Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/441755-b52f-4fb6-b3ef-7acbc6c9f985/1/yf9VJrX6yRuIWwF_fYXRSTKsQFc.roa
File: yf9VJrX6yRuIWwF_fYXRSTKsQFc.roa (raw, json)
Hash identifier: JASoFe0udv3Gz7IM78FzSg2rAdAZy4qf2FU6TINoSIY=
Subject key identifier: C9:FF:55:26:B5:FA:C9:1B:88:5B:01:7F:7D:85:D1:49:32:AC:40:57
Certificate issuer: /CN=af27d45fc18ba917ab1e89a17ef0b63609848224
Certificate serial: 01856FB10F71DE0F42E455F6FB213417DADE
Authority key identifier: AF:27:D4:5F:C1:8B:A9:17:AB:1E:89:A1:7E:F0:B6:36:09:84:82:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ryfUX8GLqRerHomhfvC2NgmEgiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/441755-b52f-4fb6-b3ef-7acbc6c9f985/1/yf9VJrX6yRuIWwF_fYXRSTKsQFc.roa
Signing time: Sun 01 Jan 2023 23:35:52 +0000
ROA not before: Sun 01 Jan 2023 23:35:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57844
IP address blocks: 91.188.219.0/24 maxlen: 24
91.188.216.0/24 maxlen: 24
91.188.217.0/24 maxlen: 24
91.188.218.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Oct 2023 19:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b1:0f:71:de:0f:42:e4:55:f6:fb:21:34:17:da:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af27d45fc18ba917ab1e89a17ef0b63609848224
Validity
Not Before: Jan 1 23:35:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9ff5526b5fac91b885b017f7d85d14932ac4057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ea:9d:f4:96:c1:b0:77:8c:ae:34:f1:97:39:
8b:e0:c3:56:1d:56:d6:38:d6:a0:38:01:1d:b3:28:
04:4c:f4:37:7a:bd:65:b8:93:79:c4:46:19:38:22:
94:d8:45:22:b9:a7:28:92:43:a6:bd:4d:2d:8e:8f:
8f:22:09:0d:75:d6:48:82:76:3b:4c:0c:5e:e4:6e:
e5:58:db:a5:12:bd:f6:9c:11:5e:41:9a:af:de:58:
70:80:55:43:d6:81:b6:91:ab:26:d0:04:55:24:f5:
16:94:d7:4f:94:7e:99:63:a3:06:b8:19:76:b8:3f:
2d:08:d0:69:92:70:a0:d2:65:08:13:00:f7:02:68:
5f:1d:1a:68:40:bf:dc:6f:54:8e:4d:fd:cf:4f:6e:
e0:ee:83:1c:06:40:55:9b:ba:c3:64:06:49:f1:5c:
65:7b:c0:b6:02:ea:54:8d:06:be:1b:7f:00:1a:58:
3b:e7:90:8e:0a:a2:fd:3d:17:9b:e2:8d:56:e9:85:
12:49:03:af:9d:0d:c3:6b:41:29:3c:3a:7c:86:85:
1c:a3:37:9c:4d:df:19:ec:8d:96:39:fa:77:1c:1a:
41:23:2d:76:20:f7:07:e0:3d:9a:9c:a5:47:7d:cd:
e4:72:ed:6c:9d:0b:33:47:4e:eb:90:c7:90:a1:ae:
ee:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:FF:55:26:B5:FA:C9:1B:88:5B:01:7F:7D:85:D1:49:32:AC:40:57
X509v3 Authority Key Identifier:
keyid:AF:27:D4:5F:C1:8B:A9:17:AB:1E:89:A1:7E:F0:B6:36:09:84:82:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ryfUX8GLqRerHomhfvC2NgmEgiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/441755-b52f-4fb6-b3ef-7acbc6c9f985/1/yf9VJrX6yRuIWwF_fYXRSTKsQFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/441755-b52f-4fb6-b3ef-7acbc6c9f985/1/ryfUX8GLqRerHomhfvC2NgmEgiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.216.0/22
Signature Algorithm: sha256WithRSAEncryption
80:23:da:bc:cf:8e:cf:82:dc:00:40:2b:97:9f:ef:df:8c:e4:
7c:77:68:00:9a:77:31:32:af:27:6d:e5:8e:7f:9b:03:dc:c5:
56:2b:39:59:d8:00:9a:e1:99:3b:5f:b1:45:96:7e:33:5b:e3:
e7:ae:78:82:69:ae:b2:ca:8e:6d:e9:53:91:1a:0b:09:9f:35:
b8:0c:13:8a:8e:b1:34:14:71:d1:70:99:8e:3b:d1:13:52:89:
c7:a2:2f:a5:6a:0d:cd:b0:ca:0e:be:12:71:1a:17:b6:57:01:
e3:22:2b:39:e1:6a:19:72:c8:80:f9:e3:09:bc:d3:4d:43:39:
5b:dc:b3:77:a7:fd:77:14:c9:7e:e8:d5:52:26:50:6b:3c:9d:
c9:7e:9d:e3:f3:ed:ef:2b:71:6d:b2:0e:a3:85:d4:65:c3:c2:
68:9c:13:00:b4:98:32:38:5d:7f:0b:5d:4e:6c:1f:e5:3e:5c:
c7:b8:2f:bb:8c:fc:c6:a3:1c:e8:94:30:46:d0:f0:6b:ba:32:
72:6c:54:5d:b3:47:5e:3e:b1:54:d6:1b:cb:2a:ee:77:e3:f8:
be:90:96:99:54:ed:53:56:63:6f:31:52:08:f6:33:bc:9e:9c:
93:43:c1:ed:a0:5a:87:d6:7f:84:97:08:0d:ef:ed:c5:1b:43:
1c:79:0a:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvsQ9x3g9C5FX2+yE0F9reMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMjdkNDVmYzE4YmE5MTdhYjFlODlhMTdlZjBiNjM2MDk4
NDgyMjQwHhcNMjMwMTAxMjMzNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWZmNTUyNmI1ZmFjOTFiODg1YjAxN2Y3ZDg1ZDE0OTMyYWM0MDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+qd9JbBsHeMrjTxlzmL4MNWHVbW
ONagOAEdsygETPQ3er1luJN5xEYZOCKU2EUiuacokkOmvU0tjo+PIgkNddZIgnY7
TAxe5G7lWNulEr32nBFeQZqv3lhwgFVD1oG2kasm0ARVJPUWlNdPlH6ZY6MGuBl2
uD8tCNBpknCg0mUIEwD3AmhfHRpoQL/cb1SOTf3PT27g7oMcBkBVm7rDZAZJ8Vxl
e8C2AupUjQa+G38AGlg755COCqL9PReb4o1W6YUSSQOvnQ3Da0EpPDp8hoUcozec
Td8Z7I2WOfp3HBpBIy12IPcH4D2anKVHfc3kcu1snQszR07rkMeQoa7uawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMn/VSa1+skbiFsBf32F0UkyrEBXMB8GA1UdIwQY
MBaAFK8n1F/Bi6kXqx6JoX7wtjYJhIIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlmVVg4R0xxUmVySG9taGZ2QzJOZ21FZ2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80NDE3NTUtYjUyZi00ZmI2LWIzZWYt
N2FjYmM2YzlmOTg1LzEveWY5VkpyWDZ5UnVJV3dGX2ZZWFJTVEtzUUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80NDE3NTUtYjUyZi00ZmI2LWIzZWYtN2FjYmM2YzlmOTg1
LzEvcnlmVVg4R0xxUmVySG9taGZ2QzJOZ21FZ2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW7zYMA0G
CSqGSIb3DQEBCwUAA4IBAQCAI9q8z47PgtwAQCuXn+/fjOR8d2gAmncxMq8nbeWO
f5sD3MVWKzlZ2ACa4Zk7X7FFln4zW+PnrniCaa6yyo5t6VORGgsJnzW4DBOKjrE0
FHHRcJmOO9ETUonHoi+lag3NsMoOvhJxGhe2VwHjIis54WoZcsiA+eMJvNNNQzlb
3LN3p/13FMl+6NVSJlBrPJ3Jfp3j8+3vK3Ftsg6jhdRlw8JonBMAtJgyOF1/C11O
bB/lPlzHuC+7jPzGoxzolDBG0PBrujJybFRds0dePrFU1hvLKu534/i+kJaZVO1T
VmNvMVII9jO8npyTQ8HtoFqH1n+ElwgN7+3FG0MceQpt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:15 2024 by rpki-client on console-ams.rpki-client.org