Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/dkaXC7rxcHMrttucw0ApXL4AcQ4.roa
File: dkaXC7rxcHMrttucw0ApXL4AcQ4.roa (raw, json)
Hash identifier: M7zzhvE4nDitsFJFmuEYV+kGCjtRYKCNRjcPEkPZNH8=
Subject key identifier: 76:46:97:0B:BA:F1:70:73:2B:B6:DB:9C:C3:40:29:5C:BE:00:71:0E
Certificate issuer: /CN=41dd1ce4eeb92ff53b633892fd457b011e1171f1
Certificate serial: 018EA46C4DDDC34CD6775103EBE1A5AF757D
Authority key identifier: 41:DD:1C:E4:EE:B9:2F:F5:3B:63:38:92:FD:45:7B:01:1E:11:71:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/dkaXC7rxcHMrttucw0ApXL4AcQ4.roa
Signing time: Wed 03 Apr 2024 14:45:45 +0000
ROA not before: Wed 03 Apr 2024 14:45:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62359
IP address blocks: 91.242.173.0/24 maxlen: 24
2001:67c:6d8::/48 maxlen: 48
2a14:30c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 11 Apr 2024 13:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a4:6c:4d:dd:c3:4c:d6:77:51:03:eb:e1:a5:af:75:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41dd1ce4eeb92ff53b633892fd457b011e1171f1
Validity
Not Before: Apr 3 14:45:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7646970bbaf170732bb6db9cc340295cbe00710e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c9:f4:61:fa:fa:7b:8a:fc:11:e2:98:0f:44:
0f:70:5d:de:a6:8c:46:55:72:c3:ba:27:f3:04:64:
ff:a2:8c:3f:01:dd:03:cc:9d:4a:15:4d:e5:b7:fc:
ec:c2:60:50:8e:c4:83:d4:34:ac:a3:25:76:d8:04:
93:f6:dd:22:29:9e:aa:be:fb:7c:cd:93:a9:4b:26:
40:2e:aa:25:24:01:2a:dc:f1:89:b3:19:1d:d0:db:
17:58:6a:58:ef:94:ce:87:01:79:5f:20:9a:ad:36:
a2:07:79:10:f2:dd:1e:7e:51:1c:bb:52:72:6c:0e:
ce:7a:4c:82:f1:55:38:92:93:75:f1:15:cc:36:b5:
a2:37:0d:1c:76:d7:62:84:b7:53:c1:91:64:e4:c4:
bc:da:dd:60:5c:bf:4d:4e:c1:3e:ae:22:fe:61:e8:
c2:0a:05:6c:95:40:03:35:9d:bc:87:8d:d8:a0:61:
63:df:a6:31:bb:5f:49:66:ee:61:c4:93:69:68:fe:
c1:25:d0:00:ed:1f:90:1c:26:54:ed:cb:f8:56:4e:
7c:8b:b9:4b:ca:2b:6e:0d:37:64:4b:e3:ba:14:d0:
9a:24:d9:3f:5c:17:7f:d9:65:e6:07:b6:9c:da:bd:
10:02:a9:61:f6:5e:11:86:ab:e3:41:a1:23:12:a6:
3c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:46:97:0B:BA:F1:70:73:2B:B6:DB:9C:C3:40:29:5C:BE:00:71:0E
X509v3 Authority Key Identifier:
keyid:41:DD:1C:E4:EE:B9:2F:F5:3B:63:38:92:FD:45:7B:01:1E:11:71:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/dkaXC7rxcHMrttucw0ApXL4AcQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/Qd0c5O65L_U7YziS_UV7AR4RcfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.173.0/24
IPv6:
2001:67c:6d8::/48
2a14:30c1::/32
Signature Algorithm: sha256WithRSAEncryption
92:e5:c6:12:17:b9:0f:1a:98:4a:8c:28:85:7e:a4:52:5c:bc:
dd:5f:92:47:09:a0:8d:8b:c7:a4:33:24:90:f8:38:07:66:2a:
c7:e0:a9:7a:3e:8f:46:0e:bb:c6:89:ed:34:bd:ad:c8:50:26:
55:0e:50:77:0b:89:cd:ce:d3:0a:a9:66:aa:44:a1:e3:01:b7:
4e:b6:fa:db:4c:33:f3:7d:8d:6d:a9:78:5b:78:cb:5c:a2:29:
0a:77:12:46:da:cc:ae:4b:a7:e8:aa:8f:e1:e1:b2:28:d7:2f:
2f:0d:cb:32:53:4e:1f:c6:fa:aa:f8:86:4b:3a:1e:45:f8:45:
74:59:e1:c7:42:af:4b:a2:1b:1a:6c:d5:84:a7:a5:3f:8f:55:
41:03:ed:ca:99:28:29:47:7f:18:c3:56:cf:41:d4:0f:34:c1:
66:9a:39:80:b7:ba:9b:ed:9a:cf:2c:71:c3:a5:79:bb:01:e7:
07:78:97:1d:0c:d8:4e:88:0c:d4:c8:8d:d2:aa:4f:21:36:13:
8a:1b:14:da:2a:83:76:3d:af:c9:d7:0a:21:58:8c:98:c7:41:
3c:83:37:b7:05:97:96:28:4d:22:aa:a4:fd:d5:96:54:15:1f:
e9:eb:0e:59:b3:cd:1c:be:3a:4c:b6:13:8f:2d:6a:94:6f:f2:
bb:80:4c:6a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY6kbE3dw0zWd1ED6+Glr3V9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZGQxY2U0ZWViOTJmZjUzYjYzMzg5MmZkNDU3YjAxMWUx
MTcxZjEwHhcNMjQwNDAzMTQ0NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjQ2OTcwYmJhZjE3MDczMmJiNmRiOWNjMzQwMjk1Y2JlMDA3MTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsn0Yfr6e4r8EeKYD0QPcF3epoxG
VXLDuifzBGT/oow/Ad0DzJ1KFU3lt/zswmBQjsSD1DSsoyV22AST9t0iKZ6qvvt8
zZOpSyZALqolJAEq3PGJsxkd0NsXWGpY75TOhwF5XyCarTaiB3kQ8t0eflEcu1Jy
bA7OekyC8VU4kpN18RXMNrWiNw0cdtdihLdTwZFk5MS82t1gXL9NTsE+riL+YejC
CgVslUADNZ28h43YoGFj36Yxu19JZu5hxJNpaP7BJdAA7R+QHCZU7cv4Vk58i7lL
yituDTdkS+O6FNCaJNk/XBd/2WXmB7ac2r0QAqlh9l4RhqvjQaEjEqY8vQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHZGlwu68XBzK7bbnMNAKVy+AHEOMB8GA1UdIwQY
MBaAFEHdHOTuuS/1O2M4kv1FewEeEXHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWQwYzVPNjVMX1U3WXppU19VVjdBUjRSY2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8xYWNjNjEtYjk1YS00MDZlLTgwZmMt
ODg1MjFhZDk5YzdlLzEvZGthWEM3cnhjSE1ydHR1Y3cwQXBYTDRBY1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8xYWNjNjEtYjk1YS00MDZlLTgwZmMtODg1MjFhZDk5Yzdl
LzEvUWQwYzVPNjVMX1U3WXppU19VVjdBUjRSY2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAW/KtMBYE
AgACMBADBwAgAQZ8BtgDBQAqFDDBMA0GCSqGSIb3DQEBCwUAA4IBAQCS5cYSF7kP
GphKjCiFfqRSXLzdX5JHCaCNi8ekMySQ+DgHZirH4Kl6Po9GDrvGie00va3IUCZV
DlB3C4nNztMKqWaqRKHjAbdOtvrbTDPzfY1tqXhbeMtcoikKdxJG2syuS6foqo/h
4bIo1y8vDcsyU04fxvqq+IZLOh5F+EV0WeHHQq9LohsabNWEp6U/j1VBA+3KmSgp
R38Yw1bPQdQPNMFmmjmAt7qb7ZrPLHHDpXm7AecHeJcdDNhOiAzUyI3Sqk8hNhOK
GxTaKoN2Pa/J1wohWIyYx0E8gze3BZeWKE0iqqT91ZZUFR/p6w5Zs80cvjpMthOP
LWqUb/K7gExq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:08 2024 by rpki-client on console-fra.rpki-client.org