Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/EjJWVErns8Y8y6klrN7Zu5CdsIo.roa
File: EjJWVErns8Y8y6klrN7Zu5CdsIo.roa (raw, json)
Hash identifier: 58doOmplsuRypCoYdGXtARQ6oMrgaSkaD59mf7OMZPQ=
Subject key identifier: 12:32:56:54:4A:E7:B3:C6:3C:CB:A9:25:AC:DE:D9:BB:90:9D:B0:8A
Certificate issuer: /CN=2793bde946ae936d3cacc136a5f3239edf2431f4
Certificate serial: 01877364A56AA687AF183CCEDE4ABBC3908D
Authority key identifier: 27:93:BD:E9:46:AE:93:6D:3C:AC:C1:36:A5:F3:23:9E:DF:24:31:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/EjJWVErns8Y8y6klrN7Zu5CdsIo.roa
Signing time: Wed 12 Apr 2023 02:56:28 +0000
ROA not before: Wed 12 Apr 2023 02:56:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.188.252.0/24 maxlen: 24
91.188.253.0/24 maxlen: 24
91.188.254.0/24 maxlen: 24
91.188.255.0/24 maxlen: 24
81.31.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 May 2023 02:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:73:64:a5:6a:a6:87:af:18:3c:ce:de:4a:bb:c3:90:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2793bde946ae936d3cacc136a5f3239edf2431f4
Validity
Not Before: Apr 12 02:56:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=123256544ae7b3c63ccba925acded9bb909db08a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b0:0a:97:38:d8:ca:b3:f7:01:3f:75:cb:d5:
9b:6e:c7:03:d5:cd:8e:21:c9:0e:a9:95:bc:82:1a:
0f:4c:17:56:a0:e3:a5:39:ba:63:20:e8:61:d0:80:
01:c0:98:a1:b0:98:fd:38:7d:35:f5:fe:90:ba:a9:
22:c0:5e:c6:59:f4:32:df:9d:18:cf:b8:f0:40:8b:
30:73:4e:6c:d0:f8:6b:a8:cd:1c:af:c1:cb:57:e1:
06:d3:ed:5a:d3:ba:04:7a:d1:c6:5f:d7:02:cb:b2:
0b:6f:c6:de:f4:50:34:5f:f6:7a:67:8c:91:a6:e4:
73:2d:bb:8e:20:d1:b2:ce:49:40:c0:de:dc:67:89:
3d:87:c9:22:dd:98:2c:73:eb:6e:8f:28:42:80:97:
93:a7:68:dc:59:fa:bc:ce:f3:5a:ec:e8:4e:b6:f8:
9d:dc:ff:f3:96:4b:ae:69:46:5b:a6:3e:5d:51:1c:
92:d8:41:fb:d1:d9:96:9c:a0:01:1e:4e:37:b5:71:
8f:39:d6:ae:73:6c:0e:bf:fa:07:c7:10:d6:09:97:
ec:50:45:14:4a:f1:66:f4:17:5d:5f:3c:36:e3:a0:
86:51:d3:f3:2c:00:8d:70:6f:f2:47:20:42:d2:c8:
2e:ca:7a:0b:07:c8:80:d7:dc:01:ee:69:90:b3:cd:
0f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:32:56:54:4A:E7:B3:C6:3C:CB:A9:25:AC:DE:D9:BB:90:9D:B0:8A
X509v3 Authority Key Identifier:
keyid:27:93:BD:E9:46:AE:93:6D:3C:AC:C1:36:A5:F3:23:9E:DF:24:31:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/EjJWVErns8Y8y6klrN7Zu5CdsIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/J5O96Uauk208rME2pfMjnt8kMfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.198.0/24
91.188.252.0/22
Signature Algorithm: sha256WithRSAEncryption
05:59:77:ea:65:1a:69:48:de:8f:d6:1c:97:3d:2e:fc:3b:25:
5f:52:60:2a:6e:80:82:e2:65:6a:40:e3:1b:4c:72:62:5c:85:
1b:ec:50:55:0a:5b:77:5d:4b:6b:51:e7:bb:c6:9e:61:d2:0e:
99:e5:bd:2c:17:7f:98:5d:db:10:d7:fd:92:f5:80:82:ad:a3:
61:4a:b6:63:14:97:1a:b6:ea:1c:d9:5a:d5:91:7a:a0:36:7e:
b2:fa:61:85:46:97:4a:0c:c0:55:28:c9:e9:cb:74:e3:fb:96:
39:4b:d6:5b:a6:71:f1:fb:23:e6:04:c5:09:c9:c0:af:76:5a:
9c:62:42:48:45:17:17:93:65:86:07:a8:b5:ee:86:50:c3:f6:
eb:f4:35:29:8c:95:27:0f:65:58:74:25:00:cc:69:8f:fd:37:
2d:47:72:20:ea:3b:2e:62:77:62:7e:ec:56:09:c3:2d:0e:a6:
cb:0e:74:12:0c:92:73:df:8c:d3:53:d3:2a:e8:b1:57:71:df:
b6:76:80:31:c9:a1:0b:6a:b7:31:ac:6e:43:ba:52:cd:5c:eb:
cb:6c:61:57:de:4a:d6:e7:b1:0f:1b:18:d9:da:ee:a2:54:b0:
c5:2c:40:7c:57:a0:c5:17:46:93:36:a0:ce:ad:7e:ed:59:7b:
88:a3:cc:d1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdzZKVqpoevGDzO3kq7w5CNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OTNiZGU5NDZhZTkzNmQzY2FjYzEzNmE1ZjMyMzllZGYy
NDMxZjQwHhcNMjMwNDEyMDI1NjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjMyNTY1NDRhZTdiM2M2M2NjYmE5MjVhY2RlZDliYjkwOWRiMDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibAKlzjYyrP3AT91y9WbbscD1c2O
IckOqZW8ghoPTBdWoOOlObpjIOhh0IABwJihsJj9OH019f6QuqkiwF7GWfQy350Y
z7jwQIswc05s0PhrqM0cr8HLV+EG0+1a07oEetHGX9cCy7ILb8be9FA0X/Z6Z4yR
puRzLbuOINGyzklAwN7cZ4k9h8ki3Zgsc+tujyhCgJeTp2jcWfq8zvNa7OhOtvid
3P/zlkuuaUZbpj5dURyS2EH70dmWnKABHk43tXGPOdauc2wOv/oHxxDWCZfsUEUU
SvFm9BddXzw246CGUdPzLACNcG/yRyBC0sguynoLB8iA19wB7mmQs80P3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBIyVlRK57PGPMupJaze2buQnbCKMB8GA1UdIwQY
MBaAFCeTvelGrpNtPKzBNqXzI57fJDH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjVPOTZVYXVrMjA4ck1FMnBmTWpudDhrTWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9iZjU4ZGEtYTlkMi00MjFhLWI0M2Et
OTJjM2JmNzRhOTdiLzEvRWpKV1ZFcm5zOFk4eTZrbHJON1p1NUNkc0lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9iZjU4ZGEtYTlkMi00MjFhLWI0M2EtOTJjM2JmNzRhOTdi
LzEvSjVPOTZVYXVrMjA4ck1FMnBmTWpudDhrTWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUR/GAwQC
W7z8MA0GCSqGSIb3DQEBCwUAA4IBAQAFWXfqZRppSN6P1hyXPS78OyVfUmAqboCC
4mVqQOMbTHJiXIUb7FBVClt3XUtrUee7xp5h0g6Z5b0sF3+YXdsQ1/2S9YCCraNh
SrZjFJcatuoc2VrVkXqgNn6y+mGFRpdKDMBVKMnpy3Tj+5Y5S9ZbpnHx+yPmBMUJ
ycCvdlqcYkJIRRcXk2WGB6i17oZQw/br9DUpjJUnD2VYdCUAzGmP/TctR3Ig6jsu
YndifuxWCcMtDqbLDnQSDJJz34zTU9Mq6LFXcd+2doAxyaELarcxrG5DulLNXOvL
bGFX3krW57EPGxjZ2u6iVLDFLEB8V6DFF0aTNqDOrX7tWXuIo8zR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:13 2024 by rpki-client on console-fra.rpki-client.org