Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/QY2myZFdxDF9Gs31SqDIJfeZWkI.roa
File: QY2myZFdxDF9Gs31SqDIJfeZWkI.roa (raw, json)
Hash identifier: 3lvDQ+Jby9jsvjuv213Na8zLpZ83zxGnVnKMYAxIi+Y=
Subject key identifier: 41:8D:A6:C9:91:5D:C4:31:7D:1A:CD:F5:4A:A0:C8:25:F7:99:5A:42
Certificate issuer: /CN=d8eeb20a880cdb494e9e62d43b2ef28c90cb9eef
Certificate serial: 019049B11FEA1843C568070B6D93FF4DA4DE
Authority key identifier: D8:EE:B2:0A:88:0C:DB:49:4E:9E:62:D4:3B:2E:F2:8C:90:CB:9E:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6yCogM20lOnmLUOy7yjJDLnu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/QY2myZFdxDF9Gs31SqDIJfeZWkI.roa
Signing time: Mon 24 Jun 2024 10:01:03 +0000
ROA not before: Mon 24 Jun 2024 10:01:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51741
IP address blocks: 91.217.219.0/24 maxlen: 24
2a12:62c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 08 Sep 2024 05:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:b1:1f:ea:18:43:c5:68:07:0b:6d:93:ff:4d:a4:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8eeb20a880cdb494e9e62d43b2ef28c90cb9eef
Validity
Not Before: Jun 24 10:01:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=418da6c9915dc4317d1acdf54aa0c825f7995a42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:99:00:22:14:28:9d:c3:00:20:08:6b:dd:a0:
6f:70:7d:41:55:d6:7e:a4:c8:76:a3:e2:71:4f:ca:
d4:ab:2d:d7:53:9c:1f:88:37:c0:96:03:bf:b6:18:
4d:1b:25:bc:41:be:c8:1f:18:e9:5a:41:a8:77:0e:
67:6d:2c:3a:2e:f4:90:5f:80:d1:60:66:e3:ac:27:
26:45:90:c3:2e:ed:27:2b:7b:ab:20:81:76:84:1f:
b3:58:80:a3:71:7d:98:4c:3b:7f:62:ab:bf:3b:f5:
91:46:c5:3f:de:f1:20:eb:3f:0a:06:69:ae:30:be:
75:07:cf:3f:01:5b:50:46:56:7e:32:fe:c7:45:78:
45:37:95:73:67:21:92:14:72:7f:f1:57:05:bc:dc:
ff:13:28:ac:ae:56:f9:b5:db:67:20:5c:a1:6a:3b:
e4:7c:34:51:f0:9d:1e:2e:73:8e:2e:57:d3:fa:ae:
d9:3e:a9:8a:38:96:6d:5a:d9:73:85:38:06:a2:96:
c6:0f:a4:35:8c:a5:88:a2:43:98:f4:a1:8e:d3:9d:
ed:79:2b:d4:2c:33:ad:44:4d:16:2e:41:85:03:8c:
dd:b4:b7:c7:79:3c:5d:0b:7f:01:34:96:32:6f:4e:
a2:30:7e:a1:5f:92:10:8a:a5:d5:0e:e2:34:06:3b:
60:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:8D:A6:C9:91:5D:C4:31:7D:1A:CD:F5:4A:A0:C8:25:F7:99:5A:42
X509v3 Authority Key Identifier:
keyid:D8:EE:B2:0A:88:0C:DB:49:4E:9E:62:D4:3B:2E:F2:8C:90:CB:9E:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6yCogM20lOnmLUOy7yjJDLnu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/QY2myZFdxDF9Gs31SqDIJfeZWkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/2O6yCogM20lOnmLUOy7yjJDLnu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.219.0/24
IPv6:
2a12:62c0::/29
Signature Algorithm: sha256WithRSAEncryption
13:fc:ed:14:d7:aa:d2:e5:32:00:3a:f9:eb:0a:a3:c2:c3:5f:
f7:0d:a8:04:04:71:06:ee:73:35:0a:f2:24:21:7a:a0:8f:e8:
c5:14:06:3d:5c:5d:52:51:f4:10:8c:9a:a6:1a:3a:6d:cd:5f:
c6:c9:b8:56:53:74:37:2f:3c:03:a7:2e:e5:b7:d8:b5:2c:31:
7a:d0:4d:b0:71:e2:d8:9d:bc:9a:03:b6:85:5b:70:30:91:8c:
27:46:97:bb:9c:34:d3:50:45:e3:95:66:e9:a0:73:d5:7f:85:
2e:b8:0e:12:01:24:1f:29:5b:ee:85:f4:4a:8f:7d:04:55:b3:
9a:e3:fc:80:5d:ea:ab:87:38:a7:23:de:a7:ec:59:0e:f2:fd:
71:80:0e:c7:91:c0:99:f1:c1:49:fb:6c:71:f8:4c:95:61:52:
44:1e:19:44:2f:c5:1c:4b:e2:e1:43:78:45:ff:1e:39:9e:e3:
04:29:ef:60:e4:c6:ae:e5:15:1d:29:4a:ab:f6:46:61:5e:45:
8d:0d:41:19:cc:46:51:89:06:4b:fa:fd:af:9d:83:d8:b1:f3:
e0:9a:d2:ee:2f:74:79:fa:17:51:d4:6f:aa:1a:02:17:ac:f1:
e2:b3:e4:2f:0b:82:46:37:60:c4:55:bd:f7:c5:8e:ec:e5:f6:
9e:d5:8c:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZBJsR/qGEPFaAcLbZP/TaTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWViMjBhODgwY2RiNDk0ZTllNjJkNDNiMmVmMjhjOTBj
YjllZWYwHhcNMjQwNjI0MTAwMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MThkYTZjOTkxNWRjNDMxN2QxYWNkZjU0YWEwYzgyNWY3OTk1YTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpkAIhQoncMAIAhr3aBvcH1BVdZ+
pMh2o+JxT8rUqy3XU5wfiDfAlgO/thhNGyW8Qb7IHxjpWkGodw5nbSw6LvSQX4DR
YGbjrCcmRZDDLu0nK3urIIF2hB+zWICjcX2YTDt/Yqu/O/WRRsU/3vEg6z8KBmmu
ML51B88/AVtQRlZ+Mv7HRXhFN5VzZyGSFHJ/8VcFvNz/Eyisrlb5tdtnIFyhajvk
fDRR8J0eLnOOLlfT+q7ZPqmKOJZtWtlzhTgGopbGD6Q1jKWIokOY9KGO053teSvU
LDOtRE0WLkGFA4zdtLfHeTxdC38BNJYyb06iMH6hX5IQiqXVDuI0BjtgQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEGNpsmRXcQxfRrN9UqgyCX3mVpCMB8GA1UdIwQY
MBaAFNjusgqIDNtJTp5i1Dsu8oyQy57vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82eUNvZ00yMGxPbm1MVU95N3lqSkRMbnU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9mZTNkYmUtOTcwOC00MjQyLTkyNzct
OTZiNTBiY2M3YTA4LzEvUVkybXlaRmR4REY5R3MzMVNxRElKZmVaV2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9mZTNkYmUtOTcwOC00MjQyLTkyNzctOTZiNTBiY2M3YTA4
LzEvMk82eUNvZ00yMGxPbm1MVU95N3lqSkRMbnU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9nbMA0E
AgACMAcDBQMqEmLAMA0GCSqGSIb3DQEBCwUAA4IBAQAT/O0U16rS5TIAOvnrCqPC
w1/3DagEBHEG7nM1CvIkIXqgj+jFFAY9XF1SUfQQjJqmGjptzV/GybhWU3Q3LzwD
py7lt9i1LDF60E2wceLYnbyaA7aFW3AwkYwnRpe7nDTTUEXjlWbpoHPVf4UuuA4S
ASQfKVvuhfRKj30EVbOa4/yAXeqrhzinI96n7FkO8v1xgA7HkcCZ8cFJ+2xx+EyV
YVJEHhlEL8UcS+LhQ3hF/x45nuMEKe9g5Mau5RUdKUqr9kZhXkWNDUEZzEZRiQZL
+v2vnYPYsfPgmtLuL3R5+hdR1G+qGgIXrPHis+QvC4JGN2DEVb33xY7s5fae1Yy6
-----END CERTIFICATE-----
Generated at Sun Sep 8 07:48:40 2024 by rpki-client on console-ams.rpki-client.org