Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/8YG74sQ9KOf1CkS6JAFEimuxehQ.roa
File: 8YG74sQ9KOf1CkS6JAFEimuxehQ.roa (raw, json)
Hash identifier: ktA4NgQNY39PvihglbNrl0cUipnEN6u30zayJYxeVDc=
Subject key identifier: F1:81:BB:E2:C4:3D:28:E7:F5:0A:44:BA:24:01:44:8A:6B:B1:7A:14
Certificate issuer: /CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Certificate serial: 018F587E3429622ED578077FF1991B580AA2
Authority key identifier: C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/8YG74sQ9KOf1CkS6JAFEimuxehQ.roa
Signing time: Wed 08 May 2024 13:56:56 +0000
ROA not before: Wed 08 May 2024 13:56:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.108.72.0/21 maxlen: 24
91.108.80.0/21 maxlen: 24
91.108.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 May 2024 14:22:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:58:7e:34:29:62:2e:d5:78:07:7f:f1:99:1b:58:0a:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Validity
Not Before: May 8 13:56:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f181bbe2c43d28e7f50a44ba2401448a6bb17a14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5f:c2:ce:7d:0a:85:ad:f0:53:cf:14:ed:b0:
84:6e:a4:b4:9d:7d:22:7a:36:40:49:ba:7e:42:58:
1a:6a:0e:d1:b1:87:92:ff:4e:57:35:cd:0c:45:cf:
d8:6f:6a:60:db:f7:61:60:e3:35:26:8a:a9:21:da:
2b:bd:ac:f7:c4:85:3a:18:d1:26:6b:cc:49:f9:31:
07:d7:6f:c8:a6:2e:74:b3:53:0f:46:3f:d3:4b:21:
21:d0:32:a2:d6:30:c4:f1:f3:84:3b:59:77:d3:07:
24:f6:b6:b0:c8:8b:ee:20:ea:e6:56:00:3a:75:c4:
f9:87:e1:50:43:ab:d8:89:7e:d3:e4:40:48:60:57:
7d:9a:a4:ac:11:bb:12:a7:10:43:1e:6b:31:1d:f2:
fc:96:17:af:82:98:c1:eb:c7:88:9e:5e:bb:37:48:
72:e6:c6:99:39:41:3e:95:bb:b3:e3:25:76:12:a3:
68:77:ad:76:86:54:bb:f7:de:d9:ba:ef:65:19:22:
8f:e8:1c:04:3a:21:5d:c0:59:a8:ea:bb:36:57:a3:
de:68:39:f8:7a:fb:fc:d7:4c:47:cc:06:66:1f:62:
26:f3:fa:5c:15:79:dd:50:0a:79:49:47:be:e6:9b:
02:c2:b1:e4:b5:ff:7f:b6:7d:4c:84:4a:87:97:9d:
b9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:81:BB:E2:C4:3D:28:E7:F5:0A:44:BA:24:01:44:8A:6B:B1:7A:14
X509v3 Authority Key Identifier:
keyid:C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/8YG74sQ9KOf1CkS6JAFEimuxehQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.72.0-91.108.95.255
Signature Algorithm: sha256WithRSAEncryption
a6:2b:d3:54:2e:dd:53:17:8c:87:9d:48:af:30:e5:a8:25:dd:
a7:9f:f9:9e:c9:ca:0c:c9:82:04:04:16:c4:21:a0:e0:73:d8:
8d:09:b6:2d:60:3a:64:28:9e:d7:a2:0a:ed:11:7c:1e:e6:8a:
f9:41:27:c6:c7:19:5a:fd:e7:57:42:a7:a5:5e:c4:86:0f:51:
6d:8f:d8:fb:48:87:5b:e1:06:04:82:ed:04:66:99:f2:bd:5d:
35:5f:79:7e:18:ef:c4:1d:7a:fe:7a:9b:37:31:9d:a3:de:14:
3b:af:44:e6:ed:45:91:3b:69:be:95:c7:77:81:41:40:c3:7b:
bb:78:a3:41:c3:4e:3b:41:76:fa:c9:23:84:5b:f5:4b:fc:e1:
16:42:84:18:29:d6:ad:b1:f8:47:ae:78:f1:f9:79:dc:74:7f:
e2:8b:7a:2b:0f:27:fb:9f:8f:b7:22:94:c8:ad:5e:ff:9d:18:
48:c1:cc:fc:dc:c2:18:02:f6:16:01:85:94:b5:4e:23:b6:54:
da:45:56:35:ec:72:99:af:cd:87:18:0e:4d:e5:4f:41:b3:45:
2d:5b:c6:a6:a4:c8:41:d4:cd:54:c1:2f:af:91:e2:f0:56:f0:
6b:46:d9:ba:e2:df:35:74:87:c2:97:30:7d:91:a7:72:36:bc:
23:9e:7c:b8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY9YfjQpYi7VeAd/8ZkbWAqiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzhiYzNiZDM1MGVlZGM0ZjM3N2MyMjQ1NTZiMjUwZGE2
ZGRlNmYwHhcNMjQwNTA4MTM1NjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTgxYmJlMmM0M2QyOGU3ZjUwYTQ0YmEyNDAxNDQ4YTZiYjE3YTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmV/Czn0Kha3wU88U7bCEbqS0nX0i
ejZASbp+Qlgaag7RsYeS/05XNc0MRc/Yb2pg2/dhYOM1JoqpIdorvaz3xIU6GNEm
a8xJ+TEH12/Ipi50s1MPRj/TSyEh0DKi1jDE8fOEO1l30wck9rawyIvuIOrmVgA6
dcT5h+FQQ6vYiX7T5EBIYFd9mqSsEbsSpxBDHmsxHfL8lhevgpjB68eInl67N0hy
5saZOUE+lbuz4yV2EqNod612hlS7997Zuu9lGSKP6BwEOiFdwFmo6rs2V6PeaDn4
evv810xHzAZmH2Im8/pcFXndUAp5SUe+5psCwrHktf9/tn1MhEqHl525aQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPGBu+LEPSjn9QpEuiQBRIprsXoUMB8GA1UdIwQY
MBaAFMN4vDvTUO7cTzd8IkVWslDabd5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYt
NDQxNDU1OGZkY2JiLzEvOFlHNzRzUTlLT2YxQ2tTNkpBRkVpbXV4ZWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYtNDQxNDU1OGZkY2Ji
LzEvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANbbEgD
BAVbbEAwDQYJKoZIhvcNAQELBQADggEBAKYr01Qu3VMXjIedSK8w5agl3aef+Z7J
ygzJggQEFsQhoOBz2I0Jti1gOmQonteiCu0RfB7mivlBJ8bHGVr951dCp6VexIYP
UW2P2PtIh1vhBgSC7QRmmfK9XTVfeX4Y78Qdev56mzcxnaPeFDuvRObtRZE7ab6V
x3eBQUDDe7t4o0HDTjtBdvrJI4Rb9Uv84RZChBgp1q2x+EeuePH5edx0f+KLeisP
J/ufj7cilMitXv+dGEjBzPzcwhgC9hYBhZS1TiO2VNpFVjXscpmvzYcYDk3lT0Gz
RS1bxqakyEHUzVTBL6+R4vBW8GtG2bri3zV0h8KXMH2Rp3I2vCOefLg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:00 2024 by rpki-client on console-fra.rpki-client.org