Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/4JCXBPXh_c_Yr9pr_Ox84yV1f78.roa
File: 4JCXBPXh_c_Yr9pr_Ox84yV1f78.roa (raw, json)
Hash identifier: e6F9P8oUF+x+Ssq1i1eeZbGpOge52A3LzUaJT7wU5wk=
Subject key identifier: E0:90:97:04:F5:E1:FD:CF:D8:AF:DA:6B:FC:EC:7C:E3:25:75:7F:BF
Certificate issuer: /CN=9c1aed9913f8880af7557eef3ef02d6e0ff3fd49
Certificate serial: 01856FA719CAE5550C134BCFAB778F95AFF5
Authority key identifier: 9C:1A:ED:99:13:F8:88:0A:F7:55:7E:EF:3E:F0:2D:6E:0F:F3:FD:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/4JCXBPXh_c_Yr9pr_Ox84yV1f78.roa
Signing time: Sun 01 Jan 2023 23:25:00 +0000
ROA not before: Sun 01 Jan 2023 23:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34773
IP address blocks: 91.233.121.0/24 maxlen: 24
2a0a:1b84::/32 maxlen: 32
2a0a:1b82::/32 maxlen: 32
2a0a:1b80::/32 maxlen: 32
2a0a:1b86::/32 maxlen: 32
2a0a:1b85::/32 maxlen: 32
2a0a:1b83::/32 maxlen: 32
2a0a:1b87::/32 maxlen: 32
2a0a:1b81::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:19:ca:e5:55:0c:13:4b:cf:ab:77:8f:95:af:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c1aed9913f8880af7557eef3ef02d6e0ff3fd49
Validity
Not Before: Jan 1 23:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0909704f5e1fdcfd8afda6bfcec7ce325757fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:04:0d:84:02:b7:3a:db:f1:dc:d8:68:e5:16:
76:d8:ac:d5:ae:bd:04:48:e3:d8:3f:b7:dc:4d:ff:
f6:c0:61:f9:c8:4d:96:12:78:19:cf:4a:00:36:5f:
f8:48:52:f4:53:0f:9d:f0:4f:e8:24:ad:5a:22:8a:
d7:f3:de:7a:ef:7b:b7:34:9b:f0:1c:7b:17:6b:8f:
4c:6a:de:98:94:97:14:48:50:aa:98:28:42:be:64:
a3:53:fd:61:3a:f4:48:76:05:5b:60:c4:96:58:e8:
11:b4:c4:01:ee:2e:77:30:82:54:ee:0e:72:87:b4:
84:50:69:3f:9d:b0:28:9b:36:e6:bf:89:6a:39:e5:
35:7e:79:d1:1b:53:69:68:9c:3e:b8:dd:53:8e:35:
9b:76:51:98:fb:f8:66:b9:20:a4:b3:f3:bf:37:e9:
5d:d5:aa:ea:c6:d9:44:e3:c3:00:d0:ce:63:6f:1d:
a6:83:d6:9e:5b:18:d8:9b:8b:4c:01:d1:05:e3:0c:
20:ee:8b:74:06:fa:a4:3a:a4:4f:9c:ed:ab:d0:5c:
33:e5:58:53:09:83:52:54:3d:1d:cb:c8:85:e0:1d:
b3:38:74:63:42:ae:07:8e:d3:a8:1b:c0:23:7f:a8:
bd:79:cc:35:8c:33:a1:8d:6c:b0:e5:48:a5:ba:cb:
c0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:90:97:04:F5:E1:FD:CF:D8:AF:DA:6B:FC:EC:7C:E3:25:75:7F:BF
X509v3 Authority Key Identifier:
keyid:9C:1A:ED:99:13:F8:88:0A:F7:55:7E:EF:3E:F0:2D:6E:0F:F3:FD:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/4JCXBPXh_c_Yr9pr_Ox84yV1f78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.121.0/24
IPv6:
2a0a:1b80::/29
Signature Algorithm: sha256WithRSAEncryption
8e:a7:ec:5e:00:bd:17:7f:e4:d5:37:60:c3:59:34:ef:6b:58:
a3:db:c4:e0:59:dd:2d:5d:c0:85:ec:c5:31:3f:ba:40:38:dd:
31:48:57:a6:94:fb:22:24:50:0f:86:19:3b:20:a3:51:00:0b:
43:00:b0:b3:81:7f:78:66:a2:33:ee:9d:91:6b:d8:dc:02:b3:
e7:e3:68:27:25:ce:6e:cf:c7:42:25:dc:e5:c5:2c:ee:e4:31:
65:eb:01:8f:6e:c3:ee:6a:d7:b3:e3:f8:63:2f:52:0f:9f:2e:
be:50:4f:d0:d3:49:5f:37:dc:96:39:cc:74:4b:17:80:79:e2:
ce:ba:bc:f8:1c:1f:50:a5:65:72:13:58:d5:ab:4b:b2:9f:8f:
2f:1f:70:11:87:a2:a3:10:1f:37:4c:55:46:eb:9e:a9:f4:c1:
f1:95:e0:5a:88:44:94:45:d1:4d:65:f8:d3:94:e8:c8:6e:3f:
24:c1:59:03:4c:00:94:18:97:43:5a:d8:4d:a7:83:ee:15:34:
77:12:89:d6:5b:e4:a1:bd:d1:3f:b6:6a:6c:fe:5b:03:e5:5b:
6a:04:e8:0a:90:23:a2:fe:b2:2c:d8:41:84:52:fe:96:8c:d1:
15:96:df:d4:30:65:c0:3e:77:ed:25:cd:a1:94:bc:28:9b:01:
3e:ad:c7:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvpxnK5VUME0vPq3ePla/1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMWFlZDk5MTNmODg4MGFmNzU1N2VlZjNlZjAyZDZlMGZm
M2ZkNDkwHhcNMjMwMTAxMjMyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDkwOTcwNGY1ZTFmZGNmZDhhZmRhNmJmY2VjN2NlMzI1NzU3ZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AQNhAK3Otvx3Nho5RZ22KzVrr0E
SOPYP7fcTf/2wGH5yE2WEngZz0oANl/4SFL0Uw+d8E/oJK1aIorX895673u3NJvw
HHsXa49Mat6YlJcUSFCqmChCvmSjU/1hOvRIdgVbYMSWWOgRtMQB7i53MIJU7g5y
h7SEUGk/nbAomzbmv4lqOeU1fnnRG1NpaJw+uN1TjjWbdlGY+/hmuSCks/O/N+ld
1arqxtlE48MA0M5jbx2mg9aeWxjYm4tMAdEF4wwg7ot0BvqkOqRPnO2r0Fwz5VhT
CYNSVD0dy8iF4B2zOHRjQq4HjtOoG8Ajf6i9ecw1jDOhjWyw5UilusvAawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOCQlwT14f3P2K/aa/zsfOMldX+/MB8GA1UdIwQY
MBaAFJwa7ZkT+IgK91V+7z7wLW4P8/1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkJydG1SUDRpQXIzVlg3dlB2QXRiZ196X1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9mZjk0ZjEtYmE2My00MGQ2LWJlY2Et
NWU2MjRhMzAzOGNmLzEvNEpDWEJQWGhfY19Zcjlwcl9PeDg0eVYxZjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9mZjk0ZjEtYmE2My00MGQ2LWJlY2EtNWU2MjRhMzAzOGNm
LzEvbkJydG1SUDRpQXIzVlg3dlB2QXRiZ196X1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+l5MA0E
AgACMAcDBQMqChuAMA0GCSqGSIb3DQEBCwUAA4IBAQCOp+xeAL0Xf+TVN2DDWTTv
a1ij28TgWd0tXcCF7MUxP7pAON0xSFemlPsiJFAPhhk7IKNRAAtDALCzgX94ZqIz
7p2Ra9jcArPn42gnJc5uz8dCJdzlxSzu5DFl6wGPbsPuatez4/hjL1IPny6+UE/Q
00lfN9yWOcx0SxeAeeLOurz4HB9QpWVyE1jVq0uyn48vH3ARh6KjEB83TFVG656p
9MHxleBaiESURdFNZfjTlOjIbj8kwVkDTACUGJdDWthNp4PuFTR3EonWW+ShvdE/
tmps/lsD5VtqBOgKkCOi/rIs2EGEUv6WjNEVlt/UMGXAPnftJc2hlLwomwE+rces
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:06 2024 by rpki-client on console-fra.rpki-client.org