Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/0ea4a4-2774-4545-805f-1e9f0bdeb532/1/D7ebn9KnjB1hc3V-PLO-flotyOU.roa
File: D7ebn9KnjB1hc3V-PLO-flotyOU.roa (raw, json)
Hash identifier: rixKo8ZjuAwmcN1ALw05nddwEHGQD/cvsoYs+1QegMI=
Subject key identifier: 0F:B7:9B:9F:D2:A7:8C:1D:61:73:75:7E:3C:B3:BE:7E:5A:2D:C8:E5
Certificate issuer: /CN=f310c50d2cc87bdbfa5bb511a18a2277ba00ba68
Certificate serial: 01856CB8228291602B8DA1C2B7A3016B925A
Authority key identifier: F3:10:C5:0D:2C:C8:7B:DB:FA:5B:B5:11:A1:8A:22:77:BA:00:BA:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8xDFDSzIe9v6W7URoYoid7oAumg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/0ea4a4-2774-4545-805f-1e9f0bdeb532/1/D7ebn9KnjB1hc3V-PLO-flotyOU.roa
Signing time: Sun 01 Jan 2023 09:44:44 +0000
ROA not before: Sun 01 Jan 2023 09:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41568
IP address blocks: 91.192.104.0/24 maxlen: 24
91.192.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:22:82:91:60:2b:8d:a1:c2:b7:a3:01:6b:92:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f310c50d2cc87bdbfa5bb511a18a2277ba00ba68
Validity
Not Before: Jan 1 09:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fb79b9fd2a78c1d6173757e3cb3be7e5a2dc8e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b4:53:f9:4a:8e:e1:96:72:1e:c5:c7:3b:8d:
5e:ca:23:92:5e:4e:6e:65:38:2a:34:b2:d3:24:95:
3a:5c:ed:37:bf:81:b4:1b:53:80:a5:68:2f:ac:78:
10:c9:08:ee:7a:d4:6d:bf:bc:ab:58:4e:74:fd:2e:
49:7e:7d:88:91:f8:33:c4:32:62:a7:cf:76:f2:f4:
35:90:26:cc:f7:8f:af:36:c1:da:10:5c:80:81:08:
bd:72:ef:ae:5f:8f:35:f8:cf:6e:c4:80:73:b0:dd:
32:8d:81:22:fc:9f:7e:1b:4f:36:fa:52:bb:7f:7b:
a9:f8:db:b6:a9:c1:44:79:3d:cd:85:34:82:a3:42:
7a:e6:1f:2a:44:1c:b1:af:12:98:6e:7f:81:7e:6f:
9b:a0:34:9d:38:66:91:5a:96:23:bd:c8:17:d1:bf:
16:f5:09:e5:c9:98:05:71:c6:2c:03:81:f4:d8:29:
41:08:ee:11:4a:22:05:ac:e8:af:64:3e:34:80:5c:
09:7d:e6:df:c9:0b:0f:09:e8:e9:ca:6e:f7:5d:48:
12:30:64:06:d5:59:58:b1:ad:e2:6e:a2:bd:18:11:
1f:8d:0c:cf:a3:d8:c6:a5:f2:8d:54:e1:b6:a7:33:
ef:24:a2:fb:c4:0c:0b:c3:8b:93:7f:b7:63:36:fd:
b3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B7:9B:9F:D2:A7:8C:1D:61:73:75:7E:3C:B3:BE:7E:5A:2D:C8:E5
X509v3 Authority Key Identifier:
keyid:F3:10:C5:0D:2C:C8:7B:DB:FA:5B:B5:11:A1:8A:22:77:BA:00:BA:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8xDFDSzIe9v6W7URoYoid7oAumg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/0ea4a4-2774-4545-805f-1e9f0bdeb532/1/D7ebn9KnjB1hc3V-PLO-flotyOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/0ea4a4-2774-4545-805f-1e9f0bdeb532/1/8xDFDSzIe9v6W7URoYoid7oAumg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.104.0/23
Signature Algorithm: sha256WithRSAEncryption
03:d6:63:68:ee:1f:16:7d:06:ec:2b:36:86:87:bf:8f:b2:f3:
f4:48:81:bf:1e:81:d7:98:eb:13:0c:3c:e1:06:4c:26:75:ff:
fe:d0:ce:5e:c6:c0:08:58:0d:8a:b5:ec:f4:b2:19:80:6e:36:
45:1e:39:ee:78:47:21:e7:47:0b:3f:96:d5:bf:6a:e7:59:02:
df:21:ef:5e:42:31:fe:e8:a9:33:61:46:a8:7b:fb:7c:33:d5:
b7:f7:67:c8:0e:15:8f:7d:d1:00:a6:e2:e5:a3:a9:52:ff:46:
47:90:86:50:36:e5:29:da:3b:6b:34:b9:f3:e8:98:c7:5b:b9:
44:4b:b0:69:93:e1:6d:ee:c5:56:7e:4f:6a:c9:6c:73:af:c9:
e9:7b:7a:39:f7:17:cf:ba:35:4a:81:28:1d:3a:4c:50:1c:29:
e1:fd:0a:17:db:24:b6:6d:63:e4:5b:cd:38:29:09:cf:f0:13:
18:a3:73:ed:fb:55:5b:1f:c4:cb:d5:fa:64:1c:50:79:8f:43:
63:10:e8:a8:0b:8b:fc:78:e6:68:d9:a8:4c:ac:16:54:56:ce:
81:7c:83:c4:78:85:9c:5c:c3:e8:c5:b2:a2:27:22:4b:c8:da:
84:6d:1c:31:59:25:a5:50:b7:2b:f3:d6:d5:e6:8b:80:79:de:
97:d7:f7:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuCKCkWArjaHCt6MBa5JaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMTBjNTBkMmNjODdiZGJmYTViYjUxMWExOGEyMjc3YmEw
MGJhNjgwHhcNMjMwMTAxMDk0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmI3OWI5ZmQyYTc4YzFkNjE3Mzc1N2UzY2IzYmU3ZTVhMmRjOGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprRT+UqO4ZZyHsXHO41eyiOSXk5u
ZTgqNLLTJJU6XO03v4G0G1OApWgvrHgQyQjuetRtv7yrWE50/S5Jfn2IkfgzxDJi
p8928vQ1kCbM94+vNsHaEFyAgQi9cu+uX481+M9uxIBzsN0yjYEi/J9+G082+lK7
f3up+Nu2qcFEeT3NhTSCo0J65h8qRByxrxKYbn+Bfm+boDSdOGaRWpYjvcgX0b8W
9QnlyZgFccYsA4H02ClBCO4RSiIFrOivZD40gFwJfebfyQsPCejpym73XUgSMGQG
1VlYsa3ibqK9GBEfjQzPo9jGpfKNVOG2pzPvJKL7xAwLw4uTf7djNv2zPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA+3m5/Sp4wdYXN1fjyzvn5aLcjlMB8GA1UdIwQY
MBaAFPMQxQ0syHvb+lu1EaGKIne6ALpoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHhERkRTekllOXY2VzdVUm9Zb2lkN29BdW1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8wZWE0YTQtMjc3NC00NTQ1LTgwNWYt
MWU5ZjBiZGViNTMyLzEvRDdlYm45S25qQjFoYzNWLVBMTy1mbG90eU9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8wZWE0YTQtMjc3NC00NTQ1LTgwNWYtMWU5ZjBiZGViNTMy
LzEvOHhERkRTekllOXY2VzdVUm9Zb2lkN29BdW1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8BoMA0G
CSqGSIb3DQEBCwUAA4IBAQAD1mNo7h8WfQbsKzaGh7+PsvP0SIG/HoHXmOsTDDzh
Bkwmdf/+0M5exsAIWA2Ktez0shmAbjZFHjnueEch50cLP5bVv2rnWQLfIe9eQjH+
6KkzYUaoe/t8M9W392fIDhWPfdEApuLlo6lS/0ZHkIZQNuUp2jtrNLnz6JjHW7lE
S7Bpk+Ft7sVWfk9qyWxzr8npe3o59xfPujVKgSgdOkxQHCnh/QoX2yS2bWPkW804
KQnP8BMYo3Pt+1VbH8TL1fpkHFB5j0NjEOioC4v8eOZo2ahMrBZUVs6BfIPEeIWc
XMPoxbKiJyJLyNqEbRwxWSWlULcr89bV5ouAed6X1/fC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:06 2024 by rpki-client on console-fra.rpki-client.org