Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/5015f6-0bd0-49f9-b854-b6ba86cf31f9/1/i5WeFWV9nf-XTEjN8c1m91QM5Ec.roa
File: i5WeFWV9nf-XTEjN8c1m91QM5Ec.roa (raw, json)
Hash identifier: 1dEjcYAY2D+nyVyt7FmhLe85aAOI3xYncxJQaF9malw=
Subject key identifier: 8B:95:9E:15:65:7D:9D:FF:97:4C:48:CD:F1:CD:66:F7:54:0C:E4:47
Certificate issuer: /CN=0c8aae189c63ceb5643cb080327bcaa3b0ef8a59
Certificate serial: 01857082CE3D4DD1D759A3331D510FCA9A32
Authority key identifier: 0C:8A:AE:18:9C:63:CE:B5:64:3C:B0:80:32:7B:CA:A3:B0:EF:8A:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DIquGJxjzrVkPLCAMnvKo7Dvilk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/5015f6-0bd0-49f9-b854-b6ba86cf31f9/1/i5WeFWV9nf-XTEjN8c1m91QM5Ec.roa
Signing time: Mon 02 Jan 2023 03:24:58 +0000
ROA not before: Mon 02 Jan 2023 03:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201754
IP address blocks: 193.42.218.0/24 maxlen: 24
91.198.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:ce:3d:4d:d1:d7:59:a3:33:1d:51:0f:ca:9a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c8aae189c63ceb5643cb080327bcaa3b0ef8a59
Validity
Not Before: Jan 2 03:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b959e15657d9dff974c48cdf1cd66f7540ce447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:be:80:2c:a9:5c:30:36:62:05:2a:bf:d4:85:
2f:13:73:45:e1:96:5e:6e:1d:9c:d7:7f:98:3b:be:
12:bc:3d:aa:42:63:a9:14:f9:39:21:4a:a3:0b:3f:
99:da:0b:28:d0:ba:02:db:6e:3f:58:98:7d:65:69:
94:a6:c3:b3:a3:1e:30:cf:4a:b4:59:98:71:ce:f5:
f1:4c:37:33:5a:b2:27:32:32:1b:2b:2a:96:96:a5:
8a:61:e1:4d:45:1d:3d:42:61:05:ef:42:65:03:b1:
43:61:82:86:11:3e:2a:95:f5:6d:57:e0:0e:dd:8d:
5b:ac:c9:e9:74:b5:0b:5c:57:06:94:19:f4:98:17:
1d:a0:fe:58:4b:9c:f7:15:69:27:d8:ee:24:39:94:
8e:d5:12:11:eb:28:fd:0c:a5:c0:5a:57:03:9c:04:
2c:22:e4:09:7a:2f:fc:41:78:d0:b3:1a:a2:f8:aa:
35:08:9c:0d:7f:0a:45:57:56:b6:43:49:58:c8:12:
42:36:4d:09:83:52:8c:fc:45:14:6f:0f:1a:48:fe:
9e:6b:b4:f9:27:31:d1:a3:bb:ec:c5:19:04:18:23:
84:42:fa:c4:8e:58:2d:87:43:75:77:8a:35:e7:d6:
be:2a:9a:ae:43:ce:b4:52:c3:19:23:9a:c6:52:34:
72:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:95:9E:15:65:7D:9D:FF:97:4C:48:CD:F1:CD:66:F7:54:0C:E4:47
X509v3 Authority Key Identifier:
keyid:0C:8A:AE:18:9C:63:CE:B5:64:3C:B0:80:32:7B:CA:A3:B0:EF:8A:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DIquGJxjzrVkPLCAMnvKo7Dvilk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/5015f6-0bd0-49f9-b854-b6ba86cf31f9/1/i5WeFWV9nf-XTEjN8c1m91QM5Ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/5015f6-0bd0-49f9-b854-b6ba86cf31f9/1/DIquGJxjzrVkPLCAMnvKo7Dvilk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.56.0/24
193.42.218.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:18:6e:28:d8:10:d2:02:38:f6:1d:7e:fb:8a:32:15:7d:ed:
94:5f:30:9c:5a:8e:c1:04:bb:d1:43:ab:b8:94:06:e6:55:05:
3e:de:10:94:2f:f4:09:b1:14:f8:91:7b:bf:18:a2:92:f7:b8:
56:da:f6:b4:a9:83:47:28:28:18:42:99:34:ee:2f:43:00:93:
55:f9:a6:9e:57:fa:e1:11:7d:17:45:c6:a3:44:5c:a3:2d:7d:
68:98:d3:05:ed:ca:f8:eb:ea:9e:71:6c:8a:e9:98:f9:f9:0b:
71:37:d5:0f:74:90:db:44:a9:07:58:67:f5:c9:69:5f:2d:f3:
ee:30:3c:39:94:ed:ae:3f:18:57:cc:b3:74:24:05:fb:02:22:
ca:8c:81:e2:5a:d3:dd:06:58:30:c2:8d:07:ac:b8:85:62:b8:
8c:68:3d:6d:9f:1a:ab:f6:92:fd:11:31:85:12:e6:c0:dc:5a:
15:a6:bd:57:d7:c8:a3:c5:09:6d:f2:e7:dc:d7:b5:f2:eb:f4:
d8:52:a1:15:fa:6f:7c:70:4f:8f:ec:35:14:06:76:24:aa:3c:
80:40:99:de:15:1e:58:ac:aa:11:f1:d0:c7:2e:2c:9e:d8:a1:
b7:9a:ec:91:83:ea:b6:f8:d5:3a:f0:26:1b:f0:0b:f2:82:0e:
db:0a:f8:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwgs49TdHXWaMzHVEPypoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOGFhZTE4OWM2M2NlYjU2NDNjYjA4MDMyN2JjYWEzYjBl
ZjhhNTkwHhcNMjMwMTAyMDMyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk1OWUxNTY1N2Q5ZGZmOTc0YzQ4Y2RmMWNkNjZmNzU0MGNlNDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL6ALKlcMDZiBSq/1IUvE3NF4ZZe
bh2c13+YO74SvD2qQmOpFPk5IUqjCz+Z2gso0LoC224/WJh9ZWmUpsOzox4wz0q0
WZhxzvXxTDczWrInMjIbKyqWlqWKYeFNRR09QmEF70JlA7FDYYKGET4qlfVtV+AO
3Y1brMnpdLULXFcGlBn0mBcdoP5YS5z3FWkn2O4kOZSO1RIR6yj9DKXAWlcDnAQs
IuQJei/8QXjQsxqi+Ko1CJwNfwpFV1a2Q0lYyBJCNk0Jg1KM/EUUbw8aSP6ea7T5
JzHRo7vsxRkEGCOEQvrEjlgth0N1d4o159a+KpquQ860UsMZI5rGUjRygQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIuVnhVlfZ3/l0xIzfHNZvdUDORHMB8GA1UdIwQY
MBaAFAyKrhicY861ZDywgDJ7yqOw74pZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRElxdUdKeGp6clZrUExDQU1udktvN0R2aWxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy81MDE1ZjYtMGJkMC00OWY5LWI4NTQt
YjZiYTg2Y2YzMWY5LzEvaTVXZUZXVjluZi1YVEVqTjhjMW05MVFNNUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy81MDE1ZjYtMGJkMC00OWY5LWI4NTQtYjZiYTg2Y2YzMWY5
LzEvRElxdUdKeGp6clZrUExDQU1udktvN0R2aWxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8Y4AwQA
wSraMA0GCSqGSIb3DQEBCwUAA4IBAQCxGG4o2BDSAjj2HX77ijIVfe2UXzCcWo7B
BLvRQ6u4lAbmVQU+3hCUL/QJsRT4kXu/GKKS97hW2va0qYNHKCgYQpk07i9DAJNV
+aaeV/rhEX0XRcajRFyjLX1omNMF7cr46+qecWyK6Zj5+QtxN9UPdJDbRKkHWGf1
yWlfLfPuMDw5lO2uPxhXzLN0JAX7AiLKjIHiWtPdBlgwwo0HrLiFYriMaD1tnxqr
9pL9ETGFEubA3FoVpr1X18ijxQlt8ufc17Xy6/TYUqEV+m98cE+P7DUUBnYkqjyA
QJneFR5YrKoR8dDHLiye2KG3muyRg+q2+NU68CYb8Avygg7bCvhT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:10 2024 by rpki-client on console-ams.rpki-client.org