Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/af310c-2bd8-4efd-88e4-80c31db20ac5/1/0Km3CXGwDHEfD2y9F6JxlOQl6bE.roa
File: 0Km3CXGwDHEfD2y9F6JxlOQl6bE.roa (raw, json)
Hash identifier: dIyh22spkTnnr+py5iUpgkUfZjD0Jvn9CBmSlOIar+Q=
Subject key identifier: D0:A9:B7:09:71:B0:0C:71:1F:0F:6C:BD:17:A2:71:94:E4:25:E9:B1
Certificate issuer: /CN=721a6b3f5ed5fb74d03512216513c4c81efe1e5c
Certificate serial: 01856F3925901DD3530EB2482BBFC5352BBF
Authority key identifier: 72:1A:6B:3F:5E:D5:FB:74:D0:35:12:21:65:13:C4:C8:1E:FE:1E:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/chprP17V-3TQNRIhZRPEyB7-Hlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/af310c-2bd8-4efd-88e4-80c31db20ac5/1/0Km3CXGwDHEfD2y9F6JxlOQl6bE.roa
Signing time: Sun 01 Jan 2023 21:24:54 +0000
ROA not before: Sun 01 Jan 2023 21:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21087
IP address blocks: 178.217.64.0/21 maxlen: 21
195.93.128.0/23 maxlen: 23
194.176.114.0/24 maxlen: 24
91.210.160.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:25:90:1d:d3:53:0e:b2:48:2b:bf:c5:35:2b:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=721a6b3f5ed5fb74d03512216513c4c81efe1e5c
Validity
Not Before: Jan 1 21:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0a9b70971b00c711f0f6cbd17a27194e425e9b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:42:7e:dc:78:de:24:1f:17:12:1a:7f:ff:2a:
d2:f0:52:a8:76:21:77:e0:16:bc:3e:dc:d3:59:80:
cc:4a:eb:27:25:08:a0:27:c1:17:29:43:09:33:60:
29:d5:aa:b4:c6:14:21:e9:8c:31:44:99:08:30:99:
c5:4f:60:1a:98:42:f9:37:41:28:5e:2c:5f:f7:b0:
f8:65:36:13:ff:17:87:ae:77:cf:7d:95:88:34:9f:
4e:4a:68:f7:2e:4b:65:56:8c:a3:ae:58:cd:c5:b6:
09:f1:84:1d:70:4d:bf:48:06:95:9e:84:06:64:da:
c8:f4:dd:a1:c7:ad:98:fd:98:87:b1:c5:17:49:ea:
07:e2:cf:85:96:c7:5a:fc:f8:de:af:a9:b8:31:86:
14:66:39:c4:20:a2:e0:e0:3c:ae:80:e7:6a:d8:f5:
c8:7b:fa:a1:07:2d:0f:65:71:aa:e3:23:70:4a:2a:
f4:be:09:97:b1:7c:4b:b6:45:e9:67:ff:57:39:ea:
81:35:60:0a:fd:b7:ae:91:fb:97:fa:72:c5:28:f9:
1a:ba:8a:5c:fb:df:b1:6e:0c:8e:29:e4:95:80:26:
e6:da:94:31:43:3d:d3:e6:b3:7a:5e:b4:37:93:5a:
93:31:79:3c:68:49:55:35:19:b3:45:3d:a1:24:d9:
22:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A9:B7:09:71:B0:0C:71:1F:0F:6C:BD:17:A2:71:94:E4:25:E9:B1
X509v3 Authority Key Identifier:
keyid:72:1A:6B:3F:5E:D5:FB:74:D0:35:12:21:65:13:C4:C8:1E:FE:1E:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/chprP17V-3TQNRIhZRPEyB7-Hlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/af310c-2bd8-4efd-88e4-80c31db20ac5/1/0Km3CXGwDHEfD2y9F6JxlOQl6bE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/af310c-2bd8-4efd-88e4-80c31db20ac5/1/chprP17V-3TQNRIhZRPEyB7-Hlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.160.0/22
178.217.64.0/21
194.176.114.0/24
195.93.128.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:f4:9c:c3:a2:8b:67:b7:1f:ab:23:62:c3:c2:83:9d:ae:b3:
eb:b9:3d:64:3d:59:ca:b8:46:b4:25:00:64:59:e6:60:8c:2a:
99:7f:ca:d4:9e:12:87:8f:79:1a:3f:4c:7d:da:8a:e9:82:9f:
15:cb:8f:0b:3b:1b:19:47:72:6e:48:6e:06:3b:87:4e:db:3d:
d5:7c:15:f3:3c:75:36:45:87:e2:78:32:42:fb:10:dd:c4:4e:
86:c9:ed:31:9a:b3:37:5a:d4:b9:8b:0f:9e:7a:cd:1e:d7:f1:
1e:55:ec:76:86:98:6f:1f:ff:8e:0f:e6:67:70:4b:e1:4b:fe:
90:e4:fb:22:13:38:d2:9a:af:eb:28:7b:96:c7:a9:e9:1f:06:
a4:9e:17:0b:3f:8e:fd:a6:7d:1a:38:bc:6b:68:87:30:d8:23:
4b:04:97:66:30:0b:96:68:d0:b7:3a:f8:50:83:a9:64:0c:ec:
08:7a:d7:a4:47:8f:2c:ce:2e:7e:79:84:83:f6:13:c3:4f:c9:
73:79:dd:0c:c0:85:ef:46:17:f4:63:08:15:f3:a0:e2:11:f2:
4b:4b:c5:55:cd:30:64:e1:1c:77:91:15:10:54:f0:25:d7:ce:
dc:47:0f:17:e6:f5:2b:11:43:53:40:90:ab:0e:5d:7e:d7:7f:
d9:16:3a:71
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvOSWQHdNTDrJIK7/FNSu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMWE2YjNmNWVkNWZiNzRkMDM1MTIyMTY1MTNjNGM4MWVm
ZTFlNWMwHhcNMjMwMTAxMjEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGE5YjcwOTcxYjAwYzcxMWYwZjZjYmQxN2EyNzE5NGU0MjVlOWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEJ+3HjeJB8XEhp//yrS8FKodiF3
4Ba8PtzTWYDMSusnJQigJ8EXKUMJM2Ap1aq0xhQh6YwxRJkIMJnFT2AamEL5N0Eo
Xixf97D4ZTYT/xeHrnfPfZWINJ9OSmj3LktlVoyjrljNxbYJ8YQdcE2/SAaVnoQG
ZNrI9N2hx62Y/ZiHscUXSeoH4s+Flsda/Pjer6m4MYYUZjnEIKLg4DyugOdq2PXI
e/qhBy0PZXGq4yNwSir0vgmXsXxLtkXpZ/9XOeqBNWAK/beukfuX+nLFKPkauopc
+9+xbgyOKeSVgCbm2pQxQz3T5rN6XrQ3k1qTMXk8aElVNRmzRT2hJNkibQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNCptwlxsAxxHw9svReicZTkJemxMB8GA1UdIwQY
MBaAFHIaaz9e1ft00DUSIWUTxMge/h5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2hwclAxN1YtM1RRTlJJaFpSUEV5QjctSGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hZjMxMGMtMmJkOC00ZWZkLTg4ZTQt
ODBjMzFkYjIwYWM1LzEvMEttM0NYR3dESEVmRDJ5OUY2SnhsT1FsNmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hZjMxMGMtMmJkOC00ZWZkLTg4ZTQtODBjMzFkYjIwYWM1
LzEvY2hwclAxN1YtM1RRTlJJaFpSUEV5QjctSGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW9KgAwQD
stlAAwQAwrByAwQBw12AMA0GCSqGSIb3DQEBCwUAA4IBAQCO9JzDootntx+rI2LD
woOdrrPruT1kPVnKuEa0JQBkWeZgjCqZf8rUnhKHj3kaP0x92orpgp8Vy48LOxsZ
R3JuSG4GO4dO2z3VfBXzPHU2RYfieDJC+xDdxE6Gye0xmrM3WtS5iw+ees0e1/Ee
Vex2hphvH/+OD+ZncEvhS/6Q5PsiEzjSmq/rKHuWx6npHwaknhcLP479pn0aOLxr
aIcw2CNLBJdmMAuWaNC3OvhQg6lkDOwIetekR48szi5+eYSD9hPDT8lzed0MwIXv
Rhf0YwgV86DiEfJLS8VVzTBk4Rx3kRUQVPAl187cRw8X5vUrEUNTQJCrDl1+13/Z
Fjpx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:09 2024 by rpki-client on console-fra.rpki-client.org