Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/DRwIjZhWrPHDPt8icjUNIQEjKWc.roa
File: DRwIjZhWrPHDPt8icjUNIQEjKWc.roa (raw, json)
Hash identifier: noCX+dYYncis7Gt7O0/GOKW0fjy4eLxLfOxQPSMlU/Q=
Subject key identifier: 0D:1C:08:8D:98:56:AC:F1:C3:3E:DF:22:72:35:0D:21:01:23:29:67
Certificate issuer: /CN=db1d6eba463b7564abfae938b46ed47187de0ec0
Certificate serial: 018DBBBB2A85EE7C2B783DA0C15CDDAC1F82
Authority key identifier: DB:1D:6E:BA:46:3B:75:64:AB:FA:E9:38:B4:6E:D4:71:87:DE:0E:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2x1uukY7dWSr-uk4tG7UcYfeDsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/DRwIjZhWrPHDPt8icjUNIQEjKWc.roa
Signing time: Sun 18 Feb 2024 10:20:21 +0000
ROA not before: Sun 18 Feb 2024 10:20:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14576
IP address blocks: 91.242.228.0/24 maxlen: 24
94.154.127.0/24 maxlen: 24
146.19.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Aug 2024 10:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bb:bb:2a:85:ee:7c:2b:78:3d:a0:c1:5c:dd:ac:1f:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db1d6eba463b7564abfae938b46ed47187de0ec0
Validity
Not Before: Feb 18 10:20:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d1c088d9856acf1c33edf2272350d2101232967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2c:33:44:57:18:f9:5a:d2:82:5d:04:ea:a2:
20:fa:17:03:62:e4:9e:a5:95:96:f0:38:87:f9:56:
95:8c:f0:7c:0f:1d:62:78:dd:b8:39:b5:aa:6e:e0:
d6:35:22:b4:64:b5:e6:c3:88:96:e7:56:c7:1c:b3:
70:e5:ad:0f:c7:05:71:88:06:d8:9c:a8:0e:62:90:
c1:60:d7:f1:d9:09:c4:65:9c:05:10:d3:92:7e:af:
12:03:6a:3a:e0:33:bc:13:1d:9a:d8:d8:54:f1:1e:
64:36:f1:46:90:27:38:02:cc:09:c3:88:29:07:b5:
55:f9:07:cf:b6:a5:98:dc:3f:fa:52:f8:fb:1a:c5:
37:b5:4b:94:6a:a2:ba:d9:db:20:a4:c9:04:ad:5f:
0e:64:e6:66:72:84:d0:89:d8:0f:ed:93:82:b3:e4:
75:96:07:40:74:86:e1:06:65:9d:59:ed:34:a6:aa:
29:bf:87:5a:4a:94:2c:60:fa:37:da:41:46:17:70:
1f:0c:71:37:af:24:ab:1a:50:69:20:62:71:26:7b:
f8:a9:d7:ff:63:94:97:f7:95:a6:2d:ee:65:07:e3:
4c:02:a0:b5:3b:ba:e4:5f:f3:d8:02:3a:f7:f7:53:
2a:3f:11:60:96:75:38:3d:3d:64:c0:10:c9:e2:87:
53:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:1C:08:8D:98:56:AC:F1:C3:3E:DF:22:72:35:0D:21:01:23:29:67
X509v3 Authority Key Identifier:
keyid:DB:1D:6E:BA:46:3B:75:64:AB:FA:E9:38:B4:6E:D4:71:87:DE:0E:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2x1uukY7dWSr-uk4tG7UcYfeDsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/DRwIjZhWrPHDPt8icjUNIQEjKWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/2x1uukY7dWSr-uk4tG7UcYfeDsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.228.0/24
94.154.127.0/24
146.19.140.0/24
Signature Algorithm: sha256WithRSAEncryption
29:2e:58:6c:00:01:28:cf:7c:76:cf:88:26:17:fe:c7:89:71:
6d:f3:ae:71:f2:65:35:8d:2f:f6:42:c3:8f:4a:ea:f3:16:2e:
1d:27:dc:fd:9c:15:f9:68:08:9c:bd:1c:ca:67:6e:50:44:b1:
fb:da:6c:6a:d1:1a:f2:b0:29:52:74:d0:7b:74:91:59:a8:fc:
75:1d:83:06:fc:c9:b3:da:6a:90:92:48:4e:1e:9d:d8:d9:ce:
97:85:0d:a3:e8:f7:9d:97:b7:e5:89:22:24:e5:79:62:90:57:
9c:b9:2f:7a:3d:1e:a1:a3:a6:fa:12:1c:e4:b6:ca:6e:c9:4a:
e5:5d:1c:c6:09:00:8b:dd:c9:2e:bf:2e:ea:7b:b1:7b:4b:dd:
2d:60:8f:c4:d3:36:78:9e:e5:6d:af:77:23:ee:87:61:32:03:
c0:06:a6:af:15:96:a3:e2:25:68:a2:77:a1:e5:59:2a:24:e3:
79:30:7c:a8:14:ac:23:b1:4a:1e:1f:b8:3a:64:3b:3d:1b:06:
6d:db:9c:ba:9c:0b:58:08:57:f3:8d:23:de:f2:b2:9d:e2:5b:
d9:40:d2:dc:9d:4a:a0:50:43:a0:08:dc:78:a0:fb:55:c5:12:
9d:37:37:ff:da:71:22:d9:6f:40:5b:b4:9f:9f:99:cf:c2:95:
1e:3c:46:72
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY27uyqF7nwreD2gwVzdrB+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWQ2ZWJhNDYzYjc1NjRhYmZhZTkzOGI0NmVkNDcxODdk
ZTBlYzAwHhcNMjQwMjE4MTAyMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDFjMDg4ZDk4NTZhY2YxYzMzZWRmMjI3MjM1MGQyMTAxMjMyOTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmywzRFcY+VrSgl0E6qIg+hcDYuSe
pZWW8DiH+VaVjPB8Dx1ieN24ObWqbuDWNSK0ZLXmw4iW51bHHLNw5a0PxwVxiAbY
nKgOYpDBYNfx2QnEZZwFENOSfq8SA2o64DO8Ex2a2NhU8R5kNvFGkCc4AswJw4gp
B7VV+QfPtqWY3D/6Uvj7GsU3tUuUaqK62dsgpMkErV8OZOZmcoTQidgP7ZOCs+R1
lgdAdIbhBmWdWe00pqopv4daSpQsYPo32kFGF3AfDHE3rySrGlBpIGJxJnv4qdf/
Y5SX95WmLe5lB+NMAqC1O7rkX/PYAjr391MqPxFglnU4PT1kwBDJ4odTjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA0cCI2YVqzxwz7fInI1DSEBIylnMB8GA1UdIwQY
MBaAFNsdbrpGO3Vkq/rpOLRu1HGH3g7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMngxdXVrWTdkV1NyLXVrNHRHN1VjWWZlRHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ZjY5ODUtYjk0YS00N2NjLWEzMDAt
NmYyY2Y0ZjAzY2ViLzEvRFJ3SWpaaFdyUEhEUHQ4aWNqVU5JUUVqS1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ZjY5ODUtYjk0YS00N2NjLWEzMDAtNmYyY2Y0ZjAzY2Vi
LzEvMngxdXVrWTdkV1NyLXVrNHRHN1VjWWZlRHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW/LkAwQA
Xpp/AwQAkhOMMA0GCSqGSIb3DQEBCwUAA4IBAQApLlhsAAEoz3x2z4gmF/7HiXFt
865x8mU1jS/2QsOPSurzFi4dJ9z9nBX5aAicvRzKZ25QRLH72mxq0RrysClSdNB7
dJFZqPx1HYMG/Mmz2mqQkkhOHp3Y2c6XhQ2j6Pedl7fliSIk5XlikFecuS96PR6h
o6b6EhzktspuyUrlXRzGCQCL3ckuvy7qe7F7S90tYI/E0zZ4nuVtr3cj7odhMgPA
BqavFZaj4iVooneh5VkqJON5MHyoFKwjsUoeH7g6ZDs9GwZt25y6nAtYCFfzjSPe
8rKd4lvZQNLcnUqgUEOgCNx4oPtVxRKdNzf/2nEi2W9AW7Sfn5nPwpUePEZy
-----END CERTIFICATE-----
Generated at Wed Aug 21 16:34:19 2024 by rpki-client on console-fra.rpki-client.org