837ABCB4F10ADCC4EDE80937C2B8853C
Authority key identifier: F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/b5v6YBL0ISpGl_IdZvjS8fc0_8s.roa
Signing time: Wed 07 Feb 2024 12:11:15 +0000
ROA not before: Wed 07 Feb 2024 12:11:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58172
IP address blocks: 91.239.101.0/24 maxlen: 24
128.127.100.0/24 maxlen: 24
128.127.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Feb 2024 09:59:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:7a:bc:b4:f1:0a:dc:c4:ed:e8:09:37:c2:b8:85:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Validity
Not Before: Feb 7 12:11:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f9bfa6012f4212a4697f21d66f8d2f1f734ffcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:df:25:6d:ce:0b:05:30:0f:2e:b5:44:95:03:
78:b2:06:1f:2a:15:75:66:0b:30:4c:f3:ab:07:5c:
f6:27:81:27:3c:9f:40:fb:fa:61:06:8d:92:a4:45:
8d:29:5c:f8:7b:f0:6a:12:f3:06:be:19:03:ca:85:
70:e8:75:b6:90:b7:ad:e5:23:5c:02:ef:ef:e2:68:
8f:a2:67:a5:e6:e1:52:28:aa:e2:21:18:ea:da:85:
0f:a9:c0:fb:4c:e7:9c:e9:41:43:46:3d:01:45:39:
d5:71:ad:98:9a:be:0d:c9:8b:c0:93:61:6a:29:18:
2e:93:6d:0a:84:eb:e4:66:e1:98:3e:0e:d3:2e:4b:
81:c1:40:51:0a:f6:2f:6c:e0:aa:cf:a1:39:f8:1c:
7d:84:01:87:1f:eb:80:d3:32:f2:f1:74:aa:b4:6f:
d8:ac:89:03:45:5f:fe:25:e1:36:7f:cf:40:bd:a1:
62:72:36:9d:3e:85:b8:58:ce:a9:ef:ec:b4:8a:52:
28:fd:8f:69:de:f8:83:5b:91:50:e3:ee:16:7d:67:
79:4e:06:65:ce:ea:14:c3:a9:45:f2:2f:a3:2c:57:
06:26:8b:f9:6a:98:e8:6c:f0:71:7e:1c:c5:7a:8f:
e7:13:f6:41:df:6e:57:4a:55:37:b0:cd:24:b1:a4:
e2:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:9B:FA:60:12:F4:21:2A:46:97:F2:1D:66:F8:D2:F1:F7:34:FF:CB
X509v3 Authority Key Identifier:
keyid:F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/b5v6YBL0ISpGl_IdZvjS8fc0_8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.101.0/24
128.127.100.0/24
128.127.102.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:0c:df:1d:14:5f:3a:0f:31:18:d9:01:e8:e2:de:4e:8c:fc:
5d:58:ce:07:af:4c:8e:b4:41:86:7a:5f:92:96:7c:7b:30:c2:
bb:e8:c6:7f:e8:71:22:97:d0:6b:96:b8:aa:c1:38:3d:98:f1:
a9:99:4b:9d:78:ea:79:96:c5:b3:a6:48:be:bf:38:1e:f4:4e:
73:bb:b6:1a:c5:df:f4:f2:fa:bc:61:47:05:13:73:ee:0a:93:
8a:1f:a7:54:a8:cb:34:f2:fb:11:06:09:ba:d3:d1:8e:83:eb:
15:3b:0f:cd:24:fc:88:d7:93:8f:70:1e:7f:5d:9a:42:21:cb:
b9:c0:8d:46:48:b4:e3:d1:f6:e5:b9:83:5a:27:87:a2:6b:bd:
ad:5e:f8:f4:7d:4f:90:b9:55:0d:f6:b5:36:c9:d8:54:ef:12:
f7:1f:c0:28:81:c8:2f:51:49:29:ab:eb:04:fb:fd:22:6c:d5:
73:26:f0:9b:dd:95:0e:93:90:03:5e:81:9d:83:30:97:a2:19:
81:ab:ce:ce:a3:b6:cc:ae:61:49:bc:7a:1b:2e:a8:43:94:a3:
ad:d9:8a:7c:45:b9:0d:d8:7a:eb:40:42:49:86:93:00:fe:3c:
24:24:6f:28:b4:bc:f5:6f:d4:70:d0:5b:58:52:6b:a2:31:62:
96:60:db:f2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2Dery08QrcxO3oCTfCuIU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzExMzQxM2QwZGY1YjhmYTA2OTAxMWVlYjEwOWYwNjdi
NTU3OWEwHhcNMjQwMjA3MTIxMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjliZmE2MDEyZjQyMTJhNDY5N2YyMWQ2NmY4ZDJmMWY3MzRmZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgd8lbc4LBTAPLrVElQN4sgYfKhV1
ZgswTPOrB1z2J4EnPJ9A+/phBo2SpEWNKVz4e/BqEvMGvhkDyoVw6HW2kLet5SNc
Au/v4miPomel5uFSKKriIRjq2oUPqcD7TOec6UFDRj0BRTnVca2Ymr4NyYvAk2Fq
KRguk20KhOvkZuGYPg7TLkuBwUBRCvYvbOCqz6E5+Bx9hAGHH+uA0zLy8XSqtG/Y
rIkDRV/+JeE2f89AvaFicjadPoW4WM6p7+y0ilIo/Y9p3viDW5FQ4+4WfWd5TgZl
zuoUw6lF8i+jLFcGJov5apjobPBxfhzFeo/nE/ZB325XSlU3sM0ksaTiewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG+b+mAS9CEqRpfyHWb40vH3NP/LMB8GA1UdIwQY
MBaAFPDBE0E9DfW4+gaQEe6xCfBntVeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUt
NTAyNjFiMTE5MTZiLzEvYjV2NllCTDBJU3BHbF9JZFp2alM4ZmMwXzhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUtNTAyNjFiMTE5MTZi
LzEvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+9lAwQA
gH9kAwQAgH9mMA0GCSqGSIb3DQEBCwUAA4IBAQB/DN8dFF86DzEY2QHo4t5OjPxd
WM4Hr0yOtEGGel+Slnx7MMK76MZ/6HEil9BrlriqwTg9mPGpmUudeOp5lsWzpki+
vzge9E5zu7Yaxd/08vq8YUcFE3PuCpOKH6dUqMs08vsRBgm609GOg+sVOw/NJPyI
15OPcB5/XZpCIcu5wI1GSLTj0fbluYNaJ4eia72tXvj0fU+QuVUN9rU2ydhU7xL3
H8AogcgvUUkpq+sE+/0ibNVzJvCb3ZUOk5ADXoGdgzCXohmBq87Oo7bMrmFJvHob
LqhDlKOt2Yp8RbkN2HrrQEJJhpMA/jwkJG8otLz1b9Rw0FtYUmuiMWKWYNvy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:48 2024 by rpki-client on console-ams.rpki-client.org