Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/x5XR9lx2q_eYQRy4EKKXbblyTh0.roa
File: x5XR9lx2q_eYQRy4EKKXbblyTh0.roa (raw, json)
Hash identifier: fn0U3yr4gkRNaDM/fScqRI42/dmMS4vXFrTRCVzEIN8=
Subject key identifier: C7:95:D1:F6:5C:76:AB:F7:98:41:1C:B8:10:A2:97:6D:B9:72:4E:1D
Certificate issuer: /CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Certificate serial: 018F725554929C65DCCADA255783B2C88E17
Authority key identifier: C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/x5XR9lx2q_eYQRy4EKKXbblyTh0.roa
Signing time: Mon 13 May 2024 14:22:25 +0000
ROA not before: Mon 13 May 2024 14:22:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.108.72.0/21 maxlen: 24
91.108.80.0/21 maxlen: 24
91.108.88.0/21 maxlen: 24
93.127.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 09:37:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:72:55:54:92:9c:65:dc:ca:da:25:57:83:b2:c8:8e:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Validity
Not Before: May 13 14:22:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c795d1f65c76abf798411cb810a2976db9724e1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2f:0d:47:1d:a1:0c:df:ea:8e:46:e9:d3:09:
52:94:6a:cf:00:01:08:c0:12:f7:5e:2a:68:3c:05:
e2:76:af:81:a9:98:12:01:c7:73:24:af:cd:bf:93:
a0:c1:87:ad:b8:45:c8:60:e7:98:69:14:55:70:d7:
9a:b1:1a:99:b5:54:a3:d8:fa:56:0e:7a:25:2f:63:
9d:69:98:4e:48:87:dd:42:28:d5:a5:04:dd:da:ff:
cd:41:48:dc:80:8e:f6:48:b5:2c:82:e9:7f:95:8d:
89:40:4e:9c:34:a7:e6:83:31:c4:bc:ce:6c:ea:9a:
bf:88:4a:52:3f:61:8b:32:80:51:61:b8:10:cf:95:
d0:79:a6:e9:e6:50:f1:e4:48:0e:a9:cb:df:2d:84:
38:8a:d4:74:e0:f8:f0:0a:de:d7:8f:cf:ff:17:0d:
ac:8c:d5:95:73:18:d0:16:9a:02:ee:08:a0:f0:fc:
71:90:42:35:b1:83:24:90:fb:61:3a:25:fc:10:53:
55:e8:84:14:b4:4e:e9:46:2d:7c:9f:32:51:88:83:
cd:bb:8a:6d:b6:78:40:20:33:f2:bd:89:b6:3d:ff:
ca:13:2a:d4:2f:09:d7:a6:4d:fb:5d:3f:64:67:3a:
52:dd:40:dd:92:9b:a4:e4:12:a9:62:c9:77:0a:4b:
67:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:95:D1:F6:5C:76:AB:F7:98:41:1C:B8:10:A2:97:6D:B9:72:4E:1D
X509v3 Authority Key Identifier:
keyid:C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/x5XR9lx2q_eYQRy4EKKXbblyTh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.72.0-91.108.95.255
93.127.161.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:0f:97:6a:b1:6b:b6:02:71:77:3c:aa:c2:f3:40:b8:8c:3c:
97:c5:ff:db:ac:ea:52:90:4d:e1:69:2c:db:d0:d3:0a:70:3e:
40:18:0d:de:5c:11:5d:d5:d5:de:5c:86:bf:61:ba:d6:87:d1:
4f:e3:1f:95:e0:11:58:d1:1f:a7:53:d1:3d:ac:f2:ce:de:eb:
eb:c8:fc:d8:5f:3e:9e:d8:ae:c3:eb:4f:ac:6a:a8:e0:c1:67:
f5:2e:37:16:74:dc:2d:5e:e4:1e:cb:e6:de:99:e1:db:c3:93:
d1:7a:9f:b3:b9:8b:b0:d3:cb:34:f6:08:3f:28:e2:bf:2e:ee:
87:47:09:c4:1a:af:61:02:68:7f:2c:1b:58:55:77:ae:1a:f7:
ea:1a:d3:66:17:35:74:82:01:c3:f2:7b:9a:94:8e:1c:34:37:
e2:4e:95:62:3e:f1:32:a3:2f:e4:d1:ea:da:f8:ac:5b:8f:0f:
90:7b:23:e7:bb:26:87:41:4e:96:f0:d7:89:09:1b:4b:7b:3a:
41:da:d3:bc:d4:b2:f9:b2:0e:89:93:ed:c3:f2:e3:78:bb:58:
94:32:3b:ef:a2:07:a7:c0:6b:cd:65:e3:c2:ae:5b:03:ff:1b:
d7:84:48:0f:df:97:97:43:f5:cd:80:a0:4b:da:d5:65:13:8c:
61:14:cc:a0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY9yVVSSnGXcytolV4OyyI4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzhiYzNiZDM1MGVlZGM0ZjM3N2MyMjQ1NTZiMjUwZGE2
ZGRlNmYwHhcNMjQwNTEzMTQyMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzk1ZDFmNjVjNzZhYmY3OTg0MTFjYjgxMGEyOTc2ZGI5NzI0ZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi8NRx2hDN/qjkbp0wlSlGrPAAEI
wBL3XipoPAXidq+BqZgSAcdzJK/Nv5OgwYetuEXIYOeYaRRVcNeasRqZtVSj2PpW
DnolL2OdaZhOSIfdQijVpQTd2v/NQUjcgI72SLUsgul/lY2JQE6cNKfmgzHEvM5s
6pq/iEpSP2GLMoBRYbgQz5XQeabp5lDx5EgOqcvfLYQ4itR04PjwCt7Xj8//Fw2s
jNWVcxjQFpoC7gig8PxxkEI1sYMkkPthOiX8EFNV6IQUtE7pRi18nzJRiIPNu4pt
tnhAIDPyvYm2Pf/KEyrULwnXpk37XT9kZzpS3UDdkpuk5BKpYsl3CktnJQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMeV0fZcdqv3mEEcuBCil225ck4dMB8GA1UdIwQY
MBaAFMN4vDvTUO7cTzd8IkVWslDabd5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYt
NDQxNDU1OGZkY2JiLzEveDVYUjlseDJxX2VZUVJ5NEVLS1hiYmx5VGgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYtNDQxNDU1OGZkY2Ji
LzEvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBANbbEgD
BAVbbEADBABdf6EwDQYJKoZIhvcNAQELBQADggEBANEPl2qxa7YCcXc8qsLzQLiM
PJfF/9us6lKQTeFpLNvQ0wpwPkAYDd5cEV3V1d5chr9hutaH0U/jH5XgEVjRH6dT
0T2s8s7e6+vI/NhfPp7YrsPrT6xqqODBZ/UuNxZ03C1e5B7L5t6Z4dvDk9F6n7O5
i7DTyzT2CD8o4r8u7odHCcQar2ECaH8sG1hVd64a9+oa02YXNXSCAcPye5qUjhw0
N+JOlWI+8TKjL+TR6tr4rFuPD5B7I+e7JodBTpbw14kJG0t7OkHa07zUsvmyDomT
7cPy43i7WJQyO++iB6fAa81l48KuWwP/G9eESA/fl5dD9c2AoEva1WUTjGEUzKA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:04 2024 by rpki-client on console-ams.rpki-client.org