Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e5c877-a2ee-4c3f-ad5c-02a7f6df6810/1/h4kb0ibiwLesX-WNkNuGQ0gNdtQ.roa
File: h4kb0ibiwLesX-WNkNuGQ0gNdtQ.roa (raw, json)
Hash identifier: 4Lc5nVwVCjsK/xUX0RFGiF1IFzaFsm8kUg3AHHIMDoc=
Subject key identifier: 87:89:1B:D2:26:E2:C0:B7:AC:5F:E5:8D:90:DB:86:43:48:0D:76:D4
Certificate issuer: /CN=3ac4446ba99b43891ecf1f7fa2cdb02e14a344f3
Certificate serial: 01856DEF718801CE5FFE51A3CD126050A0CD
Authority key identifier: 3A:C4:44:6B:A9:9B:43:89:1E:CF:1F:7F:A2:CD:B0:2E:14:A3:44:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OsREa6mbQ4kezx9_os2wLhSjRPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/e5c877-a2ee-4c3f-ad5c-02a7f6df6810/1/h4kb0ibiwLesX-WNkNuGQ0gNdtQ.roa
Signing time: Sun 01 Jan 2023 15:24:46 +0000
ROA not before: Sun 01 Jan 2023 15:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198765
IP address blocks: 91.238.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:71:88:01:ce:5f:fe:51:a3:cd:12:60:50:a0:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ac4446ba99b43891ecf1f7fa2cdb02e14a344f3
Validity
Not Before: Jan 1 15:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87891bd226e2c0b7ac5fe58d90db8643480d76d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:bb:97:20:9d:78:19:f2:f8:3c:ad:30:5b:5e:
4c:b5:9f:61:4a:63:0a:6a:62:09:c5:ae:1f:56:a1:
2c:ed:99:cb:84:f4:af:eb:9d:92:c6:e4:44:fc:53:
07:63:ca:0f:ac:27:2c:94:6e:23:ba:c2:1a:43:98:
29:54:60:93:9e:88:a6:40:e8:a8:b3:3f:1c:65:2d:
4d:1e:1f:7d:70:59:71:d2:98:e7:22:46:72:d9:ac:
1d:24:42:ef:8a:89:f9:50:0c:e4:3b:36:19:e0:5f:
c5:d2:4b:aa:7a:ba:e4:e2:cf:cd:9f:00:62:bc:5d:
bd:49:7b:0e:77:c4:b9:8e:58:91:a6:9a:9e:5a:0e:
c9:5b:c5:81:8e:75:42:73:e5:9d:1b:58:a6:40:55:
3f:d0:3b:b3:88:f0:b8:38:5c:bb:d2:16:f4:5f:fa:
7e:53:50:ec:e0:4c:a8:82:d8:0e:e2:48:5f:46:12:
d4:be:c6:20:c8:b9:19:25:10:16:88:3b:89:02:cb:
73:91:10:77:e8:e3:7c:98:ca:64:64:bd:31:0d:92:
55:14:49:21:42:79:c9:40:0b:20:b6:00:58:b2:66:
fe:2a:6e:5b:7f:0f:b3:ef:0b:70:ee:58:32:43:22:
22:78:36:57:f1:6d:66:ba:0d:56:a7:75:b9:48:19:
43:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:89:1B:D2:26:E2:C0:B7:AC:5F:E5:8D:90:DB:86:43:48:0D:76:D4
X509v3 Authority Key Identifier:
keyid:3A:C4:44:6B:A9:9B:43:89:1E:CF:1F:7F:A2:CD:B0:2E:14:A3:44:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OsREa6mbQ4kezx9_os2wLhSjRPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e5c877-a2ee-4c3f-ad5c-02a7f6df6810/1/h4kb0ibiwLesX-WNkNuGQ0gNdtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e5c877-a2ee-4c3f-ad5c-02a7f6df6810/1/OsREa6mbQ4kezx9_os2wLhSjRPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.199.0/24
Signature Algorithm: sha256WithRSAEncryption
41:43:cf:d3:0a:2c:0c:8a:86:35:63:01:d0:bd:41:95:23:72:
55:fb:55:f2:c3:46:38:14:f7:21:8e:5c:5e:ca:88:84:9f:f7:
e4:25:58:98:10:ae:42:ac:63:b4:64:78:ea:83:8d:49:9f:e3:
50:2f:2a:87:f9:64:26:6e:6b:dc:e9:41:d9:74:c8:9e:a1:0f:
0c:8b:6c:fe:a7:b7:a9:a7:bc:36:83:73:8c:9f:58:c6:b8:82:
55:a5:32:2b:8c:9b:c5:ab:e2:7c:17:f2:4c:20:3f:b9:b1:1e:
ce:91:07:6a:fd:02:7b:00:d2:dc:dd:93:37:a1:a9:31:72:e5:
9d:0f:ca:87:ae:a4:aa:f0:4c:1c:51:d1:f2:f9:79:ae:da:e5:
62:58:43:ef:61:15:3a:7c:b4:97:a3:a9:4b:29:bf:dc:3d:5c:
38:60:fc:79:5d:ea:58:8e:0c:a1:72:74:16:82:a5:a6:07:24:
06:94:18:a0:00:f1:fd:13:7b:a7:01:ac:8d:ce:82:c9:8a:f6:
4e:2c:c4:80:00:8e:c5:7e:d3:03:c5:c5:9b:b4:e4:9b:80:17:
61:d3:be:92:06:ea:fe:46:83:6f:dd:7a:0b:00:57:00:0c:2d:
d5:08:1a:62:5a:10:ee:1b:50:2f:1f:6a:9f:3b:c7:81:38:26:
14:be:b7:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt73GIAc5f/lGjzRJgUKDNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYzQ0NDZiYTk5YjQzODkxZWNmMWY3ZmEyY2RiMDJlMTRh
MzQ0ZjMwHhcNMjMwMTAxMTUyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzg5MWJkMjI2ZTJjMGI3YWM1ZmU1OGQ5MGRiODY0MzQ4MGQ3NmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLuXIJ14GfL4PK0wW15MtZ9hSmMK
amIJxa4fVqEs7ZnLhPSv652SxuRE/FMHY8oPrCcslG4jusIaQ5gpVGCTnoimQOio
sz8cZS1NHh99cFlx0pjnIkZy2awdJELvion5UAzkOzYZ4F/F0kuqerrk4s/NnwBi
vF29SXsOd8S5jliRppqeWg7JW8WBjnVCc+WdG1imQFU/0DuziPC4OFy70hb0X/p+
U1Ds4EyogtgO4khfRhLUvsYgyLkZJRAWiDuJAstzkRB36ON8mMpkZL0xDZJVFEkh
QnnJQAsgtgBYsmb+Km5bfw+z7wtw7lgyQyIieDZX8W1mug1Wp3W5SBlDrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIeJG9Im4sC3rF/ljZDbhkNIDXbUMB8GA1UdIwQY
MBaAFDrERGupm0OJHs8ff6LNsC4Uo0TzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3NSRWE2bWJRNGtleng5X29zMndMaFNqUlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lNWM4NzctYTJlZS00YzNmLWFkNWMt
MDJhN2Y2ZGY2ODEwLzEvaDRrYjBpYml3TGVzWC1XTmtOdUdRMGdOZHRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lNWM4NzctYTJlZS00YzNmLWFkNWMtMDJhN2Y2ZGY2ODEw
LzEvT3NSRWE2bWJRNGtleng5X29zMndMaFNqUlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+7HMA0G
CSqGSIb3DQEBCwUAA4IBAQBBQ8/TCiwMioY1YwHQvUGVI3JV+1Xyw0Y4FPchjlxe
yoiEn/fkJViYEK5CrGO0ZHjqg41Jn+NQLyqH+WQmbmvc6UHZdMieoQ8Mi2z+p7ep
p7w2g3OMn1jGuIJVpTIrjJvFq+J8F/JMID+5sR7OkQdq/QJ7ANLc3ZM3oakxcuWd
D8qHrqSq8EwcUdHy+Xmu2uViWEPvYRU6fLSXo6lLKb/cPVw4YPx5XepYjgyhcnQW
gqWmByQGlBigAPH9E3unAayNzoLJivZOLMSAAI7FftMDxcWbtOSbgBdh076SBur+
RoNv3XoLAFcADC3VCBpiWhDuG1AvH2qfO8eBOCYUvrft
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:11 2024 by rpki-client on console-fra.rpki-client.org