Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/cdI6NeOhxEiI3CRsTMa5Cn-ZdlA.roa
File: cdI6NeOhxEiI3CRsTMa5Cn-ZdlA.roa (raw, json)
Hash identifier: C1UTRZPcU1ftJMNeJ2sweKM5NrtaC8hHj5heRzgulIk=
Subject key identifier: 71:D2:3A:35:E3:A1:C4:48:88:DC:24:6C:4C:C6:B9:0A:7F:99:76:50
Certificate issuer: /CN=8e57b1447642c14f11c04b641cf1d8de8adac784
Certificate serial: 018572CCCDA65F0CBB9FE160CAD783A31A42
Authority key identifier: 8E:57:B1:44:76:42:C1:4F:11:C0:4B:64:1C:F1:D8:DE:8A:DA:C7:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jlexRHZCwU8RwEtkHPHY3orax4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/cdI6NeOhxEiI3CRsTMa5Cn-ZdlA.roa
Signing time: Mon 02 Jan 2023 14:05:02 +0000
ROA not before: Mon 02 Jan 2023 14:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35213
IP address blocks: 91.239.139.0/24 maxlen: 24
91.239.138.0/24 maxlen: 24
91.239.137.0/24 maxlen: 24
91.239.136.0/22 maxlen: 22
91.239.136.0/24 maxlen: 24
91.201.168.0/24 maxlen: 24
176.111.51.0/24 maxlen: 24
193.0.247.0/24 maxlen: 24
91.205.67.0/24 maxlen: 24
91.205.66.0/24 maxlen: 24
91.205.65.0/24 maxlen: 24
91.205.64.0/22 maxlen: 22
91.205.64.0/24 maxlen: 24
2a13:61c0::/29 maxlen: 29
2001:678:31c::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:cd:a6:5f:0c:bb:9f:e1:60:ca:d7:83:a3:1a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e57b1447642c14f11c04b641cf1d8de8adac784
Validity
Not Before: Jan 2 14:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71d23a35e3a1c44888dc246c4cc6b90a7f997650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0a:a8:eb:c1:24:08:01:ec:11:c0:61:48:71:
03:ca:a1:36:c0:99:82:6a:4f:71:22:6a:80:99:33:
4e:d7:2b:7f:73:54:a2:fe:9d:81:c5:17:73:fb:e0:
c0:d7:0b:f0:07:4e:d6:5c:c7:b4:70:fe:a7:26:e9:
27:ba:bc:b5:eb:ee:6d:55:1e:6a:27:77:98:5f:59:
86:d0:c9:a1:59:28:0f:4f:74:e7:ac:bf:66:2f:7d:
8a:6b:78:5c:72:fd:24:0f:66:ed:97:4d:1a:a9:9a:
76:9e:5f:71:a8:88:9b:36:ba:21:20:c5:53:8d:f9:
5b:d4:e7:e9:b4:f0:ae:f6:12:0a:d7:a7:9b:67:60:
cc:65:eb:76:9a:f0:52:a5:70:be:d3:4b:01:9b:24:
96:93:3c:7b:23:40:8a:a7:9e:2c:90:b6:21:e6:f2:
50:40:44:77:1a:4e:6b:3c:ec:82:b7:cf:04:68:82:
b2:e6:a5:1b:b2:e1:83:a6:3b:6c:3c:5f:87:e1:a5:
54:b3:a8:69:32:c7:65:6a:59:26:83:53:ad:e0:96:
ca:09:b6:5b:db:0c:a5:e9:c6:86:b3:44:0d:b9:2a:
eb:65:4a:b7:7f:0a:c3:05:4e:67:1e:5a:b0:46:ab:
30:f3:e6:cd:bb:c7:e6:3b:5a:6c:be:f6:22:33:c9:
8f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D2:3A:35:E3:A1:C4:48:88:DC:24:6C:4C:C6:B9:0A:7F:99:76:50
X509v3 Authority Key Identifier:
keyid:8E:57:B1:44:76:42:C1:4F:11:C0:4B:64:1C:F1:D8:DE:8A:DA:C7:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jlexRHZCwU8RwEtkHPHY3orax4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/cdI6NeOhxEiI3CRsTMa5Cn-ZdlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/jlexRHZCwU8RwEtkHPHY3orax4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.168.0/24
91.205.64.0/22
91.239.136.0/22
176.111.51.0/24
193.0.247.0/24
IPv6:
2001:678:31c::/48
2a13:61c0::/29
Signature Algorithm: sha256WithRSAEncryption
27:0f:c6:a0:7e:20:56:32:c5:95:f4:be:27:a5:fd:e3:39:b5:
ef:f8:c6:10:33:68:2b:ad:59:69:57:8e:d3:c0:6a:d5:65:ab:
c8:48:c4:e1:f9:77:d0:4a:d4:b2:96:5c:b0:cf:a4:c9:2a:c0:
f3:8c:bd:ad:3b:fe:ec:ae:35:8f:20:02:c6:0f:ed:37:15:53:
d0:5d:33:b3:ee:44:24:db:c9:d7:e6:5b:25:6d:4b:e2:18:3d:
34:15:d4:39:53:e3:79:87:76:a8:c1:41:bd:90:c8:f2:86:5b:
a7:73:f5:4b:ec:fe:7a:11:04:cb:1c:c8:63:24:b2:fc:13:03:
4f:a3:3d:d7:ce:61:4c:95:51:2f:b2:d7:e6:a4:51:7d:c0:ae:
14:9c:55:03:eb:eb:fc:90:84:4d:42:32:c9:1e:86:c7:00:f5:
cf:4b:f4:8b:1e:97:0c:60:70:1d:b3:55:8e:b9:d4:3f:3e:dd:
9f:dd:0e:3f:09:7e:7f:01:77:d0:03:bf:83:2d:9f:50:f2:af:
a0:8a:1b:8e:4f:c5:dd:03:9e:cd:45:4e:b0:37:f7:ee:8a:b1:
70:fb:ea:5f:d6:c9:14:98:93:68:4c:62:bb:d7:f8:49:ac:db:
6b:a3:e2:01:bb:a7:d2:e1:34:7c:3c:57:73:c0:9d:ff:bd:46:
85:f1:df:03
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVyzM2mXwy7n+FgyteDoxpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNTdiMTQ0NzY0MmMxNGYxMWMwNGI2NDFjZjFkOGRlOGFk
YWM3ODQwHhcNMjMwMTAyMTQwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQyM2EzNWUzYTFjNDQ4ODhkYzI0NmM0Y2M2YjkwYTdmOTk3NjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgqo68EkCAHsEcBhSHEDyqE2wJmC
ak9xImqAmTNO1yt/c1Si/p2BxRdz++DA1wvwB07WXMe0cP6nJuknury16+5tVR5q
J3eYX1mG0MmhWSgPT3TnrL9mL32Ka3hccv0kD2btl00aqZp2nl9xqIibNrohIMVT
jflb1OfptPCu9hIK16ebZ2DMZet2mvBSpXC+00sBmySWkzx7I0CKp54skLYh5vJQ
QER3Gk5rPOyCt88EaIKy5qUbsuGDpjtsPF+H4aVUs6hpMsdlalkmg1Ot4JbKCbZb
2wyl6caGs0QNuSrrZUq3fwrDBU5nHlqwRqsw8+bNu8fmO1psvvYiM8mPqwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHHSOjXjocRIiNwkbEzGuQp/mXZQMB8GA1UdIwQY
MBaAFI5XsUR2QsFPEcBLZBzx2N6K2seEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamxleFJIWkN3VThSd0V0a0hQSFkzb3JheDRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9lMWM3YzktY2M4MC00NWQ3LWE2ZDgt
YWYzMzRhMGExZTkzLzEvY2RJNk5lT2h4RWlJM0NSc1RNYTVDbi1aZGxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9lMWM3YzktY2M4MC00NWQ3LWE2ZDgtYWYzMzRhMGExZTkz
LzEvamxleFJIWkN3VThSd0V0a0hQSFkzb3JheDRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQAW8moAwQC
W81AAwQCW++IAwQAsG8zAwQAwQD3MBYEAgACMBADBwAgAQZ4AxwDBQMqE2HAMA0G
CSqGSIb3DQEBCwUAA4IBAQAnD8agfiBWMsWV9L4npf3jObXv+MYQM2grrVlpV47T
wGrVZavISMTh+XfQStSyllywz6TJKsDzjL2tO/7srjWPIALGD+03FVPQXTOz7kQk
28nX5lslbUviGD00FdQ5U+N5h3aowUG9kMjyhlunc/VL7P56EQTLHMhjJLL8EwNP
oz3XzmFMlVEvstfmpFF9wK4UnFUD6+v8kIRNQjLJHobHAPXPS/SLHpcMYHAds1WO
udQ/Pt2f3Q4/CX5/AXfQA7+DLZ9Q8q+gihuOT8XdA57NRU6wN/fuirFw++pf1skU
mJNoTGK71/hJrNtro+IBu6fS4TR8PFdzwJ3/vUaF8d8D
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:48 2024 by rpki-client on console-fra.rpki-client.org