Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/c064a5-d7a9-4e6f-8fd8-0dcd03dc0897/1/3JdQq0wdEcilmMps5h2DABnhTtE.roa
File: 3JdQq0wdEcilmMps5h2DABnhTtE.roa (raw, json)
Hash identifier: bT+U+gC4aMDE1Tl/RK2cijnAaBCqv72gVIMQou6PJAk=
Subject key identifier: DC:97:50:AB:4C:1D:11:C8:A5:98:CA:6C:E6:1D:83:00:19:E1:4E:D1
Certificate issuer: /CN=c7ebabd786da13805655b1b5501fdcbf433bc78d
Certificate serial: 018573B18BB9ED8FAA0545CFD2F0A48AA313
Authority key identifier: C7:EB:AB:D7:86:DA:13:80:56:55:B1:B5:50:1F:DC:BF:43:3B:C7:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x-ur14baE4BWVbG1UB_cv0M7x40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/c064a5-d7a9-4e6f-8fd8-0dcd03dc0897/1/3JdQq0wdEcilmMps5h2DABnhTtE.roa
Signing time: Mon 02 Jan 2023 18:14:53 +0000
ROA not before: Mon 02 Jan 2023 18:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211269
IP address blocks: 91.213.201.0/24 maxlen: 24
5.8.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:b1:8b:b9:ed:8f:aa:05:45:cf:d2:f0:a4:8a:a3:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7ebabd786da13805655b1b5501fdcbf433bc78d
Validity
Not Before: Jan 2 18:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc9750ab4c1d11c8a598ca6ce61d830019e14ed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e5:18:34:87:02:1a:17:f0:d7:27:e2:54:d7:
57:b8:12:5c:02:c6:56:77:85:d4:d8:d1:98:fd:ac:
bb:33:64:9d:82:86:2b:b8:43:c5:db:db:9e:19:4c:
e3:0e:73:15:67:7f:d7:18:30:78:a0:3f:fd:c4:06:
13:d8:f3:01:cf:b9:10:9e:f5:4c:92:bc:f2:05:d7:
3e:f0:2f:25:aa:88:62:66:0f:bc:f7:4d:0b:01:57:
4d:3c:1a:af:54:57:ef:76:64:5e:5b:b3:bb:48:05:
8c:a5:15:a6:8f:50:2b:0b:b3:fa:75:a1:d3:7d:f3:
22:c0:b0:b6:e7:69:ff:b2:c8:0a:18:2e:41:e0:c3:
87:f9:65:6e:86:8a:2b:ed:43:7e:dd:f4:9b:e2:9c:
c3:66:13:9c:f5:16:97:2c:90:a5:4a:67:e2:d7:8d:
82:86:f8:99:89:3b:4a:b4:86:0e:ec:8f:5c:86:79:
67:22:50:fb:17:e2:b2:00:57:95:22:81:9b:6e:dc:
17:2f:9a:f5:3e:63:21:09:1b:21:79:76:cb:89:a4:
83:61:bf:2b:8c:d6:cd:c2:c4:39:70:6f:12:ea:b6:
d2:73:04:d1:7d:a8:bc:b0:46:39:70:53:75:70:0e:
a3:fa:6d:15:0c:59:a9:75:98:5b:8d:9e:52:76:1d:
11:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:97:50:AB:4C:1D:11:C8:A5:98:CA:6C:E6:1D:83:00:19:E1:4E:D1
X509v3 Authority Key Identifier:
keyid:C7:EB:AB:D7:86:DA:13:80:56:55:B1:B5:50:1F:DC:BF:43:3B:C7:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x-ur14baE4BWVbG1UB_cv0M7x40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c064a5-d7a9-4e6f-8fd8-0dcd03dc0897/1/3JdQq0wdEcilmMps5h2DABnhTtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c064a5-d7a9-4e6f-8fd8-0dcd03dc0897/1/x-ur14baE4BWVbG1UB_cv0M7x40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.250.0/24
91.213.201.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:16:18:e1:43:73:96:67:a8:10:1c:a1:96:d8:24:c9:1c:62:
f3:6e:6a:15:38:89:79:5b:9b:83:03:ce:90:08:2e:e3:af:0d:
ba:1b:94:c5:78:9e:f4:22:38:eb:d9:41:9c:af:23:c3:32:0d:
a2:0d:cd:82:32:ac:b7:05:fc:76:8a:17:9f:f6:f4:b0:d7:c0:
5f:d2:3f:89:f7:08:b7:00:a8:7d:e3:c8:b9:98:25:e7:1c:1b:
b2:2d:07:9d:a3:12:8f:78:bd:45:fc:06:b3:7a:ab:b1:58:4b:
64:f9:93:bd:b8:45:2a:0c:94:7c:f4:08:cf:78:35:9a:fd:f2:
ee:8d:fc:a0:da:38:7a:80:3f:20:14:24:b9:13:58:25:50:2a:
ab:7b:a9:ae:5b:be:3c:6d:a8:ce:d9:e5:08:77:c6:4d:52:59:
a7:20:1f:fd:86:98:1a:7a:b0:50:33:f9:ed:2d:29:41:5a:4b:
01:f6:05:20:b1:b6:92:5b:10:e0:71:6c:69:c9:dd:eb:0d:88:
12:49:95:7e:65:dd:1d:20:24:8f:28:fd:75:eb:49:c5:49:11:
cd:7b:cc:16:bd:50:e7:fd:5e:10:9e:7e:5f:a5:d3:80:c8:3b:
b6:ee:e5:77:c2:26:d5:09:ad:a0:c2:bf:0e:b4:a6:2e:f7:0e:
27:f0:c8:02
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzsYu57Y+qBUXP0vCkiqMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZWJhYmQ3ODZkYTEzODA1NjU1YjFiNTUwMWZkY2JmNDMz
YmM3OGQwHhcNMjMwMTAyMTgxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzk3NTBhYjRjMWQxMWM4YTU5OGNhNmNlNjFkODMwMDE5ZTE0ZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOUYNIcCGhfw1yfiVNdXuBJcAsZW
d4XU2NGY/ay7M2SdgoYruEPF29ueGUzjDnMVZ3/XGDB4oD/9xAYT2PMBz7kQnvVM
krzyBdc+8C8lqohiZg+8900LAVdNPBqvVFfvdmReW7O7SAWMpRWmj1ArC7P6daHT
ffMiwLC252n/ssgKGC5B4MOH+WVuhoor7UN+3fSb4pzDZhOc9RaXLJClSmfi142C
hviZiTtKtIYO7I9chnlnIlD7F+KyAFeVIoGbbtwXL5r1PmMhCRsheXbLiaSDYb8r
jNbNwsQ5cG8S6rbScwTRfai8sEY5cFN1cA6j+m0VDFmpdZhbjZ5Sdh0R5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNyXUKtMHRHIpZjKbOYdgwAZ4U7RMB8GA1UdIwQY
MBaAFMfrq9eG2hOAVlWxtVAf3L9DO8eNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveC11cjE0YmFFNEJXVmJHMVVCX2N2ME03eDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9jMDY0YTUtZDdhOS00ZTZmLThmZDgt
MGRjZDAzZGMwODk3LzEvM0pkUXEwd2RFY2lsbU1wczVoMkRBQm5oVHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9jMDY0YTUtZDdhOS00ZTZmLThmZDgtMGRjZDAzZGMwODk3
LzEveC11cjE0YmFFNEJXVmJHMVVCX2N2ME03eDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQj6AwQA
W9XJMA0GCSqGSIb3DQEBCwUAA4IBAQCiFhjhQ3OWZ6gQHKGW2CTJHGLzbmoVOIl5
W5uDA86QCC7jrw26G5TFeJ70Ijjr2UGcryPDMg2iDc2CMqy3Bfx2ihef9vSw18Bf
0j+J9wi3AKh948i5mCXnHBuyLQedoxKPeL1F/AazequxWEtk+ZO9uEUqDJR89AjP
eDWa/fLujfyg2jh6gD8gFCS5E1glUCqre6muW748bajO2eUId8ZNUlmnIB/9hpga
erBQM/ntLSlBWksB9gUgsbaSWxDgcWxpyd3rDYgSSZV+Zd0dICSPKP1160nFSRHN
e8wWvVDn/V4Qnn5fpdOAyDu27uV3wibVCa2gwr8OtKYu9w4n8MgC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:52 2024 by rpki-client on console-ams.rpki-client.org