Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/y_qiGT_72Q18nyI5qlIYmPRs018.roa
File: y_qiGT_72Q18nyI5qlIYmPRs018.roa (raw, json)
Hash identifier: 6Fm0TD5o2eSY56oOqUmAy5dyG4UFEkO+jT6CYKoVpgU=
Subject key identifier: CB:FA:A2:19:3F:FB:D9:0D:7C:9F:22:39:AA:52:18:98:F4:6C:D3:5F
Certificate issuer: /CN=a6ed442b91d4e83a6de39fb67971a1e79c6b1ed5
Certificate serial: 018CC801A8F6F706C106767D02374A4E2DDC
Authority key identifier: A6:ED:44:2B:91:D4:E8:3A:6D:E3:9F:B6:79:71:A1:E7:9C:6B:1E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pu1EK5HU6Dpt45-2eXGh55xrHtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/y_qiGT_72Q18nyI5qlIYmPRs018.roa
Signing time: Tue 02 Jan 2024 02:30:01 +0000
ROA not before: Tue 02 Jan 2024 02:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200019
IP address blocks: 91.208.162.0/24 maxlen: 24
91.208.184.0/24 maxlen: 24
91.208.197.0/24 maxlen: 24
91.208.206.0/24 maxlen: 24
2a0f:5f40::/48 maxlen: 48
2a0f:5f47::/32 maxlen: 32
2a0f:5f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 25 Jan 2024 11:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:a8:f6:f7:06:c1:06:76:7d:02:37:4a:4e:2d:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6ed442b91d4e83a6de39fb67971a1e79c6b1ed5
Validity
Not Before: Jan 2 02:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbfaa2193ffbd90d7c9f2239aa521898f46cd35f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b2:38:7d:64:ba:62:ed:09:28:4c:4e:33:b8:
6f:db:ad:7c:62:a5:f1:38:02:e2:6e:64:05:12:0c:
f1:15:62:9f:e4:c4:92:8c:f5:83:82:ed:af:77:28:
2f:99:87:17:9e:26:92:cf:31:12:fb:d4:ae:d2:8a:
3d:12:9a:d6:fe:17:08:76:e7:a8:31:58:4e:4c:b3:
55:e7:09:47:3c:5a:20:3d:71:e7:66:70:ce:ec:0d:
98:7e:b4:86:09:79:c6:23:f7:f2:cf:96:4f:b1:4f:
87:29:f1:ab:42:39:6c:5d:8d:21:68:bd:e1:43:c0:
ea:e3:e8:e9:d6:eb:ff:f9:7f:e4:9e:2f:4e:f1:72:
52:74:41:45:20:fd:f5:40:10:dd:e6:47:4b:fb:8b:
75:c6:84:99:e7:9c:20:e8:e3:3e:ac:30:27:99:7a:
12:62:d1:bc:22:3f:5e:60:6e:ad:bc:a0:15:f5:13:
4e:74:7c:47:ff:b6:d2:09:c7:e5:57:b0:6a:76:bc:
0f:c1:63:a7:15:a6:de:2b:72:63:94:0a:ed:16:71:
12:4f:e9:a2:c1:fb:c2:b9:f3:72:b6:25:a5:0f:ae:
1d:85:ac:1f:b0:20:e0:e2:49:90:2e:6c:9a:62:3c:
e6:d4:21:aa:ec:7a:a6:7c:43:b5:18:08:55:ef:79:
9b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:FA:A2:19:3F:FB:D9:0D:7C:9F:22:39:AA:52:18:98:F4:6C:D3:5F
X509v3 Authority Key Identifier:
keyid:A6:ED:44:2B:91:D4:E8:3A:6D:E3:9F:B6:79:71:A1:E7:9C:6B:1E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pu1EK5HU6Dpt45-2eXGh55xrHtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/y_qiGT_72Q18nyI5qlIYmPRs018.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/pu1EK5HU6Dpt45-2eXGh55xrHtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.162.0/24
91.208.184.0/24
91.208.197.0/24
91.208.206.0/24
IPv6:
2a0f:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
21:5f:0e:31:bd:8a:30:61:c2:b8:5b:26:a1:c2:f6:92:bd:9f:
80:52:aa:a1:39:de:55:e2:46:1d:1b:79:28:b3:00:a1:3c:80:
6c:5f:c9:cb:56:79:c9:38:57:ea:22:c9:aa:16:bd:b3:8e:b1:
dc:51:92:25:fe:f5:cd:8f:91:50:dd:c8:a4:1e:93:ab:c5:bc:
18:0e:d9:70:41:c8:29:ea:cd:4c:6e:82:af:6d:4b:14:77:88:
a0:c5:03:1b:c5:a3:d5:62:61:37:24:62:7c:8a:68:25:e2:fb:
3a:93:c0:d3:43:c4:c9:d8:77:e8:51:71:9f:eb:c4:91:76:97:
b2:ca:52:13:74:85:5a:cc:96:33:65:43:c9:ea:ef:c7:c9:3a:
fb:56:c5:2c:5a:54:a5:24:d5:8d:4a:85:dd:4d:e0:f8:a8:8e:
3e:ba:68:88:06:6e:88:b1:46:e5:de:8b:0d:16:08:61:4e:2b:
2a:d0:f9:b7:a2:57:22:73:4a:01:ff:f2:b0:57:3c:a3:44:c2:
80:f6:79:c0:9e:db:73:ea:9a:ba:c7:eb:b0:3e:c3:5e:90:f8:
89:44:d2:10:f3:00:72:db:de:3f:4b:94:85:3c:44:e0:ca:8b:
ea:a9:b4:89:48:12:4e:94:7a:89:39:cd:b2:fc:68:c2:0e:38:
a4:88:22:c7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzIAaj29wbBBnZ9AjdKTi3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZWQ0NDJiOTFkNGU4M2E2ZGUzOWZiNjc5NzFhMWU3OWM2
YjFlZDUwHhcNMjQwMTAyMDIzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmZhYTIxOTNmZmJkOTBkN2M5ZjIyMzlhYTUyMTg5OGY0NmNkMzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLI4fWS6Yu0JKExOM7hv2618YqXx
OALibmQFEgzxFWKf5MSSjPWDgu2vdygvmYcXniaSzzES+9Su0oo9EprW/hcIdueo
MVhOTLNV5wlHPFogPXHnZnDO7A2YfrSGCXnGI/fyz5ZPsU+HKfGrQjlsXY0haL3h
Q8Dq4+jp1uv/+X/kni9O8XJSdEFFIP31QBDd5kdL+4t1xoSZ55wg6OM+rDAnmXoS
YtG8Ij9eYG6tvKAV9RNOdHxH/7bSCcflV7BqdrwPwWOnFabeK3JjlArtFnEST+mi
wfvCufNytiWlD64dhawfsCDg4kmQLmyaYjzm1CGq7HqmfEO1GAhV73mbcQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMv6ohk/+9kNfJ8iOapSGJj0bNNfMB8GA1UdIwQY
MBaAFKbtRCuR1Og6beOftnlxoeecax7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHUxRUs1SFU2RHB0NDUtMmVYR2g1NXhySHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81NTNkYzYtMTJkMC00ZDRhLWEyOTQt
OTdjNWQ1OWIwYmJmLzEveV9xaUdUXzcyUTE4bnlJNXFsSVltUFJzMDE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81NTNkYzYtMTJkMC00ZDRhLWEyOTQtOTdjNWQ1OWIwYmJm
LzEvcHUxRUs1SFU2RHB0NDUtMmVYR2g1NXhySHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9CiAwQA
W9C4AwQAW9DFAwQAW9DOMA0EAgACMAcDBQMqD19AMA0GCSqGSIb3DQEBCwUAA4IB
AQAhXw4xvYowYcK4WyahwvaSvZ+AUqqhOd5V4kYdG3koswChPIBsX8nLVnnJOFfq
IsmqFr2zjrHcUZIl/vXNj5FQ3cikHpOrxbwYDtlwQcgp6s1MboKvbUsUd4igxQMb
xaPVYmE3JGJ8imgl4vs6k8DTQ8TJ2HfoUXGf68SRdpeyylITdIVazJYzZUPJ6u/H
yTr7VsUsWlSlJNWNSoXdTeD4qI4+umiIBm6IsUbl3osNFghhTisq0Pm3olcic0oB
//KwVzyjRMKA9nnAnttz6pq6x+uwPsNekPiJRNIQ8wBy294/S5SFPETgyovqqbSJ
SBJOlHqJOc2y/GjCDjikiCLH
-----END CERTIFICATE-----
Generated at Thu Jan 25 15:48:59 2024 by rpki-client on console-ams.rpki-client.org