Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/rRZ0A3C05qY_-YQFC_5stx-OOu4.roa
File: rRZ0A3C05qY_-YQFC_5stx-OOu4.roa (raw, json)
Hash identifier: 6MGQhlgZHuGZXOV10Mp1SC16edSTskXUKHnyxivOXa8=
Subject key identifier: AD:16:74:03:70:B4:E6:A6:3F:F9:84:05:0B:FE:6C:B7:1F:8E:3A:EE
Certificate issuer: /CN=b9e6c41a2b04fcd8f8e95718fa7d2e12cc44ac1f
Certificate serial: 018CD5635D58CA0CF2AD9BDC3BAED03E1328
Authority key identifier: B9:E6:C4:1A:2B:04:FC:D8:F8:E9:57:18:FA:7D:2E:12:CC:44:AC:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uebEGisE_Nj46VcY-n0uEsxErB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/rRZ0A3C05qY_-YQFC_5stx-OOu4.roa
Signing time: Thu 04 Jan 2024 16:51:48 +0000
ROA not before: Thu 04 Jan 2024 16:51:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 185.91.127.0/24 maxlen: 24
2a12:de40::/29 maxlen: 29
2a12:de41::/32 maxlen: 32
2a12:de44::/32 maxlen: 32
2a12:de40::/32 maxlen: 32
2a12:de46::/32 maxlen: 32
2a12:de45::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 22 Jan 2024 22:39:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d5:63:5d:58:ca:0c:f2:ad:9b:dc:3b:ae:d0:3e:13:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e6c41a2b04fcd8f8e95718fa7d2e12cc44ac1f
Validity
Not Before: Jan 4 16:51:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad16740370b4e6a63ff984050bfe6cb71f8e3aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e8:42:0d:f6:84:ba:97:3f:d9:cf:e4:c3:6c:
d1:66:93:61:97:a4:01:0f:9d:eb:eb:a9:17:20:c2:
f1:97:09:d8:bf:02:f7:22:06:3b:d0:8d:4b:05:00:
62:4c:f5:9f:ad:57:91:9b:ec:71:2b:3c:ec:6c:b3:
42:d4:ea:89:cd:61:5d:95:6d:ff:9e:46:a3:73:1b:
2c:62:ee:da:3f:fc:bf:64:ea:d5:85:90:14:86:65:
c0:01:22:5f:29:c8:9b:06:ae:8e:00:92:b1:b9:f2:
a9:ab:f0:e6:6c:5d:c0:3f:86:23:ff:fa:74:98:ff:
ed:00:17:79:9a:a7:71:e4:ec:d4:b3:b8:d8:9c:9c:
05:78:54:7b:0a:3c:64:9f:ab:5b:66:9b:e8:5b:c5:
2e:96:73:dd:a2:79:ca:da:8c:3d:f3:0e:58:68:90:
5b:04:e4:27:f1:5d:17:4c:01:db:cc:78:41:29:3a:
df:4b:75:1d:b4:1e:b7:c2:c4:bd:59:44:de:79:b6:
f2:4d:40:b9:8f:f9:0a:51:12:d9:39:63:fb:21:5a:
44:10:90:a3:23:c1:e7:48:c6:e5:67:ca:bb:0f:61:
78:b5:1f:a5:eb:7d:a5:6c:7d:90:82:0e:a0:92:34:
8d:8f:29:82:b5:9c:89:bc:60:71:73:48:c9:36:f9:
34:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:16:74:03:70:B4:E6:A6:3F:F9:84:05:0B:FE:6C:B7:1F:8E:3A:EE
X509v3 Authority Key Identifier:
keyid:B9:E6:C4:1A:2B:04:FC:D8:F8:E9:57:18:FA:7D:2E:12:CC:44:AC:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uebEGisE_Nj46VcY-n0uEsxErB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/rRZ0A3C05qY_-YQFC_5stx-OOu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/uebEGisE_Nj46VcY-n0uEsxErB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.127.0/24
IPv6:
2a12:de40::/29
Signature Algorithm: sha256WithRSAEncryption
9d:d8:d9:fe:2f:4e:29:6b:05:4e:e8:3d:82:d7:c3:37:26:66:
a9:ba:00:40:42:33:cb:a3:9f:5d:37:6e:4b:95:a0:5c:45:d0:
4e:81:62:18:82:34:3e:ef:0e:1a:fc:a9:3b:8b:a2:3f:65:11:
00:5d:5d:1c:6b:1e:07:38:ab:49:b0:ca:b8:53:27:72:0c:49:
81:e7:28:1a:32:13:5f:fb:a7:6f:9a:5b:89:bf:b2:ac:a9:f6:
52:a9:c0:04:05:e8:22:93:51:90:c3:50:72:a4:6a:ce:3e:47:
ef:05:e7:cb:ab:d8:ff:23:6d:0c:73:02:95:69:10:83:e1:38:
39:bc:c4:8e:9a:45:45:71:a9:dc:58:16:00:38:0c:c9:ad:c6:
40:32:3e:e3:60:49:a8:7c:bc:a1:69:6c:88:79:5f:fa:72:16:
52:08:5f:67:fa:04:7c:ee:da:9b:0e:d8:d6:65:51:fc:28:a9:
e2:cc:b6:60:61:a0:c6:e5:d2:0b:a7:67:5b:22:18:f2:cc:32:
a1:d0:97:7f:73:70:48:93:8b:a9:73:06:af:1c:38:d9:9b:df:
9e:c6:60:c1:6c:15:66:08:71:25:09:8c:49:d9:e2:4d:61:20:
1e:d1:c4:4b:d6:26:a4:07:fa:52:c7:96:6e:77:15:f5:18:08:
35:5b:40:e9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzVY11YygzyrZvcO67QPhMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTZjNDFhMmIwNGZjZDhmOGU5NTcxOGZhN2QyZTEyY2M0
NGFjMWYwHhcNMjQwMTA0MTY1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDE2NzQwMzcwYjRlNmE2M2ZmOTg0MDUwYmZlNmNiNzFmOGUzYWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquhCDfaEupc/2c/kw2zRZpNhl6QB
D53r66kXIMLxlwnYvwL3IgY70I1LBQBiTPWfrVeRm+xxKzzsbLNC1OqJzWFdlW3/
nkajcxssYu7aP/y/ZOrVhZAUhmXAASJfKcibBq6OAJKxufKpq/DmbF3AP4Yj//p0
mP/tABd5mqdx5OzUs7jYnJwFeFR7Cjxkn6tbZpvoW8UulnPdonnK2ow98w5YaJBb
BOQn8V0XTAHbzHhBKTrfS3UdtB63wsS9WUTeebbyTUC5j/kKURLZOWP7IVpEEJCj
I8HnSMblZ8q7D2F4tR+l632lbH2Qgg6gkjSNjymCtZyJvGBxc0jJNvk02wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK0WdANwtOamP/mEBQv+bLcfjjruMB8GA1UdIwQY
MBaAFLnmxBorBPzY+OlXGPp9LhLMRKwfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWViRUdpc0VfTmo0NlZjWS1uMHVFc3hFckI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMjYxYmYtNmM2Yi00YjA3LWI1YWEt
YzA4YzA0NDZkNjEzLzEvclJaMEEzQzA1cVlfLVlRRkNfNXN0eC1PT3U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMjYxYmYtNmM2Yi00YjA3LWI1YWEtYzA4YzA0NDZkNjEz
LzEvdWViRUdpc0VfTmo0NlZjWS1uMHVFc3hFckI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuVt/MA0E
AgACMAcDBQMqEt5AMA0GCSqGSIb3DQEBCwUAA4IBAQCd2Nn+L04pawVO6D2C18M3
JmapugBAQjPLo59dN25LlaBcRdBOgWIYgjQ+7w4a/Kk7i6I/ZREAXV0cax4HOKtJ
sMq4UydyDEmB5ygaMhNf+6dvmluJv7KsqfZSqcAEBegik1GQw1BypGrOPkfvBefL
q9j/I20McwKVaRCD4Tg5vMSOmkVFcancWBYAOAzJrcZAMj7jYEmofLyhaWyIeV/6
chZSCF9n+gR87tqbDtjWZVH8KKnizLZgYaDG5dILp2dbIhjyzDKh0Jd/c3BIk4up
cwavHDjZm9+exmDBbBVmCHElCYxJ2eJNYSAe0cRL1iakB/pSx5ZudxX1GAg1W0Dp
Generated at Tue Jan 23 01:46:55 2024 by rpki-client on console-ams.rpki-client.org