Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/76d082-ac32-4738-99e6-b2f6086368c7/1/XnwEqmvZsDBqQ8dtVQNz1zZVu0Y.roa
File: XnwEqmvZsDBqQ8dtVQNz1zZVu0Y.roa (raw, json)
Hash identifier: cfE5shU49wRXOPxfkwNxexb4QSdSFiiYuT2wMmzKIf0=
Subject key identifier: 5E:7C:04:AA:6B:D9:B0:30:6A:43:C7:6D:55:03:73:D7:36:55:BB:46
Certificate issuer: /CN=0bd4ad95f17f397207a3fc0d186f2913df38eb93
Certificate serial: 01857094DECFE0F6D623AE0BAA965BCF7A70
Authority key identifier: 0B:D4:AD:95:F1:7F:39:72:07:A3:FC:0D:18:6F:29:13:DF:38:EB:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C9StlfF_OXIHo_wNGG8pE98465M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/76d082-ac32-4738-99e6-b2f6086368c7/1/XnwEqmvZsDBqQ8dtVQNz1zZVu0Y.roa
Signing time: Mon 02 Jan 2023 03:44:42 +0000
ROA not before: Mon 02 Jan 2023 03:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48440
IP address blocks: 91.210.188.0/24 maxlen: 24
91.210.188.0/22 maxlen: 22
91.210.191.0/24 maxlen: 24
91.210.190.0/24 maxlen: 24
91.210.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:94:de:cf:e0:f6:d6:23:ae:0b:aa:96:5b:cf:7a:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bd4ad95f17f397207a3fc0d186f2913df38eb93
Validity
Not Before: Jan 2 03:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e7c04aa6bd9b0306a43c76d550373d73655bb46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:82:5e:39:ae:42:82:4b:4a:ba:d4:25:85:3a:
47:57:62:36:64:68:6a:38:82:29:55:ed:6a:2c:a9:
fc:cc:f3:53:63:81:08:a6:8f:a1:3d:20:e9:2d:e0:
23:fc:3a:e0:d9:24:fc:29:7b:f4:62:e4:7d:b3:6b:
05:57:56:fa:d3:0f:81:4c:2b:6f:b1:21:7d:82:d8:
ec:ed:47:bd:5c:66:ac:2b:48:4b:07:cf:99:4e:61:
d9:85:4c:44:c8:9c:32:25:16:ad:c2:dc:d7:32:fd:
69:c3:d0:43:bd:f5:58:db:81:b0:80:48:bb:cd:94:
21:b0:2c:3c:20:80:ea:14:e0:57:f6:98:5e:3f:fd:
6e:59:60:e0:d7:ef:0d:bd:c8:92:b4:c6:b7:00:9f:
1a:e2:8a:e7:4d:4e:71:e7:57:64:13:a7:07:fa:31:
3f:3c:d0:7e:23:48:6d:ec:b3:d3:e3:0a:7f:fe:29:
ff:17:6f:8e:59:eb:b7:81:07:70:00:ea:54:f6:66:
39:14:37:cc:ef:6a:4a:00:34:25:84:1e:d9:84:20:
78:32:e5:97:26:3a:33:e5:39:20:de:a7:4f:8b:c4:
df:0d:61:e6:45:e4:99:d0:61:7d:89:f9:97:60:d9:
a8:84:1b:2a:3f:01:97:26:80:5a:30:15:b1:93:f6:
6c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:7C:04:AA:6B:D9:B0:30:6A:43:C7:6D:55:03:73:D7:36:55:BB:46
X509v3 Authority Key Identifier:
keyid:0B:D4:AD:95:F1:7F:39:72:07:A3:FC:0D:18:6F:29:13:DF:38:EB:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C9StlfF_OXIHo_wNGG8pE98465M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/76d082-ac32-4738-99e6-b2f6086368c7/1/XnwEqmvZsDBqQ8dtVQNz1zZVu0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/76d082-ac32-4738-99e6-b2f6086368c7/1/C9StlfF_OXIHo_wNGG8pE98465M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.188.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:24:d4:8e:5a:00:d0:9c:85:0b:39:06:b1:4f:65:7a:27:84:
bf:be:52:22:ae:ad:ab:5d:04:74:2c:06:9a:3c:5d:ce:07:a7:
14:b8:f3:0d:0d:ff:71:7b:32:e4:0b:23:2c:ee:d1:fb:a9:6e:
6a:87:e6:c4:df:01:15:bd:04:d9:5b:0a:06:5a:21:6b:86:ec:
53:e3:18:61:ce:7b:4f:2d:cd:4b:a6:d6:6e:aa:24:70:4f:5c:
f5:cd:35:00:55:ae:44:16:38:69:7b:ad:6e:34:40:7b:4e:f0:
00:a7:f3:72:55:7a:15:e9:da:7a:01:9d:79:8c:dc:85:6d:cb:
82:2f:0d:b7:2c:9a:aa:e3:73:41:4a:9c:b1:95:45:da:f9:f4:
a1:00:bd:14:50:0b:7d:b3:db:61:40:f2:33:b3:cb:9b:45:b1:
c9:0b:fa:c1:5e:44:e7:71:ec:0b:4d:d2:9e:26:ba:54:ac:7c:
9a:20:16:90:1c:24:76:29:b8:c8:fc:98:2f:91:c4:9e:b5:d9:
18:7d:18:28:c0:cf:3d:cd:22:3a:ab:a3:20:32:e1:7a:be:42:
29:61:88:63:d6:13:bf:ed:a5:5e:15:c4:e1:f8:8a:9d:22:ac:
6b:7b:17:ae:74:72:51:42:77:4f:22:a6:b3:b3:c6:e3:78:4b:
6b:97:ae:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlN7P4PbWI64LqpZbz3pwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZDRhZDk1ZjE3ZjM5NzIwN2EzZmMwZDE4NmYyOTEzZGYz
OGViOTMwHhcNMjMwMTAyMDM0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTdjMDRhYTZiZDliMDMwNmE0M2M3NmQ1NTAzNzNkNzM2NTViYjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4JeOa5CgktKutQlhTpHV2I2ZGhq
OIIpVe1qLKn8zPNTY4EIpo+hPSDpLeAj/Drg2ST8KXv0YuR9s2sFV1b60w+BTCtv
sSF9gtjs7Ue9XGasK0hLB8+ZTmHZhUxEyJwyJRatwtzXMv1pw9BDvfVY24GwgEi7
zZQhsCw8IIDqFOBX9pheP/1uWWDg1+8NvciStMa3AJ8a4ornTU5x51dkE6cH+jE/
PNB+I0ht7LPT4wp//in/F2+OWeu3gQdwAOpU9mY5FDfM72pKADQlhB7ZhCB4MuWX
Jjoz5Tkg3qdPi8TfDWHmReSZ0GF9ifmXYNmohBsqPwGXJoBaMBWxk/ZsqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF58BKpr2bAwakPHbVUDc9c2VbtGMB8GA1UdIwQY
MBaAFAvUrZXxfzlyB6P8DRhvKRPfOOuTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzlTdGxmRl9PWElIb193TkdHOHBFOTg0NjVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83NmQwODItYWMzMi00NzM4LTk5ZTYt
YjJmNjA4NjM2OGM3LzEvWG53RXFtdlpzREJxUThkdFZRTnoxelpWdTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83NmQwODItYWMzMi00NzM4LTk5ZTYtYjJmNjA4NjM2OGM3
LzEvQzlTdGxmRl9PWElIb193TkdHOHBFOTg0NjVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9K8MA0G
CSqGSIb3DQEBCwUAA4IBAQCbJNSOWgDQnIULOQaxT2V6J4S/vlIirq2rXQR0LAaa
PF3OB6cUuPMNDf9xezLkCyMs7tH7qW5qh+bE3wEVvQTZWwoGWiFrhuxT4xhhzntP
Lc1LptZuqiRwT1z1zTUAVa5EFjhpe61uNEB7TvAAp/NyVXoV6dp6AZ15jNyFbcuC
Lw23LJqq43NBSpyxlUXa+fShAL0UUAt9s9thQPIzs8ubRbHJC/rBXkTncewLTdKe
JrpUrHyaIBaQHCR2KbjI/JgvkcSetdkYfRgowM89zSI6q6MgMuF6vkIpYYhj1hO/
7aVeFcTh+IqdIqxrexeudHJRQndPIqazs8bjeEtrl64E
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org