Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/xqnnSZ61_pTZCm3tDlVkXg_4brU.roa
File: xqnnSZ61_pTZCm3tDlVkXg_4brU.roa (raw, json)
Hash identifier: DW8EU37OEfTMLUAeTyYlfar8yLz470i0eLTXTk+KvX0=
Subject key identifier: C6:A9:E7:49:9E:B5:FE:94:D9:0A:6D:ED:0E:55:64:5E:0F:F8:6E:B5
Certificate issuer: /CN=270290f5f31f238df3e8f3bdfcc05751cc2f192c
Certificate serial: 018CC801AEFED07BF808BAE9DE5E4387DE27
Authority key identifier: 27:02:90:F5:F3:1F:23:8D:F3:E8:F3:BD:FC:C0:57:51:CC:2F:19:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JwKQ9fMfI43z6PO9_MBXUcwvGSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/xqnnSZ61_pTZCm3tDlVkXg_4brU.roa
Signing time: Tue 02 Jan 2024 02:30:02 +0000
ROA not before: Tue 02 Jan 2024 02:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41741
IP address blocks: 91.102.28.0/22 maxlen: 22
91.102.29.0/24 maxlen: 24
91.102.24.0/21 maxlen: 21
2a03:6180::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 05 Jan 2024 07:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:ae:fe:d0:7b:f8:08:ba:e9:de:5e:43:87:de:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=270290f5f31f238df3e8f3bdfcc05751cc2f192c
Validity
Not Before: Jan 2 02:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6a9e7499eb5fe94d90a6ded0e55645e0ff86eb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:dd:a6:98:35:95:da:8c:91:24:fe:eb:1c:33:
cc:8a:31:c3:28:81:77:70:ac:f4:c9:b7:27:32:f0:
f0:3c:42:bf:3a:25:f1:64:4d:fc:13:db:73:58:f2:
eb:37:ce:e4:0a:e2:4e:a0:f1:a8:52:88:75:2d:a1:
72:23:6e:f1:e7:d0:0a:20:fa:0a:1a:7c:da:e4:47:
2d:a7:f4:43:e5:3a:95:32:bc:69:ea:2a:af:d8:d6:
52:8a:37:7f:21:b3:fe:52:9c:a0:9c:f9:70:ab:c3:
42:4d:86:0e:f4:a7:52:34:d9:c8:24:26:8a:70:05:
d9:b9:05:60:1e:90:4e:19:a1:c6:b7:92:b2:51:c3:
05:98:02:cd:d2:ad:8e:10:c4:05:cd:b6:1a:3f:42:
f0:08:78:25:95:03:57:56:13:9d:ff:44:60:83:37:
76:de:96:1f:c6:75:cf:fa:d2:a8:1a:bc:76:bb:96:
af:c2:7a:02:ad:92:93:4c:8c:a1:4c:cd:a1:be:f5:
fb:fe:48:39:7d:5a:a0:39:2c:9c:f4:a5:b6:39:6c:
ed:17:d2:fb:8a:37:68:59:ad:b2:3f:08:2d:d8:56:
8a:4b:3a:8c:75:20:44:0f:9c:49:24:c8:4a:5a:47:
ac:f2:3f:70:0a:f2:67:93:d9:dc:68:76:ae:f0:86:
69:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:A9:E7:49:9E:B5:FE:94:D9:0A:6D:ED:0E:55:64:5E:0F:F8:6E:B5
X509v3 Authority Key Identifier:
keyid:27:02:90:F5:F3:1F:23:8D:F3:E8:F3:BD:FC:C0:57:51:CC:2F:19:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JwKQ9fMfI43z6PO9_MBXUcwvGSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/xqnnSZ61_pTZCm3tDlVkXg_4brU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/JwKQ9fMfI43z6PO9_MBXUcwvGSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.24.0/21
IPv6:
2a03:6180::/32
Signature Algorithm: sha256WithRSAEncryption
38:af:c8:20:60:07:da:42:24:9b:e6:4e:17:3b:a9:3d:b7:03:
4e:c0:7c:61:e4:9e:bc:d7:e9:df:5c:9f:e2:b9:16:b8:18:04:
68:13:9a:11:19:47:bf:da:a6:05:12:a2:52:c6:30:65:16:74:
81:ec:fc:fe:fe:2e:9b:d6:2f:20:30:7d:58:00:ef:59:b5:a9:
23:10:63:83:a3:da:b8:a9:0f:a1:5f:28:2d:54:6d:0e:1c:22:
12:a6:8b:00:0e:3a:5c:b1:36:ff:50:3d:db:68:35:ca:ff:50:
74:cc:f1:a6:2d:fc:60:2f:ef:dd:f4:7b:65:79:35:3c:1c:40:
3c:22:d4:05:f2:3a:66:80:e8:4a:38:9c:13:38:b1:dd:41:5b:
d7:fd:82:5b:3e:39:c6:e9:e1:38:11:73:be:18:2e:b5:75:ef:
47:0d:ac:a3:7d:be:5f:b0:81:87:7c:25:7f:de:49:30:57:28:
33:c4:d7:9d:5c:2e:bc:a8:f1:e9:bf:b5:06:cd:37:f4:50:90:
74:c5:e8:b8:0e:49:e1:48:5e:9f:f6:e4:cb:11:54:42:dd:c6:
11:d8:7c:12:41:a0:ba:cb:69:f3:31:63:59:cd:e5:bf:35:fb:
0c:63:c1:48:6a:3b:dd:90:7e:72:7e:2b:83:98:ab:61:e2:ab:
71:15:b7:a0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAa7+0Hv4CLrp3l5Dh94nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MDI5MGY1ZjMxZjIzOGRmM2U4ZjNiZGZjYzA1NzUxY2My
ZjE5MmMwHhcNMjQwMTAyMDIzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmE5ZTc0OTllYjVmZTk0ZDkwYTZkZWQwZTU1NjQ1ZTBmZjg2ZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArd2mmDWV2oyRJP7rHDPMijHDKIF3
cKz0ybcnMvDwPEK/OiXxZE38E9tzWPLrN87kCuJOoPGoUoh1LaFyI27x59AKIPoK
Gnza5Ectp/RD5TqVMrxp6iqv2NZSijd/IbP+UpygnPlwq8NCTYYO9KdSNNnIJCaK
cAXZuQVgHpBOGaHGt5KyUcMFmALN0q2OEMQFzbYaP0LwCHgllQNXVhOd/0Rggzd2
3pYfxnXP+tKoGrx2u5avwnoCrZKTTIyhTM2hvvX7/kg5fVqgOSyc9KW2OWztF9L7
ijdoWa2yPwgt2FaKSzqMdSBED5xJJMhKWkes8j9wCvJnk9ncaHau8IZpfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMap50metf6U2Qpt7Q5VZF4P+G61MB8GA1UdIwQY
MBaAFCcCkPXzHyON8+jzvfzAV1HMLxksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSndLUTlmTWZJNDN6NlBPOV9NQlhVY3d2R1N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hNTkzMGEtNzIzMy00ZWU5LTk5MDAt
YjE0Y2M5MWM3NzZjLzEveHFublNaNjFfcFRaQ20zdERsVmtYZ180YnJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9hNTkzMGEtNzIzMy00ZWU5LTk5MDAtYjE0Y2M5MWM3NzZj
LzEvSndLUTlmTWZJNDN6NlBPOV9NQlhVY3d2R1N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDW2YYMA0E
AgACMAcDBQAqA2GAMA0GCSqGSIb3DQEBCwUAA4IBAQA4r8ggYAfaQiSb5k4XO6k9
twNOwHxh5J681+nfXJ/iuRa4GARoE5oRGUe/2qYFEqJSxjBlFnSB7Pz+/i6b1i8g
MH1YAO9ZtakjEGODo9q4qQ+hXygtVG0OHCISposADjpcsTb/UD3baDXK/1B0zPGm
LfxgL+/d9HtleTU8HEA8ItQF8jpmgOhKOJwTOLHdQVvX/YJbPjnG6eE4EXO+GC61
de9HDayjfb5fsIGHfCV/3kkwVygzxNedXC68qPHpv7UGzTf0UJB0xei4DknhSF6f
9uTLEVRC3cYR2HwSQaC6y2nzMWNZzeW/NfsMY8FIajvdkH5yfiuDmKth4qtxFbeg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:59 2024 by rpki-client on console-fra.rpki-client.org