Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/znRv_SunN41n4TifO0RU3gg7-nk.roa
File: znRv_SunN41n4TifO0RU3gg7-nk.roa (raw, json)
Hash identifier: uzTOYQjrrLDDsUF99YH/zWkb4EDfNJKenlqArtDs1sg=
Subject key identifier: CE:74:6F:FD:2B:A7:37:8D:67:E1:38:9F:3B:44:54:DE:08:3B:FA:79
Certificate issuer: /CN=50980fb6ade858f2652e736993126c85759f06d9
Certificate serial: 01856D9D363D0E0C4F67491136B72A9B7D64
Authority key identifier: 50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/znRv_SunN41n4TifO0RU3gg7-nk.roa
Signing time: Sun 01 Jan 2023 13:54:57 +0000
ROA not before: Sun 01 Jan 2023 13:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 91.232.8.0/22 maxlen: 24
91.204.180.0/24 maxlen: 24
91.204.182.0/24 maxlen: 24
91.204.182.0/23 maxlen: 23
91.218.176.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Feb 2023 15:46:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:36:3d:0e:0c:4f:67:49:11:36:b7:2a:9b:7d:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50980fb6ade858f2652e736993126c85759f06d9
Validity
Not Before: Jan 1 13:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce746ffd2ba7378d67e1389f3b4454de083bfa79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:13:cf:e9:40:6e:34:51:1f:6f:bb:d4:d4:33:
e9:00:19:c1:4f:ab:68:64:c2:8b:86:8e:a8:b2:3c:
19:5a:c3:1a:c3:17:4a:22:96:9b:80:f3:e5:5b:08:
de:dc:77:03:b9:92:04:0a:6b:ee:db:6f:a2:cb:a4:
0f:d6:5a:a3:81:af:aa:e9:b3:50:15:25:61:c3:dc:
4b:18:bb:60:3f:8c:c1:95:be:cd:f3:9d:9a:1d:8d:
ae:7a:a3:2f:33:53:b8:a1:c1:be:a2:c9:11:c0:e0:
88:b1:fd:b9:58:58:77:b5:9a:82:29:b4:2b:21:73:
a3:3f:70:83:88:65:57:9f:64:7a:31:63:cf:c3:d9:
95:8f:97:64:d6:f1:53:1c:67:f5:dd:f7:8b:a0:f9:
c8:ae:db:55:41:c4:47:1e:2b:5e:b9:90:b0:80:4a:
86:d5:51:4a:f7:eb:db:b3:bb:58:53:b1:64:a6:83:
60:6f:24:9e:4c:d3:ed:6a:b9:78:a7:e4:b1:9e:b3:
0d:f1:58:8b:8c:78:b0:d0:a0:2a:1b:83:b4:2c:5c:
9f:0b:e4:10:1d:62:82:db:a8:83:fb:29:0c:10:f3:
7b:42:a1:87:fa:70:94:b5:7a:f7:c0:71:bb:fd:64:
1a:35:e3:ef:08:83:98:7c:54:a2:fe:a3:97:1c:28:
9e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:74:6F:FD:2B:A7:37:8D:67:E1:38:9F:3B:44:54:DE:08:3B:FA:79
X509v3 Authority Key Identifier:
keyid:50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/znRv_SunN41n4TifO0RU3gg7-nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.180.0/24
91.204.182.0/23
91.218.176.0/22
91.232.8.0/22
Signature Algorithm: sha256WithRSAEncryption
88:7e:d0:c7:f1:bc:3b:f7:b2:2e:5c:88:3b:d0:ba:35:91:9c:
ec:b5:69:05:21:e7:87:c4:ba:94:92:28:25:5f:ad:11:3d:cb:
bf:77:53:e4:2f:f2:ed:e3:ac:b6:e2:86:8e:db:d3:62:22:67:
ab:0a:48:6c:3a:95:69:4f:7d:e9:04:45:39:43:84:05:d8:db:
38:05:95:ec:47:95:97:2f:75:6c:ef:2c:73:c4:94:c2:90:c4:
c8:6a:32:8f:c9:74:2a:ab:bd:1d:58:cd:a7:8a:fc:3d:9b:ac:
ce:bd:9c:2b:4a:7f:11:4f:2f:6a:fc:4b:68:fe:61:44:d5:b4:
94:2e:86:67:bf:f5:2f:08:31:82:93:55:3b:ac:0f:10:61:c1:
a7:d1:e6:90:61:63:83:0a:42:37:6b:bd:d4:b8:fa:ed:ae:4e:
60:3b:00:89:cd:7c:40:24:0d:2a:96:e1:ff:21:58:ad:5c:64:
25:7d:3a:0f:63:89:44:a7:05:ed:ad:cd:12:64:79:d3:e0:37:
4a:6f:87:1e:29:53:ff:9e:a4:82:33:61:90:36:62:af:91:76:
e9:ee:3c:27:34:b3:b6:72:82:ce:4d:74:f1:0c:e3:ce:95:3f:
f8:44:cd:80:fb:80:ed:2d:80:7d:a0:0e:6e:f7:8e:76:82:0b:
71:bf:27:4e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtnTY9DgxPZ0kRNrcqm31kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTgwZmI2YWRlODU4ZjI2NTJlNzM2OTkzMTI2Yzg1NzU5
ZjA2ZDkwHhcNMjMwMTAxMTM1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTc0NmZmZDJiYTczNzhkNjdlMTM4OWYzYjQ0NTRkZTA4M2JmYTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRPP6UBuNFEfb7vU1DPpABnBT6to
ZMKLho6osjwZWsMawxdKIpabgPPlWwje3HcDuZIECmvu22+iy6QP1lqjga+q6bNQ
FSVhw9xLGLtgP4zBlb7N852aHY2ueqMvM1O4ocG+oskRwOCIsf25WFh3tZqCKbQr
IXOjP3CDiGVXn2R6MWPPw9mVj5dk1vFTHGf13feLoPnIrttVQcRHHiteuZCwgEqG
1VFK9+vbs7tYU7FkpoNgbySeTNPtarl4p+SxnrMN8ViLjHiw0KAqG4O0LFyfC+QQ
HWKC26iD+ykMEPN7QqGH+nCUtXr3wHG7/WQaNePvCIOYfFSi/qOXHCiexQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM50b/0rpzeNZ+E4nztEVN4IO/p5MB8GA1UdIwQY
MBaAFFCYD7at6FjyZS5zaZMSbIV1nwbZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEt
Y2NhNzlhNjk4MjBhLzEvem5Sdl9TdW5ONDFuNFRpZk8wUlUzZ2c3LW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEtY2NhNzlhNjk4MjBh
LzEvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8y0AwQB
W8y2AwQCW9qwAwQCW+gIMA0GCSqGSIb3DQEBCwUAA4IBAQCIftDH8bw797IuXIg7
0Lo1kZzstWkFIeeHxLqUkiglX60RPcu/d1PkL/Lt46y24oaO29NiImerCkhsOpVp
T33pBEU5Q4QF2Ns4BZXsR5WXL3Vs7yxzxJTCkMTIajKPyXQqq70dWM2nivw9m6zO
vZwrSn8RTy9q/Eto/mFE1bSULoZnv/UvCDGCk1U7rA8QYcGn0eaQYWODCkI3a73U
uPrtrk5gOwCJzXxAJA0qluH/IVitXGQlfToPY4lEpwXtrc0SZHnT4DdKb4ceKVP/
nqSCM2GQNmKvkXbp7jwnNLO2coLOTXTxDOPOlT/4RM2A+4DtLYB9oA5u9452ggtx
vydO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:03 2024 by rpki-client on console-ams.rpki-client.org