Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/IJSFMrrTN0u6hJy-MpCvEW9d8z0.roa
File: IJSFMrrTN0u6hJy-MpCvEW9d8z0.roa (raw, json)
Hash identifier: FdgWIzH8cxD332JDKJj8Ti61SMNA1G0YtLIyD2FmNzY=
Subject key identifier: 20:94:85:32:BA:D3:37:4B:BA:84:9C:BE:32:90:AF:11:6F:5D:F3:3D
Certificate issuer: /CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Certificate serial: 018FF6766E96287918C037338F049EB22149
Authority key identifier: 74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/IJSFMrrTN0u6hJy-MpCvEW9d8z0.roa
Signing time: Sat 08 Jun 2024 06:08:27 +0000
ROA not before: Sat 08 Jun 2024 06:08:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41152
IP address blocks: 91.227.246.0/23 maxlen: 24
91.228.22.0/23 maxlen: 23
193.148.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 19 Jun 2024 08:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f6:76:6e:96:28:79:18:c0:37:33:8f:04:9e:b2:21:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Validity
Not Before: Jun 8 06:08:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20948532bad3374bba849cbe3290af116f5df33d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:77:15:6f:95:9d:c9:86:64:7d:19:72:a8:b7:
12:a8:05:88:4a:04:61:c6:45:21:fc:2b:10:5d:1f:
08:b7:4b:65:ad:36:1a:6c:51:2c:5b:56:9f:67:81:
6f:25:49:6f:c7:02:2d:7b:73:59:5b:7b:94:a7:71:
45:5d:79:35:5e:f2:22:5b:a9:42:30:42:55:b1:2b:
8e:bf:9b:95:d6:80:03:2b:df:d6:9d:36:06:89:9f:
2b:e5:a8:d2:8a:98:51:82:d0:e7:e9:ef:c8:c4:5a:
69:64:60:c6:d4:08:73:ae:02:b6:34:83:c3:e8:f4:
43:f6:01:1b:8c:a8:c1:b0:1f:9b:a5:d3:c4:70:70:
7b:78:3a:5f:9d:e7:ab:6a:e6:37:9e:00:6b:ca:3f:
e3:d8:2b:64:8d:b0:62:77:9f:c2:79:f6:57:e9:76:
db:ed:48:dc:ff:68:16:bd:e2:d8:42:57:c8:6b:d6:
2b:b0:ed:90:20:b7:26:39:16:33:01:d5:e9:e1:45:
54:d1:72:99:39:02:ec:3b:0e:8e:5a:e6:b8:c7:90:
aa:d1:d6:ed:f6:06:68:fd:d4:b9:bc:63:21:17:58:
31:ff:39:83:82:7d:12:94:65:be:9e:df:72:7c:7f:
f8:ec:53:6d:b5:36:a2:96:3c:a9:b2:9a:ca:27:3b:
1a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:94:85:32:BA:D3:37:4B:BA:84:9C:BE:32:90:AF:11:6F:5D:F3:3D
X509v3 Authority Key Identifier:
keyid:74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/IJSFMrrTN0u6hJy-MpCvEW9d8z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/dLTNPt9SHfjsChURESctP7kbmcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.246.0/23
91.228.22.0/23
193.148.64.0/22
Signature Algorithm: sha256WithRSAEncryption
10:30:0d:26:a4:bf:70:51:38:67:4c:fa:e4:51:f4:81:c0:b4:
54:15:27:c2:c9:a6:2a:04:6a:fe:e0:ef:05:38:bd:15:c3:08:
2a:69:01:dc:94:57:a0:ab:96:3e:b8:1f:0e:d2:19:20:78:cc:
10:e5:4d:4e:ae:fb:23:f5:18:6a:e8:7e:65:b4:6c:fa:66:bf:
14:02:41:96:d9:da:0a:85:45:7e:cc:8a:9a:6d:37:23:61:d2:
25:f3:98:68:62:3b:68:d4:5e:8f:52:ea:c7:10:1e:92:2f:bb:
e9:7c:f8:0c:f6:b7:f2:48:b1:f9:77:a4:8f:32:ac:cf:64:12:
56:99:09:e3:c1:40:78:36:b6:b6:9b:5f:a8:e3:66:31:61:4a:
fa:c4:29:88:ee:23:1d:03:a5:7d:b3:d3:5e:80:86:e1:2b:58:
2a:34:90:e3:ff:1b:ad:ae:81:cb:ef:e5:14:3d:03:07:d1:4e:
c2:fc:4a:7d:07:04:3d:fb:04:96:64:40:a2:cb:ec:5b:24:b3:
5f:8c:5f:68:a2:80:ac:3b:a0:68:9d:db:61:bb:9d:3f:9b:d4:
c8:aa:78:24:f1:f0:25:e5:88:5b:f2:7a:fe:5f:7c:bc:9c:a3:
53:d4:b7:ed:42:75:1f:a7:95:e1:70:5e:1a:65:dd:92:3d:54:
45:4c:ff:14
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/2dm6WKHkYwDczjwSesiFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjRjZDNlZGY1MjFkZjhlYzBhMTUxMTExMjcyZDNmYjkx
Yjk5YzMwHhcNMjQwNjA4MDYwODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDk0ODUzMmJhZDMzNzRiYmE4NDljYmUzMjkwYWYxMTZmNWRmMzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHcVb5WdyYZkfRlyqLcSqAWISgRh
xkUh/CsQXR8It0tlrTYabFEsW1afZ4FvJUlvxwIte3NZW3uUp3FFXXk1XvIiW6lC
MEJVsSuOv5uV1oADK9/WnTYGiZ8r5ajSiphRgtDn6e/IxFppZGDG1AhzrgK2NIPD
6PRD9gEbjKjBsB+bpdPEcHB7eDpfneerauY3ngBryj/j2CtkjbBid5/CefZX6Xbb
7Ujc/2gWveLYQlfIa9YrsO2QILcmORYzAdXp4UVU0XKZOQLsOw6OWua4x5Cq0dbt
9gZo/dS5vGMhF1gx/zmDgn0SlGW+nt9yfH/47FNttTailjypsprKJzsauQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCCUhTK60zdLuoScvjKQrxFvXfM9MB8GA1UdIwQY
MBaAFHS0zT7fUh347AoVEREnLT+5G5nDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMt
ZTJhN2ZiODQ4MzE4LzEvSUpTRk1yclROMHU2aEp5LU1wQ3ZFVzlkOHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMtZTJhN2ZiODQ4MzE4
LzEvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+P2AwQB
W+QWAwQCwZRAMA0GCSqGSIb3DQEBCwUAA4IBAQAQMA0mpL9wUThnTPrkUfSBwLRU
FSfCyaYqBGr+4O8FOL0VwwgqaQHclFegq5Y+uB8O0hkgeMwQ5U1Orvsj9Rhq6H5l
tGz6Zr8UAkGW2doKhUV+zIqabTcjYdIl85hoYjto1F6PUurHEB6SL7vpfPgM9rfy
SLH5d6SPMqzPZBJWmQnjwUB4Nra2m1+o42YxYUr6xCmI7iMdA6V9s9NegIbhK1gq
NJDj/xutroHL7+UUPQMH0U7C/Ep9BwQ9+wSWZECiy+xbJLNfjF9oooCsO6Bondth
u50/m9TIqngk8fAl5Yhb8nr+X3y8nKNT1LftQnUfp5XhcF4aZd2SPVRFTP8U
-----END CERTIFICATE-----
Generated at Wed Jun 19 11:35:04 2024 by rpki-client on console-fra.rpki-client.org