Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/35fIY5P1Cb4b0pYh6a9On99pfVE.roa
File: 35fIY5P1Cb4b0pYh6a9On99pfVE.roa (raw, json)
Hash identifier: OsPPL3H1HB4HmOV/Sx+GpM8LzsXURbO0OymKwIec4J8=
Subject key identifier: DF:97:C8:63:93:F5:09:BE:1B:D2:96:21:E9:AF:4E:9F:DF:69:7D:51
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 01856CE62D8B7937B65B40C331D203A3AABD
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/35fIY5P1Cb4b0pYh6a9On99pfVE.roa
Signing time: Sun 01 Jan 2023 10:35:02 +0000
ROA not before: Sun 01 Jan 2023 10:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42399
IP address blocks: 91.189.112.0/24 maxlen: 24
91.189.112.0/23 maxlen: 23
91.189.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:2d:8b:79:37:b6:5b:40:c3:31:d2:03:a3:aa:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Jan 1 10:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df97c86393f509be1bd29621e9af4e9fdf697d51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:86:16:96:c5:c1:94:a0:d0:1a:d9:61:a9:72:
c1:af:aa:69:05:e4:d7:5e:dd:d9:ca:f8:5d:f2:93:
06:9a:0b:92:3b:de:0b:5f:b6:99:40:61:da:30:ec:
cf:9f:50:27:a1:c6:24:9e:74:e6:65:d7:a9:d3:2d:
9d:db:5b:27:8f:e9:94:6f:7f:ef:83:cc:8b:aa:5c:
ad:15:37:7d:1e:dd:78:ac:00:d6:bb:bf:3c:05:6e:
0c:14:84:71:95:67:3c:bb:d8:32:d7:b1:2c:13:5a:
00:16:e1:0d:2a:40:55:3a:1d:ec:a2:09:a4:68:a2:
12:b3:13:80:4f:04:d5:6a:58:2d:be:34:ef:9a:4f:
76:ec:57:67:0d:f2:ed:92:2a:62:0a:3d:15:de:96:
8d:73:47:b5:bc:30:1c:5a:0a:a5:46:a9:82:99:47:
ac:3a:f6:53:c3:35:f7:ae:cf:e1:e3:9d:1e:d8:9f:
cf:06:ab:b4:d2:59:2d:0c:c0:0a:3a:80:d6:d0:a9:
a5:55:d0:25:a0:d0:5f:8d:b3:37:70:2c:fa:04:5f:
e6:c7:90:a6:da:17:aa:93:8c:2e:8a:10:84:90:7b:
4d:8b:68:09:a4:40:ab:8e:ca:65:85:7c:5d:b3:c0:
e7:a4:9f:68:db:2d:f2:54:20:5e:f7:d7:17:0d:ec:
39:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:97:C8:63:93:F5:09:BE:1B:D2:96:21:E9:AF:4E:9F:DF:69:7D:51
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/35fIY5P1Cb4b0pYh6a9On99pfVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.112.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:c8:c4:14:1b:f3:28:9b:2b:23:06:b5:43:19:60:5e:09:02:
45:fe:1e:56:f9:b8:4b:9a:c7:02:16:ea:33:39:90:90:9b:73:
d7:8d:1e:a0:60:9a:0a:03:72:a8:b4:7f:8d:c8:34:b4:4b:af:
80:2e:09:fe:46:b8:61:2c:df:83:fb:8b:56:48:e7:d8:1c:ae:
91:c4:83:16:7e:b2:03:b4:ed:3a:72:60:02:9c:f6:5e:2d:30:
f9:57:97:f3:6d:5f:cd:18:00:63:d2:05:fd:cd:5b:61:04:89:
ef:bb:86:74:b4:06:ef:79:d0:30:3b:f3:d4:2e:fd:51:4e:12:
fb:16:0b:3c:48:1a:88:82:54:a2:be:d0:bf:9e:46:36:2b:12:
22:56:f5:bc:f2:4e:b6:b5:c8:e3:e0:13:ca:df:97:fc:a8:6f:
eb:8b:a0:c2:8c:25:f5:94:62:ae:7c:87:40:98:cd:3b:09:cb:
dd:be:c5:04:7e:45:1a:e1:1c:2b:fe:b0:68:e0:0a:27:27:33:
01:d0:e8:f9:ee:90:69:d8:96:91:ca:eb:02:96:1f:8c:2d:89:
a2:38:67:6d:77:2e:76:f2:e5:f9:d0:60:20:c5:2f:09:a8:72:
1c:bc:c0:d6:72:50:da:f3:e9:86:50:cf:91:03:88:83:e1:9b:
82:2f:0c:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5i2LeTe2W0DDMdIDo6q9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjMwMTAxMTAzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjk3Yzg2MzkzZjUwOWJlMWJkMjk2MjFlOWFmNGU5ZmRmNjk3ZDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4YWlsXBlKDQGtlhqXLBr6ppBeTX
Xt3Zyvhd8pMGmguSO94LX7aZQGHaMOzPn1AnocYknnTmZdep0y2d21snj+mUb3/v
g8yLqlytFTd9Ht14rADWu788BW4MFIRxlWc8u9gy17EsE1oAFuENKkBVOh3sogmk
aKISsxOATwTValgtvjTvmk927FdnDfLtkipiCj0V3paNc0e1vDAcWgqlRqmCmUes
OvZTwzX3rs/h450e2J/PBqu00lktDMAKOoDW0KmlVdAloNBfjbM3cCz6BF/mx5Cm
2heqk4wuihCEkHtNi2gJpECrjsplhXxds8DnpJ9o2y3yVCBe99cXDew5wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN+XyGOT9Qm+G9KWIemvTp/faX1RMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvMzVmSVk1UDFDYjRiMHBZaDZhOU9uOTlwZlZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW71wMA0G
CSqGSIb3DQEBCwUAA4IBAQAqyMQUG/MomysjBrVDGWBeCQJF/h5W+bhLmscCFuoz
OZCQm3PXjR6gYJoKA3KotH+NyDS0S6+ALgn+RrhhLN+D+4tWSOfYHK6RxIMWfrID
tO06cmACnPZeLTD5V5fzbV/NGABj0gX9zVthBInvu4Z0tAbvedAwO/PULv1RThL7
Fgs8SBqIglSivtC/nkY2KxIiVvW88k62tcjj4BPK35f8qG/ri6DCjCX1lGKufIdA
mM07CcvdvsUEfkUa4Rwr/rBo4AonJzMB0Oj57pBp2JaRyusClh+MLYmiOGdtdy52
8uX50GAgxS8JqHIcvMDWclDa8+mGUM+RA4iD4ZuCLwwn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:15 2024 by rpki-client on console-fra.rpki-client.org