Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/ld3gimCucW6RZ1H8WSa_Vn9iym8.roa
File: ld3gimCucW6RZ1H8WSa_Vn9iym8.roa (raw, json)
Hash identifier: a98YHth9GkqI274Ppg6SyiWDmOg32H+p9FjaYe1H05s=
Subject key identifier: 95:DD:E0:8A:60:AE:71:6E:91:67:51:FC:59:26:BF:56:7F:62:CA:6F
Certificate issuer: /CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Certificate serial: 018D77C9E419589DD0718C1B590C4C8EC047
Authority key identifier: F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/ld3gimCucW6RZ1H8WSa_Vn9iym8.roa
Signing time: Mon 05 Feb 2024 05:42:16 +0000
ROA not before: Mon 05 Feb 2024 05:42:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58172
IP address blocks: 91.239.101.0/24 maxlen: 24
128.127.96.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 07 Feb 2024 03:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:77:c9:e4:19:58:9d:d0:71:8c:1b:59:0c:4c:8e:c0:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Validity
Not Before: Feb 5 05:42:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95dde08a60ae716e916751fc5926bf567f62ca6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:28:18:1c:29:7f:00:22:f3:8a:49:9a:82:96:
9b:3b:25:83:f7:a0:32:30:56:29:1a:24:82:99:c0:
ba:f4:ce:7b:7d:51:c3:ab:9c:2d:4d:bf:ae:05:c2:
f1:94:cd:69:15:32:4d:28:11:ec:25:19:5e:0e:7c:
43:ca:e1:3b:b6:6d:89:6f:1e:10:75:c9:5d:52:fb:
e2:78:3e:f6:04:cf:db:1d:65:28:59:68:81:64:cb:
89:cf:0a:5e:a9:a7:2e:7d:03:dd:8a:3d:c6:ba:d6:
9a:40:36:98:a1:da:83:29:71:88:04:33:f1:49:e6:
d9:52:56:98:1c:bd:f8:d4:fa:72:37:2f:b8:57:df:
fc:14:0d:3c:40:08:d0:f6:e2:12:a0:82:94:b4:6c:
2b:15:76:09:ed:bb:a4:7c:19:7e:59:ba:c0:07:b7:
34:26:a0:f5:35:bd:54:93:65:f2:0a:d0:05:24:12:
ad:f3:45:ec:32:10:3f:2e:91:b4:12:40:14:e6:98:
a9:60:1e:bc:ee:44:a6:ce:83:a6:9f:70:d6:25:3e:
6d:9f:6f:f7:74:f2:44:35:2d:d8:0e:83:41:43:dd:
96:99:3a:2c:d4:1b:1f:a5:d0:35:29:22:34:8c:00:
6d:dd:cf:ba:d7:36:ac:d1:f5:3c:80:a3:46:af:a6:
ce:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:DD:E0:8A:60:AE:71:6E:91:67:51:FC:59:26:BF:56:7F:62:CA:6F
X509v3 Authority Key Identifier:
keyid:F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/ld3gimCucW6RZ1H8WSa_Vn9iym8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.101.0/24
128.127.96.0/21
Signature Algorithm: sha256WithRSAEncryption
93:8b:a0:ec:55:6f:09:ee:ae:7b:a4:7f:f8:51:89:b6:4d:06:
74:dc:86:ed:87:47:27:ec:31:7a:08:e1:fc:f5:aa:32:b3:da:
31:c1:73:18:56:df:bc:18:68:7b:8e:fc:c3:4d:72:61:12:74:
5d:99:a0:d3:ec:ed:e7:3c:d2:69:1a:48:00:d3:82:2c:7f:5f:
54:b6:a0:a9:96:6b:c5:c9:39:56:7c:01:3a:19:fd:86:2f:a1:
93:ac:26:3a:a6:cc:12:25:49:e3:2c:f2:9e:f8:b6:2a:dc:3a:
85:86:db:d8:26:5e:d7:ed:23:9f:a7:79:ad:63:85:9a:3d:0a:
a3:fd:30:77:05:d1:db:2b:96:4c:22:ee:28:86:63:4e:d0:bb:
27:77:d4:3c:5d:b4:5f:de:6b:cc:08:92:59:d6:ff:40:62:40:
18:ed:a7:4f:81:22:23:98:4e:a0:b8:8c:b1:90:a2:c7:3c:f1:
ab:9e:cb:08:af:89:b9:d3:0b:d2:45:70:f7:ed:e3:38:75:52:
d1:17:24:b3:b7:92:37:6d:24:99:08:cd:29:b0:42:62:ea:8f:
43:09:e2:86:c5:1c:3e:9a:ce:75:c0:80:8a:21:69:d9:c9:c8:
42:ab:ee:9e:96:ce:4d:00:72:e2:02:71:87:75:a6:a7:11:6e:
47:ce:4b:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY13yeQZWJ3QcYwbWQxMjsBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzExMzQxM2QwZGY1YjhmYTA2OTAxMWVlYjEwOWYwNjdi
NTU3OWEwHhcNMjQwMjA1MDU0MjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWRkZTA4YTYwYWU3MTZlOTE2NzUxZmM1OTI2YmY1NjdmNjJjYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCgYHCl/ACLzikmagpabOyWD96Ay
MFYpGiSCmcC69M57fVHDq5wtTb+uBcLxlM1pFTJNKBHsJRleDnxDyuE7tm2Jbx4Q
dcldUvvieD72BM/bHWUoWWiBZMuJzwpeqacufQPdij3GutaaQDaYodqDKXGIBDPx
SebZUlaYHL341PpyNy+4V9/8FA08QAjQ9uISoIKUtGwrFXYJ7bukfBl+WbrAB7c0
JqD1Nb1Uk2XyCtAFJBKt80XsMhA/LpG0EkAU5pipYB687kSmzoOmn3DWJT5tn2/3
dPJENS3YDoNBQ92WmTos1BsfpdA1KSI0jABt3c+61zas0fU8gKNGr6bOCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJXd4IpgrnFukWdR/Fkmv1Z/YspvMB8GA1UdIwQY
MBaAFPDBE0E9DfW4+gaQEe6xCfBntVeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUt
NTAyNjFiMTE5MTZiLzEvbGQzZ2ltQ3VjVzZSWjFIOFdTYV9WbjlpeW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUtNTAyNjFiMTE5MTZi
LzEvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+9lAwQD
gH9gMA0GCSqGSIb3DQEBCwUAA4IBAQCTi6DsVW8J7q57pH/4UYm2TQZ03Ibth0cn
7DF6COH89aoys9oxwXMYVt+8GGh7jvzDTXJhEnRdmaDT7O3nPNJpGkgA04Isf19U
tqCplmvFyTlWfAE6Gf2GL6GTrCY6pswSJUnjLPKe+LYq3DqFhtvYJl7X7SOfp3mt
Y4WaPQqj/TB3BdHbK5ZMIu4ohmNO0Lsnd9Q8XbRf3mvMCJJZ1v9AYkAY7adPgSIj
mE6guIyxkKLHPPGrnssIr4m50wvSRXD37eM4dVLRFySzt5I3bSSZCM0psEJi6o9D
CeKGxRw+ms51wICKIWnZychCq+6els5NAHLiAnGHdaanEW5Hzkuu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:49 2024 by rpki-client on console-fra.rpki-client.org