Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/U4KUAKP_6ElzWjKNV2-N0LnZuxQ.roa
File: U4KUAKP_6ElzWjKNV2-N0LnZuxQ.roa (raw, json)
Hash identifier: APZyi2xDOV29/Zp7pWqnzQZyFT8jdg+gtcVmXFwG+qs=
Subject key identifier: 53:82:94:00:A3:FF:E8:49:73:5A:32:8D:57:6F:8D:D0:B9:D9:BB:14
Certificate issuer: /CN=27a7d1f0d73fe481c2188d28def0e858e715697e
Certificate serial: 018A18BF8A3F1BE09CD902C4F6DEE4EA6192
Authority key identifier: 27:A7:D1:F0:D7:3F:E4:81:C2:18:8D:28:DE:F0:E8:58:E7:15:69:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/U4KUAKP_6ElzWjKNV2-N0LnZuxQ.roa
Signing time: Mon 21 Aug 2023 15:38:40 +0000
ROA not before: Mon 21 Aug 2023 15:38:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 91.204.76.0/24 maxlen: 24
91.204.77.0/24 maxlen: 24
91.204.78.0/24 maxlen: 24
91.204.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Oct 2023 15:32:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:18:bf:8a:3f:1b:e0:9c:d9:02:c4:f6:de:e4:ea:61:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a7d1f0d73fe481c2188d28def0e858e715697e
Validity
Not Before: Aug 21 15:38:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53829400a3ffe849735a328d576f8dd0b9d9bb14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:37:c6:f2:e3:53:f8:0a:f1:2c:24:22:0a:9e:
5c:66:af:09:66:61:e1:6d:98:d7:ff:66:6e:c7:f8:
8c:92:f0:0a:59:e9:f6:ed:ec:7a:f2:50:24:2b:73:
df:2c:84:a1:9f:f3:60:b4:00:21:05:01:2c:fe:2a:
49:c0:b2:d4:2b:87:36:ce:72:dc:8a:1c:78:5f:d5:
04:29:4a:5b:43:b0:97:7a:a3:14:d7:28:8d:a7:f8:
11:8e:1a:aa:04:bd:ac:2e:c9:52:76:c3:3d:16:75:
19:3b:df:33:80:01:c0:7c:7b:32:22:0c:dd:54:4f:
ce:dc:38:0f:e3:72:75:4b:41:e1:74:37:de:38:c0:
a0:93:f7:32:56:f1:1e:44:99:1e:c8:d8:10:42:a6:
f7:11:8b:d5:a1:3b:10:74:a1:d0:ef:17:cb:c5:55:
31:ce:55:a4:79:6a:79:6d:79:17:e5:ee:41:07:01:
cf:b2:e7:79:01:67:7d:a8:19:d3:1a:c8:2d:92:ff:
5e:cd:e0:fc:0f:17:bd:d9:1c:4b:6c:02:89:3b:7a:
15:80:43:4c:fc:31:a5:29:1c:4e:5b:e5:33:a4:6d:
9d:29:18:dc:6b:24:fa:06:0d:65:81:9c:6e:f1:6a:
5b:d9:09:e4:a8:2a:fa:4e:58:fb:b3:e0:0c:93:52:
b1:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:82:94:00:A3:FF:E8:49:73:5A:32:8D:57:6F:8D:D0:B9:D9:BB:14
X509v3 Authority Key Identifier:
keyid:27:A7:D1:F0:D7:3F:E4:81:C2:18:8D:28:DE:F0:E8:58:E7:15:69:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/U4KUAKP_6ElzWjKNV2-N0LnZuxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.76.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:81:14:63:d5:d7:72:51:46:73:48:e5:f4:68:4c:89:de:0a:
e7:17:9f:be:75:0c:ae:3d:a1:81:3f:84:b5:b1:fa:91:00:7b:
62:cf:08:77:72:0d:09:d7:3c:9d:c6:ea:db:3b:7f:db:bf:8e:
6a:db:d9:f6:ec:a8:c2:8a:5f:6d:06:43:a3:02:91:d9:7e:06:
1a:13:b1:bc:63:c7:b5:ee:77:24:a5:7b:7e:e8:67:c2:8d:ec:
0a:2d:0e:28:d5:e6:02:cd:4f:8f:41:df:b2:82:fe:6c:63:e3:
5e:19:66:29:f5:02:54:38:92:81:f8:20:61:3c:07:4c:17:d2:
04:29:16:3e:80:05:87:2d:ba:01:60:ff:11:96:13:a8:95:5b:
48:4e:0e:ad:e0:72:21:18:83:51:cf:f6:0e:b5:2a:38:f0:b8:
e7:e0:9e:a5:8c:e1:04:e2:c0:99:71:6b:b5:77:8c:18:74:59:
27:60:f9:13:84:58:59:20:c3:28:55:7f:6d:59:a9:6f:76:41:
a2:e7:d4:3b:22:13:53:f0:ef:74:f7:3c:88:8a:ca:86:ec:c5:
d0:30:13:3b:a4:b9:b5:56:ec:16:5e:98:86:8c:23:3a:99:d5:
63:4e:f0:2e:4a:c7:72:42:a0:34:85:cf:28:3e:c5:e8:c0:c8:
eb:26:f7:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoYv4o/G+Cc2QLE9t7k6mGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTdkMWYwZDczZmU0ODFjMjE4OGQyOGRlZjBlODU4ZTcx
NTY5N2UwHhcNMjMwODIxMTUzODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzgyOTQwMGEzZmZlODQ5NzM1YTMyOGQ1NzZmOGRkMGI5ZDliYjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzfG8uNT+ArxLCQiCp5cZq8JZmHh
bZjX/2Zux/iMkvAKWen27ex68lAkK3PfLIShn/NgtAAhBQEs/ipJwLLUK4c2znLc
ihx4X9UEKUpbQ7CXeqMU1yiNp/gRjhqqBL2sLslSdsM9FnUZO98zgAHAfHsyIgzd
VE/O3DgP43J1S0HhdDfeOMCgk/cyVvEeRJkeyNgQQqb3EYvVoTsQdKHQ7xfLxVUx
zlWkeWp5bXkX5e5BBwHPsud5AWd9qBnTGsgtkv9ezeD8Dxe92RxLbAKJO3oVgENM
/DGlKRxOW+UzpG2dKRjcayT6Bg1lgZxu8Wpb2QnkqCr6Tlj7s+AMk1KxdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFOClACj/+hJc1oyjVdvjdC52bsUMB8GA1UdIwQY
MBaAFCen0fDXP+SBwhiNKN7w6FjnFWl+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZmUjhOY181SUhDR0kwbzN2RG9XT2NWYVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kODJlZjYtODM2YS00N2M3LWE2YzEt
ZDZlYWFmYzZiNGY1LzEvVTRLVUFLUF82RWx6V2pLTlYyLU4wTG5adXhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kODJlZjYtODM2YS00N2M3LWE2YzEtZDZlYWFmYzZiNGY1
LzEvSjZmUjhOY181SUhDR0kwbzN2RG9XT2NWYVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8xMMA0G
CSqGSIb3DQEBCwUAA4IBAQCjgRRj1ddyUUZzSOX0aEyJ3grnF5++dQyuPaGBP4S1
sfqRAHtizwh3cg0J1zydxurbO3/bv45q29n27KjCil9tBkOjApHZfgYaE7G8Y8e1
7nckpXt+6GfCjewKLQ4o1eYCzU+PQd+ygv5sY+NeGWYp9QJUOJKB+CBhPAdMF9IE
KRY+gAWHLboBYP8RlhOolVtITg6t4HIhGINRz/YOtSo48Ljn4J6ljOEE4sCZcWu1
d4wYdFknYPkThFhZIMMoVX9tWalvdkGi59Q7IhNT8O909zyIisqG7MXQMBM7pLm1
VuwWXpiGjCM6mdVjTvAuSsdyQqA0hc8oPsXowMjrJvc5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:22 2024 by rpki-client on console-fra.rpki-client.org