Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/fd2efe-1471-42d8-9347-4861d43e24ef/1/Qi0_mgHxS0AKknu2L1EuTo9zcbA.roa
File: Qi0_mgHxS0AKknu2L1EuTo9zcbA.roa (raw, json)
Hash identifier: pHXARnos04CO2vGUrx+CpVQPjWgIGjt3osKWwaAZqWM=
Subject key identifier: 42:2D:3F:9A:01:F1:4B:40:0A:92:7B:B6:2F:51:2E:4E:8F:73:71:B0
Certificate issuer: /CN=0d8be474c155fc13847b859501a553cffc3ac4b2
Certificate serial: 018FE6D1EA1155BF30788BBD83A98266548E
Authority key identifier: 0D:8B:E4:74:C1:55:FC:13:84:7B:85:95:01:A5:53:CF:FC:3A:C4:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYvkdMFV_BOEe4WVAaVTz_w6xLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/fd2efe-1471-42d8-9347-4861d43e24ef/1/Qi0_mgHxS0AKknu2L1EuTo9zcbA.roa
Signing time: Wed 05 Jun 2024 05:14:27 +0000
ROA not before: Wed 05 Jun 2024 05:14:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214815
IP address blocks: 91.90.166.0/24 maxlen: 24
2001:67c:328::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 24 Jul 2024 20:24:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e6:d1:ea:11:55:bf:30:78:8b:bd:83:a9:82:66:54:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d8be474c155fc13847b859501a553cffc3ac4b2
Validity
Not Before: Jun 5 05:14:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=422d3f9a01f14b400a927bb62f512e4e8f7371b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:46:d7:10:5f:7c:e4:d8:27:bd:cc:8c:3e:e5:
69:50:38:48:cd:7c:c1:c0:ca:1e:19:32:28:98:c9:
09:e8:ed:4c:78:87:6c:f8:e7:bf:26:b8:5b:19:ce:
fe:6a:22:07:0e:37:0e:14:d5:38:9d:d5:f9:22:3a:
0a:aa:ef:34:df:49:dd:c6:c5:a4:c2:0c:c3:87:29:
76:19:a7:5c:cf:ba:f0:c1:da:ae:ec:62:fa:98:90:
cc:ef:60:50:94:9c:f5:57:58:90:65:96:5d:48:a6:
6f:0d:13:e9:b4:7d:ee:5b:aa:da:f6:84:c1:82:1d:
84:f3:71:05:22:5c:0e:62:50:44:ef:27:03:44:42:
7d:ae:6f:a8:54:e0:be:d8:05:bd:e8:40:59:13:0b:
cf:e5:58:86:ff:54:9a:d6:55:e4:5c:e7:5c:db:2c:
6f:8f:21:88:33:b7:fa:ed:0a:4f:ea:d5:11:c8:ba:
9b:4a:36:2d:a3:0c:6a:d2:70:c8:2c:7f:11:37:b2:
1c:85:4b:e9:82:18:bf:d2:d9:50:d1:de:b7:6d:05:
39:60:c4:f0:92:4f:e9:22:42:ff:5c:b2:e9:b4:49:
bd:fd:21:c9:39:27:76:1f:f1:f7:7b:57:4c:62:13:
25:a4:f4:1e:ac:da:e2:d1:06:5d:13:21:a7:51:b3:
53:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:2D:3F:9A:01:F1:4B:40:0A:92:7B:B6:2F:51:2E:4E:8F:73:71:B0
X509v3 Authority Key Identifier:
keyid:0D:8B:E4:74:C1:55:FC:13:84:7B:85:95:01:A5:53:CF:FC:3A:C4:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYvkdMFV_BOEe4WVAaVTz_w6xLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/fd2efe-1471-42d8-9347-4861d43e24ef/1/Qi0_mgHxS0AKknu2L1EuTo9zcbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/fd2efe-1471-42d8-9347-4861d43e24ef/1/DYvkdMFV_BOEe4WVAaVTz_w6xLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.166.0/24
IPv6:
2001:67c:328::/48
Signature Algorithm: sha256WithRSAEncryption
96:2d:aa:c9:b5:33:18:f1:9f:75:8f:cc:1d:71:1e:41:ef:d5:
45:cd:4e:e9:e9:9e:97:dd:dd:3b:af:d6:bb:5c:88:53:02:78:
8f:13:df:56:fb:36:67:7f:f8:99:83:40:1d:6e:d3:ee:85:87:
e1:4e:ef:24:95:42:9c:7c:28:28:72:89:08:65:37:a5:50:75:
8b:0a:3b:ac:f7:32:77:de:2f:66:4f:3e:ba:57:fb:06:72:ca:
89:e6:ca:22:66:8f:37:14:e2:c7:a7:07:10:94:29:41:5a:1f:
f9:7d:7a:dc:c8:e8:ad:38:cf:ec:ac:8b:45:62:55:e6:b2:e9:
aa:12:9e:78:d8:fe:0f:44:95:3b:08:32:91:5e:70:35:a2:dc:
ee:c7:f6:b8:37:e4:91:fc:cd:29:21:39:c2:1f:d2:5f:2f:a2:
84:a5:a0:e6:7c:d5:dd:98:70:00:19:4f:17:0a:f1:39:55:cf:
04:2a:bf:a4:06:7e:ff:75:73:5b:79:31:4d:f2:04:55:ac:b0:
1c:f8:62:fa:5a:f1:cb:c2:61:5c:d6:71:e1:f0:52:f2:1e:64:
f1:06:98:59:e3:01:62:d5:59:12:20:3f:63:12:fa:21:06:76:
51:08:c9:29:9d:24:3d:08:8f:44:65:18:53:6b:1e:a0:46:cb:
da:48:50:ac
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/m0eoRVb8weIu9g6mCZlSOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGJlNDc0YzE1NWZjMTM4NDdiODU5NTAxYTU1M2NmZmMz
YWM0YjIwHhcNMjQwNjA1MDUxNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjJkM2Y5YTAxZjE0YjQwMGE5MjdiYjYyZjUxMmU0ZThmNzM3MWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUbXEF985NgnvcyMPuVpUDhIzXzB
wMoeGTIomMkJ6O1MeIds+Oe/JrhbGc7+aiIHDjcOFNU4ndX5IjoKqu8030ndxsWk
wgzDhyl2Gadcz7rwwdqu7GL6mJDM72BQlJz1V1iQZZZdSKZvDRPptH3uW6ra9oTB
gh2E83EFIlwOYlBE7ycDREJ9rm+oVOC+2AW96EBZEwvP5ViG/1Sa1lXkXOdc2yxv
jyGIM7f67QpP6tURyLqbSjYtowxq0nDILH8RN7IchUvpghi/0tlQ0d63bQU5YMTw
kk/pIkL/XLLptEm9/SHJOSd2H/H3e1dMYhMlpPQerNri0QZdEyGnUbNT0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEItP5oB8UtACpJ7ti9RLk6Pc3GwMB8GA1UdIwQY
MBaAFA2L5HTBVfwThHuFlQGlU8/8OsSyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFl2a2RNRlZfQk9FZTRXVkFhVlR6X3c2eExJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9mZDJlZmUtMTQ3MS00MmQ4LTkzNDct
NDg2MWQ0M2UyNGVmLzEvUWkwX21nSHhTMEFLa251MkwxRXVUbzl6Y2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9mZDJlZmUtMTQ3MS00MmQ4LTkzNDctNDg2MWQ0M2UyNGVm
LzEvRFl2a2RNRlZfQk9FZTRXVkFhVlR6X3c2eExJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW1qmMA8E
AgACMAkDBwAgAQZ8AygwDQYJKoZIhvcNAQELBQADggEBAJYtqsm1Mxjxn3WPzB1x
HkHv1UXNTunpnpfd3Tuv1rtciFMCeI8T31b7Nmd/+JmDQB1u0+6Fh+FO7ySVQpx8
KChyiQhlN6VQdYsKO6z3MnfeL2ZPPrpX+wZyyonmyiJmjzcU4senBxCUKUFaH/l9
etzI6K04z+ysi0ViVeay6aoSnnjY/g9ElTsIMpFecDWi3O7H9rg35JH8zSkhOcIf
0l8vooSloOZ81d2YcAAZTxcK8TlVzwQqv6QGfv91c1t5MU3yBFWssBz4Yvpa8cvC
YVzWceHwUvIeZPEGmFnjAWLVWRIgP2MS+iEGdlEIySmdJD0Ij0RlGFNrHqBGy9pI
UKw=
-----END CERTIFICATE-----
Generated at Thu Jul 25 00:42:20 2024 by rpki-client on console-ams.rpki-client.org