Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/cdKU6CeooTABUhv5oRfV_EgPsnk.roa
File: cdKU6CeooTABUhv5oRfV_EgPsnk.roa (raw, json)
Hash identifier: vd/FpLc7J8gmmW6/YkrpMH90zBuNHOD9c3E8Xy5c9Q8=
Subject key identifier: 71:D2:94:E8:27:A8:A1:30:01:52:1B:F9:A1:17:D5:FC:48:0F:B2:79
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 018D5A0565D82C0B77CD75CBD8CCD8FF411F
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/cdKU6CeooTABUhv5oRfV_EgPsnk.roa
Signing time: Tue 30 Jan 2024 10:58:39 +0000
ROA not before: Tue 30 Jan 2024 10:58:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57271
IP address blocks: 91.240.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 17:13:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:05:65:d8:2c:0b:77:cd:75:cb:d8:cc:d8:ff:41:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Jan 30 10:58:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71d294e827a8a13001521bf9a117d5fc480fb279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:15:80:fb:fd:27:ac:87:82:9d:2a:84:3f:f2:
fa:67:97:44:20:6f:e8:f2:cb:68:8b:f5:25:2d:20:
f1:7d:15:cd:3b:cc:22:98:c8:cb:a5:bc:dd:86:e9:
39:b8:36:19:9e:60:17:40:db:a1:6d:a7:1f:31:a8:
5b:39:bb:2b:be:9f:23:7b:de:3d:11:22:52:31:2c:
81:4d:08:67:e6:e2:4e:db:ac:29:15:c9:c9:01:79:
01:59:0e:ca:53:cb:f5:22:71:b6:54:ce:39:f1:ba:
02:d6:b3:51:d2:34:d7:f9:dd:ca:4a:b0:df:44:fb:
b8:28:6d:3d:40:49:98:b4:fc:c7:a4:2a:d0:1e:b1:
71:1b:0d:45:81:72:ff:3c:0b:e3:5d:43:f6:f8:84:
66:6f:20:54:49:77:53:7c:9d:18:ef:76:3b:78:72:
31:7f:7d:49:91:49:56:1c:a3:5c:da:69:48:6a:2a:
71:5f:d8:cf:20:ae:73:0a:6a:af:e4:91:70:0f:2b:
fc:07:2a:1f:81:60:04:95:ae:76:19:cc:97:0c:18:
48:29:46:c8:8f:b6:a4:9e:49:69:0f:81:4a:8c:4e:
ac:e4:b4:62:35:76:0c:ed:e5:ce:20:d4:13:36:e5:
d7:1c:ab:15:71:8b:e2:3f:be:fb:57:82:5a:ce:68:
9e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D2:94:E8:27:A8:A1:30:01:52:1B:F9:A1:17:D5:FC:48:0F:B2:79
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/cdKU6CeooTABUhv5oRfV_EgPsnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.33.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:11:65:ca:0c:8a:3d:a1:85:5a:e3:49:d7:af:38:de:6e:10:
0b:5f:c7:1d:c7:35:fb:1d:a3:05:10:c0:ba:92:5e:c7:aa:8a:
a6:e8:4a:f9:37:5f:72:81:d0:49:e2:d1:cc:42:8d:44:df:17:
89:57:6d:d0:f4:9f:37:64:6b:59:7c:3e:1f:88:00:0c:0f:0e:
3f:19:64:3c:b7:23:04:b6:2a:da:23:c2:a7:80:59:d7:c1:55:
64:5c:e0:f2:ba:96:60:71:a4:1e:01:9d:98:40:45:57:ce:a5:
03:77:79:d2:12:10:5a:0b:83:7e:b8:a2:ed:aa:72:a3:1d:e9:
ca:73:68:bd:a3:d3:72:1f:a5:3e:bb:15:b2:7c:2d:6a:f2:5b:
88:37:80:cb:14:8e:0c:be:29:54:ff:ab:ff:03:00:88:ed:dd:
7b:f1:18:5e:c8:ca:a8:f9:5d:cb:30:6c:a3:a8:15:03:ab:07:
f8:d9:f3:17:41:59:b0:f7:23:1c:87:be:18:99:57:f2:f0:9e:
b8:62:5b:3b:7f:40:1f:91:84:e0:d9:f0:92:96:79:60:5e:d0:
e8:b6:80:a9:69:91:bb:e6:a4:54:05:4c:2c:06:4c:da:93:5f:
75:e6:f1:9a:df:ec:16:01:79:1f:24:39:37:ab:b6:11:56:0c:
14:f6:6f:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1aBWXYLAt3zXXL2MzY/0EfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQwMTMwMTA1ODM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQyOTRlODI3YThhMTMwMDE1MjFiZjlhMTE3ZDVmYzQ4MGZiMjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxWA+/0nrIeCnSqEP/L6Z5dEIG/o
8stoi/UlLSDxfRXNO8wimMjLpbzdhuk5uDYZnmAXQNuhbacfMahbObsrvp8je949
ESJSMSyBTQhn5uJO26wpFcnJAXkBWQ7KU8v1InG2VM458boC1rNR0jTX+d3KSrDf
RPu4KG09QEmYtPzHpCrQHrFxGw1FgXL/PAvjXUP2+IRmbyBUSXdTfJ0Y73Y7eHIx
f31JkUlWHKNc2mlIaipxX9jPIK5zCmqv5JFwDyv8ByofgWAEla52GcyXDBhIKUbI
j7aknklpD4FKjE6s5LRiNXYM7eXOINQTNuXXHKsVcYviP777V4JazmiegwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHHSlOgnqKEwAVIb+aEX1fxID7J5MB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvY2RLVTZDZW9vVEFCVWh2NW9SZlZfRWdQc25rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/AhMA0G
CSqGSIb3DQEBCwUAA4IBAQCeEWXKDIo9oYVa40nXrzjebhALX8cdxzX7HaMFEMC6
kl7Hqoqm6Er5N19ygdBJ4tHMQo1E3xeJV23Q9J83ZGtZfD4fiAAMDw4/GWQ8tyME
tiraI8KngFnXwVVkXODyupZgcaQeAZ2YQEVXzqUDd3nSEhBaC4N+uKLtqnKjHenK
c2i9o9NyH6U+uxWyfC1q8luIN4DLFI4MvilU/6v/AwCI7d178RheyMqo+V3LMGyj
qBUDqwf42fMXQVmw9yMch74YmVfy8J64Yls7f0AfkYTg2fCSlnlgXtDotoCpaZG7
5qRUBUwsBkzak1915vGa3+wWAXkfJDk3q7YRVgwU9m84
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:51 2024 by rpki-client on console-fra.rpki-client.org