Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/_iJtiMVIt411MnFPOTZWQBPAxp0.roa
File: _iJtiMVIt411MnFPOTZWQBPAxp0.roa (raw, json)
Hash identifier: 9QEfnz0sPX3PI3Dhuho/AETDECJzEEk2LfipR3VFf9E=
Subject key identifier: FE:22:6D:88:C5:48:B7:8D:75:32:71:4F:39:36:56:40:13:C0:C6:9D
Certificate issuer: /CN=27a7d1f0d73fe481c2188d28def0e858e715697e
Certificate serial: 0188537D5D0EF37A8044BBAC33DCCE85B55E
Authority key identifier: 27:A7:D1:F0:D7:3F:E4:81:C2:18:8D:28:DE:F0:E8:58:E7:15:69:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/_iJtiMVIt411MnFPOTZWQBPAxp0.roa
Signing time: Thu 25 May 2023 15:18:24 +0000
ROA not before: Thu 25 May 2023 15:18:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 195.34.94.0/23 maxlen: 23
91.204.78.0/24 maxlen: 24
91.204.76.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 30 May 2023 20:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:53:7d:5d:0e:f3:7a:80:44:bb:ac:33:dc:ce:85:b5:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a7d1f0d73fe481c2188d28def0e858e715697e
Validity
Not Before: May 25 15:18:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe226d88c548b78d7532714f3936564013c0c69d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a0:84:da:d6:70:1c:33:24:e7:26:18:d9:2f:
e0:24:39:c1:fb:53:a9:a0:43:e2:e4:c2:b1:a9:bb:
15:1c:9c:ac:62:07:49:fd:22:54:36:f2:80:1c:52:
2a:6c:94:9b:b2:02:37:a2:bf:91:00:99:f9:61:a9:
07:86:6a:6b:d6:43:cd:e7:0c:0d:a2:2e:1a:5c:2a:
b4:9b:26:35:d8:b5:4d:24:67:6b:0f:79:b5:ca:74:
5d:66:b7:94:74:b2:2b:e7:1f:80:78:08:f3:55:7f:
44:5e:9e:27:85:c7:5b:29:2d:b4:51:7d:f6:14:bf:
48:d4:54:75:fa:fd:57:e4:06:9d:30:76:a9:6b:18:
6e:2d:c4:db:99:0e:8f:d2:dd:f7:f1:cc:dd:df:f3:
49:9e:b4:e7:73:c0:16:5a:b8:03:51:b0:bb:48:07:
28:85:57:a6:14:1f:21:16:9a:4c:f5:13:30:48:ff:
d0:03:9d:d3:94:6d:f3:a3:d4:e9:06:15:42:3c:9d:
9d:4e:f2:37:a0:4e:34:d3:ea:a8:05:aa:9d:6e:67:
62:46:31:0c:c3:b7:aa:75:cc:fe:2a:fe:9e:dc:1d:
87:44:1b:73:27:5e:77:81:14:92:58:18:af:97:91:
33:c1:e0:bf:6c:86:13:10:16:8e:d1:8b:b4:0d:d0:
9f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:22:6D:88:C5:48:B7:8D:75:32:71:4F:39:36:56:40:13:C0:C6:9D
X509v3 Authority Key Identifier:
keyid:27:A7:D1:F0:D7:3F:E4:81:C2:18:8D:28:DE:F0:E8:58:E7:15:69:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/_iJtiMVIt411MnFPOTZWQBPAxp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.76.0/22
195.34.94.0/23
Signature Algorithm: sha256WithRSAEncryption
09:43:fb:11:97:7f:07:a0:fb:81:d1:5b:25:68:a8:f4:d1:55:
a5:af:b9:af:60:9d:7a:72:3e:9d:96:d5:c3:ed:35:b1:ec:6e:
c4:fe:c3:66:69:dc:de:83:1d:69:dd:c6:77:2e:17:29:e4:fd:
9e:f0:81:60:64:f6:b4:f3:f7:f9:c4:e9:c8:2e:8f:d4:78:a1:
e0:c1:84:b0:c2:62:7e:f3:0f:90:e5:4d:81:32:a6:5e:fb:05:
8d:70:c7:76:bd:a1:1d:b5:4b:c7:ae:94:11:13:87:ae:59:88:
5a:a8:95:f8:86:b2:10:b0:7f:86:24:de:cc:bf:a2:ac:6e:45:
7c:dd:a7:48:5d:8f:73:92:ef:91:ae:43:16:76:8e:a6:45:75:
5a:40:ee:40:91:7b:e2:db:99:ba:89:9e:ec:13:f9:67:a3:f8:
c8:ed:b4:6a:45:5a:38:e8:f4:5d:fd:e7:4f:39:da:fa:2a:d6:
66:80:6b:de:a8:1e:65:d0:ed:cf:d8:14:3f:d3:a8:17:56:7a:
fa:17:68:6e:09:be:e3:6b:1b:38:99:04:85:c8:9b:7c:2a:be:
23:5f:c4:76:d7:07:ea:c1:e7:a4:3c:54:c0:ff:7f:fb:ea:65:
8e:47:28:36:87:7f:ad:8e:ac:c1:f9:3f:db:47:9d:0a:ae:0e:
bf:93:d8:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhTfV0O83qARLusM9zOhbVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTdkMWYwZDczZmU0ODFjMjE4OGQyOGRlZjBlODU4ZTcx
NTY5N2UwHhcNMjMwNTI1MTUxODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTIyNmQ4OGM1NDhiNzhkNzUzMjcxNGYzOTM2NTY0MDEzYzBjNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6CE2tZwHDMk5yYY2S/gJDnB+1Op
oEPi5MKxqbsVHJysYgdJ/SJUNvKAHFIqbJSbsgI3or+RAJn5YakHhmpr1kPN5wwN
oi4aXCq0myY12LVNJGdrD3m1ynRdZreUdLIr5x+AeAjzVX9EXp4nhcdbKS20UX32
FL9I1FR1+v1X5AadMHapaxhuLcTbmQ6P0t338czd3/NJnrTnc8AWWrgDUbC7SAco
hVemFB8hFppM9RMwSP/QA53TlG3zo9TpBhVCPJ2dTvI3oE400+qoBaqdbmdiRjEM
w7eqdcz+Kv6e3B2HRBtzJ153gRSSWBivl5EzweC/bIYTEBaO0Yu0DdCfiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP4ibYjFSLeNdTJxTzk2VkATwMadMB8GA1UdIwQY
MBaAFCen0fDXP+SBwhiNKN7w6FjnFWl+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZmUjhOY181SUhDR0kwbzN2RG9XT2NWYVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kODJlZjYtODM2YS00N2M3LWE2YzEt
ZDZlYWFmYzZiNGY1LzEvX2lKdGlNVkl0NDExTW5GUE9UWldRQlBBeHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kODJlZjYtODM2YS00N2M3LWE2YzEtZDZlYWFmYzZiNGY1
LzEvSjZmUjhOY181SUhDR0kwbzN2RG9XT2NWYVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8xMAwQB
wyJeMA0GCSqGSIb3DQEBCwUAA4IBAQAJQ/sRl38HoPuB0VslaKj00VWlr7mvYJ16
cj6dltXD7TWx7G7E/sNmadzegx1p3cZ3Lhcp5P2e8IFgZPa08/f5xOnILo/UeKHg
wYSwwmJ+8w+Q5U2BMqZe+wWNcMd2vaEdtUvHrpQRE4euWYhaqJX4hrIQsH+GJN7M
v6KsbkV83adIXY9zku+RrkMWdo6mRXVaQO5AkXvi25m6iZ7sE/lno/jI7bRqRVo4
6PRd/edPOdr6KtZmgGveqB5l0O3P2BQ/06gXVnr6F2huCb7jaxs4mQSFyJt8Kr4j
X8R21wfqweekPFTA/3/76mWORyg2h3+tjqzB+T/bR50Krg6/k9gy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:22 2024 by rpki-client on console-fra.rpki-client.org