Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/8a6ae1-7148-4e57-aaa9-3b81aa26f7c6/1/i3nMIbvxPobvrtPaOw4k96T9a6E.roa
File: i3nMIbvxPobvrtPaOw4k96T9a6E.roa (raw, json)
Hash identifier: zkyyzGAcv2G28Jw+WSENqUzg3EuhcnjhRjoKBp+3+Sc=
Subject key identifier: 8B:79:CC:21:BB:F1:3E:86:EF:AE:D3:DA:3B:0E:24:F7:A4:FD:6B:A1
Certificate issuer: /CN=bd45aecb062d9b446e05421bc1faaf58bb0769ec
Certificate serial: 018570B9963BBA2C4DE88428684C4C1AC315
Authority key identifier: BD:45:AE:CB:06:2D:9B:44:6E:05:42:1B:C1:FA:AF:58:BB:07:69:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vUWuywYtm0RuBUIbwfqvWLsHaew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/8a6ae1-7148-4e57-aaa9-3b81aa26f7c6/1/i3nMIbvxPobvrtPaOw4k96T9a6E.roa
Signing time: Mon 02 Jan 2023 04:24:48 +0000
ROA not before: Mon 02 Jan 2023 04:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24641
IP address blocks: 91.224.48.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:96:3b:ba:2c:4d:e8:84:28:68:4c:4c:1a:c3:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd45aecb062d9b446e05421bc1faaf58bb0769ec
Validity
Not Before: Jan 2 04:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b79cc21bbf13e86efaed3da3b0e24f7a4fd6ba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ab:ff:a6:22:e3:95:5e:df:d3:1d:84:ca:44:
88:89:28:c2:de:ee:02:6f:32:e7:fe:f8:22:9b:60:
c7:9d:fd:af:97:af:bd:93:7d:32:44:da:5b:e6:16:
98:c0:ee:88:ee:47:08:d9:07:25:e4:64:e7:cb:1d:
e6:4f:5e:02:3e:58:1b:e9:5b:34:87:94:a3:d6:a6:
4d:54:88:a0:42:24:2a:53:48:1a:29:e6:85:40:66:
13:6c:9b:49:bc:fb:0e:04:27:30:36:bd:11:7a:8f:
c3:ad:18:01:ba:02:f5:a6:a0:c2:48:a3:ea:49:c2:
53:9f:4d:c5:d5:60:7c:7d:41:18:30:95:84:ef:43:
e6:0f:4d:5b:bf:29:24:a8:90:1b:b2:6d:52:a3:e6:
dc:15:b1:8d:82:56:40:96:3b:6f:4a:8e:ae:76:b5:
43:6a:ac:92:24:78:b1:78:a6:2c:64:a6:13:7d:65:
c4:48:b7:30:66:bb:aa:ec:46:58:0d:a7:e4:2f:f3:
16:70:ee:33:49:af:f2:78:e8:c6:75:9a:1e:3f:4f:
86:61:96:c2:b9:09:41:cf:df:b2:b1:57:4b:78:de:
d6:fd:19:22:57:5e:76:38:c2:e3:9e:04:2f:bc:0e:
e1:87:6e:71:9c:38:b5:70:84:67:74:3d:54:63:77:
63:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:79:CC:21:BB:F1:3E:86:EF:AE:D3:DA:3B:0E:24:F7:A4:FD:6B:A1
X509v3 Authority Key Identifier:
keyid:BD:45:AE:CB:06:2D:9B:44:6E:05:42:1B:C1:FA:AF:58:BB:07:69:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vUWuywYtm0RuBUIbwfqvWLsHaew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8a6ae1-7148-4e57-aaa9-3b81aa26f7c6/1/i3nMIbvxPobvrtPaOw4k96T9a6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8a6ae1-7148-4e57-aaa9-3b81aa26f7c6/1/vUWuywYtm0RuBUIbwfqvWLsHaew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.48.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:87:6a:0f:1c:1d:fe:6a:18:59:7b:e9:9c:02:08:cc:fa:1a:
a7:20:01:69:a1:79:e1:e3:a0:9f:76:80:b6:1f:a6:d7:73:77:
cd:8c:86:70:f6:5c:7e:83:77:09:43:23:29:d4:2b:d6:1f:7a:
f0:56:43:a7:1b:f1:e7:97:2d:bc:eb:8f:a7:2b:d9:5e:ee:2a:
9e:9d:9d:b5:c6:36:4c:07:6b:3e:90:14:76:45:7a:d6:66:c9:
c8:b1:8c:bc:90:df:71:38:c1:7e:0c:3e:36:0d:e4:9c:cf:0e:
69:d0:d4:7a:e6:10:cc:a3:bd:1d:da:6e:e0:db:79:a6:1e:09:
4c:f3:95:ec:26:40:67:01:e5:1d:46:28:19:76:0d:a3:ca:6f:
74:2d:81:3c:58:ae:f4:80:ef:5d:06:31:fc:ff:79:a9:64:2e:
d7:be:60:14:0d:2b:c0:ce:74:ef:72:99:33:ee:79:45:5f:5b:
da:86:7d:e9:7d:7e:0d:3f:46:2f:bf:0d:fe:91:8e:ee:d5:d5:
90:14:1b:e0:7e:53:3b:85:a4:1b:0d:91:41:4a:14:ef:d0:d8:
69:73:a0:8b:98:8b:ad:dd:21:e7:d2:73:ef:1f:56:8c:b2:c4:
78:85:84:89:0c:f9:26:05:63:c2:63:78:86:5b:80:2d:b6:50:
2c:78:fb:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwuZY7uixN6IQoaExMGsMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNDVhZWNiMDYyZDliNDQ2ZTA1NDIxYmMxZmFhZjU4YmIw
NzY5ZWMwHhcNMjMwMTAyMDQyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjc5Y2MyMWJiZjEzZTg2ZWZhZWQzZGEzYjBlMjRmN2E0ZmQ2YmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqv/piLjlV7f0x2EykSIiSjC3u4C
bzLn/vgim2DHnf2vl6+9k30yRNpb5haYwO6I7kcI2Qcl5GTnyx3mT14CPlgb6Vs0
h5Sj1qZNVIigQiQqU0gaKeaFQGYTbJtJvPsOBCcwNr0Reo/DrRgBugL1pqDCSKPq
ScJTn03F1WB8fUEYMJWE70PmD01bvykkqJAbsm1So+bcFbGNglZAljtvSo6udrVD
aqySJHixeKYsZKYTfWXESLcwZruq7EZYDafkL/MWcO4zSa/yeOjGdZoeP0+GYZbC
uQlBz9+ysVdLeN7W/RkiV152OMLjngQvvA7hh25xnDi1cIRndD1UY3djfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIt5zCG78T6G767T2jsOJPek/WuhMB8GA1UdIwQY
MBaAFL1FrssGLZtEbgVCG8H6r1i7B2nsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlVXdXl3WXRtMFJ1QlVJYndmcXZXTHNIYWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84YTZhZTEtNzE0OC00ZTU3LWFhYTkt
M2I4MWFhMjZmN2M2LzEvaTNuTUlidnhQb2J2cnRQYU93NGs5NlQ5YTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS84YTZhZTEtNzE0OC00ZTU3LWFhYTktM2I4MWFhMjZmN2M2
LzEvdlVXdXl3WXRtMFJ1QlVJYndmcXZXTHNIYWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+AwMA0G
CSqGSIb3DQEBCwUAA4IBAQCfh2oPHB3+ahhZe+mcAgjM+hqnIAFpoXnh46CfdoC2
H6bXc3fNjIZw9lx+g3cJQyMp1CvWH3rwVkOnG/Hnly2864+nK9le7iqenZ21xjZM
B2s+kBR2RXrWZsnIsYy8kN9xOMF+DD42DeSczw5p0NR65hDMo70d2m7g23mmHglM
85XsJkBnAeUdRigZdg2jym90LYE8WK70gO9dBjH8/3mpZC7XvmAUDSvAznTvcpkz
7nlFX1vahn3pfX4NP0Yvvw3+kY7u1dWQFBvgflM7haQbDZFBShTv0Nhpc6CLmIut
3SHn0nPvH1aMssR4hYSJDPkmBWPCY3iGW4AttlAsePu9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:55 2024 by rpki-client on console-fra.rpki-client.org