Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/yEXoOsIpce8eT-j3rs27i4s1--0.roa
File: yEXoOsIpce8eT-j3rs27i4s1--0.roa (raw, json)
Hash identifier: B9EDPuCzK4DsygQckPGqQkeqyZgyI213gaExygjEtkA=
Subject key identifier: C8:45:E8:3A:C2:29:71:EF:1E:4F:E8:F7:AE:CD:BB:8B:8B:35:FB:ED
Certificate issuer: /CN=27a7d1f0d73fe481c2188d28def0e858e715697e
Certificate serial: 0188537D5DA5DC00497CFF1021D129BD5530
Authority key identifier: 27:A7:D1:F0:D7:3F:E4:81:C2:18:8D:28:DE:F0:E8:58:E7:15:69:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/yEXoOsIpce8eT-j3rs27i4s1--0.roa
Signing time: Thu 25 May 2023 15:18:24 +0000
ROA not before: Thu 25 May 2023 15:18:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140947
IP address blocks: 91.204.76.0/24 maxlen: 24
91.204.77.0/24 maxlen: 24
91.204.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 May 2023 20:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:53:7d:5d:a5:dc:00:49:7c:ff:10:21:d1:29:bd:55:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a7d1f0d73fe481c2188d28def0e858e715697e
Validity
Not Before: May 25 15:18:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c845e83ac22971ef1e4fe8f7aecdbb8b8b35fbed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f7:ae:48:9a:36:db:f4:c4:24:2a:fa:1e:f4:
bf:de:7f:70:10:97:0a:80:22:6a:9b:f6:17:20:ec:
94:60:3a:4f:a8:80:fb:2f:8a:7e:cf:c3:74:16:50:
65:f7:59:80:63:e6:7e:73:c9:31:af:20:97:c4:2d:
22:a4:d1:5a:71:54:a5:2d:e0:5a:de:87:07:95:20:
2b:04:1e:94:07:d4:2c:52:52:f8:d0:57:85:33:7c:
d4:06:dc:e7:6b:4b:86:2a:70:fe:67:37:83:fb:f4:
79:6e:bf:22:78:40:0c:5e:97:db:8f:d6:0c:6f:91:
eb:a6:a5:6a:12:05:37:a2:ec:e1:ca:75:d4:3b:da:
32:1d:97:88:b7:65:e6:17:43:fc:18:08:eb:3d:09:
d8:95:9e:a3:e8:f5:82:78:dc:7e:29:f5:25:35:6d:
3e:41:76:fc:25:6a:76:2c:5d:c6:99:57:76:01:0f:
86:dd:8e:23:52:aa:0a:5f:d4:33:12:9a:a6:34:0f:
03:13:83:af:12:a2:f8:f9:d4:84:a5:c1:52:ac:bc:
73:d7:58:ba:4e:f6:4a:b3:8f:b0:2a:16:3c:7f:79:
55:b8:41:86:ea:e7:4a:8f:b0:f8:25:a7:03:fb:81:
68:66:a3:2c:19:bf:35:c6:cb:12:55:ed:a1:fa:dc:
02:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:45:E8:3A:C2:29:71:EF:1E:4F:E8:F7:AE:CD:BB:8B:8B:35:FB:ED
X509v3 Authority Key Identifier:
keyid:27:A7:D1:F0:D7:3F:E4:81:C2:18:8D:28:DE:F0:E8:58:E7:15:69:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/yEXoOsIpce8eT-j3rs27i4s1--0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.76.0/23
91.204.79.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:94:fb:90:21:82:d5:78:be:ed:6d:71:20:d1:d0:b9:c1:9a:
ae:92:26:d3:b8:47:7a:e0:0b:d7:0f:36:d9:44:75:ec:0f:0f:
da:56:52:71:62:e2:4d:c7:be:19:67:cd:94:09:49:28:6a:f9:
d1:3d:3e:b6:77:7a:01:a5:b7:9d:68:22:d5:6a:5a:4e:bb:67:
71:34:8f:9c:2c:55:07:de:fa:6c:8f:5e:cf:f2:bd:ba:33:2d:
3a:b3:ad:ee:d7:d1:b5:33:13:c3:05:2c:06:ef:ce:19:67:cb:
33:de:2a:d2:21:51:27:a8:29:e3:7c:c2:7b:05:bb:05:20:24:
3d:80:3a:e8:e6:58:6a:80:8c:f4:8a:d0:0f:fa:fe:e7:43:41:
41:38:13:11:7d:93:d5:f0:6a:05:1f:d7:53:ce:02:47:73:c2:
98:59:15:32:60:27:a2:65:e5:21:87:b8:2a:95:ec:2c:bc:42:
22:c0:27:b0:c0:48:17:f1:40:8d:32:d7:d5:97:bf:bc:52:3c:
48:6b:c3:fd:3c:34:9c:70:60:8c:f3:71:b0:c9:ec:cd:89:ca:
32:5e:6d:2e:e7:88:67:c4:79:bc:aa:00:b3:b7:15:a1:16:f4:
6b:7c:30:35:51:ec:a2:49:5a:62:dc:ec:eb:87:95:a3:83:92:
ea:3a:10:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhTfV2l3ABJfP8QIdEpvVUwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTdkMWYwZDczZmU0ODFjMjE4OGQyOGRlZjBlODU4ZTcx
NTY5N2UwHhcNMjMwNTI1MTUxODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODQ1ZTgzYWMyMjk3MWVmMWU0ZmU4ZjdhZWNkYmI4YjhiMzVmYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkveuSJo22/TEJCr6HvS/3n9wEJcK
gCJqm/YXIOyUYDpPqID7L4p+z8N0FlBl91mAY+Z+c8kxryCXxC0ipNFacVSlLeBa
3ocHlSArBB6UB9QsUlL40FeFM3zUBtzna0uGKnD+ZzeD+/R5br8ieEAMXpfbj9YM
b5HrpqVqEgU3ouzhynXUO9oyHZeIt2XmF0P8GAjrPQnYlZ6j6PWCeNx+KfUlNW0+
QXb8JWp2LF3GmVd2AQ+G3Y4jUqoKX9QzEpqmNA8DE4OvEqL4+dSEpcFSrLxz11i6
TvZKs4+wKhY8f3lVuEGG6udKj7D4JacD+4FoZqMsGb81xssSVe2h+twCzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMhF6DrCKXHvHk/o967Nu4uLNfvtMB8GA1UdIwQY
MBaAFCen0fDXP+SBwhiNKN7w6FjnFWl+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZmUjhOY181SUhDR0kwbzN2RG9XT2NWYVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kODJlZjYtODM2YS00N2M3LWE2YzEt
ZDZlYWFmYzZiNGY1LzEveUVYb09zSXBjZThlVC1qM3JzMjdpNHMxLS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kODJlZjYtODM2YS00N2M3LWE2YzEtZDZlYWFmYzZiNGY1
LzEvSjZmUjhOY181SUhDR0kwbzN2RG9XT2NWYVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8xMAwQA
W8xPMA0GCSqGSIb3DQEBCwUAA4IBAQCmlPuQIYLVeL7tbXEg0dC5wZqukibTuEd6
4AvXDzbZRHXsDw/aVlJxYuJNx74ZZ82UCUkoavnRPT62d3oBpbedaCLValpOu2dx
NI+cLFUH3vpsj17P8r26My06s63u19G1MxPDBSwG784ZZ8sz3irSIVEnqCnjfMJ7
BbsFICQ9gDro5lhqgIz0itAP+v7nQ0FBOBMRfZPV8GoFH9dTzgJHc8KYWRUyYCei
ZeUhh7gqlewsvEIiwCewwEgX8UCNMtfVl7+8UjxIa8P9PDSccGCM83GwyezNicoy
Xm0u54hnxHm8qgCztxWhFvRrfDA1UeyiSVpi3Ozrh5Wjg5LqOhBT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:22 2024 by rpki-client on console-fra.rpki-client.org