Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/kaeP8HzOaL0_xvSs-1kOKfazZyY.roa
File: kaeP8HzOaL0_xvSs-1kOKfazZyY.roa (raw, json)
Hash identifier: ULMB6TfO+ArsUI/lrfOmFTvfzGTB8C0CJJb2Z6iGQ0c=
Subject key identifier: 91:A7:8F:F0:7C:CE:68:BD:3F:C6:F4:AC:FB:59:0E:29:F6:B3:67:26
Certificate issuer: /CN=acf910f36291c3c224ddb596d956543197f163de
Certificate serial: 01856E14547086184DE14CED0C30FE429030
Authority key identifier: AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/kaeP8HzOaL0_xvSs-1kOKfazZyY.roa
Signing time: Sun 01 Jan 2023 16:05:04 +0000
ROA not before: Sun 01 Jan 2023 16:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198849
IP address blocks: 91.109.251.0/24 maxlen: 24
91.109.252.0/24 maxlen: 24
91.109.253.0/24 maxlen: 24
91.109.248.0/24 maxlen: 24
91.109.249.0/24 maxlen: 24
91.109.250.0/24 maxlen: 24
91.109.248.0/21 maxlen: 21
91.109.254.0/24 maxlen: 24
91.109.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 Jun 2023 05:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:54:70:86:18:4d:e1:4c:ed:0c:30:fe:42:90:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf910f36291c3c224ddb596d956543197f163de
Validity
Not Before: Jan 1 16:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91a78ff07cce68bd3fc6f4acfb590e29f6b36726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:52:14:b7:1f:83:87:17:03:39:81:15:24:b8:
53:25:c9:5d:64:d0:43:fc:e4:bf:a3:7a:7b:7d:ab:
74:e2:15:38:6d:73:c9:70:a5:94:b8:34:3b:9e:b8:
36:ba:a6:d2:ba:eb:1f:71:e3:7d:0f:a1:e7:49:d1:
47:5e:ec:40:12:a1:7f:ce:6d:5b:b6:5b:8e:d8:5b:
0c:b5:fc:dd:35:39:54:48:d3:0b:1e:27:8c:e8:79:
43:32:d3:58:ca:f5:4c:90:c1:ba:7d:a7:78:0d:66:
b7:b3:0e:a7:3b:f2:fb:77:e3:19:28:7d:50:a8:3f:
0c:03:0a:ed:af:b7:04:07:91:04:c4:5a:d0:12:ff:
1b:8c:9b:7c:3e:53:cc:24:b9:3d:17:2c:67:1a:90:
24:ba:8b:fe:15:ce:06:14:fe:16:d3:eb:3f:a0:2b:
6b:c7:69:ab:b9:fa:1d:bd:b1:db:3e:c5:d7:d4:43:
99:16:54:86:79:0f:11:99:9e:50:8d:e0:b8:54:47:
96:97:a7:7d:13:45:2d:e2:c1:ec:b8:2e:d0:ce:52:
e4:59:c1:13:e1:0c:50:1e:d1:8c:da:02:04:d2:4e:
79:90:67:da:bb:73:bb:e0:ed:c2:43:8a:e1:6e:c6:
f7:db:14:df:97:81:5c:94:c3:19:25:8d:d8:3c:35:
a0:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A7:8F:F0:7C:CE:68:BD:3F:C6:F4:AC:FB:59:0E:29:F6:B3:67:26
X509v3 Authority Key Identifier:
keyid:AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/kaeP8HzOaL0_xvSs-1kOKfazZyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/rPkQ82KRw8Ik3bWW2VZUMZfxY94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.248.0/21
Signature Algorithm: sha256WithRSAEncryption
b3:35:73:67:38:a3:8f:c0:67:48:d3:84:de:7d:59:46:cf:33:
75:b4:95:16:d0:7f:dc:6b:44:2c:d4:84:29:96:e9:93:d2:9e:
24:c0:59:c8:14:13:b5:dd:5e:02:09:a8:66:e8:a4:06:7f:ab:
09:55:72:54:5d:c6:73:d7:86:16:27:f9:cb:53:e9:40:90:71:
cc:2e:bd:ab:2d:79:7d:c9:68:c5:b4:6e:22:41:ef:9c:46:1a:
96:e9:0f:b7:c9:39:0e:0a:bb:af:12:4c:b8:f0:ee:53:7b:61:
96:53:d5:fd:25:10:37:fa:9f:66:a8:b5:c2:79:3e:ae:29:7d:
4b:e7:f1:9b:2c:db:dd:49:d5:d8:d3:14:3c:2e:3e:28:50:67:
15:74:75:32:c0:ce:21:a7:5d:93:2c:a4:15:3e:de:c7:1c:31:
a6:7b:56:94:fb:c9:cd:1e:8c:b0:c7:0c:80:a5:25:50:0f:a0:
d8:24:f8:85:43:d4:41:6f:dc:d9:53:54:b0:39:ed:c2:8f:75:
64:c4:81:7e:97:03:a8:7f:f3:cb:e1:2f:0d:f0:52:dc:3e:22:
22:98:37:18:c2:fe:98:fa:d7:e5:e3:17:2a:f0:0e:e0:a0:e2:
52:b8:f3:76:ae:15:20:b7:aa:18:c2:ee:7a:7c:d5:4f:fa:3e:
f4:75:64:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuFFRwhhhN4UztDDD+QpAwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjkxMGYzNjI5MWMzYzIyNGRkYjU5NmQ5NTY1NDMxOTdm
MTYzZGUwHhcNMjMwMTAxMTYwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWE3OGZmMDdjY2U2OGJkM2ZjNmY0YWNmYjU5MGUyOWY2YjM2NzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlIUtx+DhxcDOYEVJLhTJcldZNBD
/OS/o3p7fat04hU4bXPJcKWUuDQ7nrg2uqbSuusfceN9D6HnSdFHXuxAEqF/zm1b
tluO2FsMtfzdNTlUSNMLHieM6HlDMtNYyvVMkMG6fad4DWa3sw6nO/L7d+MZKH1Q
qD8MAwrtr7cEB5EExFrQEv8bjJt8PlPMJLk9FyxnGpAkuov+Fc4GFP4W0+s/oCtr
x2mrufodvbHbPsXX1EOZFlSGeQ8RmZ5QjeC4VEeWl6d9E0Ut4sHsuC7QzlLkWcET
4QxQHtGM2gIE0k55kGfau3O74O3CQ4rhbsb32xTfl4FclMMZJY3YPDWgpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJGnj/B8zmi9P8b0rPtZDin2s2cmMB8GA1UdIwQY
MBaAFKz5EPNikcPCJN21ltlWVDGX8WPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBrUTgyS1J3OElrM2JXVzJWWlVNWmZ4WTk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xZjVlMDctMzJiNi00MTE0LThiMGQt
ZDNiNThmNjk4MTQ4LzEva2FlUDhIek9hTDBfeHZTcy0xa09LZmF6WnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xZjVlMDctMzJiNi00MTE0LThiMGQtZDNiNThmNjk4MTQ4
LzEvclBrUTgyS1J3OElrM2JXVzJWWlVNWmZ4WTk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW234MA0G
CSqGSIb3DQEBCwUAA4IBAQCzNXNnOKOPwGdI04TefVlGzzN1tJUW0H/ca0Qs1IQp
lumT0p4kwFnIFBO13V4CCahm6KQGf6sJVXJUXcZz14YWJ/nLU+lAkHHMLr2rLXl9
yWjFtG4iQe+cRhqW6Q+3yTkOCruvEky48O5Te2GWU9X9JRA3+p9mqLXCeT6uKX1L
5/GbLNvdSdXY0xQ8Lj4oUGcVdHUywM4hp12TLKQVPt7HHDGme1aU+8nNHoywxwyA
pSVQD6DYJPiFQ9RBb9zZU1SwOe3Cj3VkxIF+lwOof/PL4S8N8FLcPiIimDcYwv6Y
+tfl4xcq8A7goOJSuPN2rhUgt6oYwu56fNVP+j70dWTr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:17 2024 by rpki-client on console-ams.rpki-client.org