Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/Qv0Yjr0CRy_rBznQMyI5ubdgOtA.roa
File: Qv0Yjr0CRy_rBznQMyI5ubdgOtA.roa (raw, json)
Hash identifier: NAevAur8o9/VFTKiJC0ymByF7XXEoi3JqSe811Ry+AQ=
Subject key identifier: 42:FD:18:8E:BD:02:47:2F:EB:07:39:D0:33:22:39:B9:B7:60:3A:D0
Certificate issuer: /CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Certificate serial: 018CAB1793B555202AF0A0BA8EE63BE9C4C5
Authority key identifier: 2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/Qv0Yjr0CRy_rBznQMyI5ubdgOtA.roa
Signing time: Wed 27 Dec 2023 11:44:58 +0000
ROA not before: Wed 27 Dec 2023 11:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39402
IP address blocks: 91.188.211.0/24 maxlen: 24
91.188.210.0/24 maxlen: 24
91.188.208.0/24 maxlen: 24
91.188.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:17:93:b5:55:20:2a:f0:a0:ba:8e:e6:3b:e9:c4:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Validity
Not Before: Dec 27 11:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42fd188ebd02472feb0739d0332239b9b7603ad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:16:e4:4d:71:dd:5f:c3:44:16:dd:52:6e:ac:
5f:5e:c7:a8:83:1e:8b:57:95:3e:e3:82:3e:df:1e:
de:10:10:8d:0f:85:cc:cf:1e:31:d1:e9:19:5f:14:
21:71:35:20:cd:f4:fe:db:e9:1e:66:e2:0e:f8:89:
ba:d1:b3:35:44:b7:a5:7e:72:df:52:6b:93:c6:e4:
61:a8:7d:50:4c:f1:20:c2:93:19:3d:68:bf:25:63:
71:d7:50:bd:fb:ea:b3:d9:47:44:53:15:c9:a5:9a:
0b:f4:4d:49:fd:ce:3e:44:78:26:b4:25:27:fd:78:
7d:5b:bb:ab:da:1b:7e:86:8e:4a:e0:cf:00:f8:b7:
62:92:27:60:11:ac:c7:89:aa:cd:38:6b:16:c2:3d:
fd:e2:5d:27:28:65:81:84:1b:75:f5:d9:56:61:5c:
28:af:fb:39:76:6b:7a:92:10:26:84:5a:22:26:82:
05:af:90:98:66:c1:23:6f:7a:dd:bd:2e:d0:2e:19:
5b:c6:4c:04:24:46:6a:14:df:5d:4a:2b:85:ac:04:
22:97:92:95:cb:f2:6a:8a:50:d0:b0:24:92:9c:80:
e0:cb:db:95:76:d8:6a:88:a4:77:d3:8e:29:45:3b:
4f:b8:a8:05:30:36:fc:39:f4:eb:d8:51:9a:bc:3d:
2c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:FD:18:8E:BD:02:47:2F:EB:07:39:D0:33:22:39:B9:B7:60:3A:D0
X509v3 Authority Key Identifier:
keyid:2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/Qv0Yjr0CRy_rBznQMyI5ubdgOtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/K8hpV3Lw5k87mhYhczzAJQb3RwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.208.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:d0:e7:7d:dd:20:aa:f9:cb:4d:a1:f0:db:c5:42:40:3d:14:
0e:51:86:6a:eb:21:4d:3a:0d:3c:44:81:0e:c6:91:5e:af:32:
5d:ae:f9:cb:38:c5:48:8d:73:c2:2d:07:cc:74:9c:f1:b5:28:
1d:ab:11:2b:45:4e:09:1a:9d:37:b6:ef:cb:ed:c6:62:26:82:
3e:e6:14:81:39:b9:ea:56:d6:7b:76:c3:c5:66:02:ac:88:5c:
eb:64:b4:0f:3a:90:b1:b1:9f:9d:e0:af:10:c7:84:5e:84:98:
91:cd:a9:fd:a9:33:f1:17:70:53:d8:25:54:d4:c1:d6:00:de:
12:76:c6:25:38:d9:de:9c:21:a4:d9:2d:dc:87:72:f6:31:1c:
55:41:d2:5e:f2:51:79:46:d9:df:fd:07:87:c2:09:e3:fb:55:
90:fc:18:9f:1d:d2:e3:43:63:2f:6b:94:4c:21:34:14:5f:85:
0e:1c:5e:cd:a4:47:3b:64:aa:03:e1:21:7c:d6:19:71:e6:17:
c2:8c:79:9c:5b:be:f8:22:1a:bb:f9:a7:40:9f:af:5f:07:5d:
cd:fe:e0:63:00:a4:63:5e:1b:1b:1c:2d:cb:d4:4e:da:25:6b:
b6:b7:5e:c1:d4:b8:71:f5:24:01:69:c6:4c:3a:ed:7d:10:5a:
ad:26:ed:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyrF5O1VSAq8KC6juY76cTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYzg2OTU3NzJmMGU2NGYzYjlhMTYyMTczM2NjMDI1MDZm
NzQ3MDIwHhcNMjMxMjI3MTE0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmZkMTg4ZWJkMDI0NzJmZWIwNzM5ZDAzMzIyMzliOWI3NjAzYWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBbkTXHdX8NEFt1SbqxfXseogx6L
V5U+44I+3x7eEBCND4XMzx4x0ekZXxQhcTUgzfT+2+keZuIO+Im60bM1RLelfnLf
UmuTxuRhqH1QTPEgwpMZPWi/JWNx11C9++qz2UdEUxXJpZoL9E1J/c4+RHgmtCUn
/Xh9W7ur2ht+ho5K4M8A+LdikidgEazHiarNOGsWwj394l0nKGWBhBt19dlWYVwo
r/s5dmt6khAmhFoiJoIFr5CYZsEjb3rdvS7QLhlbxkwEJEZqFN9dSiuFrAQil5KV
y/JqilDQsCSSnIDgy9uVdthqiKR3044pRTtPuKgFMDb8OfTr2FGavD0suwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEL9GI69Akcv6wc50DMiObm3YDrQMB8GA1UdIwQY
MBaAFCvIaVdy8OZPO5oWIXM8wCUG90cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzhocFYzTHc1azg3bWhZaGN6ekFKUWIzUndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9jYmZhOWItMDI5MS00OGUzLTgwNWMt
NDNkNjZhMDMzMWVjLzEvUXYwWWpyMENSeV9yQnpuUU15STV1YmRnT3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9jYmZhOWItMDI5MS00OGUzLTgwNWMtNDNkNjZhMDMzMWVj
LzEvSzhocFYzTHc1azg3bWhZaGN6ekFKUWIzUndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW7zQMA0G
CSqGSIb3DQEBCwUAA4IBAQCd0Od93SCq+ctNofDbxUJAPRQOUYZq6yFNOg08RIEO
xpFerzJdrvnLOMVIjXPCLQfMdJzxtSgdqxErRU4JGp03tu/L7cZiJoI+5hSBObnq
VtZ7dsPFZgKsiFzrZLQPOpCxsZ+d4K8Qx4RehJiRzan9qTPxF3BT2CVU1MHWAN4S
dsYlONnenCGk2S3ch3L2MRxVQdJe8lF5Rtnf/QeHwgnj+1WQ/BifHdLjQ2Mva5RM
ITQUX4UOHF7NpEc7ZKoD4SF81hlx5hfCjHmcW774Ihq7+adAn69fB13N/uBjAKRj
XhsbHC3L1E7aJWu2t17B1Lhx9SQBacZMOu19EFqtJu2l
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:25 2024 by rpki-client on console-ams.rpki-client.org