Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/IvJo0j-5uiKXe-tw2mj6H6ggRbs.roa
File: IvJo0j-5uiKXe-tw2mj6H6ggRbs.roa (raw, json)
Hash identifier: BMSkAIV+1aFxvGHk8gOikrydFP54wEUArg4FQ5ayDHI=
Subject key identifier: 22:F2:68:D2:3F:B9:BA:22:97:7B:EB:70:DA:68:FA:1F:A8:20:45:BB
Certificate issuer: /CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Certificate serial: 018DFA2BC3D73134BF30281EE970F9AE202D
Authority key identifier: C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/IvJo0j-5uiKXe-tw2mj6H6ggRbs.roa
Signing time: Fri 01 Mar 2024 13:19:48 +0000
ROA not before: Fri 01 Mar 2024 13:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133296
IP address blocks: 91.108.64.0/21 maxlen: 24
91.108.72.0/21 maxlen: 24
91.108.80.0/21 maxlen: 24
91.108.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 19:17:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fa:2b:c3:d7:31:34:bf:30:28:1e:e9:70:f9:ae:20:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Validity
Not Before: Mar 1 13:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22f268d23fb9ba22977beb70da68fa1fa82045bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:02:f2:8e:9c:20:6b:b8:32:9a:01:72:ec:80:
a3:e5:a8:ad:62:4e:55:f7:7f:22:86:76:07:31:66:
82:bb:ad:68:01:62:69:8c:e3:20:29:da:1c:03:f4:
3d:22:20:a2:65:df:8e:a4:e0:ef:ee:80:fd:ee:f4:
af:25:81:4c:52:09:bd:6d:cb:2c:8e:78:c7:49:80:
a0:ea:31:fa:b8:2f:ae:ba:cc:22:10:a9:ee:0b:ef:
25:24:1b:de:b7:a8:65:3d:fa:4b:d8:5c:7c:c7:72:
b6:4d:60:fa:61:75:66:aa:58:5e:22:e4:a4:2b:46:
f7:fe:13:6b:eb:5e:a6:81:50:6f:91:0b:84:16:47:
3c:e1:42:f7:ff:e5:68:99:8d:81:59:15:0f:c0:36:
b2:82:81:5e:da:38:b2:d0:02:66:c7:dd:a1:a5:e0:
e5:26:e6:b2:86:37:da:d3:95:01:f0:2c:5f:e9:de:
89:9a:e7:98:0e:de:9e:34:45:af:52:42:2f:32:6f:
8b:1b:25:8e:f8:e0:39:37:ab:eb:31:30:e2:a1:17:
46:40:a5:61:2a:3f:e1:97:e5:26:63:2d:1d:43:7d:
65:b9:79:f0:be:a7:bc:2b:82:d8:00:29:f4:af:36:
cc:6b:61:cc:c2:68:f2:58:4e:e0:dd:03:b5:15:68:
f0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F2:68:D2:3F:B9:BA:22:97:7B:EB:70:DA:68:FA:1F:A8:20:45:BB
X509v3 Authority Key Identifier:
keyid:C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/IvJo0j-5uiKXe-tw2mj6H6ggRbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.64.0/19
Signature Algorithm: sha256WithRSAEncryption
56:34:a5:c1:ea:d4:40:85:0c:2c:c4:99:ec:d1:41:9f:e0:03:
6d:ec:01:07:90:23:ac:7d:12:47:ff:b3:e8:2c:e3:8b:c9:ab:
1c:cb:10:15:4a:ba:7e:1e:65:72:5a:30:58:f6:a1:52:18:9d:
a5:72:80:1b:4c:a1:28:0c:9d:d9:5f:54:d4:d9:51:a1:16:e2:
b4:30:91:dc:e6:16:fc:db:a8:d9:c8:8b:06:cb:c2:14:c7:07:
57:4b:e2:7a:e2:32:56:ac:01:2c:ff:c7:e7:a1:d4:29:c1:47:
e4:36:93:a7:49:f6:ca:f9:15:bf:07:c0:7a:be:3e:f0:26:49:
5e:8c:14:ee:96:55:26:65:d3:3b:61:c2:f4:ea:c1:a3:13:4b:
94:9e:ca:ff:f8:66:81:cf:96:bd:7d:2e:72:8d:69:3e:5b:75:
7e:8c:95:a1:33:db:43:07:7f:0c:ac:27:ac:81:ba:97:e1:5c:
fd:8c:d9:87:85:43:cd:6d:da:e1:06:1b:57:f5:6b:d7:c3:ac:
9f:a7:6c:f9:a8:01:9c:d8:e8:76:a8:04:58:08:4c:50:6d:3c:
09:0d:25:34:1e:9c:a6:e2:1a:5e:7e:d7:e9:d4:1a:61:43:39:
55:f1:1f:16:5e:16:04:29:e4:20:5d:f2:6f:c2:33:43:62:18:
99:57:ee:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY36K8PXMTS/MCge6XD5riAtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzhiYzNiZDM1MGVlZGM0ZjM3N2MyMjQ1NTZiMjUwZGE2
ZGRlNmYwHhcNMjQwMzAxMTMxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmYyNjhkMjNmYjliYTIyOTc3YmViNzBkYTY4ZmExZmE4MjA0NWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswLyjpwga7gymgFy7ICj5aitYk5V
938ihnYHMWaCu61oAWJpjOMgKdocA/Q9IiCiZd+OpODv7oD97vSvJYFMUgm9bcss
jnjHSYCg6jH6uC+uuswiEKnuC+8lJBvet6hlPfpL2Fx8x3K2TWD6YXVmqlheIuSk
K0b3/hNr616mgVBvkQuEFkc84UL3/+VomY2BWRUPwDaygoFe2jiy0AJmx92hpeDl
Juayhjfa05UB8Cxf6d6JmueYDt6eNEWvUkIvMm+LGyWO+OA5N6vrMTDioRdGQKVh
Kj/hl+UmYy0dQ31luXnwvqe8K4LYACn0rzbMa2HMwmjyWE7g3QO1FWjw1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCLyaNI/uboil3vrcNpo+h+oIEW7MB8GA1UdIwQY
MBaAFMN4vDvTUO7cTzd8IkVWslDabd5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYt
NDQxNDU1OGZkY2JiLzEvSXZKbzBqLTV1aUtYZS10dzJtajZINmdnUmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYtNDQxNDU1OGZkY2Ji
LzEvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFW2xAMA0G
CSqGSIb3DQEBCwUAA4IBAQBWNKXB6tRAhQwsxJns0UGf4ANt7AEHkCOsfRJH/7Po
LOOLyascyxAVSrp+HmVyWjBY9qFSGJ2lcoAbTKEoDJ3ZX1TU2VGhFuK0MJHc5hb8
26jZyIsGy8IUxwdXS+J64jJWrAEs/8fnodQpwUfkNpOnSfbK+RW/B8B6vj7wJkle
jBTullUmZdM7YcL06sGjE0uUnsr/+GaBz5a9fS5yjWk+W3V+jJWhM9tDB38MrCes
gbqX4Vz9jNmHhUPNbdrhBhtX9WvXw6yfp2z5qAGc2Oh2qARYCExQbTwJDSU0Hpym
4hpeftfp1BphQzlV8R8WXhYEKeQgXfJvwjNDYhiZV+46
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:04 2024 by rpki-client on console-ams.rpki-client.org