Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/393218-46e5-468b-b58b-7f3352234e21/1/AJ-GSlGhPrrB57uOUdsplHqwqlM.roa
File: AJ-GSlGhPrrB57uOUdsplHqwqlM.roa (raw, json)
Hash identifier: mG8CJOgqiiKpwwOS7iGJUlpp9eSQMON7du6tPL8oxzo=
Subject key identifier: 00:9F:86:4A:51:A1:3E:BA:C1:E7:BB:8E:51:DB:29:94:7A:B0:AA:53
Certificate issuer: /CN=a49d2e50b7738aed0acc1a0ec2fee30080255838
Certificate serial: 0186FBD2EBA7484B73F9F2A698AA78BAEA6D
Authority key identifier: A4:9D:2E:50:B7:73:8A:ED:0A:CC:1A:0E:C2:FE:E3:00:80:25:58:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJ0uULdziu0KzBoOwv7jAIAlWDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/393218-46e5-468b-b58b-7f3352234e21/1/AJ-GSlGhPrrB57uOUdsplHqwqlM.roa
Signing time: Sun 19 Mar 2023 21:42:29 +0000
ROA not before: Sun 19 Mar 2023 21:42:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 91.230.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fb:d2:eb:a7:48:4b:73:f9:f2:a6:98:aa:78:ba:ea:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a49d2e50b7738aed0acc1a0ec2fee30080255838
Validity
Not Before: Mar 19 21:42:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=009f864a51a13ebac1e7bb8e51db29947ab0aa53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fe:5a:e4:d3:e0:ca:f5:b3:a5:e4:84:c4:51:
e0:07:60:ff:4f:37:4c:9a:39:68:f2:82:d8:7f:61:
fc:95:38:d6:0a:d2:13:3e:36:85:89:52:91:0e:eb:
80:8b:b2:67:d0:6e:1e:01:aa:41:08:e1:4f:93:3e:
f9:ae:1e:91:cc:b9:80:a5:1c:cc:eb:a0:8a:1f:fe:
7b:72:ec:c6:42:bb:9e:50:07:64:d9:93:1a:72:a2:
a3:43:b9:00:f7:cb:49:d1:f0:e6:b2:45:8a:c8:41:
64:88:dc:cd:4b:6b:56:ba:32:30:25:13:35:6e:58:
29:3f:76:cc:3a:13:84:26:79:d2:e1:80:0f:ce:70:
09:88:b2:f6:53:83:95:dd:68:51:c1:76:d1:44:52:
e5:e4:69:d9:99:50:83:58:24:cd:26:8a:79:4c:3e:
bd:50:6d:3f:4c:0c:1a:61:7e:f8:c6:9f:08:de:90:
e2:81:50:a8:14:f7:4d:64:0c:97:2b:6b:0f:5f:53:
8f:58:da:58:8e:c2:a4:63:da:7a:69:a2:c2:82:86:
98:ab:b9:27:97:b8:24:3f:9b:ce:02:98:b7:35:bc:
9a:cf:71:2f:7c:cc:cd:54:46:8d:7a:6b:91:a5:72:
b4:12:ed:41:d0:1c:63:1e:e2:65:78:08:d2:7b:0a:
14:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:9F:86:4A:51:A1:3E:BA:C1:E7:BB:8E:51:DB:29:94:7A:B0:AA:53
X509v3 Authority Key Identifier:
keyid:A4:9D:2E:50:B7:73:8A:ED:0A:CC:1A:0E:C2:FE:E3:00:80:25:58:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJ0uULdziu0KzBoOwv7jAIAlWDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/393218-46e5-468b-b58b-7f3352234e21/1/AJ-GSlGhPrrB57uOUdsplHqwqlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/393218-46e5-468b-b58b-7f3352234e21/1/pJ0uULdziu0KzBoOwv7jAIAlWDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.40.0/24
Signature Algorithm: sha256WithRSAEncryption
72:34:d0:3e:12:cd:b0:e4:ed:14:70:33:1b:0f:ac:3e:1d:7f:
ea:74:a6:a0:24:cc:4e:b5:cd:93:b6:93:7b:89:fd:11:fa:aa:
cf:4b:cf:75:50:df:f9:c7:42:b2:25:f1:6d:cb:94:83:7b:bd:
66:f4:15:c1:9c:00:4c:46:08:25:0f:da:41:8e:f2:69:86:cd:
3c:8f:ec:17:25:80:c7:2f:9f:f5:d0:06:b3:58:5a:bc:c0:b7:
36:f0:81:89:37:84:0b:77:d9:fd:66:21:b7:2d:b6:25:21:53:
1c:ef:2f:61:3f:bc:00:ad:49:2a:b6:71:91:ed:81:a3:89:4f:
02:13:96:19:8b:36:c0:a7:39:6c:41:1e:01:92:71:64:58:06:
59:69:15:32:43:32:4a:d7:7c:ad:fd:04:5e:bd:ed:28:ee:82:
5c:f6:09:63:74:10:cf:5a:b4:0b:bb:5a:26:b4:b9:f6:4d:3e:
c3:f1:8c:5c:1b:55:b3:45:11:e4:64:e0:f1:54:1a:56:22:45:
de:00:ea:b5:67:9e:dd:16:e3:a4:55:e5:0a:7d:4b:9a:54:35:
22:18:d7:3f:26:f0:31:7a:46:bb:fa:8a:75:df:3f:7e:16:4e:
cd:e7:5d:54:5b:e2:ae:8f:a2:e8:16:8e:48:41:47:3c:ee:74:
24:ac:0a:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYb70uunSEtz+fKmmKp4uuptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OWQyZTUwYjc3MzhhZWQwYWNjMWEwZWMyZmVlMzAwODAy
NTU4MzgwHhcNMjMwMzE5MjE0MjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDlmODY0YTUxYTEzZWJhYzFlN2JiOGU1MWRiMjk5NDdhYjBhYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv5a5NPgyvWzpeSExFHgB2D/TzdM
mjlo8oLYf2H8lTjWCtITPjaFiVKRDuuAi7Jn0G4eAapBCOFPkz75rh6RzLmApRzM
66CKH/57cuzGQrueUAdk2ZMacqKjQ7kA98tJ0fDmskWKyEFkiNzNS2tWujIwJRM1
blgpP3bMOhOEJnnS4YAPznAJiLL2U4OV3WhRwXbRRFLl5GnZmVCDWCTNJop5TD69
UG0/TAwaYX74xp8I3pDigVCoFPdNZAyXK2sPX1OPWNpYjsKkY9p6aaLCgoaYq7kn
l7gkP5vOApi3Nbyaz3EvfMzNVEaNemuRpXK0Eu1B0BxjHuJleAjSewoUxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFACfhkpRoT66wee7jlHbKZR6sKpTMB8GA1UdIwQY
MBaAFKSdLlC3c4rtCswaDsL+4wCAJVg4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEowdVVMZHppdTBLekJvT3d2N2pBSUFsV0RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zOTMyMTgtNDZlNS00NjhiLWI1OGIt
N2YzMzUyMjM0ZTIxLzEvQUotR1NsR2hQcnJCNTd1T1Vkc3BsSHF3cWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zOTMyMTgtNDZlNS00NjhiLWI1OGItN2YzMzUyMjM0ZTIx
LzEvcEowdVVMZHppdTBLekJvT3d2N2pBSUFsV0RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+YoMA0G
CSqGSIb3DQEBCwUAA4IBAQByNNA+Es2w5O0UcDMbD6w+HX/qdKagJMxOtc2TtpN7
if0R+qrPS891UN/5x0KyJfFty5SDe71m9BXBnABMRgglD9pBjvJphs08j+wXJYDH
L5/10AazWFq8wLc28IGJN4QLd9n9ZiG3LbYlIVMc7y9hP7wArUkqtnGR7YGjiU8C
E5YZizbApzlsQR4BknFkWAZZaRUyQzJK13yt/QReve0o7oJc9gljdBDPWrQLu1om
tLn2TT7D8YxcG1WzRRHkZODxVBpWIkXeAOq1Z57dFuOkVeUKfUuaVDUiGNc/JvAx
eka7+op13z9+Fk7N511UW+Kuj6LoFo5IQUc87nQkrAq5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:59 2024 by rpki-client on console-fra.rpki-client.org