Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/6D4-kI_HaR11-RNFxX1S3W9431o.roa
File: 6D4-kI_HaR11-RNFxX1S3W9431o.roa (raw, json)
Hash identifier: 3eOgBJ4tRt3vDHkEdila6VxWOc//C4SMI0lO0gzat2U=
Subject key identifier: E8:3E:3E:90:8F:C7:69:1D:75:F9:13:45:C5:7D:52:DD:6F:78:DF:5A
Certificate issuer: /CN=270290f5f31f238df3e8f3bdfcc05751cc2f192c
Certificate serial: 018C1FC9668D57C83BC58D342A675B584333
Authority key identifier: 27:02:90:F5:F3:1F:23:8D:F3:E8:F3:BD:FC:C0:57:51:CC:2F:19:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JwKQ9fMfI43z6PO9_MBXUcwvGSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/6D4-kI_HaR11-RNFxX1S3W9431o.roa
Signing time: Thu 30 Nov 2023 10:32:21 +0000
ROA not before: Thu 30 Nov 2023 10:32:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41741
IP address blocks: 91.102.28.0/22 maxlen: 22
91.102.29.0/24 maxlen: 24
91.102.24.0/21 maxlen: 21
2a03:6180::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1f:c9:66:8d:57:c8:3b:c5:8d:34:2a:67:5b:58:43:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=270290f5f31f238df3e8f3bdfcc05751cc2f192c
Validity
Not Before: Nov 30 10:32:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e83e3e908fc7691d75f91345c57d52dd6f78df5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9c:42:16:6e:0b:e5:7f:e3:b5:4a:ec:6e:11:
94:f1:de:47:25:d9:af:8c:80:b0:c8:22:c9:ca:7e:
22:f1:29:24:7b:73:8f:c6:cf:1b:a2:14:9a:43:9e:
ef:0c:db:76:a5:ab:4c:24:72:cc:e4:37:fc:7c:66:
1f:9f:21:69:94:97:87:9d:4d:16:ec:07:cf:33:20:
f3:c1:1b:e1:a2:cd:b8:95:37:4b:a8:1a:31:46:eb:
95:6f:29:48:2b:8b:d0:46:ef:38:24:62:28:62:1d:
ba:bd:6d:ee:f6:91:91:85:c0:3e:d3:2c:fc:16:b4:
71:0e:37:5c:c4:e6:62:c6:94:cd:cb:f3:58:a1:ce:
a0:9f:0f:bd:2c:e0:72:13:3e:0a:64:94:db:2d:25:
32:e2:be:6c:21:5e:6e:e6:09:9f:26:8a:c9:00:81:
39:ac:d6:ae:61:31:ff:92:c5:bc:d2:20:ce:7d:25:
fa:b2:b2:62:04:f3:40:ad:a8:6a:36:06:c8:5f:f9:
c8:4d:e9:06:c2:e2:14:7c:f3:43:98:20:7d:c8:b1:
86:79:45:a4:a1:a9:10:9c:ed:df:dc:68:2c:25:bd:
af:10:9b:a7:63:bc:05:18:9f:83:11:82:6d:37:f8:
7c:aa:50:f4:e5:23:50:36:1f:f5:7c:7a:22:9e:16:
5e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:3E:3E:90:8F:C7:69:1D:75:F9:13:45:C5:7D:52:DD:6F:78:DF:5A
X509v3 Authority Key Identifier:
keyid:27:02:90:F5:F3:1F:23:8D:F3:E8:F3:BD:FC:C0:57:51:CC:2F:19:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JwKQ9fMfI43z6PO9_MBXUcwvGSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/6D4-kI_HaR11-RNFxX1S3W9431o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/JwKQ9fMfI43z6PO9_MBXUcwvGSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.24.0/21
IPv6:
2a03:6180::/32
Signature Algorithm: sha256WithRSAEncryption
92:f9:fe:db:29:d4:11:7a:34:37:cc:bd:a1:3e:34:cc:ec:e8:
4a:c2:f5:95:07:a9:4c:fc:18:29:61:5b:24:73:36:47:ef:7d:
93:dd:23:a4:cd:f1:89:db:c3:66:b3:90:5d:86:df:06:f0:1b:
cd:34:c9:e2:85:dd:6a:d1:e9:6a:a6:8c:88:42:2c:0e:0e:5f:
39:18:f4:ab:06:19:d8:3a:7e:c6:9c:15:ba:c6:a5:c0:9c:7f:
b8:bf:de:52:4f:07:32:e6:50:cb:be:5a:0c:69:16:bb:58:32:
ec:ba:70:9f:1d:65:fa:f3:8b:a5:b0:e0:89:4a:4a:ef:06:cb:
00:a1:9d:10:c2:55:61:5b:5f:92:f4:29:fb:c9:59:1a:64:27:
60:0d:10:15:b0:4b:14:78:93:51:0d:88:b3:32:b8:dc:f9:c8:
7e:d8:2c:53:47:af:dd:ee:24:e8:b1:68:64:fb:5f:a3:4a:c4:
44:2f:4c:07:84:fc:57:87:2f:9e:8c:be:3a:62:eb:69:93:1a:
b4:20:c3:a2:76:42:ef:4a:b9:df:4b:34:57:d1:2a:bc:42:a8:
06:0f:2f:0f:ab:b8:6f:d0:8b:70:23:af:9f:0d:70:f7:5c:50:
d7:36:a8:a6:97:5c:9f:65:1a:17:fe:0e:12:65:d9:46:83:38:
ac:de:18:68
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYwfyWaNV8g7xY00KmdbWEMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MDI5MGY1ZjMxZjIzOGRmM2U4ZjNiZGZjYzA1NzUxY2My
ZjE5MmMwHhcNMjMxMTMwMTAzMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODNlM2U5MDhmYzc2OTFkNzVmOTEzNDVjNTdkNTJkZDZmNzhkZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pxCFm4L5X/jtUrsbhGU8d5HJdmv
jICwyCLJyn4i8Skke3OPxs8bohSaQ57vDNt2patMJHLM5Df8fGYfnyFplJeHnU0W
7AfPMyDzwRvhos24lTdLqBoxRuuVbylIK4vQRu84JGIoYh26vW3u9pGRhcA+0yz8
FrRxDjdcxOZixpTNy/NYoc6gnw+9LOByEz4KZJTbLSUy4r5sIV5u5gmfJorJAIE5
rNauYTH/ksW80iDOfSX6srJiBPNArahqNgbIX/nITekGwuIUfPNDmCB9yLGGeUWk
oakQnO3f3GgsJb2vEJunY7wFGJ+DEYJtN/h8qlD05SNQNh/1fHoinhZeHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOg+PpCPx2kddfkTRcV9Ut1veN9aMB8GA1UdIwQY
MBaAFCcCkPXzHyON8+jzvfzAV1HMLxksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSndLUTlmTWZJNDN6NlBPOV9NQlhVY3d2R1N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hNTkzMGEtNzIzMy00ZWU5LTk5MDAt
YjE0Y2M5MWM3NzZjLzEvNkQ0LWtJX0hhUjExLVJORnhYMVMzVzk0MzFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9hNTkzMGEtNzIzMy00ZWU5LTk5MDAtYjE0Y2M5MWM3NzZj
LzEvSndLUTlmTWZJNDN6NlBPOV9NQlhVY3d2R1N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDW2YYMA0E
AgACMAcDBQAqA2GAMA0GCSqGSIb3DQEBCwUAA4IBAQCS+f7bKdQRejQ3zL2hPjTM
7OhKwvWVB6lM/BgpYVskczZH732T3SOkzfGJ28Nms5Bdht8G8BvNNMnihd1q0elq
poyIQiwODl85GPSrBhnYOn7GnBW6xqXAnH+4v95STwcy5lDLvloMaRa7WDLsunCf
HWX684ulsOCJSkrvBssAoZ0QwlVhW1+S9Cn7yVkaZCdgDRAVsEsUeJNRDYizMrjc
+ch+2CxTR6/d7iTosWhk+1+jSsREL0wHhPxXhy+ejL46Yutpkxq0IMOidkLvSrnf
SzRX0Sq8QqgGDy8Pq7hv0ItwI6+fDXD3XFDXNqiml1yfZRoX/g4SZdlGgzis3hho
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:02 2024 by rpki-client on console-ams.rpki-client.org