Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/241b4b-fed6-45e9-b6ec-751c74e67d38/1/NcXXn6vKkvOL35AcMF4CD91xX6M.roa
File: NcXXn6vKkvOL35AcMF4CD91xX6M.roa (raw, json)
Hash identifier: R2wHfrXgNSR6/KSu1GMdU71ryGO1rIkJu0NWUH6L4j0=
Subject key identifier: 35:C5:D7:9F:AB:CA:92:F3:8B:DF:90:1C:30:5E:02:0F:DD:71:5F:A3
Certificate issuer: /CN=bb2cf1ed105c5c1dc527bcd0f149fe9449ebd326
Certificate serial: 0185707069BE7571BA0C8A79D9E8104455F2
Authority key identifier: BB:2C:F1:ED:10:5C:5C:1D:C5:27:BC:D0:F1:49:FE:94:49:EB:D3:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uyzx7RBcXB3FJ7zQ8Un-lEnr0yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/241b4b-fed6-45e9-b6ec-751c74e67d38/1/NcXXn6vKkvOL35AcMF4CD91xX6M.roa
Signing time: Mon 02 Jan 2023 03:04:53 +0000
ROA not before: Mon 02 Jan 2023 03:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3303
IP address blocks: 91.209.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:69:be:75:71:ba:0c:8a:79:d9:e8:10:44:55:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb2cf1ed105c5c1dc527bcd0f149fe9449ebd326
Validity
Not Before: Jan 2 03:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35c5d79fabca92f38bdf901c305e020fdd715fa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8c:18:ee:ab:c0:c1:11:e9:3f:e1:99:40:b1:
8a:d8:10:6c:43:81:70:92:cd:dd:e4:98:2f:d7:5e:
4a:12:75:63:c3:bd:61:f1:68:f5:0f:4f:df:0f:0a:
b1:11:0c:4c:b3:fd:04:ee:d0:83:d9:71:bc:ab:6f:
c9:f8:5d:b4:fc:60:d0:b2:02:51:2e:dc:c2:3d:27:
03:7f:76:ac:23:ee:4f:fa:6a:be:a0:06:6e:4f:2b:
66:f3:d2:2a:9d:f3:ad:72:15:09:63:aa:3f:aa:a3:
57:f5:18:01:69:41:25:fb:e2:cd:ea:66:dd:c3:99:
38:57:1d:67:24:86:e5:bb:97:da:ab:82:c4:ae:4b:
66:ec:9f:15:b6:6a:78:b1:24:71:09:3a:5c:54:6e:
27:2e:c2:ee:e2:98:46:7b:d9:4d:51:02:f5:7f:55:
89:5a:a9:c2:5e:8e:41:c6:b0:e8:22:b8:c4:6b:86:
5a:ec:ec:d1:8c:de:01:b0:ce:3c:ef:6b:6d:4b:d5:
61:6f:be:88:08:9b:6e:0b:a9:81:f5:88:a6:63:7f:
d6:d0:6a:d7:f4:1b:d9:d3:39:40:43:a1:7d:a7:f9:
19:68:4c:03:30:f1:1d:10:b4:73:b1:70:4c:fc:2a:
e2:c9:ff:5a:20:a6:f3:ac:c1:03:96:b2:94:8c:50:
ed:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C5:D7:9F:AB:CA:92:F3:8B:DF:90:1C:30:5E:02:0F:DD:71:5F:A3
X509v3 Authority Key Identifier:
keyid:BB:2C:F1:ED:10:5C:5C:1D:C5:27:BC:D0:F1:49:FE:94:49:EB:D3:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uyzx7RBcXB3FJ7zQ8Un-lEnr0yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/241b4b-fed6-45e9-b6ec-751c74e67d38/1/NcXXn6vKkvOL35AcMF4CD91xX6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/241b4b-fed6-45e9-b6ec-751c74e67d38/1/uyzx7RBcXB3FJ7zQ8Un-lEnr0yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.158.0/24
Signature Algorithm: sha256WithRSAEncryption
03:47:25:c8:e0:8b:bd:49:3f:64:13:aa:3d:6a:49:c6:07:2a:
dd:43:c4:29:1a:8c:37:d6:1d:8b:11:19:99:d5:fe:11:9d:51:
21:9d:0a:96:d4:bc:1b:99:34:99:11:fc:19:8d:ca:16:6e:94:
61:7e:0d:49:2b:8d:f7:70:9f:3d:e9:70:8b:3d:8f:3c:c5:fb:
2f:97:ae:60:ee:bb:53:7b:af:e8:40:06:ed:57:61:7e:86:69:
1f:e5:26:d6:46:5d:49:e2:a9:7e:18:21:23:40:7c:39:86:8f:
ce:18:64:f8:75:90:d2:ba:2e:c3:2c:9e:3a:10:e4:d7:fb:08:
7a:c5:69:66:24:09:f0:b1:8f:64:5e:97:64:5e:28:d3:a0:18:
a5:95:9e:0f:77:df:fc:9b:a5:dc:36:38:49:d9:2d:30:47:5e:
b3:f4:2e:31:a6:f4:be:69:b3:d6:bf:3c:8e:7b:51:5f:18:b2:
5e:61:80:bf:53:24:01:fa:93:6e:ff:52:0b:8c:d1:1e:3f:f4:
22:4d:59:69:cb:8d:b3:70:85:e0:74:91:38:80:6b:52:74:43:
b7:6d:bf:5a:67:0c:e0:0c:98:ed:49:af:c5:76:ed:5e:9f:75:
15:ee:34:53:cf:89:52:80:cc:f9:5e:41:f2:cb:94:87:e6:c0:
9a:e4:59:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcGm+dXG6DIp52egQRFXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMmNmMWVkMTA1YzVjMWRjNTI3YmNkMGYxNDlmZTk0NDll
YmQzMjYwHhcNMjMwMTAyMDMwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWM1ZDc5ZmFiY2E5MmYzOGJkZjkwMWMzMDVlMDIwZmRkNzE1ZmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIwY7qvAwRHpP+GZQLGK2BBsQ4Fw
ks3d5Jgv115KEnVjw71h8Wj1D0/fDwqxEQxMs/0E7tCD2XG8q2/J+F20/GDQsgJR
LtzCPScDf3asI+5P+mq+oAZuTytm89IqnfOtchUJY6o/qqNX9RgBaUEl++LN6mbd
w5k4Vx1nJIblu5faq4LErktm7J8Vtmp4sSRxCTpcVG4nLsLu4phGe9lNUQL1f1WJ
WqnCXo5BxrDoIrjEa4Za7OzRjN4BsM4872ttS9Vhb76ICJtuC6mB9YimY3/W0GrX
9BvZ0zlAQ6F9p/kZaEwDMPEdELRzsXBM/Criyf9aIKbzrMEDlrKUjFDt3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXF15+rypLzi9+QHDBeAg/dcV+jMB8GA1UdIwQY
MBaAFLss8e0QXFwdxSe80PFJ/pRJ69MmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXl6eDdSQmNYQjNGSjd6UThVbi1sRW5yMHlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8yNDFiNGItZmVkNi00NWU5LWI2ZWMt
NzUxYzc0ZTY3ZDM4LzEvTmNYWG42dktrdk9MMzVBY01GNENEOTF4WDZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8yNDFiNGItZmVkNi00NWU5LWI2ZWMtNzUxYzc0ZTY3ZDM4
LzEvdXl6eDdSQmNYQjNGSjd6UThVbi1sRW5yMHlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9GeMA0G
CSqGSIb3DQEBCwUAA4IBAQADRyXI4Iu9ST9kE6o9aknGByrdQ8QpGow31h2LERmZ
1f4RnVEhnQqW1LwbmTSZEfwZjcoWbpRhfg1JK433cJ896XCLPY88xfsvl65g7rtT
e6/oQAbtV2F+hmkf5SbWRl1J4ql+GCEjQHw5ho/OGGT4dZDSui7DLJ46EOTX+wh6
xWlmJAnwsY9kXpdkXijToBillZ4Pd9/8m6XcNjhJ2S0wR16z9C4xpvS+abPWvzyO
e1FfGLJeYYC/UyQB+pNu/1ILjNEeP/QiTVlpy42zcIXgdJE4gGtSdEO3bb9aZwzg
DJjtSa/Fdu1en3UV7jRTz4lSgMz5XkHyy5SH5sCa5Fn4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:00 2024 by rpki-client on console-ams.rpki-client.org