Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/DwclriOPe9yQA4iHJACCxH1GXc0.roa
File: DwclriOPe9yQA4iHJACCxH1GXc0.roa (raw, json)
Hash identifier: c0XOG2xPm5AN8EEpHrkbTe0SPdvV1pbhsOQuDPDIb1c=
Subject key identifier: 0F:07:25:AE:23:8F:7B:DC:90:03:88:87:24:00:82:C4:7D:46:5D:CD
Certificate issuer: /CN=09fecd7071b727db3d12f09efbb454e04d4f743d
Certificate serial: 018CC5DC3C87AD0E1AB781C93215E79F9879
Authority key identifier: 09:FE:CD:70:71:B7:27:DB:3D:12:F0:9E:FB:B4:54:E0:4D:4F:74:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/DwclriOPe9yQA4iHJACCxH1GXc0.roa
Signing time: Mon 01 Jan 2024 16:29:54 +0000
ROA not before: Mon 01 Jan 2024 16:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207558
IP address blocks: 91.224.171.0/24 maxlen: 24
91.196.229.0/24 maxlen: 24
91.196.228.0/24 maxlen: 24
91.196.231.0/24 maxlen: 24
91.196.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 07:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:3c:87:ad:0e:1a:b7:81:c9:32:15:e7:9f:98:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09fecd7071b727db3d12f09efbb454e04d4f743d
Validity
Not Before: Jan 1 16:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f0725ae238f7bdc90038887240082c47d465dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1c:80:a9:1e:00:3c:36:6a:bb:fe:9c:10:d9:
0b:45:80:da:08:08:99:63:dc:bd:8e:2f:4b:51:d8:
a4:90:a0:de:77:5e:f6:35:82:01:0a:4e:0e:ac:95:
b9:15:51:e7:14:ed:e8:36:40:b2:e8:83:aa:72:28:
64:65:c0:ab:b2:de:ef:6d:bb:7c:2a:35:70:5e:25:
5c:98:12:ca:10:4d:5a:a8:fe:15:d5:86:ed:06:6a:
58:5b:f4:f1:b4:22:51:f5:ef:0e:c1:f2:95:1e:9d:
9c:ad:ae:9c:ba:f6:9a:b2:2e:07:57:4c:60:59:39:
05:3d:90:e8:1c:9b:ba:ab:42:30:d7:31:43:7b:6b:
81:d5:a8:9c:7d:ef:a2:a6:00:03:68:f2:bc:49:e7:
bb:30:aa:46:95:aa:66:ee:e4:0a:6b:b1:2e:24:47:
ab:44:cd:75:67:9a:8d:eb:e3:7a:f7:62:3e:db:e8:
74:ce:83:2a:fc:cf:52:de:dc:d1:9f:8d:7c:67:1f:
c1:62:ec:0c:e3:51:2c:9e:b4:a5:d5:ca:92:88:2d:
9e:a0:50:94:ce:6e:33:15:a7:de:5f:88:63:6a:23:
41:7c:45:f7:83:c2:6b:8b:aa:a5:b1:7f:89:b8:a7:
ce:2d:40:82:b6:de:97:4c:4d:35:10:4b:f1:bb:bc:
32:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:07:25:AE:23:8F:7B:DC:90:03:88:87:24:00:82:C4:7D:46:5D:CD
X509v3 Authority Key Identifier:
keyid:09:FE:CD:70:71:B7:27:DB:3D:12:F0:9E:FB:B4:54:E0:4D:4F:74:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/DwclriOPe9yQA4iHJACCxH1GXc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.228.0/22
91.224.171.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:d6:71:b8:6d:46:24:3a:7a:4f:ba:17:1e:c2:e3:25:2a:c4:
1f:0c:fb:48:d6:21:66:da:f2:2f:4b:03:16:07:12:2c:f4:2d:
26:02:d6:38:85:93:d5:93:df:fa:61:d2:e4:66:24:fd:74:77:
e2:d3:13:c6:1d:16:20:b9:55:83:1a:98:ee:6b:e0:32:90:14:
f4:7b:41:0f:a7:3c:cc:f8:07:fd:47:fa:be:17:84:ef:aa:00:
46:8e:d3:ab:94:ec:e5:73:f3:7e:38:34:fa:d6:42:d8:c2:76:
93:17:de:3b:57:8d:6d:da:6b:43:0a:f5:48:e3:4c:d3:81:21:
40:f8:10:ac:d5:7e:12:a7:ed:a7:ea:dc:4a:16:c8:73:f4:21:
46:79:9e:e7:8f:9c:dd:b0:6d:19:02:a5:75:b4:bd:0b:5e:d2:
1a:a8:a5:1f:a9:38:cc:3a:78:a4:2e:93:5b:c6:d1:56:4c:b3:
04:70:7d:e3:6d:72:86:6c:04:e0:d5:4a:3f:d1:f1:09:50:da:
24:30:21:d3:43:c6:88:38:43:43:a1:71:f2:82:7f:af:ec:5e:
1e:8e:91:46:cb:23:36:1b:ae:84:a1:9e:51:8b:f4:3a:1b:30:
ce:bb:8c:d8:b7:39:27:56:e2:b9:ef:10:0a:d5:0a:46:2a:ce:
fc:e6:64:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3DyHrQ4at4HJMhXnn5h5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZmVjZDcwNzFiNzI3ZGIzZDEyZjA5ZWZiYjQ1NGUwNGQ0
Zjc0M2QwHhcNMjQwMTAxMTYyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjA3MjVhZTIzOGY3YmRjOTAwMzg4ODcyNDAwODJjNDdkNDY1ZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhyAqR4APDZqu/6cENkLRYDaCAiZ
Y9y9ji9LUdikkKDed172NYIBCk4OrJW5FVHnFO3oNkCy6IOqcihkZcCrst7vbbt8
KjVwXiVcmBLKEE1aqP4V1YbtBmpYW/TxtCJR9e8OwfKVHp2cra6cuvaasi4HV0xg
WTkFPZDoHJu6q0Iw1zFDe2uB1aicfe+ipgADaPK8See7MKpGlapm7uQKa7EuJEer
RM11Z5qN6+N692I+2+h0zoMq/M9S3tzRn418Zx/BYuwM41EsnrSl1cqSiC2eoFCU
zm4zFafeX4hjaiNBfEX3g8Jri6qlsX+JuKfOLUCCtt6XTE01EEvxu7wyjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA8HJa4jj3vckAOIhyQAgsR9Rl3NMB8GA1UdIwQY
MBaAFAn+zXBxtyfbPRLwnvu0VOBNT3Q9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2Y3TmNIRzNKOXM5RXZDZS03UlU0RTFQZEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS83MmUzYTEtOTA2Yy00NDhiLTk4ZGEt
NWEyMDZlOGIxMzY5LzEvRHdjbHJpT1BlOXlRQTRpSEpBQ0N4SDFHWGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS83MmUzYTEtOTA2Yy00NDhiLTk4ZGEtNWEyMDZlOGIxMzY5
LzEvQ2Y3TmNIRzNKOXM5RXZDZS03UlU0RTFQZEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8TkAwQA
W+CrMA0GCSqGSIb3DQEBCwUAA4IBAQBs1nG4bUYkOnpPuhcewuMlKsQfDPtI1iFm
2vIvSwMWBxIs9C0mAtY4hZPVk9/6YdLkZiT9dHfi0xPGHRYguVWDGpjua+AykBT0
e0EPpzzM+Af9R/q+F4TvqgBGjtOrlOzlc/N+ODT61kLYwnaTF947V41t2mtDCvVI
40zTgSFA+BCs1X4Sp+2n6txKFshz9CFGeZ7nj5zdsG0ZAqV1tL0LXtIaqKUfqTjM
OnikLpNbxtFWTLMEcH3jbXKGbATg1Uo/0fEJUNokMCHTQ8aIOENDoXHygn+v7F4e
jpFGyyM2G66EoZ5Ri/Q6GzDOu4zYtzknVuK57xAK1QpGKs785mRB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:20 2024 by rpki-client on console-ams.rpki-client.org