Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/8GzwrYaxRb1fhPw96Z60WPlOe3I.roa
File: 8GzwrYaxRb1fhPw96Z60WPlOe3I.roa (raw, json)
Hash identifier: 9IZlpcP3Ed721JBA9E++nqSOyiTA2WjtqwIR5sXNKcE=
Subject key identifier: F0:6C:F0:AD:86:B1:45:BD:5F:84:FC:3D:E9:9E:B4:58:F9:4E:7B:72
Certificate issuer: /CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Certificate serial: 018EE5E9C7054B0A48ECCC2AB0510E4A17DA
Authority key identifier: 5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/8GzwrYaxRb1fhPw96Z60WPlOe3I.roa
Signing time: Tue 16 Apr 2024 07:58:07 +0000
ROA not before: Tue 16 Apr 2024 07:58:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.227.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 17:03:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e5:e9:c7:05:4b:0a:48:ec:cc:2a:b0:51:0e:4a:17:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Validity
Not Before: Apr 16 07:58:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f06cf0ad86b145bd5f84fc3de99eb458f94e7b72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:17:1b:2d:91:e4:f0:cd:56:89:43:b3:a1:61:
68:63:3f:de:a9:08:03:1f:b4:bd:c4:59:e4:d9:ff:
a6:1f:a2:59:3a:eb:8c:49:22:9a:c3:04:1e:d7:30:
10:15:92:31:fe:02:2d:a6:9f:c7:e6:f6:ee:9d:f4:
61:3e:a5:76:d0:6f:c3:60:ba:6d:56:66:1d:0e:9a:
69:7c:62:51:16:b8:c5:23:e3:b2:58:61:3a:ef:29:
56:2b:20:d2:7f:61:60:25:6e:4d:ab:8f:c9:44:ff:
e3:9d:41:07:95:3f:df:24:f9:32:03:2b:31:82:2c:
19:7a:00:5a:3c:fd:28:17:f2:5a:5e:c5:db:1d:83:
6d:f3:77:ab:1c:94:9a:91:2a:92:2f:6f:55:44:1f:
9a:92:11:8b:63:65:52:a4:b3:27:84:c4:a2:81:ec:
65:5a:24:d1:40:93:ad:7a:0f:d4:29:43:0a:61:eb:
fb:75:86:41:64:47:56:f8:56:05:b9:25:a5:73:0b:
5b:a5:26:cb:73:39:f4:42:01:f2:b6:7f:c3:2e:de:
b8:64:7c:d2:ec:55:03:c1:81:26:30:69:07:77:7a:
36:15:5d:b2:58:15:c6:81:be:f7:42:9f:5e:98:98:
ca:43:6d:b2:b9:bd:bb:6b:09:61:b8:f1:b8:c3:13:
41:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:6C:F0:AD:86:B1:45:BD:5F:84:FC:3D:E9:9E:B4:58:F9:4E:7B:72
X509v3 Authority Key Identifier:
keyid:5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/8GzwrYaxRb1fhPw96Z60WPlOe3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.114.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:42:d3:53:05:7d:c6:3b:58:4f:4b:a3:ff:f7:f9:7a:15:65:
7e:a0:20:a0:b4:db:20:38:f7:4f:fe:31:97:60:2d:88:44:57:
1b:5f:b2:b2:79:5c:ba:ef:69:ab:43:26:32:5e:88:17:eb:48:
f0:26:2f:96:cb:65:b5:a8:e6:3b:e2:39:26:ed:7b:90:a4:06:
e1:b8:20:4f:61:e3:67:13:8e:af:00:e9:35:25:e1:d5:85:ac:
63:97:1c:ee:1b:a2:65:26:13:b8:a8:c6:5c:7c:52:20:70:ac:
e3:50:b8:3d:36:49:09:28:34:1c:1c:de:d7:7e:39:5c:9d:42:
ff:ea:f3:e4:84:e5:a9:c7:ea:a2:57:c9:ad:2b:4f:0a:5f:d5:
b2:b6:d5:d1:47:e9:19:94:a6:93:12:a7:6a:9d:ed:af:5d:a1:
c8:eb:47:f5:27:c5:e4:4f:b6:3b:b7:ab:5e:10:c2:4a:55:c2:
b8:a4:5f:86:22:6b:93:8b:80:02:8d:dc:8e:cc:a0:da:c6:d0:
ab:7b:03:cc:a9:66:a3:0e:05:42:3b:a8:b9:3f:de:cd:36:f9:
24:28:7b:2e:27:3f:54:09:3c:f3:49:b0:33:ce:8d:5e:23:fa:
6d:e6:bb:b2:f2:0b:8d:7d:1a:e1:c5:89:5b:d3:81:bf:55:07:
19:f3:b5:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7l6ccFSwpI7MwqsFEOShfaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM4ZjdjM2VjYWQyOWVjNTA2NDRiNzAwNjhiOTJhMWJl
NDcwNzQwHhcNMjQwNDE2MDc1ODA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDZjZjBhZDg2YjE0NWJkNWY4NGZjM2RlOTllYjQ1OGY5NGU3YjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBcbLZHk8M1WiUOzoWFoYz/eqQgD
H7S9xFnk2f+mH6JZOuuMSSKawwQe1zAQFZIx/gItpp/H5vbunfRhPqV20G/DYLpt
VmYdDpppfGJRFrjFI+OyWGE67ylWKyDSf2FgJW5Nq4/JRP/jnUEHlT/fJPkyAysx
giwZegBaPP0oF/JaXsXbHYNt83erHJSakSqSL29VRB+akhGLY2VSpLMnhMSigexl
WiTRQJOteg/UKUMKYev7dYZBZEdW+FYFuSWlcwtbpSbLczn0QgHytn/DLt64ZHzS
7FUDwYEmMGkHd3o2FV2yWBXGgb73Qp9emJjKQ22yub27awlhuPG4wxNBWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPBs8K2GsUW9X4T8PemetFj5TntyMB8GA1UdIwQY
MBaAFF2jj3w+ytKexQZEtwBouSob5HB0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4Yjkt
OTQwOGYxYmMwZDEyLzEvOEd6d3JZYXhSYjFmaFB3OTZaNjBXUGxPZTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4YjktOTQwOGYxYmMwZDEy
LzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+NyMA0G
CSqGSIb3DQEBCwUAA4IBAQCKQtNTBX3GO1hPS6P/9/l6FWV+oCCgtNsgOPdP/jGX
YC2IRFcbX7KyeVy672mrQyYyXogX60jwJi+Wy2W1qOY74jkm7XuQpAbhuCBPYeNn
E46vAOk1JeHVhaxjlxzuG6JlJhO4qMZcfFIgcKzjULg9NkkJKDQcHN7XfjlcnUL/
6vPkhOWpx+qiV8mtK08KX9WyttXRR+kZlKaTEqdqne2vXaHI60f1J8XkT7Y7t6te
EMJKVcK4pF+GImuTi4ACjdyOzKDaxtCrewPMqWajDgVCO6i5P97NNvkkKHsuJz9U
CTzzSbAzzo1eI/pt5ruy8guNfRrhxYlb04G/VQcZ87Uf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:15 2024 by rpki-client on console-fra.rpki-client.org