Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/fd2efe-1471-42d8-9347-4861d43e24ef/1/cc3zlB2pIEd2OVJYzxXnBER7Yl8.roa
File: cc3zlB2pIEd2OVJYzxXnBER7Yl8.roa (raw, json)
Hash identifier: qqbHRM6e4CwUEyyVfqoKvhqnJlvM5Fn2mYl6AJk+9so=
Subject key identifier: 71:CD:F3:94:1D:A9:20:47:76:39:52:58:CF:15:E7:04:44:7B:62:5F
Certificate issuer: /CN=0d8be474c155fc13847b859501a553cffc3ac4b2
Certificate serial: 018FE50CBAC2C3A895DEB8B51C2C38508C41
Authority key identifier: 0D:8B:E4:74:C1:55:FC:13:84:7B:85:95:01:A5:53:CF:FC:3A:C4:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYvkdMFV_BOEe4WVAaVTz_w6xLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/fd2efe-1471-42d8-9347-4861d43e24ef/1/cc3zlB2pIEd2OVJYzxXnBER7Yl8.roa
Signing time: Tue 04 Jun 2024 20:59:27 +0000
ROA not before: Tue 04 Jun 2024 20:59:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61423
IP address blocks: 91.90.166.0/24 maxlen: 24
2001:67c:328::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 05 Jun 2024 05:14:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e5:0c:ba:c2:c3:a8:95:de:b8:b5:1c:2c:38:50:8c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d8be474c155fc13847b859501a553cffc3ac4b2
Validity
Not Before: Jun 4 20:59:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71cdf3941da9204776395258cf15e704447b625f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0d:8c:b5:c3:9a:42:1d:d0:21:9a:af:69:cb:
6d:e8:25:03:21:35:b0:de:a7:52:eb:13:35:f6:22:
c5:ca:a6:dd:8b:68:1e:09:71:25:78:89:76:e2:b0:
58:fe:55:cd:2e:e0:ec:78:ae:57:03:25:34:d6:1b:
be:f0:e2:11:b6:6b:1e:1f:99:3b:23:59:49:d3:ed:
b3:0b:2a:28:b9:82:2b:a1:d1:8e:f6:7d:6e:72:25:
96:d9:4e:fa:a1:bc:d4:98:c8:56:9a:6f:83:a8:cc:
aa:c8:26:3b:61:30:92:ae:ca:25:d0:b8:5f:92:7a:
df:01:62:ac:ba:3d:e6:64:63:e9:bb:16:8f:5b:a6:
84:52:ec:fc:d4:56:0d:60:0c:f8:b9:e7:bc:ba:8e:
b2:69:9b:d7:32:e9:ba:b7:93:eb:09:3f:48:dd:47:
a3:c9:0e:56:0d:a1:41:71:94:ad:e8:12:d3:5f:51:
70:72:d0:d4:a9:90:a2:dd:cd:7c:5a:f2:e6:df:59:
bf:97:8e:4d:04:c0:81:dc:3b:52:df:06:6f:47:1f:
c3:3e:4a:a9:57:09:90:ed:6d:91:a9:41:24:0a:65:
23:be:77:ce:49:ff:7b:3c:97:63:3d:94:52:1a:d5:
72:db:8c:3c:b3:fc:01:9f:f9:b4:39:9a:d5:95:84:
d8:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:CD:F3:94:1D:A9:20:47:76:39:52:58:CF:15:E7:04:44:7B:62:5F
X509v3 Authority Key Identifier:
keyid:0D:8B:E4:74:C1:55:FC:13:84:7B:85:95:01:A5:53:CF:FC:3A:C4:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYvkdMFV_BOEe4WVAaVTz_w6xLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/fd2efe-1471-42d8-9347-4861d43e24ef/1/cc3zlB2pIEd2OVJYzxXnBER7Yl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/fd2efe-1471-42d8-9347-4861d43e24ef/1/DYvkdMFV_BOEe4WVAaVTz_w6xLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.166.0/24
IPv6:
2001:67c:328::/48
Signature Algorithm: sha256WithRSAEncryption
04:9c:8f:d3:54:cd:c0:c4:22:12:c5:a6:15:63:b1:e4:ad:ce:
cc:53:4b:d4:c7:c1:4a:7f:ae:3e:bb:7a:9e:c4:03:b2:a8:c6:
17:1c:e7:c1:c6:3f:04:bc:47:0a:45:aa:02:f1:c4:c7:29:28:
7a:1f:6d:73:7c:2a:c0:ee:91:53:f6:d1:14:b4:1c:75:69:dc:
cc:63:74:d4:fe:1c:3d:6f:b7:aa:d0:7c:3e:9c:b2:b8:ea:83:
be:9a:8d:d5:fc:a3:ad:0e:5a:be:7b:10:e5:22:87:d1:16:83:
c9:91:6c:15:7c:54:b1:8d:f0:28:65:84:fd:6b:04:6b:98:9f:
d6:ba:58:75:f6:d6:56:8d:a8:cd:e4:89:97:12:7b:c4:7a:c2:
eb:1c:8c:e8:ce:14:ef:eb:09:2c:e5:3d:6b:4f:70:84:5d:d9:
5f:72:82:84:bf:e1:03:c6:36:98:63:37:78:88:f4:19:88:df:
d3:aa:c6:f6:e5:05:83:9a:02:75:a6:96:2e:0e:a2:a7:7e:ed:
bf:0b:ca:a7:60:a7:0c:af:27:e4:5e:04:ce:82:6a:3e:51:ca:
94:89:17:04:e6:10:28:d2:92:a7:7b:30:06:ca:c6:9c:42:20:
bb:3d:c3:bf:49:90:e5:f3:8e:f9:ce:0c:8d:74:51:c6:8a:e0:
4d:da:36:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/lDLrCw6iV3ri1HCw4UIxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGJlNDc0YzE1NWZjMTM4NDdiODU5NTAxYTU1M2NmZmMz
YWM0YjIwHhcNMjQwNjA0MjA1OTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWNkZjM5NDFkYTkyMDQ3NzYzOTUyNThjZjE1ZTcwNDQ0N2I2MjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQ2MtcOaQh3QIZqvactt6CUDITWw
3qdS6xM19iLFyqbdi2geCXEleIl24rBY/lXNLuDseK5XAyU01hu+8OIRtmseH5k7
I1lJ0+2zCyoouYIrodGO9n1uciWW2U76obzUmMhWmm+DqMyqyCY7YTCSrsol0Lhf
knrfAWKsuj3mZGPpuxaPW6aEUuz81FYNYAz4uee8uo6yaZvXMum6t5PrCT9I3Uej
yQ5WDaFBcZSt6BLTX1FwctDUqZCi3c18WvLm31m/l45NBMCB3DtS3wZvRx/DPkqp
VwmQ7W2RqUEkCmUjvnfOSf97PJdjPZRSGtVy24w8s/wBn/m0OZrVlYTYbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHHN85QdqSBHdjlSWM8V5wREe2JfMB8GA1UdIwQY
MBaAFA2L5HTBVfwThHuFlQGlU8/8OsSyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFl2a2RNRlZfQk9FZTRXVkFhVlR6X3c2eExJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9mZDJlZmUtMTQ3MS00MmQ4LTkzNDct
NDg2MWQ0M2UyNGVmLzEvY2MzemxCMnBJRWQyT1ZKWXp4WG5CRVI3WWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9mZDJlZmUtMTQ3MS00MmQ4LTkzNDctNDg2MWQ0M2UyNGVm
LzEvRFl2a2RNRlZfQk9FZTRXVkFhVlR6X3c2eExJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW1qmMA8E
AgACMAkDBwAgAQZ8AygwDQYJKoZIhvcNAQELBQADggEBAAScj9NUzcDEIhLFphVj
seStzsxTS9THwUp/rj67ep7EA7Koxhcc58HGPwS8RwpFqgLxxMcpKHofbXN8KsDu
kVP20RS0HHVp3MxjdNT+HD1vt6rQfD6csrjqg76ajdX8o60OWr57EOUih9EWg8mR
bBV8VLGN8ChlhP1rBGuYn9a6WHX21laNqM3kiZcSe8R6wuscjOjOFO/rCSzlPWtP
cIRd2V9ygoS/4QPGNphjN3iI9BmI39OqxvblBYOaAnWmli4Ooqd+7b8Lyqdgpwyv
J+ReBM6Caj5RypSJFwTmECjSkqd7MAbKxpxCILs9w79JkOXzjvnODI10UcaK4E3a
Nps=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:21 2024 by rpki-client on console-fra.rpki-client.org