Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/iXy5DhtJ-2D_-NCK8TGwB5VrG5g.roa
File: iXy5DhtJ-2D_-NCK8TGwB5VrG5g.roa (raw, json)
Hash identifier: 4+Hlf6FaizySA80dBgo26yjjezeR2spU/FMnUFp430k=
Subject key identifier: 89:7C:B9:0E:1B:49:FB:60:FF:F8:D0:8A:F1:31:B0:07:95:6B:1B:98
Certificate issuer: /CN=0321ea39508e0e17a651fe92ac29ea38832d0bff
Certificate serial: 01856E5D736F2A8B8CDC63884751A2E1A021
Authority key identifier: 03:21:EA:39:50:8E:0E:17:A6:51:FE:92:AC:29:EA:38:83:2D:0B:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/iXy5DhtJ-2D_-NCK8TGwB5VrG5g.roa
Signing time: Sun 01 Jan 2023 17:24:56 +0000
ROA not before: Sun 01 Jan 2023 17:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31027
IP address blocks: 91.198.144.0/24 maxlen: 24
78.31.32.0/21 maxlen: 21
85.202.64.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:73:6f:2a:8b:8c:dc:63:88:47:51:a2:e1:a0:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0321ea39508e0e17a651fe92ac29ea38832d0bff
Validity
Not Before: Jan 1 17:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=897cb90e1b49fb60fff8d08af131b007956b1b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:05:81:58:70:44:4e:3a:f7:93:67:5c:df:92:
e9:c2:16:55:b2:9a:95:66:d9:2c:d5:2a:e3:e4:9d:
e8:a1:1e:79:c7:3b:e0:24:75:60:f3:ac:93:f0:1e:
d3:a1:83:d0:82:38:38:92:05:a7:bf:a1:26:77:7e:
11:0f:1a:d9:c5:68:ff:b6:a1:c1:62:f5:f6:b2:65:
e1:e9:33:59:c6:c7:ac:08:7c:c2:e2:c8:26:65:4c:
e3:79:00:cb:78:c2:2a:d1:86:3d:7c:04:47:02:fa:
1d:ba:29:4a:ba:0d:c3:84:44:e9:85:df:f3:e9:79:
25:68:83:7f:0a:72:25:ba:51:b8:aa:7b:e5:24:b4:
5d:09:8a:0f:bf:88:6a:87:65:df:b4:12:f1:eb:94:
af:ab:3d:5e:1c:56:db:0a:cd:64:b7:15:dd:d7:21:
fb:5a:2b:eb:9b:40:05:52:a6:7b:35:a4:69:4f:68:
65:f4:8d:58:95:57:4f:56:bb:b5:3e:08:e1:63:78:
ba:76:10:a8:91:2b:77:44:9d:c6:e4:ad:a6:0e:ef:
80:bb:83:cf:50:46:50:37:8f:03:98:6d:2f:47:37:
7c:91:86:07:e1:2e:0d:ab:9a:2e:89:79:e6:8d:2c:
db:55:15:ac:47:1f:86:5e:ba:0c:f7:98:5b:3e:fe:
fd:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:7C:B9:0E:1B:49:FB:60:FF:F8:D0:8A:F1:31:B0:07:95:6B:1B:98
X509v3 Authority Key Identifier:
keyid:03:21:EA:39:50:8E:0E:17:A6:51:FE:92:AC:29:EA:38:83:2D:0B:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/iXy5DhtJ-2D_-NCK8TGwB5VrG5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.32.0/21
85.202.64.0/20
91.198.144.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:30:95:64:63:fb:47:67:69:de:b7:66:b7:e6:8e:eb:f2:b6:
a5:0d:43:ab:6a:6f:3c:6f:ad:f3:30:6a:3e:a2:de:fa:b6:98:
54:75:30:44:6a:0d:5e:25:03:1b:ab:36:a4:64:bb:68:ba:30:
90:e5:26:e4:c9:53:a5:d3:5c:23:7f:b1:bf:64:12:b6:20:68:
45:d7:6d:ab:d8:14:cc:fd:ca:71:aa:ad:8c:af:a2:ec:94:3e:
54:5b:13:4a:de:7e:7b:d6:11:9c:91:ee:fe:8c:02:e3:85:24:
31:1c:14:ab:e1:cc:5c:ab:3b:7e:7c:e7:18:5f:6f:eb:a3:2e:
52:85:7a:97:0c:d6:94:ae:b7:d7:1a:90:ed:48:88:18:99:e1:
87:9b:0f:24:53:91:1c:dc:39:d7:d6:40:d2:cd:8f:50:ee:e7:
e6:d4:0d:2a:50:aa:da:db:1b:2c:a3:11:0e:88:50:be:fe:a9:
02:ce:7d:ea:ae:24:7c:f3:d7:ae:e9:2c:ef:c5:dd:1d:fe:6b:
0c:46:9a:f9:e6:f5:63:49:d5:1d:ae:1e:e7:c2:df:5d:f2:bb:
1e:21:f2:4a:d5:23:5a:f2:7d:07:ea:6c:47:54:fb:23:68:6a:
6d:c9:73:f5:c0:43:5d:41:4d:21:23:7c:03:42:ef:3a:53:aa:
83:41:f3:bd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuXXNvKouM3GOIR1Gi4aAhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMjFlYTM5NTA4ZTBlMTdhNjUxZmU5MmFjMjllYTM4ODMy
ZDBiZmYwHhcNMjMwMTAxMTcyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTdjYjkwZTFiNDlmYjYwZmZmOGQwOGFmMTMxYjAwNzk1NmIxYjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgWBWHBETjr3k2dc35LpwhZVspqV
Ztks1Srj5J3ooR55xzvgJHVg86yT8B7ToYPQgjg4kgWnv6Emd34RDxrZxWj/tqHB
YvX2smXh6TNZxsesCHzC4sgmZUzjeQDLeMIq0YY9fARHAvoduilKug3DhETphd/z
6XklaIN/CnIlulG4qnvlJLRdCYoPv4hqh2XftBLx65Svqz1eHFbbCs1ktxXd1yH7
Wivrm0AFUqZ7NaRpT2hl9I1YlVdPVru1PgjhY3i6dhCokSt3RJ3G5K2mDu+Au4PP
UEZQN48DmG0vRzd8kYYH4S4Nq5ouiXnmjSzbVRWsRx+GXroM95hbPv798QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIl8uQ4bSftg//jQivExsAeVaxuYMB8GA1UdIwQY
MBaAFAMh6jlQjg4XplH+kqwp6jiDLQv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXlIcU9WQ09EaGVtVWY2U3JDbnFPSU10Q184LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDgxN2UtODI4MS00MmY3LTlmNGQt
OGNmODA1NTExMDAyLzEvaVh5NURodEotMkRfLU5DSzhUR3dCNVZyRzVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDgxN2UtODI4MS00MmY3LTlmNGQtOGNmODA1NTExMDAy
LzEvQXlIcU9WQ09EaGVtVWY2U3JDbnFPSU10Q184LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDTh8gAwQE
VcpAAwQAW8aQMA0GCSqGSIb3DQEBCwUAA4IBAQCiMJVkY/tHZ2net2a35o7r8ral
DUOram88b63zMGo+ot76tphUdTBEag1eJQMbqzakZLtoujCQ5SbkyVOl01wjf7G/
ZBK2IGhF122r2BTM/cpxqq2Mr6LslD5UWxNK3n571hGcke7+jALjhSQxHBSr4cxc
qzt+fOcYX2/roy5ShXqXDNaUrrfXGpDtSIgYmeGHmw8kU5Ec3DnX1kDSzY9Q7ufm
1A0qUKra2xssoxEOiFC+/qkCzn3qriR889eu6Szvxd0d/msMRpr55vVjSdUdrh7n
wt9d8rseIfJK1SNa8n0H6mxHVPsjaGptyXP1wENdQU0hI3wDQu86U6qDQfO9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:21 2024 by rpki-client on console-fra.rpki-client.org