Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/jcaJbWMuJ-zRM0uY1-KBZHQ2wY8.roa
File: jcaJbWMuJ-zRM0uY1-KBZHQ2wY8.roa (raw, json)
Hash identifier: F9CdJBaYIc90s4LTAcRKWuatdAvkxeD8qpnBXnQxvRw=
Subject key identifier: 8D:C6:89:6D:63:2E:27:EC:D1:33:4B:98:D7:E2:81:64:74:36:C1:8F
Certificate issuer: /CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Certificate serial: 018F9FD897FD3DD5D2FFB4E50818AA3F6491
Authority key identifier: C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/jcaJbWMuJ-zRM0uY1-KBZHQ2wY8.roa
Signing time: Wed 22 May 2024 10:28:43 +0000
ROA not before: Wed 22 May 2024 10:28:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 91.108.72.0/21 maxlen: 24
91.108.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jul 2024 20:39:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9f:d8:97:fd:3d:d5:d2:ff:b4:e5:08:18:aa:3f:64:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Validity
Not Before: May 22 10:28:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8dc6896d632e27ecd1334b98d7e281647436c18f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:2a:d1:e7:e3:82:a7:92:7c:c1:f3:7d:36:0c:
de:25:8f:8f:0c:ca:94:51:06:e6:60:04:38:64:32:
57:05:73:1f:5f:a6:d4:73:61:aa:ba:44:d8:97:b9:
c3:1f:e8:03:25:bc:a7:ef:58:a7:c3:14:6f:44:3a:
ee:eb:f7:c2:5f:11:66:de:5d:18:e7:f8:78:93:16:
69:b9:ce:d1:a2:8f:01:c5:a4:4e:95:b0:df:10:f8:
f5:be:59:64:da:ea:39:2c:8a:78:26:f1:e6:9b:31:
c8:7b:eb:8b:14:60:66:a8:47:15:b9:00:a7:26:3b:
65:a6:d7:70:c2:44:0a:1a:0f:f4:92:69:f6:a0:ad:
15:5c:ba:ca:ee:df:4e:ac:7f:1e:26:a6:98:1e:fb:
d2:6d:aa:a4:d1:96:96:6b:38:14:05:23:2f:87:bf:
40:65:ab:6a:98:d8:76:87:04:ca:48:ae:04:67:79:
06:7b:e4:bf:50:8d:0a:c6:25:f4:c9:ce:f8:7f:eb:
42:56:bf:ab:c6:b2:8d:86:aa:9f:1a:18:6b:59:88:
ea:f1:09:7e:cc:6e:b9:43:4b:92:c0:ef:a0:2b:ac:
9b:cb:72:00:c0:02:b8:3a:76:03:43:05:66:0d:83:
59:1a:27:5f:87:46:b3:80:16:91:ad:84:4c:83:1d:
58:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:C6:89:6D:63:2E:27:EC:D1:33:4B:98:D7:E2:81:64:74:36:C1:8F
X509v3 Authority Key Identifier:
keyid:C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/jcaJbWMuJ-zRM0uY1-KBZHQ2wY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.72.0/21
91.108.88.0/21
Signature Algorithm: sha256WithRSAEncryption
12:80:1b:d3:fb:2a:06:cd:2d:53:52:bb:53:1c:5b:35:4c:6a:
eb:e8:d5:4f:49:84:40:c7:15:a4:00:ae:bb:2d:ff:94:bb:73:
36:ae:f2:f5:f5:6b:ce:e5:a3:3a:56:07:7a:f8:11:26:c9:dd:
86:cc:31:3d:9c:ff:50:83:16:b8:d2:ea:2b:ee:a2:18:cb:61:
cc:68:02:23:63:8e:6b:2e:de:d5:3c:21:5e:f6:ad:00:5d:90:
99:e8:4a:eb:50:1b:04:e5:d7:c0:38:58:79:7f:de:6f:b0:eb:
71:00:08:59:b6:50:83:9e:69:5f:ee:71:53:a3:01:c5:38:72:
c1:aa:78:c9:ae:2d:d7:62:f9:8d:ad:d3:10:ab:ab:71:8e:01:
0b:a3:8e:1f:8d:40:42:e5:6c:51:7f:67:ef:be:75:54:6c:9e:
2a:21:73:6f:31:37:92:33:5e:c2:e8:f0:e1:ab:9f:78:81:d5:
0f:87:64:d8:df:5b:3d:37:b8:51:2f:52:28:7c:77:09:b5:b3:
13:d4:4a:ae:42:0e:f6:8a:d5:9e:c9:38:0e:86:55:e1:ef:72:
b4:21:3f:dc:2d:38:c0:06:0b:7d:3d:0b:ee:27:33:79:7b:9b:
75:d2:59:74:9f:25:90:7b:1e:94:64:90:0c:20:11:bf:85:e7:
0e:6b:a1:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+f2Jf9PdXS/7TlCBiqP2SRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzhiYzNiZDM1MGVlZGM0ZjM3N2MyMjQ1NTZiMjUwZGE2
ZGRlNmYwHhcNMjQwNTIyMTAyODQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGM2ODk2ZDYzMmUyN2VjZDEzMzRiOThkN2UyODE2NDc0MzZjMThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2irR5+OCp5J8wfN9NgzeJY+PDMqU
UQbmYAQ4ZDJXBXMfX6bUc2GqukTYl7nDH+gDJbyn71inwxRvRDru6/fCXxFm3l0Y
5/h4kxZpuc7Roo8BxaROlbDfEPj1vllk2uo5LIp4JvHmmzHIe+uLFGBmqEcVuQCn
JjtlptdwwkQKGg/0kmn2oK0VXLrK7t9OrH8eJqaYHvvSbaqk0ZaWazgUBSMvh79A
ZatqmNh2hwTKSK4EZ3kGe+S/UI0KxiX0yc74f+tCVr+rxrKNhqqfGhhrWYjq8Ql+
zG65Q0uSwO+gK6yby3IAwAK4OnYDQwVmDYNZGidfh0azgBaRrYRMgx1YywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI3GiW1jLifs0TNLmNfigWR0NsGPMB8GA1UdIwQY
MBaAFMN4vDvTUO7cTzd8IkVWslDabd5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYt
NDQxNDU1OGZkY2JiLzEvamNhSmJXTXVKLXpSTTB1WTEtS0JaSFEyd1k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYtNDQxNDU1OGZkY2Ji
LzEvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDW2xIAwQD
W2xYMA0GCSqGSIb3DQEBCwUAA4IBAQASgBvT+yoGzS1TUrtTHFs1TGrr6NVPSYRA
xxWkAK67Lf+Uu3M2rvL19WvO5aM6Vgd6+BEmyd2GzDE9nP9Qgxa40uor7qIYy2HM
aAIjY45rLt7VPCFe9q0AXZCZ6ErrUBsE5dfAOFh5f95vsOtxAAhZtlCDnmlf7nFT
owHFOHLBqnjJri3XYvmNrdMQq6txjgELo44fjUBC5WxRf2fvvnVUbJ4qIXNvMTeS
M17C6PDhq594gdUPh2TY31s9N7hRL1IofHcJtbMT1EquQg72itWeyTgOhlXh73K0
IT/cLTjABgt9PQvuJzN5e5t10ll0nyWQex6UZJAMIBG/hecOa6FE
-----END CERTIFICATE-----
Generated at Wed Jul 3 22:27:55 2024 by rpki-client on console-ams.rpki-client.org