Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/86N3zxHDPHwoIR4MihXkh0ywY4k.roa
File: 86N3zxHDPHwoIR4MihXkh0ywY4k.roa (raw, json)
Hash identifier: jcKmUVtelZTvALA93tfDwLFg5q5EpJKpICq/dZl6yH0=
Subject key identifier: F3:A3:77:CF:11:C3:3C:7C:28:21:1E:0C:8A:15:E4:87:4C:B0:63:89
Certificate issuer: /CN=27a7d1f0d73fe481c2188d28def0e858e715697e
Certificate serial: 0189F6085394F063627696A430D8BFE2A31B
Authority key identifier: 27:A7:D1:F0:D7:3F:E4:81:C2:18:8D:28:DE:F0:E8:58:E7:15:69:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/86N3zxHDPHwoIR4MihXkh0ywY4k.roa
Signing time: Mon 14 Aug 2023 21:51:28 +0000
ROA not before: Mon 14 Aug 2023 21:51:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 91.204.76.0/24 maxlen: 24
91.204.77.0/24 maxlen: 24
91.204.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Aug 2023 15:38:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f6:08:53:94:f0:63:62:76:96:a4:30:d8:bf:e2:a3:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a7d1f0d73fe481c2188d28def0e858e715697e
Validity
Not Before: Aug 14 21:51:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3a377cf11c33c7c28211e0c8a15e4874cb06389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:59:9e:07:1d:9e:0b:44:57:1c:68:38:ab:f5:
81:56:c1:dd:4d:e3:4a:1c:f5:75:e4:c5:33:4f:01:
7f:63:5a:62:a6:04:e3:f2:cf:00:15:6b:89:ab:19:
8c:32:67:6b:37:c0:3c:92:8f:4d:71:6d:fd:67:7f:
f1:71:f6:e2:7f:b1:4c:22:5f:28:2c:98:e2:3d:26:
32:1f:2b:e6:b2:ba:88:88:6d:77:39:cc:f5:b6:ec:
32:87:e9:27:de:2e:7d:af:a8:18:1f:dd:ee:1e:d8:
b9:81:74:f2:ee:8d:76:72:87:82:41:35:3b:7b:53:
47:cb:10:5a:b3:cb:d8:78:80:77:6c:25:da:0a:8f:
3d:0c:79:96:f8:7d:55:ce:8c:4c:f8:be:e6:f4:01:
49:a5:25:c3:af:44:c4:c8:95:71:4e:30:39:ae:e2:
da:22:6e:3d:2b:76:c9:b0:59:17:e8:ed:a2:d0:6b:
c0:0c:42:e1:60:89:4c:33:22:16:05:6f:53:15:42:
70:b8:81:f8:7a:67:37:a7:7c:3d:2e:3b:3a:03:a1:
10:6a:ca:4a:0f:a5:b5:d0:ff:1a:31:a4:b6:80:f9:
d4:c4:99:2f:f0:bf:01:f5:d4:66:05:f4:20:ba:da:
5f:e2:c6:35:4e:32:dc:30:fe:f7:57:f7:96:e9:eb:
86:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A3:77:CF:11:C3:3C:7C:28:21:1E:0C:8A:15:E4:87:4C:B0:63:89
X509v3 Authority Key Identifier:
keyid:27:A7:D1:F0:D7:3F:E4:81:C2:18:8D:28:DE:F0:E8:58:E7:15:69:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/86N3zxHDPHwoIR4MihXkh0ywY4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.76.0/23
91.204.79.0/24
Signature Algorithm: sha256WithRSAEncryption
25:55:c7:78:39:f3:30:8c:b2:d6:55:90:0a:a9:b0:2d:86:db:
9d:75:66:4b:21:bf:fb:03:81:8e:13:d2:14:ff:73:10:d0:38:
37:43:66:00:2c:19:bf:5c:c5:e1:9e:4c:3a:2e:a2:bc:d0:f4:
91:d0:94:2b:be:dd:22:f8:e1:1a:10:75:54:63:1d:b5:34:f6:
bb:e3:22:13:7a:ee:2b:e1:fe:c7:49:15:d3:43:7b:bb:84:b3:
b5:e4:7e:a1:ac:3c:f3:6b:f6:30:3a:23:ae:4e:f4:d5:31:17:
88:74:eb:06:d4:83:68:66:92:82:8d:93:2a:42:20:eb:dd:f2:
1c:fa:dd:8d:52:99:2b:52:57:67:70:23:55:49:0c:e9:43:d8:
36:25:39:cf:a2:e7:a5:99:cf:50:b4:24:6a:37:e5:6a:72:62:
98:9e:7d:60:93:c6:53:ac:76:a5:47:d8:53:8b:9f:e7:62:6c:
36:84:e3:90:aa:82:3e:27:7e:1f:a7:c1:bf:e8:3b:42:b4:ec:
3a:58:80:17:da:59:81:ac:af:82:31:8a:c0:99:33:87:32:3f:
ed:bf:f7:fb:c7:3e:7e:da:9a:0e:6e:93:ba:31:b6:39:55:86:
c1:cf:5f:89:0b:f8:2e:c6:5a:49:a6:f0:88:03:ae:9b:3f:e2:
7a:01:3f:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYn2CFOU8GNidpakMNi/4qMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTdkMWYwZDczZmU0ODFjMjE4OGQyOGRlZjBlODU4ZTcx
NTY5N2UwHhcNMjMwODE0MjE1MTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2EzNzdjZjExYzMzYzdjMjgyMTFlMGM4YTE1ZTQ4NzRjYjA2Mzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglmeBx2eC0RXHGg4q/WBVsHdTeNK
HPV15MUzTwF/Y1pipgTj8s8AFWuJqxmMMmdrN8A8ko9NcW39Z3/xcfbif7FMIl8o
LJjiPSYyHyvmsrqIiG13Ocz1tuwyh+kn3i59r6gYH93uHti5gXTy7o12coeCQTU7
e1NHyxBas8vYeIB3bCXaCo89DHmW+H1VzoxM+L7m9AFJpSXDr0TEyJVxTjA5ruLa
Im49K3bJsFkX6O2i0GvADELhYIlMMyIWBW9TFUJwuIH4emc3p3w9Ljs6A6EQaspK
D6W10P8aMaS2gPnUxJkv8L8B9dRmBfQgutpf4sY1TjLcMP73V/eW6euGfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPOjd88Rwzx8KCEeDIoV5IdMsGOJMB8GA1UdIwQY
MBaAFCen0fDXP+SBwhiNKN7w6FjnFWl+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZmUjhOY181SUhDR0kwbzN2RG9XT2NWYVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kODJlZjYtODM2YS00N2M3LWE2YzEt
ZDZlYWFmYzZiNGY1LzEvODZOM3p4SERQSHdvSVI0TWloWGtoMHl3WTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kODJlZjYtODM2YS00N2M3LWE2YzEtZDZlYWFmYzZiNGY1
LzEvSjZmUjhOY181SUhDR0kwbzN2RG9XT2NWYVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8xMAwQA
W8xPMA0GCSqGSIb3DQEBCwUAA4IBAQAlVcd4OfMwjLLWVZAKqbAthtuddWZLIb/7
A4GOE9IU/3MQ0Dg3Q2YALBm/XMXhnkw6LqK80PSR0JQrvt0i+OEaEHVUYx21NPa7
4yITeu4r4f7HSRXTQ3u7hLO15H6hrDzza/YwOiOuTvTVMReIdOsG1INoZpKCjZMq
QiDr3fIc+t2NUpkrUldncCNVSQzpQ9g2JTnPouelmc9QtCRqN+VqcmKYnn1gk8ZT
rHalR9hTi5/nYmw2hOOQqoI+J34fp8G/6DtCtOw6WIAX2lmBrK+CMYrAmTOHMj/t
v/f7xz5+2poObpO6MbY5VYbBz1+JC/guxlpJpvCIA66bP+J6AT+C
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:38 2024 by rpki-client on console-ams.rpki-client.org