Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/76c8b4-387e-4c04-8f35-c04ee05a7953/1/9D3gWeXk9Mx1iEbimNEBFvrITgU.roa
File: 9D3gWeXk9Mx1iEbimNEBFvrITgU.roa (raw, json)
Hash identifier: u9AVNRX5KnBk0tfXvBSVY2NuyovP7X53xrDRm8jDhLk=
Subject key identifier: F4:3D:E0:59:E5:E4:F4:CC:75:88:46:E2:98:D1:01:16:FA:C8:4E:05
Certificate issuer: /CN=a9d78ce7a21c841d8735424776eb7ff587ad04d1
Certificate serial: 01856E81F0C07B08E2D9A2F06D98F532BAA3
Authority key identifier: A9:D7:8C:E7:A2:1C:84:1D:87:35:42:47:76:EB:7F:F5:87:AD:04:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qdeM56IchB2HNUJHdut_9YetBNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/76c8b4-387e-4c04-8f35-c04ee05a7953/1/9D3gWeXk9Mx1iEbimNEBFvrITgU.roa
Signing time: Sun 01 Jan 2023 18:04:47 +0000
ROA not before: Sun 01 Jan 2023 18:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21171
IP address blocks: 185.227.124.0/22 maxlen: 22
80.91.32.0/20 maxlen: 20
2a01:9900::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:81:f0:c0:7b:08:e2:d9:a2:f0:6d:98:f5:32:ba:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9d78ce7a21c841d8735424776eb7ff587ad04d1
Validity
Not Before: Jan 1 18:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f43de059e5e4f4cc758846e298d10116fac84e05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:37:fd:b1:ea:98:a4:fa:04:d2:e2:9f:32:bd:
f2:39:17:81:a6:43:62:03:3a:c6:f7:29:b2:ca:91:
e8:1e:bb:53:77:eb:7c:61:b5:4f:91:e2:d7:5d:53:
26:18:c7:0c:fe:4a:23:55:5f:35:69:4e:bc:9f:74:
10:4b:6f:c3:0d:6c:a2:12:d9:50:8a:5d:af:fd:6c:
81:60:18:62:a3:a1:d0:44:14:81:03:0c:c3:f9:ac:
7d:8d:ac:d0:13:9a:88:2e:d7:83:e0:b7:f1:eb:24:
44:32:92:20:dc:88:63:d7:34:72:dd:0a:75:77:44:
ed:be:41:14:10:51:ec:3a:e9:4f:76:41:11:10:2e:
b4:a9:61:66:ba:57:dc:47:40:3a:72:d8:56:c0:35:
e3:32:fc:5f:0d:5e:6e:b3:05:05:e6:42:8f:fb:a8:
8a:49:5b:c6:b5:c7:b1:1c:4b:f8:ce:fb:f7:5e:7e:
11:37:b3:52:13:97:2f:6c:b7:d0:43:26:31:c6:03:
ae:3a:ce:4b:6b:ad:99:80:78:7e:c7:9b:7f:5b:d6:
92:9e:a4:a6:40:d5:c7:7f:30:94:03:04:a9:c8:a6:
df:ed:03:ee:0d:e5:5b:6f:fe:d1:a6:3d:7d:7f:a9:
64:2a:fe:ba:99:67:62:88:77:29:7a:bc:7e:b6:b5:
0f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:3D:E0:59:E5:E4:F4:CC:75:88:46:E2:98:D1:01:16:FA:C8:4E:05
X509v3 Authority Key Identifier:
keyid:A9:D7:8C:E7:A2:1C:84:1D:87:35:42:47:76:EB:7F:F5:87:AD:04:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qdeM56IchB2HNUJHdut_9YetBNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/76c8b4-387e-4c04-8f35-c04ee05a7953/1/9D3gWeXk9Mx1iEbimNEBFvrITgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/76c8b4-387e-4c04-8f35-c04ee05a7953/1/qdeM56IchB2HNUJHdut_9YetBNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.32.0/20
185.227.124.0/22
IPv6:
2a01:9900::/32
Signature Algorithm: sha256WithRSAEncryption
0c:88:99:7c:03:ae:da:dc:c1:82:c8:e0:8a:d7:5e:3c:8f:48:
2b:8f:35:a8:08:a8:ae:d9:0a:31:7c:40:ff:b6:e4:60:63:c7:
18:38:65:15:94:c6:5a:73:5e:8e:33:ca:51:31:66:4e:c2:8c:
09:af:b7:84:ef:e3:43:20:24:6b:d8:ed:ff:28:ff:6c:3f:15:
45:eb:29:c4:fb:5f:ec:b5:bf:ee:2e:6b:48:f4:63:49:2b:c5:
33:ce:ea:f2:bf:bb:e1:a0:36:92:6a:86:89:2a:53:ec:4b:4e:
f3:20:4b:19:33:81:3e:33:07:2f:85:2c:ea:26:c4:da:38:ad:
ce:0d:44:b4:4a:f9:b7:e2:40:a2:af:c7:7a:29:45:a3:c3:b1:
37:25:4f:31:33:af:bd:ba:53:9b:88:25:ef:23:39:1b:ee:78:
b0:98:0c:12:bf:c3:cc:4f:2d:12:ee:42:b9:22:6b:d3:55:70:
ac:70:42:3d:99:09:64:1b:6e:9a:e4:5b:cc:d7:30:bc:f7:31:
3b:20:2e:a6:3c:7c:f1:27:cf:40:3b:ed:08:9f:0d:b8:29:cb:
2c:46:ad:88:8e:30:08:40:04:2a:2b:ac:d2:bf:88:9d:35:60:
29:92:5c:1d:06:3d:7d:1b:54:91:1d:03:92:8a:fb:31:9e:bd:
10:0f:4c:f2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVugfDAewji2aLwbZj1MrqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZDc4Y2U3YTIxYzg0MWQ4NzM1NDI0Nzc2ZWI3ZmY1ODdh
ZDA0ZDEwHhcNMjMwMTAxMTgwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDNkZTA1OWU1ZTRmNGNjNzU4ODQ2ZTI5OGQxMDExNmZhYzg0ZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTf9seqYpPoE0uKfMr3yOReBpkNi
AzrG9ymyypHoHrtTd+t8YbVPkeLXXVMmGMcM/kojVV81aU68n3QQS2/DDWyiEtlQ
il2v/WyBYBhio6HQRBSBAwzD+ax9jazQE5qILteD4Lfx6yREMpIg3Ihj1zRy3Qp1
d0TtvkEUEFHsOulPdkEREC60qWFmulfcR0A6cthWwDXjMvxfDV5uswUF5kKP+6iK
SVvGtcexHEv4zvv3Xn4RN7NSE5cvbLfQQyYxxgOuOs5La62ZgHh+x5t/W9aSnqSm
QNXHfzCUAwSpyKbf7QPuDeVbb/7Rpj19f6lkKv66mWdiiHcperx+trUP0wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPQ94Fnl5PTMdYhG4pjRARb6yE4FMB8GA1UdIwQY
MBaAFKnXjOeiHIQdhzVCR3brf/WHrQTRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWRlTTU2SWNoQjJITlVKSGR1dF85WWV0Qk5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi83NmM4YjQtMzg3ZS00YzA0LThmMzUt
YzA0ZWUwNWE3OTUzLzEvOUQzZ1dlWGs5TXgxaUViaW1ORUJGdnJJVGdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi83NmM4YjQtMzg3ZS00YzA0LThmMzUtYzA0ZWUwNWE3OTUz
LzEvcWRlTTU2SWNoQjJITlVKSGR1dF85WWV0Qk5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUFsgAwQC
ueN8MA0EAgACMAcDBQAqAZkAMA0GCSqGSIb3DQEBCwUAA4IBAQAMiJl8A67a3MGC
yOCK1148j0grjzWoCKiu2QoxfED/tuRgY8cYOGUVlMZac16OM8pRMWZOwowJr7eE
7+NDICRr2O3/KP9sPxVF6ynE+1/stb/uLmtI9GNJK8Uzzuryv7vhoDaSaoaJKlPs
S07zIEsZM4E+MwcvhSzqJsTaOK3ODUS0Svm34kCir8d6KUWjw7E3JU8xM6+9ulOb
iCXvIzkb7niwmAwSv8PMTy0S7kK5ImvTVXCscEI9mQlkG26a5FvM1zC89zE7IC6m
PHzxJ89AO+0Inw24KcssRq2IjjAIQAQqK6zSv4idNWApklwdBj19G1SRHQOSivsx
nr0QD0zy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:01 2024 by rpki-client on console-ams.rpki-client.org