Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/jvt7E6sutB-MOw6RhjHloTRUAGk.roa
File: jvt7E6sutB-MOw6RhjHloTRUAGk.roa (raw, json)
Hash identifier: xC8ghmDgrOhFhPV18TNEk80G8zUZhOasZOqvpKbvlOc=
Subject key identifier: 8E:FB:7B:13:AB:2E:B4:1F:8C:3B:0E:91:86:31:E5:A1:34:54:00:69
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 019092E672B254F6F474B9B3DF17AE360E7D
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/jvt7E6sutB-MOw6RhjHloTRUAGk.roa
Signing time: Mon 08 Jul 2024 15:11:34 +0000
ROA not before: Mon 08 Jul 2024 15:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.149.200.0/24 maxlen: 24
91.149.225.0/24 maxlen: 24
91.149.229.0/24 maxlen: 24
91.149.230.0/24 maxlen: 24
91.149.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Aug 2024 11:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:92:e6:72:b2:54:f6:f4:74:b9:b3:df:17:ae:36:0e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Jul 8 15:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8efb7b13ab2eb41f8c3b0e918631e5a134540069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:99:03:cc:73:36:ab:08:98:5a:8f:0e:53:02:
d9:15:3d:67:c9:51:82:f7:5c:9a:39:24:4a:b8:9a:
de:c6:f6:25:2b:54:ff:b8:eb:4c:92:40:bc:86:ef:
0d:14:ee:27:9f:ee:95:4c:f0:f0:5d:57:1d:13:3d:
7e:42:51:ab:26:44:84:46:12:49:dc:95:ca:58:7f:
af:2b:c6:57:0a:e6:e5:3c:27:9c:e3:f4:df:38:e9:
34:de:9f:0e:0c:ed:93:c5:c8:67:89:02:01:a4:39:
4c:b4:fb:58:0e:02:7c:41:92:a5:9e:fe:02:2d:2b:
1a:a3:cd:6e:22:b4:61:a8:11:1f:e4:1e:d0:8f:6b:
e6:c6:7b:75:22:b2:a8:3d:57:ee:13:70:b9:a1:17:
e2:7b:8f:04:dc:88:66:83:70:9e:14:38:3c:db:92:
4c:0c:7c:e4:ba:d5:f6:85:83:27:6b:3a:96:1b:bd:
64:52:80:fd:4d:71:d0:26:36:6d:14:68:75:ac:4d:
c4:73:72:20:33:71:2d:e0:7c:94:b6:44:49:8c:21:
0a:49:9d:ed:96:1c:66:ad:e8:bb:f4:28:fe:78:aa:
3b:25:dd:68:8e:ec:ee:37:e0:37:e4:86:aa:91:57:
a5:a1:b3:d8:6c:70:f7:43:dc:35:a4:5f:db:7c:e5:
9c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:FB:7B:13:AB:2E:B4:1F:8C:3B:0E:91:86:31:E5:A1:34:54:00:69
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/jvt7E6sutB-MOw6RhjHloTRUAGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.200.0/24
91.149.225.0/24
91.149.229.0-91.149.231.255
Signature Algorithm: sha256WithRSAEncryption
9a:10:9b:d0:19:c3:17:2c:49:bb:0e:d4:74:44:10:0e:59:46:
0c:db:c4:70:e6:fd:34:2d:da:7c:4d:56:e2:d0:1a:90:ae:5b:
bb:10:65:d8:e3:94:7a:83:74:c2:33:be:38:d8:1c:bd:b8:05:
7d:61:97:31:0a:b3:ae:fb:83:01:9e:83:0b:99:30:3f:59:85:
a4:91:0a:a4:1e:ab:95:94:c9:45:b3:37:cc:c9:f3:69:f7:73:
9d:d2:22:ac:84:65:ff:97:82:75:7f:63:6e:9b:88:fb:1c:64:
2e:b5:48:33:65:d9:1a:1b:53:27:6f:d7:98:c1:90:22:a7:4b:
8a:bc:e6:bd:67:b3:7e:4e:ef:3e:53:62:a2:41:1a:d6:e1:1a:
9e:30:88:97:a5:1f:10:06:c9:4c:54:1b:a5:bc:89:0e:13:bf:
b4:84:85:4c:d0:18:62:39:22:0e:4e:59:52:b5:9d:ba:30:a1:
72:e7:8c:fe:56:ae:1c:c9:b8:62:32:04:4f:66:e4:03:18:6a:
35:ce:cb:08:d6:b8:04:4c:66:12:50:57:13:dd:12:4a:80:68:
25:5e:04:83:94:15:ae:a6:99:65:fc:cd:50:a3:b6:78:de:5d:
3a:c8:68:13:e1:f6:63:90:9b:63:6b:ca:dd:99:a9:41:ad:78:
0c:f2:b9:93
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZCS5nKyVPb0dLmz3xeuNg59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjQwNzA4MTUxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWZiN2IxM2FiMmViNDFmOGMzYjBlOTE4NjMxZTVhMTM0NTQwMDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpkDzHM2qwiYWo8OUwLZFT1nyVGC
91yaOSRKuJrexvYlK1T/uOtMkkC8hu8NFO4nn+6VTPDwXVcdEz1+QlGrJkSERhJJ
3JXKWH+vK8ZXCublPCec4/TfOOk03p8ODO2TxchniQIBpDlMtPtYDgJ8QZKlnv4C
LSsao81uIrRhqBEf5B7Qj2vmxnt1IrKoPVfuE3C5oRfie48E3Ihmg3CeFDg825JM
DHzkutX2hYMnazqWG71kUoD9TXHQJjZtFGh1rE3Ec3IgM3Et4HyUtkRJjCEKSZ3t
lhxmrei79Cj+eKo7Jd1ojuzuN+A35IaqkVelobPYbHD3Q9w1pF/bfOWczwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFI77exOrLrQfjDsOkYYx5aE0VABpMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvanZ0N0U2c3V0Qi1NT3c2UmhqSGxvVFJVQUdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW5XIAwQA
W5XhMAwDBABbleUDBANbleAwDQYJKoZIhvcNAQELBQADggEBAJoQm9AZwxcsSbsO
1HREEA5ZRgzbxHDm/TQt2nxNVuLQGpCuW7sQZdjjlHqDdMIzvjjYHL24BX1hlzEK
s677gwGegwuZMD9ZhaSRCqQeq5WUyUWzN8zJ82n3c53SIqyEZf+XgnV/Y26biPsc
ZC61SDNl2RobUydv15jBkCKnS4q85r1ns35O7z5TYqJBGtbhGp4wiJelHxAGyUxU
G6W8iQ4Tv7SEhUzQGGI5Ig5OWVK1nbowoXLnjP5WrhzJuGIyBE9m5AMYajXOywjW
uARMZhJQVxPdEkqAaCVeBIOUFa6mmWX8zVCjtnjeXTrIaBPh9mOQm2Nryt2ZqUGt
eAzyuZM=
-----END CERTIFICATE-----
Generated at Tue Aug 27 13:37:28 2024 by rpki-client on console-fra.rpki-client.org