Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/z2cXm6YzZpqVYoI4QTtm-AkTl-8.roa
File: z2cXm6YzZpqVYoI4QTtm-AkTl-8.roa (raw, json)
Hash identifier: tys5nkkwgdFiMVpcJrB3nIw/KcLgewBsXFZLDD+PF8M=
Subject key identifier: CF:67:17:9B:A6:33:66:9A:95:62:82:38:41:3B:66:F8:09:13:97:EF
Certificate issuer: /CN=5b6d178f13851306b5634df159716319f4d82478
Certificate serial: 0187A0D3B3E9FBBC18DCFD3D101DFA6E4677
Authority key identifier: 5B:6D:17:8F:13:85:13:06:B5:63:4D:F1:59:71:63:19:F4:D8:24:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W20XjxOFEwa1Y03xWXFjGfTYJHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/z2cXm6YzZpqVYoI4QTtm-AkTl-8.roa
Signing time: Thu 20 Apr 2023 22:40:41 +0000
ROA not before: Thu 20 Apr 2023 22:40:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 91.217.119.0/24 maxlen: 32
2a0e:36c2::/32 maxlen: 32
2a0e:36c0::/32 maxlen: 32
2a0e:36c6::/32 maxlen: 32
2a0e:36c3::/32 maxlen: 32
2a0e:36c1::/32 maxlen: 32
2a0e:36c5::/32 maxlen: 32
2a0e:36c0::/29 maxlen: 32
2a0e:36c7::/32 maxlen: 32
2a0e:36c4::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a0:d3:b3:e9:fb:bc:18:dc:fd:3d:10:1d:fa:6e:46:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b6d178f13851306b5634df159716319f4d82478
Validity
Not Before: Apr 20 22:40:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf67179ba633669a95628238413b66f8091397ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:dd:96:f4:4d:17:b8:70:65:b7:e5:c0:63:2a:
a5:e5:19:61:8e:8c:61:16:3f:2e:cc:2f:ad:6e:dd:
59:ff:d7:0d:24:83:b6:98:ed:0f:d4:e1:74:65:d4:
99:f6:57:5a:a7:ce:cd:e4:47:80:c9:67:e2:bb:11:
a5:82:06:82:d5:09:3c:30:b0:aa:a5:eb:02:61:68:
92:cd:03:e2:b8:a8:29:02:64:06:75:06:e4:4a:d4:
39:93:13:6c:f9:72:d5:9d:2e:33:f4:48:2c:89:c8:
ba:df:08:70:35:4f:e2:8f:e2:8a:4c:f9:30:e5:87:
f1:f1:6a:12:34:19:14:12:ee:10:35:30:35:2c:d9:
2d:f4:c0:30:9a:6d:2d:53:7d:db:95:b2:ce:a2:b5:
15:63:0f:b6:e6:a4:35:b2:2c:52:2d:80:ec:a9:7e:
b5:9f:7f:79:fb:69:c3:ec:e2:ee:d6:47:b1:0b:fd:
f8:65:c8:7a:9a:e8:d4:23:e3:e8:2d:c0:25:8f:2c:
98:94:1c:08:ec:59:d3:21:f4:12:0b:54:67:54:cf:
75:3f:ce:b8:88:d0:9f:ea:8a:28:ac:b0:9f:b7:0c:
15:41:93:df:6e:a8:55:6d:fa:cc:6d:c1:05:2a:98:
b0:f4:d7:c1:99:88:aa:e4:e2:10:5f:92:2b:ec:dd:
fa:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:67:17:9B:A6:33:66:9A:95:62:82:38:41:3B:66:F8:09:13:97:EF
X509v3 Authority Key Identifier:
keyid:5B:6D:17:8F:13:85:13:06:B5:63:4D:F1:59:71:63:19:F4:D8:24:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W20XjxOFEwa1Y03xWXFjGfTYJHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/z2cXm6YzZpqVYoI4QTtm-AkTl-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/W20XjxOFEwa1Y03xWXFjGfTYJHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.119.0/24
IPv6:
2a0e:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:86:41:3e:2f:fa:08:07:c7:82:23:9c:b7:d1:49:ef:b1:ae:
3e:6b:c0:90:94:0c:63:54:0c:b9:f8:ba:61:b5:bd:d2:53:7b:
e5:71:3b:cc:a6:3c:ff:5b:d0:16:6b:b8:f9:97:05:66:b3:a4:
b7:65:92:1a:55:0e:bd:bd:df:6e:ef:ad:50:05:be:5d:5b:23:
79:c9:36:07:2b:31:e0:59:31:5e:fa:1b:08:a0:bb:ac:43:63:
47:65:1c:2c:f1:c9:bf:86:69:a1:86:b0:7e:86:db:88:9c:ce:
c9:e2:4d:24:a2:6a:f2:11:18:5a:71:f8:61:8f:3b:13:b4:77:
c1:40:40:f4:a3:43:69:c7:9d:80:59:de:05:89:ec:3d:69:18:
ec:d2:82:bc:59:e8:bf:71:7b:df:92:6d:06:72:ae:22:ea:28:
47:35:10:fb:84:70:45:7e:43:6c:76:13:8d:1d:72:b5:07:d9:
b3:e5:76:8d:56:a3:33:36:ed:fc:62:c0:57:25:6a:9c:99:a5:
25:ec:aa:c0:2f:42:c3:b6:29:b9:1e:54:bc:1c:1f:00:5e:0a:
16:35:e3:01:5b:3b:50:a6:19:0e:22:4e:62:00:61:73:55:db:
4b:6c:c9:c7:b6:34:b4:de:5b:55:c0:93:ff:1e:14:a7:87:8a:
72:e1:06:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYeg07Pp+7wY3P09EB36bkZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNmQxNzhmMTM4NTEzMDZiNTYzNGRmMTU5NzE2MzE5ZjRk
ODI0NzgwHhcNMjMwNDIwMjI0MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjY3MTc5YmE2MzM2NjlhOTU2MjgyMzg0MTNiNjZmODA5MTM5N2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd2W9E0XuHBlt+XAYyql5Rlhjoxh
Fj8uzC+tbt1Z/9cNJIO2mO0P1OF0ZdSZ9ldap87N5EeAyWfiuxGlggaC1Qk8MLCq
pesCYWiSzQPiuKgpAmQGdQbkStQ5kxNs+XLVnS4z9Egsici63whwNU/ij+KKTPkw
5Yfx8WoSNBkUEu4QNTA1LNkt9MAwmm0tU33blbLOorUVYw+25qQ1sixSLYDsqX61
n395+2nD7OLu1kexC/34Zch6mujUI+PoLcAljyyYlBwI7FnTIfQSC1RnVM91P864
iNCf6ooorLCftwwVQZPfbqhVbfrMbcEFKpiw9NfBmYiq5OIQX5Ir7N36ewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM9nF5umM2aalWKCOEE7ZvgJE5fvMB8GA1UdIwQY
MBaAFFttF48ThRMGtWNN8VlxYxn02CR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzIwWGp4T0ZFd2ExWTAzeFdYRmpHZlRZSkhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hMWM2ZWMtYzI2MC00Y2EyLTg4N2It
NGJiOTRjYmMyZTczLzEvejJjWG02WXpacHFWWW9JNFFUdG0tQWtUbC04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hMWM2ZWMtYzI2MC00Y2EyLTg4N2ItNGJiOTRjYmMyZTcz
LzEvVzIwWGp4T0ZFd2ExWTAzeFdYRmpHZlRZSkhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9l3MA0E
AgACMAcDBQMqDjbAMA0GCSqGSIb3DQEBCwUAA4IBAQCOhkE+L/oIB8eCI5y30Unv
sa4+a8CQlAxjVAy5+Lphtb3SU3vlcTvMpjz/W9AWa7j5lwVms6S3ZZIaVQ69vd9u
761QBb5dWyN5yTYHKzHgWTFe+hsIoLusQ2NHZRws8cm/hmmhhrB+htuInM7J4k0k
omryERhacfhhjzsTtHfBQED0o0Npx52AWd4Fiew9aRjs0oK8Wei/cXvfkm0Gcq4i
6ihHNRD7hHBFfkNsdhONHXK1B9mz5XaNVqMzNu38YsBXJWqcmaUl7KrAL0LDtim5
HlS8HB8AXgoWNeMBWztQphkOIk5iAGFzVdtLbMnHtjS03ltVwJP/HhSnh4py4Qb/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:47 2024 by rpki-client on console-fra.rpki-client.org