Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/qnJsHId-3mZlbs2EmIK0aQgyAoI.roa
File: qnJsHId-3mZlbs2EmIK0aQgyAoI.roa (raw, json)
Hash identifier: t8R0/J8W00ACnkmR3SQeUbq0Al8ahByEWH4jHeTILsg=
Subject key identifier: AA:72:6C:1C:87:7E:DE:66:65:6E:CD:84:98:82:B4:69:08:32:02:82
Certificate issuer: /CN=d8eeb20a880cdb494e9e62d43b2ef28c90cb9eef
Certificate serial: 018ED75E52EAB878FA299F7CE82BD921875B
Authority key identifier: D8:EE:B2:0A:88:0C:DB:49:4E:9E:62:D4:3B:2E:F2:8C:90:CB:9E:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6yCogM20lOnmLUOy7yjJDLnu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/qnJsHId-3mZlbs2EmIK0aQgyAoI.roa
Signing time: Sat 13 Apr 2024 12:11:06 +0000
ROA not before: Sat 13 Apr 2024 12:11:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215137
IP address blocks: 91.217.219.0/24 maxlen: 24
2a12:62c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 24 Apr 2024 06:09:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d7:5e:52:ea:b8:78:fa:29:9f:7c:e8:2b:d9:21:87:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8eeb20a880cdb494e9e62d43b2ef28c90cb9eef
Validity
Not Before: Apr 13 12:11:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa726c1c877ede66656ecd849882b46908320282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:16:aa:f4:52:09:40:ff:7e:2f:cc:63:cb:be:
fe:d4:7c:c9:67:c1:91:e9:10:7f:34:c5:28:78:7a:
59:e9:8f:d4:37:a5:c0:6e:61:85:f1:40:2c:ef:92:
25:e8:e9:bb:30:1f:0c:05:65:ac:56:f2:38:49:c0:
b7:cd:69:6e:8d:5f:15:f7:75:f9:95:7e:7a:cc:5f:
c7:39:b9:02:d9:52:ed:e7:9a:b1:69:d6:15:47:2f:
bd:0f:5b:08:a5:98:dc:87:79:eb:49:43:7a:f0:5d:
ec:da:8a:af:83:c5:e9:eb:ea:0f:fb:79:91:45:8b:
8c:40:e9:93:c0:7b:3f:f0:c2:9e:3b:85:15:4b:4f:
9f:47:5c:36:72:9b:4a:b9:f3:8c:5a:54:46:3e:d5:
eb:02:98:58:de:65:33:90:fb:e9:f4:19:71:2c:43:
6c:06:dc:5a:31:f7:0e:d4:6a:89:c0:4a:27:39:3c:
a0:dc:66:e4:89:7c:26:0c:be:22:db:5f:95:56:2f:
33:e6:93:4e:e3:21:bc:12:ec:34:0e:51:72:0b:42:
82:25:82:8c:a7:6e:db:46:bf:78:59:07:1c:23:f4:
71:e7:cd:31:e7:fb:3a:61:2d:94:0b:a4:f0:4e:7d:
66:1b:fa:cb:9e:06:fb:95:02:4a:4c:cd:5a:55:57:
96:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:72:6C:1C:87:7E:DE:66:65:6E:CD:84:98:82:B4:69:08:32:02:82
X509v3 Authority Key Identifier:
keyid:D8:EE:B2:0A:88:0C:DB:49:4E:9E:62:D4:3B:2E:F2:8C:90:CB:9E:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6yCogM20lOnmLUOy7yjJDLnu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/qnJsHId-3mZlbs2EmIK0aQgyAoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/2O6yCogM20lOnmLUOy7yjJDLnu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.219.0/24
IPv6:
2a12:62c0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:7c:85:ec:1b:ef:f7:55:08:32:28:b6:db:63:d3:37:c4:b0:
7b:66:9b:1e:d6:14:e8:14:fa:10:fd:58:01:54:17:58:f6:8c:
64:a9:c6:8c:a0:59:51:d8:b5:76:47:9c:a7:29:c6:bf:60:c3:
80:37:30:1e:52:d9:39:a1:15:95:9c:31:ec:a8:fc:6c:ce:84:
06:e2:cd:42:4e:ad:39:db:e7:13:c2:58:76:56:0c:7b:73:5b:
0d:21:70:54:71:da:21:ef:42:0e:35:65:b1:7a:1c:69:2e:f8:
1a:aa:5a:95:35:e0:a6:d1:bc:17:f9:2f:db:22:73:a4:69:40:
6c:10:0c:46:b9:db:05:2c:9c:61:9d:d0:bb:f6:d3:11:c5:6d:
55:83:c9:a8:34:32:23:3f:1f:07:5b:77:ae:0e:b2:f7:d2:58:
37:1c:1a:49:39:bc:1d:09:39:88:70:c1:31:6b:e1:61:79:d1:
a8:eb:74:d1:e9:61:36:db:0d:aa:23:cb:73:7d:b5:21:e4:f1:
aa:fe:c4:63:ca:c3:b5:a6:b8:0a:a4:a8:a2:00:79:96:5f:19:
5e:35:b0:42:22:bf:c1:8c:65:9f:23:f0:5b:b4:4f:39:77:3b:
f3:38:d3:be:8e:85:ae:01:7a:d1:5d:e4:68:ff:97:46:2e:60:
a3:87:3b:63
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY7XXlLquHj6KZ986CvZIYdbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWViMjBhODgwY2RiNDk0ZTllNjJkNDNiMmVmMjhjOTBj
YjllZWYwHhcNMjQwNDEzMTIxMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTcyNmMxYzg3N2VkZTY2NjU2ZWNkODQ5ODgyYjQ2OTA4MzIwMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghaq9FIJQP9+L8xjy77+1HzJZ8GR
6RB/NMUoeHpZ6Y/UN6XAbmGF8UAs75Il6Om7MB8MBWWsVvI4ScC3zWlujV8V93X5
lX56zF/HObkC2VLt55qxadYVRy+9D1sIpZjch3nrSUN68F3s2oqvg8Xp6+oP+3mR
RYuMQOmTwHs/8MKeO4UVS0+fR1w2cptKufOMWlRGPtXrAphY3mUzkPvp9BlxLENs
BtxaMfcO1GqJwEonOTyg3GbkiXwmDL4i21+VVi8z5pNO4yG8Euw0DlFyC0KCJYKM
p27bRr94WQccI/Rx580x5/s6YS2UC6TwTn1mG/rLngb7lQJKTM1aVVeWJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKpybByHft5mZW7NhJiCtGkIMgKCMB8GA1UdIwQY
MBaAFNjusgqIDNtJTp5i1Dsu8oyQy57vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82eUNvZ00yMGxPbm1MVU95N3lqSkRMbnU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9mZTNkYmUtOTcwOC00MjQyLTkyNzct
OTZiNTBiY2M3YTA4LzEvcW5Kc0hJZC0zbVpsYnMyRW1JSzBhUWd5QW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9mZTNkYmUtOTcwOC00MjQyLTkyNzctOTZiNTBiY2M3YTA4
LzEvMk82eUNvZ00yMGxPbm1MVU95N3lqSkRMbnU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9nbMA0E
AgACMAcDBQMqEmLAMA0GCSqGSIb3DQEBCwUAA4IBAQCffIXsG+/3VQgyKLbbY9M3
xLB7Zpse1hToFPoQ/VgBVBdY9oxkqcaMoFlR2LV2R5ynKca/YMOANzAeUtk5oRWV
nDHsqPxszoQG4s1CTq052+cTwlh2Vgx7c1sNIXBUcdoh70IONWWxehxpLvgaqlqV
NeCm0bwX+S/bInOkaUBsEAxGudsFLJxhndC79tMRxW1Vg8moNDIjPx8HW3euDrL3
0lg3HBpJObwdCTmIcMExa+FhedGo63TR6WE22w2qI8tzfbUh5PGq/sRjysO1prgK
pKiiAHmWXxleNbBCIr/BjGWfI/BbtE85dzvzONO+joWuAXrRXeRo/5dGLmCjhztj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:05 2024 by rpki-client on console-ams.rpki-client.org