Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/8e7054-fd50-4f91-9cc7-264f0cc5ff80/1/qA_tPEwbxXz6kilA7VDaw19SCFw.roa
File: qA_tPEwbxXz6kilA7VDaw19SCFw.roa (raw, json)
Hash identifier: pM06Lpth7OiBiG6VFW6grGeETi7bAob75u5zFftrjas=
Subject key identifier: A8:0F:ED:3C:4C:1B:C5:7C:FA:92:29:40:ED:50:DA:C3:5F:52:08:5C
Certificate issuer: /CN=1aae75a26ccf8621222816a471ccb7c0d5e716e2
Certificate serial: 018CC64B8E04E3001D68D436D7EA005C1CDF
Authority key identifier: 1A:AE:75:A2:6C:CF:86:21:22:28:16:A4:71:CC:B7:C0:D5:E7:16:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gq51omzPhiEiKBakccy3wNXnFuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/8e7054-fd50-4f91-9cc7-264f0cc5ff80/1/qA_tPEwbxXz6kilA7VDaw19SCFw.roa
Signing time: Mon 01 Jan 2024 18:31:29 +0000
ROA not before: Mon 01 Jan 2024 18:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211691
IP address blocks: 91.198.51.0/24 maxlen: 24
91.195.22.0/24 maxlen: 24
91.195.23.0/24 maxlen: 24
2001:67c:2fe4::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 30 Aug 2024 12:24:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:8e:04:e3:00:1d:68:d4:36:d7:ea:00:5c:1c:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aae75a26ccf8621222816a471ccb7c0d5e716e2
Validity
Not Before: Jan 1 18:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a80fed3c4c1bc57cfa922940ed50dac35f52085c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e0:87:84:ab:d5:f3:19:c2:e2:8d:2c:5c:33:
94:a3:6a:84:ae:3b:5d:f1:12:85:80:65:66:0f:35:
e2:3b:49:58:4e:ec:76:24:2e:29:bd:3d:5d:b8:67:
cc:65:08:68:60:b3:09:39:cb:ac:a4:ed:d8:1a:15:
e4:da:d9:ed:31:22:de:54:99:7d:98:6f:2a:75:e0:
16:21:32:3c:0e:26:14:c9:b7:fc:38:12:ac:09:04:
ad:ed:b7:24:de:80:84:52:d5:35:69:0f:cd:d3:6b:
42:41:c7:fc:0d:b0:60:b3:bb:10:46:8e:6f:44:98:
d3:29:ec:60:00:33:56:63:9d:24:5a:b0:e2:2f:fb:
ad:b5:fa:ab:72:8c:93:d6:8e:24:1b:fa:2d:ca:bb:
af:b7:e4:b1:ff:ad:70:b7:c2:e6:50:fb:2a:c3:d9:
9e:2b:7a:c4:2b:9b:b4:c1:9d:88:21:4a:18:1e:e0:
ae:f8:dd:b8:b3:0d:68:c4:f4:03:b9:a3:3b:aa:0b:
5d:56:cf:b8:d4:c3:ec:89:f3:a3:8b:b8:8c:0d:19:
1f:2d:80:e5:b9:48:04:a4:b9:d2:93:c3:fa:57:d6:
11:cb:46:57:89:92:e1:51:39:7f:3c:cf:97:e8:10:
8b:e6:aa:61:57:f0:86:35:67:14:a1:ed:7e:4c:e8:
74:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:0F:ED:3C:4C:1B:C5:7C:FA:92:29:40:ED:50:DA:C3:5F:52:08:5C
X509v3 Authority Key Identifier:
keyid:1A:AE:75:A2:6C:CF:86:21:22:28:16:A4:71:CC:B7:C0:D5:E7:16:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gq51omzPhiEiKBakccy3wNXnFuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8e7054-fd50-4f91-9cc7-264f0cc5ff80/1/qA_tPEwbxXz6kilA7VDaw19SCFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8e7054-fd50-4f91-9cc7-264f0cc5ff80/1/Gq51omzPhiEiKBakccy3wNXnFuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.22.0/23
91.198.51.0/24
IPv6:
2001:67c:2fe4::/48
Signature Algorithm: sha256WithRSAEncryption
46:0a:fa:3f:8f:3e:86:7c:d3:b1:55:45:24:ad:6e:c2:e6:1d:
69:ba:86:b5:34:82:03:1c:ef:11:e7:36:68:0f:74:4b:e3:69:
34:30:c0:c7:ea:06:f4:df:c7:a9:9b:6c:01:16:e1:b5:ab:a1:
39:7f:45:cd:25:4c:88:5d:ce:e9:51:1d:ba:c9:5f:75:3c:c6:
90:cb:e6:ce:e7:e8:cc:7e:cb:6b:f4:d1:4d:e8:a2:9e:38:99:
47:d2:90:b2:5e:62:29:9a:a9:53:13:ae:fe:b1:b7:3a:5e:df:
1b:1a:c4:93:70:9b:d3:16:cc:2b:35:d6:21:79:63:8d:84:c9:
75:dc:55:a6:0e:65:1c:55:66:76:d7:7e:c0:30:2f:c0:d8:b4:
51:c9:14:e5:16:35:96:5e:fa:32:67:29:d0:a3:97:ef:0b:5d:
a0:80:3c:d9:dc:80:4e:45:b7:cd:3a:30:a9:9a:f1:0a:a1:80:
f5:92:99:13:b7:3a:07:b8:f8:0d:6a:cb:60:df:06:83:e5:0d:
44:a4:7c:20:2d:2c:fe:bb:2b:f8:32:3d:48:cb:6f:41:4a:a2:
cf:83:f3:44:9a:7b:bf:d3:8d:e0:77:81:97:28:88:97:6b:1c:
0c:7d:b6:23:df:ad:22:c1:fd:83:71:a3:e9:34:62:ac:95:1e:
3c:23:3d:b1
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzGS44E4wAdaNQ21+oAXBzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYWU3NWEyNmNjZjg2MjEyMjI4MTZhNDcxY2NiN2MwZDVl
NzE2ZTIwHhcNMjQwMTAxMTgzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODBmZWQzYzRjMWJjNTdjZmE5MjI5NDBlZDUwZGFjMzVmNTIwODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuCHhKvV8xnC4o0sXDOUo2qErjtd
8RKFgGVmDzXiO0lYTux2JC4pvT1duGfMZQhoYLMJOcuspO3YGhXk2tntMSLeVJl9
mG8qdeAWITI8DiYUybf8OBKsCQSt7bck3oCEUtU1aQ/N02tCQcf8DbBgs7sQRo5v
RJjTKexgADNWY50kWrDiL/uttfqrcoyT1o4kG/otyruvt+Sx/61wt8LmUPsqw9me
K3rEK5u0wZ2IIUoYHuCu+N24sw1oxPQDuaM7qgtdVs+41MPsifOji7iMDRkfLYDl
uUgEpLnSk8P6V9YRy0ZXiZLhUTl/PM+X6BCL5qphV/CGNWcUoe1+TOh0oQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKgP7TxMG8V8+pIpQO1Q2sNfUghcMB8GA1UdIwQY
MBaAFBqudaJsz4YhIigWpHHMt8DV5xbiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3E1MW9telBoaUVpS0Jha2NjeTN3TlhuRnVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy84ZTcwNTQtZmQ1MC00ZjkxLTljYzct
MjY0ZjBjYzVmZjgwLzEvcUFfdFBFd2J4WHo2a2lsQTdWRGF3MTlTQ0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy84ZTcwNTQtZmQ1MC00ZjkxLTljYzctMjY0ZjBjYzVmZjgw
LzEvR3E1MW9telBoaUVpS0Jha2NjeTN3TlhuRnVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBW8MWAwQA
W8YzMA8EAgACMAkDBwAgAQZ8L+QwDQYJKoZIhvcNAQELBQADggEBAEYK+j+PPoZ8
07FVRSStbsLmHWm6hrU0ggMc7xHnNmgPdEvjaTQwwMfqBvTfx6mbbAEW4bWroTl/
Rc0lTIhdzulRHbrJX3U8xpDL5s7n6Mx+y2v00U3oop44mUfSkLJeYimaqVMTrv6x
tzpe3xsaxJNwm9MWzCs11iF5Y42EyXXcVaYOZRxVZnbXfsAwL8DYtFHJFOUWNZZe
+jJnKdCjl+8LXaCAPNncgE5Ft806MKma8QqhgPWSmRO3Oge4+A1qy2DfBoPlDUSk
fCAtLP67K/gyPUjLb0FKos+D80Sae7/TjeB3gZcoiJdrHAx9tiPfrSLB/YNxo+k0
YqyVHjwjPbE=
-----END CERTIFICATE-----
Generated at Fri Aug 30 13:52:14 2024 by rpki-client on console-fra.rpki-client.org