Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/rXRo6FImYa9xfmxFSuqHdUSgvFg.roa
File: rXRo6FImYa9xfmxFSuqHdUSgvFg.roa (raw, json)
Hash identifier: BUB/fkml3JAlCQh8MnnIV0dIk2NiQ2gFx4pFx1ptkgI=
Subject key identifier: AD:74:68:E8:52:26:61:AF:71:7E:6C:45:4A:EA:87:75:44:A0:BC:58
Certificate issuer: /CN=d1df4803e54b084a99cb7bb044bf791327594b73
Certificate serial: 018797F531F22BDAE86CF6F4E27383FF735E
Authority key identifier: D1:DF:48:03:E5:4B:08:4A:99:CB:7B:B0:44:BF:79:13:27:59:4B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0d9IA-VLCEqZy3uwRL95EydZS3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/rXRo6FImYa9xfmxFSuqHdUSgvFg.roa
Signing time: Wed 19 Apr 2023 05:20:41 +0000
ROA not before: Wed 19 Apr 2023 05:20:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48981
IP address blocks: 91.198.28.0/24 maxlen: 24
91.142.133.0/24 maxlen: 24
91.142.140.0/24 maxlen: 24
91.193.74.0/24 maxlen: 24
2a0f:5c40::/29 maxlen: 64
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:97:f5:31:f2:2b:da:e8:6c:f6:f4:e2:73:83:ff:73:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1df4803e54b084a99cb7bb044bf791327594b73
Validity
Not Before: Apr 19 05:20:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad7468e8522661af717e6c454aea877544a0bc58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:5a:bd:96:65:f2:b3:8d:85:19:ea:3e:20:11:
0d:23:77:eb:64:a1:45:3c:f9:48:8b:d2:ee:97:bb:
ce:8d:71:64:74:04:2f:58:a4:f9:5d:39:aa:ca:af:
d4:a6:5a:84:a7:71:fa:c5:af:fc:d5:ad:97:e5:e9:
4d:0d:96:2d:64:e5:2d:7b:f1:c6:19:2a:f3:16:8b:
b7:5a:ce:70:61:98:f7:45:bf:60:77:6d:47:69:f1:
94:ed:a1:75:f0:10:6f:a8:1c:98:67:60:1a:23:a0:
d9:99:6f:0d:b9:ae:4d:3e:8e:c5:9e:80:8e:c7:e6:
b6:04:bc:48:df:3b:83:0e:33:58:2d:99:c2:08:14:
42:0c:f5:d8:e8:46:7e:db:16:22:d7:6c:1e:be:24:
11:99:b7:08:81:ec:98:97:e1:8d:99:df:79:93:a2:
e7:23:23:b2:86:ac:04:12:29:d9:c5:fb:6f:a8:ab:
41:c2:30:65:7a:04:8a:0d:34:8a:0d:4e:f6:0a:e3:
11:19:92:5b:13:72:11:42:e5:08:cf:3f:bf:78:72:
bf:e0:06:2d:e0:1f:03:cd:3f:89:dd:d7:94:f1:52:
f8:bb:3e:fb:ac:12:02:47:0d:f8:46:5c:99:41:6e:
f6:9d:16:07:84:de:3f:19:07:74:36:c0:59:f5:d1:
5d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:74:68:E8:52:26:61:AF:71:7E:6C:45:4A:EA:87:75:44:A0:BC:58
X509v3 Authority Key Identifier:
keyid:D1:DF:48:03:E5:4B:08:4A:99:CB:7B:B0:44:BF:79:13:27:59:4B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d9IA-VLCEqZy3uwRL95EydZS3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/rXRo6FImYa9xfmxFSuqHdUSgvFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/0d9IA-VLCEqZy3uwRL95EydZS3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.133.0/24
91.142.140.0/24
91.193.74.0/24
91.198.28.0/24
IPv6:
2a0f:5c40::/29
Signature Algorithm: sha256WithRSAEncryption
22:3b:7b:36:69:27:cb:93:a0:cb:b7:a9:20:ca:0a:8b:eb:df:
90:04:a7:91:e9:a6:ca:c8:45:9b:96:a9:5a:93:2a:4c:02:4e:
3f:de:b4:99:42:af:f1:73:60:34:d8:25:d3:15:1d:7a:d8:14:
4b:b9:fd:64:c9:96:be:83:42:8f:6e:12:23:a6:48:37:65:79:
f4:f9:e5:71:1e:0c:16:c9:7c:51:e3:db:82:6e:46:4d:cb:bc:
f5:09:1c:d0:3d:d3:d3:53:44:d5:2e:78:07:59:c1:e7:a6:d5:
e0:d9:8a:3f:2f:dd:26:08:24:78:be:13:60:0d:51:76:ce:af:
ec:a4:38:c6:b7:87:85:bd:2d:6e:4a:73:cf:12:61:12:83:91:
c6:3b:ec:6d:db:12:6d:62:4f:7e:51:0e:59:5a:09:06:64:42:
d7:f9:ed:f8:ef:af:18:89:a3:3d:8c:01:52:2e:cf:d6:35:d5:
93:bd:e7:65:ab:0f:8f:20:c5:f0:5f:12:31:b3:4a:ed:a8:39:
3d:34:38:d5:5f:02:be:4c:f2:92:96:bf:bc:6c:9e:c1:a2:ab:
03:c4:65:0e:4b:f4:b9:08:cb:9d:d9:cf:68:50:c0:41:b8:0c:
72:c7:a9:46:38:cf:82:90:5d:5b:da:69:d6:b8:db:55:2b:67:
a1:03:45:c9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYeX9THyK9robPb04nOD/3NeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGY0ODAzZTU0YjA4NGE5OWNiN2JiMDQ0YmY3OTEzMjc1
OTRiNzMwHhcNMjMwNDE5MDUyMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDc0NjhlODUyMjY2MWFmNzE3ZTZjNDU0YWVhODc3NTQ0YTBiYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglq9lmXys42FGeo+IBENI3frZKFF
PPlIi9Lul7vOjXFkdAQvWKT5XTmqyq/UplqEp3H6xa/81a2X5elNDZYtZOUte/HG
GSrzFou3Ws5wYZj3Rb9gd21HafGU7aF18BBvqByYZ2AaI6DZmW8Nua5NPo7FnoCO
x+a2BLxI3zuDDjNYLZnCCBRCDPXY6EZ+2xYi12weviQRmbcIgeyYl+GNmd95k6Ln
IyOyhqwEEinZxftvqKtBwjBlegSKDTSKDU72CuMRGZJbE3IRQuUIzz+/eHK/4AYt
4B8DzT+J3deU8VL4uz77rBICRw34RlyZQW72nRYHhN4/GQd0NsBZ9dFdxQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFK10aOhSJmGvcX5sRUrqh3VEoLxYMB8GA1UdIwQY
MBaAFNHfSAPlSwhKmct7sES/eRMnWUtzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQ5SUEtVkxDRXFaeTN1d1JMOTVFeWRaUzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8wZDVmNTMtOTY1My00N2ZiLWE5Nzct
NDhmNWU4NzY3ZDAyLzEvclhSbzZGSW1ZYTl4Zm14RlN1cUhkVVNndkZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8wZDVmNTMtOTY1My00N2ZiLWE5NzctNDhmNWU4NzY3ZDAy
LzEvMGQ5SUEtVkxDRXFaeTN1d1JMOTVFeWRaUzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW46FAwQA
W46MAwQAW8FKAwQAW8YcMA0EAgACMAcDBQMqD1xAMA0GCSqGSIb3DQEBCwUAA4IB
AQAiO3s2aSfLk6DLt6kgygqL69+QBKeR6abKyEWblqlakypMAk4/3rSZQq/xc2A0
2CXTFR162BRLuf1kyZa+g0KPbhIjpkg3ZXn0+eVxHgwWyXxR49uCbkZNy7z1CRzQ
PdPTU0TVLngHWcHnptXg2Yo/L90mCCR4vhNgDVF2zq/spDjGt4eFvS1uSnPPEmES
g5HGO+xt2xJtYk9+UQ5ZWgkGZELX+e34768YiaM9jAFSLs/WNdWTvedlqw+PIMXw
XxIxs0rtqDk9NDjVXwK+TPKSlr+8bJ7BoqsDxGUOS/S5CMud2c9oUMBBuAxyx6lG
OM+CkF1b2mnWuNtVK2ehA0XJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:39 2024 by rpki-client on console-ams.rpki-client.org