Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/J7zNNbKJSarh21FYmXtW95RurQg.roa
File: J7zNNbKJSarh21FYmXtW95RurQg.roa (raw, json)
Hash identifier: 4e9fUZ26fsmtzC9iXhLnK4bcgH6j/QBbt/hh2QPxnhY=
Subject key identifier: 27:BC:CD:35:B2:89:49:AA:E1:DB:51:58:99:7B:56:F7:94:6E:AD:08
Certificate issuer: /CN=b9e6c41a2b04fcd8f8e95718fa7d2e12cc44ac1f
Certificate serial: 018D3353E184A07EF8D106EC8D5DCD278676
Authority key identifier: B9:E6:C4:1A:2B:04:FC:D8:F8:E9:57:18:FA:7D:2E:12:CC:44:AC:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uebEGisE_Nj46VcY-n0uEsxErB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/J7zNNbKJSarh21FYmXtW95RurQg.roa
Signing time: Mon 22 Jan 2024 22:39:11 +0000
ROA not before: Mon 22 Jan 2024 22:39:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 185.91.127.0/24 maxlen: 24
2a12:de40::/29 maxlen: 29
2a12:de40::/32 maxlen: 32
2a12:de41::/32 maxlen: 32
2a12:de44::/32 maxlen: 32
2a12:de45::/32 maxlen: 32
2a12:de46::/32 maxlen: 32
2a12:de47::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 28 Jan 2024 14:14:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:33:53:e1:84:a0:7e:f8:d1:06:ec:8d:5d:cd:27:86:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e6c41a2b04fcd8f8e95718fa7d2e12cc44ac1f
Validity
Not Before: Jan 22 22:39:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27bccd35b28949aae1db5158997b56f7946ead08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ca:3d:6f:96:29:28:12:5a:3d:94:b9:d1:52:
63:40:29:22:8b:97:b5:c5:ab:7f:fd:f9:19:f4:a2:
b4:b3:a8:19:c1:3a:4c:45:b2:be:fb:d9:81:2b:53:
bd:e6:53:34:72:3e:51:fd:05:31:c6:f4:65:9f:2b:
11:a6:2e:c4:e9:0f:4c:e4:45:af:05:50:01:e4:9e:
0b:d3:a0:71:1b:04:98:e4:47:63:6d:4e:3f:8d:ed:
6c:8a:7b:bd:a9:65:93:f6:4f:c3:1a:c0:22:c6:40:
c7:56:d8:ac:be:78:d8:40:f5:2e:2e:20:7f:a2:3f:
7f:92:7e:d6:61:bb:a3:64:ac:9f:02:31:1f:2b:51:
18:3f:24:a2:8a:86:49:d7:ee:84:10:2c:7c:60:a2:
21:8a:e5:76:13:74:72:aa:ac:17:5c:3e:ce:11:88:
42:30:e8:33:3a:de:9b:d8:aa:02:bc:f8:e4:e0:c1:
79:53:64:08:d0:25:e0:09:73:7d:2e:df:c3:70:6d:
b3:da:74:20:3e:51:54:87:d5:16:3a:f8:27:52:64:
c7:fe:80:23:db:f2:dc:42:ae:65:9e:6e:78:09:e8:
41:b5:be:e7:ce:0c:ee:e1:dd:9c:59:52:e4:a8:5b:
12:02:cd:b2:fc:f7:55:27:16:74:79:19:88:51:29:
f3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:BC:CD:35:B2:89:49:AA:E1:DB:51:58:99:7B:56:F7:94:6E:AD:08
X509v3 Authority Key Identifier:
keyid:B9:E6:C4:1A:2B:04:FC:D8:F8:E9:57:18:FA:7D:2E:12:CC:44:AC:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uebEGisE_Nj46VcY-n0uEsxErB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/J7zNNbKJSarh21FYmXtW95RurQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/uebEGisE_Nj46VcY-n0uEsxErB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.127.0/24
IPv6:
2a12:de40::/29
Signature Algorithm: sha256WithRSAEncryption
6b:e4:4c:0c:82:01:6e:fb:b8:72:cf:fe:2d:98:d8:a9:e7:24:
8b:03:42:0e:8b:cd:0f:47:22:23:2f:18:50:10:57:af:71:03:
41:c1:3b:ad:7e:ba:eb:a1:9e:f0:21:d8:1f:2f:ee:aa:36:ef:
f2:65:49:6c:c6:62:62:51:9b:c0:de:ee:6e:c5:f6:ed:e8:0c:
d9:d7:b1:a3:da:96:b9:88:d2:87:77:04:5e:f9:dd:6c:f4:60:
86:25:b8:28:90:0e:c1:21:ef:02:fb:1d:6c:16:4e:ff:0f:57:
e6:d3:6d:a3:2a:27:7a:3c:bd:cc:b8:2a:5e:61:3d:2a:f0:1c:
17:8d:fa:00:c2:29:12:2d:23:05:99:7c:f0:99:de:31:6d:20:
43:e5:c6:55:49:f5:ed:b9:97:13:1e:8a:e2:de:4d:a0:0a:f8:
11:1d:e3:20:1c:2d:99:6a:dc:31:bd:57:2b:da:92:75:0d:3b:
d2:af:0c:09:92:f0:08:b1:68:e4:a4:8b:63:42:32:62:cc:2e:
60:3a:79:21:85:c5:21:86:01:f8:55:53:6e:6f:0c:5d:4b:ba:
93:0c:e6:b8:94:82:01:0d:7e:e4:be:1b:58:19:f3:32:61:62:
cc:b9:90:42:04:c1:bb:6f:83:b8:fe:c1:28:57:2e:f6:5f:1c:
4a:e2:b7:25
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY0zU+GEoH740QbsjV3NJ4Z2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTZjNDFhMmIwNGZjZDhmOGU5NTcxOGZhN2QyZTEyY2M0
NGFjMWYwHhcNMjQwMTIyMjIzOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2JjY2QzNWIyODk0OWFhZTFkYjUxNTg5OTdiNTZmNzk0NmVhZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4co9b5YpKBJaPZS50VJjQCkii5e1
xat//fkZ9KK0s6gZwTpMRbK++9mBK1O95lM0cj5R/QUxxvRlnysRpi7E6Q9M5EWv
BVAB5J4L06BxGwSY5EdjbU4/je1sinu9qWWT9k/DGsAixkDHVtisvnjYQPUuLiB/
oj9/kn7WYbujZKyfAjEfK1EYPySiioZJ1+6EECx8YKIhiuV2E3RyqqwXXD7OEYhC
MOgzOt6b2KoCvPjk4MF5U2QI0CXgCXN9Lt/DcG2z2nQgPlFUh9UWOvgnUmTH/oAj
2/LcQq5lnm54CehBtb7nzgzu4d2cWVLkqFsSAs2y/PdVJxZ0eRmIUSnzQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCe8zTWyiUmq4dtRWJl7VveUbq0IMB8GA1UdIwQY
MBaAFLnmxBorBPzY+OlXGPp9LhLMRKwfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWViRUdpc0VfTmo0NlZjWS1uMHVFc3hFckI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMjYxYmYtNmM2Yi00YjA3LWI1YWEt
YzA4YzA0NDZkNjEzLzEvSjd6Tk5iS0pTYXJoMjFGWW1YdFc5NVJ1clFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMjYxYmYtNmM2Yi00YjA3LWI1YWEtYzA4YzA0NDZkNjEz
LzEvdWViRUdpc0VfTmo0NlZjWS1uMHVFc3hFckI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuVt/MA0E
AgACMAcDBQMqEt5AMA0GCSqGSIb3DQEBCwUAA4IBAQBr5EwMggFu+7hyz/4tmNip
5ySLA0IOi80PRyIjLxhQEFevcQNBwTutfrrroZ7wIdgfL+6qNu/yZUlsxmJiUZvA
3u5uxfbt6AzZ17Gj2pa5iNKHdwRe+d1s9GCGJbgokA7BIe8C+x1sFk7/D1fm022j
Kid6PL3MuCpeYT0q8BwXjfoAwikSLSMFmXzwmd4xbSBD5cZVSfXtuZcTHori3k2g
CvgRHeMgHC2ZatwxvVcr2pJ1DTvSrwwJkvAIsWjkpItjQjJizC5gOnkhhcUhhgH4
VVNubwxdS7qTDOa4lIIBDX7kvhtYGfMyYWLMuZBCBMG7b4O4/sEoVy72XxxK4rcl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:39 2024 by rpki-client on console-fra.rpki-client.org