Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/4an4sy9mZOXGV8Z4fD_GuM17ddY.roa
File: 4an4sy9mZOXGV8Z4fD_GuM17ddY.roa (raw, json)
Hash identifier: XUU5ABlZtEVXwZ+VUodd75Wo1SF+k7NzUtsn00boAP8=
Subject key identifier: E1:A9:F8:B3:2F:66:64:E5:C6:57:C6:78:7C:3F:C6:B8:CD:7B:75:D6
Certificate issuer: /CN=a6ed442b91d4e83a6de39fb67971a1e79c6b1ed5
Certificate serial: 01870066C20CA7E0F7AD74B7058526723E04
Authority key identifier: A6:ED:44:2B:91:D4:E8:3A:6D:E3:9F:B6:79:71:A1:E7:9C:6B:1E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pu1EK5HU6Dpt45-2eXGh55xrHtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/4an4sy9mZOXGV8Z4fD_GuM17ddY.roa
Signing time: Mon 20 Mar 2023 19:02:27 +0000
ROA not before: Mon 20 Mar 2023 19:02:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200019
IP address blocks: 91.208.162.0/24 maxlen: 24
91.208.184.0/24 maxlen: 24
91.208.197.0/24 maxlen: 24
91.208.206.0/24 maxlen: 24
2a0f:5f40::/48 maxlen: 48
2a0f:5f47::/32 maxlen: 32
2a0f:5f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:00:66:c2:0c:a7:e0:f7:ad:74:b7:05:85:26:72:3e:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6ed442b91d4e83a6de39fb67971a1e79c6b1ed5
Validity
Not Before: Mar 20 19:02:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1a9f8b32f6664e5c657c6787c3fc6b8cd7b75d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:54:63:9e:71:ff:90:47:1b:ae:b3:f7:cc:01:
cb:f8:31:7e:84:6d:5a:b1:4d:55:74:06:36:4b:a2:
48:fa:4b:b9:f9:c1:d0:45:f2:87:b4:9e:5e:ab:f9:
7b:68:f6:81:28:32:ed:b4:42:7b:46:36:8b:a2:a1:
e8:cf:dd:90:ea:7b:1a:84:55:e4:8b:5d:6a:eb:ab:
44:9d:ee:e9:37:ec:d4:cd:4b:05:a6:90:27:8c:11:
5e:66:ca:7a:2c:53:4d:91:3d:8a:cb:b3:79:7c:5e:
ec:e4:f8:97:74:7b:66:35:57:df:eb:b1:f6:31:9f:
2e:68:94:2c:a8:42:a4:25:d7:50:3f:08:7a:85:9d:
b1:66:16:2e:b3:f3:ee:d3:0f:2b:f5:cc:54:53:7a:
5f:ab:bf:05:47:a2:9d:10:38:22:20:dc:2a:71:34:
1d:26:67:e4:ad:0e:ed:f3:f9:ed:e7:fa:df:58:ac:
b9:6d:ce:43:10:ab:7a:88:1d:a1:c4:3f:53:73:61:
f4:50:62:1b:6c:9b:38:da:62:47:96:a3:80:e1:b0:
d9:46:9c:da:32:2e:a1:d3:4a:63:af:e2:19:5d:42:
b2:e3:54:45:ad:57:0c:04:fc:8e:05:8c:09:7c:f5:
9f:c3:f5:5f:16:ef:3a:7b:71:1e:8a:96:71:2c:aa:
5b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:A9:F8:B3:2F:66:64:E5:C6:57:C6:78:7C:3F:C6:B8:CD:7B:75:D6
X509v3 Authority Key Identifier:
keyid:A6:ED:44:2B:91:D4:E8:3A:6D:E3:9F:B6:79:71:A1:E7:9C:6B:1E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pu1EK5HU6Dpt45-2eXGh55xrHtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/4an4sy9mZOXGV8Z4fD_GuM17ddY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/pu1EK5HU6Dpt45-2eXGh55xrHtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.162.0/24
91.208.184.0/24
91.208.197.0/24
91.208.206.0/24
IPv6:
2a0f:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
75:e8:6c:b5:bf:ab:b2:20:25:77:06:98:19:80:30:38:5f:2b:
8b:23:6d:85:62:04:ee:03:ab:8d:54:f7:5f:d3:55:6a:4a:b5:
73:f7:57:50:f2:74:f4:54:4a:17:67:85:53:9e:41:c4:39:50:
e3:02:c0:a6:cd:20:29:40:b1:e7:a9:e5:5f:95:48:ea:9f:45:
06:8e:e8:15:4d:25:d7:10:e1:26:2b:ff:17:fc:1a:97:20:34:
d1:57:9d:14:fe:85:b1:75:39:3c:41:be:f1:45:93:88:a6:68:
56:d8:84:2a:f3:51:d8:70:4e:7e:50:5e:38:65:25:ae:9c:6c:
89:e1:b4:50:0b:0a:49:06:3a:0f:bf:56:6b:ac:c6:dd:b7:f2:
d0:6f:fb:25:fd:82:f1:d3:6b:25:24:c8:ea:35:3d:9c:fa:69:
dd:46:c6:82:47:66:ad:b0:48:d2:28:c9:7c:7c:dd:33:97:44:
2c:ed:19:d0:38:68:e8:aa:c0:f4:4f:3f:0f:e3:53:6b:35:8c:
8a:8e:d5:da:6d:c3:df:6d:dc:36:a8:c4:79:b3:a8:e2:f4:41:
6f:fe:b1:52:ac:e5:5f:53:f4:a8:83:04:51:39:d0:76:71:f6:
cd:3b:74:d7:11:97:94:8a:bd:bb:e9:73:4b:44:70:f0:ca:d8:
0d:ad:a9:3d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYcAZsIMp+D3rXS3BYUmcj4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZWQ0NDJiOTFkNGU4M2E2ZGUzOWZiNjc5NzFhMWU3OWM2
YjFlZDUwHhcNMjMwMzIwMTkwMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWE5ZjhiMzJmNjY2NGU1YzY1N2M2Nzg3YzNmYzZiOGNkN2I3NWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVRjnnH/kEcbrrP3zAHL+DF+hG1a
sU1VdAY2S6JI+ku5+cHQRfKHtJ5eq/l7aPaBKDLttEJ7RjaLoqHoz92Q6nsahFXk
i11q66tEne7pN+zUzUsFppAnjBFeZsp6LFNNkT2Ky7N5fF7s5PiXdHtmNVff67H2
MZ8uaJQsqEKkJddQPwh6hZ2xZhYus/Pu0w8r9cxUU3pfq78FR6KdEDgiINwqcTQd
JmfkrQ7t8/nt5/rfWKy5bc5DEKt6iB2hxD9Tc2H0UGIbbJs42mJHlqOA4bDZRpza
Mi6h00pjr+IZXUKy41RFrVcMBPyOBYwJfPWfw/VfFu86e3EeipZxLKpbkwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOGp+LMvZmTlxlfGeHw/xrjNe3XWMB8GA1UdIwQY
MBaAFKbtRCuR1Og6beOftnlxoeecax7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHUxRUs1SFU2RHB0NDUtMmVYR2g1NXhySHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81NTNkYzYtMTJkMC00ZDRhLWEyOTQt
OTdjNWQ1OWIwYmJmLzEvNGFuNHN5OW1aT1hHVjhaNGZEX0d1TTE3ZGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81NTNkYzYtMTJkMC00ZDRhLWEyOTQtOTdjNWQ1OWIwYmJm
LzEvcHUxRUs1SFU2RHB0NDUtMmVYR2g1NXhySHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9CiAwQA
W9C4AwQAW9DFAwQAW9DOMA0EAgACMAcDBQMqD19AMA0GCSqGSIb3DQEBCwUAA4IB
AQB16Gy1v6uyICV3BpgZgDA4XyuLI22FYgTuA6uNVPdf01VqSrVz91dQ8nT0VEoX
Z4VTnkHEOVDjAsCmzSApQLHnqeVflUjqn0UGjugVTSXXEOEmK/8X/BqXIDTRV50U
/oWxdTk8Qb7xRZOIpmhW2IQq81HYcE5+UF44ZSWunGyJ4bRQCwpJBjoPv1ZrrMbd
t/LQb/sl/YLx02slJMjqNT2c+mndRsaCR2atsEjSKMl8fN0zl0Qs7RnQOGjoqsD0
Tz8P41NrNYyKjtXabcPfbdw2qMR5s6ji9EFv/rFSrOVfU/SogwRROdB2cfbNO3TX
EZeUir276XNLRHDwytgNrak9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:36 2024 by rpki-client on console-ams.rpki-client.org