Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/a1e73d-5a1c-4f74-a45b-1897243c62ef/1/rHE0y5nVQtdCM4y0a9nhIDHjHSg.roa
File: rHE0y5nVQtdCM4y0a9nhIDHjHSg.roa (raw, json)
Hash identifier: reYefdVDvRyiRXXSY8y76ulPSdINzO+5NeUfbkIVdY4=
Subject key identifier: AC:71:34:CB:99:D5:42:D7:42:33:8C:B4:6B:D9:E1:20:31:E3:1D:28
Certificate issuer: /CN=81714b2a738ca3deae915af87c3a91c613e1bc49
Certificate serial: 018CC4937229C4A1CB5928A5330006E570D8
Authority key identifier: 81:71:4B:2A:73:8C:A3:DE:AE:91:5A:F8:7C:3A:91:C6:13:E1:BC:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gXFLKnOMo96ukVr4fDqRxhPhvEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/a1e73d-5a1c-4f74-a45b-1897243c62ef/1/rHE0y5nVQtdCM4y0a9nhIDHjHSg.roa
Signing time: Mon 01 Jan 2024 10:30:46 +0000
ROA not before: Mon 01 Jan 2024 10:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39305
IP address blocks: 91.242.224.0/24 maxlen: 24
146.19.18.0/24 maxlen: 24
109.234.73.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 09:09:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:72:29:c4:a1:cb:59:28:a5:33:00:06:e5:70:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81714b2a738ca3deae915af87c3a91c613e1bc49
Validity
Not Before: Jan 1 10:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac7134cb99d542d742338cb46bd9e12031e31d28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:21:ca:0c:f2:d6:85:fa:6b:42:6d:d1:02:a4:
a2:b2:9f:2b:73:23:44:61:1e:40:f9:f2:09:7f:95:
21:cd:c7:25:65:f9:8d:ba:27:f9:f7:8b:74:a3:17:
28:a5:69:a9:c9:df:a9:81:a7:28:48:43:4a:14:29:
f7:7f:19:64:df:3a:41:3f:6a:16:9d:86:8e:f9:f5:
aa:a0:34:5d:7b:40:c5:a1:5b:4c:15:8a:af:47:d3:
dd:0f:bf:93:28:08:d1:8d:46:08:52:41:7d:74:24:
5c:3c:e4:12:dc:70:48:3d:10:0f:a4:1b:5e:f2:01:
23:ee:e5:6b:ef:56:c1:2b:2c:45:13:a9:c4:cf:66:
54:e5:8d:c4:f6:9b:8c:c1:38:ff:d0:28:0a:01:a0:
71:a3:c6:0a:c2:f1:ef:31:2d:82:97:f0:22:1e:a3:
6f:b7:17:da:c3:01:f6:92:7f:dd:2a:8e:49:e6:a1:
ff:d1:08:37:d3:2e:b2:da:7b:24:05:4b:6b:b8:79:
c4:09:43:ef:ed:73:c1:7b:44:5f:75:82:f6:ff:4b:
3a:cd:6a:db:38:1e:2c:33:a2:01:97:d2:7d:d1:3e:
c0:ef:71:72:29:81:2c:9e:1a:ca:6c:47:48:11:a6:
78:72:ef:cb:99:fd:f2:ce:dc:8a:86:a1:b6:d8:a7:
a6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:71:34:CB:99:D5:42:D7:42:33:8C:B4:6B:D9:E1:20:31:E3:1D:28
X509v3 Authority Key Identifier:
keyid:81:71:4B:2A:73:8C:A3:DE:AE:91:5A:F8:7C:3A:91:C6:13:E1:BC:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXFLKnOMo96ukVr4fDqRxhPhvEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/a1e73d-5a1c-4f74-a45b-1897243c62ef/1/rHE0y5nVQtdCM4y0a9nhIDHjHSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/a1e73d-5a1c-4f74-a45b-1897243c62ef/1/gXFLKnOMo96ukVr4fDqRxhPhvEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.224.0/24
109.234.73.0/24
146.19.18.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:65:86:de:94:78:e1:41:08:d1:1f:a8:bc:33:69:34:94:2a:
d4:b1:1d:45:88:2d:52:e9:ba:bd:83:47:a1:1c:4a:64:bb:44:
91:ee:c7:d3:01:65:0a:b4:d3:d1:7a:ca:d0:97:ad:21:de:45:
a2:62:7a:56:cd:34:5a:e9:00:b2:64:8e:0f:2e:eb:f8:f5:4c:
5a:35:f2:f2:f2:c2:de:fa:35:b1:0a:f6:cd:8b:84:29:db:5a:
01:51:3c:3a:c9:40:23:5f:1e:ef:f8:76:49:ad:e0:a1:51:f0:
e8:89:db:1b:4d:53:2f:b0:5d:fe:5e:a8:68:cb:3e:33:4f:e0:
3b:b9:8c:38:60:b8:52:c3:d6:a4:e7:df:c4:3c:2b:80:f9:24:
29:d0:21:56:6e:f9:86:ea:0e:d0:3e:f5:fe:e6:88:0e:3a:fe:
58:6e:57:95:7a:23:5c:a3:0b:62:bd:21:02:34:01:74:8a:6c:
22:e4:ba:50:ce:aa:b9:26:0f:07:6d:cb:61:e5:d2:28:bf:64:
fa:bb:56:a0:4e:17:2b:49:f6:9c:49:3e:4f:78:d8:b6:5d:4d:
31:af:64:22:62:83:ed:3d:84:1e:b0:3c:d1:95:46:84:0a:57:
c7:ca:a0:42:27:2d:54:ee:39:a2:20:70:9d:6d:a4:ee:03:a1:
ed:6a:91:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEk3IpxKHLWSilMwAG5XDYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNzE0YjJhNzM4Y2EzZGVhZTkxNWFmODdjM2E5MWM2MTNl
MWJjNDkwHhcNMjQwMTAxMTAzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzcxMzRjYjk5ZDU0MmQ3NDIzMzhjYjQ2YmQ5ZTEyMDMxZTMxZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCHKDPLWhfprQm3RAqSisp8rcyNE
YR5A+fIJf5UhzcclZfmNuif594t0oxcopWmpyd+pgacoSENKFCn3fxlk3zpBP2oW
nYaO+fWqoDRde0DFoVtMFYqvR9PdD7+TKAjRjUYIUkF9dCRcPOQS3HBIPRAPpBte
8gEj7uVr71bBKyxFE6nEz2ZU5Y3E9puMwTj/0CgKAaBxo8YKwvHvMS2Cl/AiHqNv
txfawwH2kn/dKo5J5qH/0Qg30y6y2nskBUtruHnECUPv7XPBe0RfdYL2/0s6zWrb
OB4sM6IBl9J90T7A73FyKYEsnhrKbEdIEaZ4cu/Lmf3yztyKhqG22KemswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKxxNMuZ1ULXQjOMtGvZ4SAx4x0oMB8GA1UdIwQY
MBaAFIFxSypzjKPerpFa+Hw6kcYT4bxJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1hGTEtuT01vOTZ1a1ZyNGZEcVJ4aFBodkVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hMWU3M2QtNWExYy00Zjc0LWE0NWIt
MTg5NzI0M2M2MmVmLzEvckhFMHk1blZRdGRDTTR5MGE5bmhJREhqSFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hMWU3M2QtNWExYy00Zjc0LWE0NWItMTg5NzI0M2M2MmVm
LzEvZ1hGTEtuT01vOTZ1a1ZyNGZEcVJ4aFBodkVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW/LgAwQA
bepJAwQAkhMSMA0GCSqGSIb3DQEBCwUAA4IBAQAdZYbelHjhQQjRH6i8M2k0lCrU
sR1FiC1S6bq9g0ehHEpku0SR7sfTAWUKtNPResrQl60h3kWiYnpWzTRa6QCyZI4P
Luv49UxaNfLy8sLe+jWxCvbNi4Qp21oBUTw6yUAjXx7v+HZJreChUfDoidsbTVMv
sF3+Xqhoyz4zT+A7uYw4YLhSw9ak59/EPCuA+SQp0CFWbvmG6g7QPvX+5ogOOv5Y
bleVeiNcowtivSECNAF0imwi5LpQzqq5Jg8Hbcth5dIov2T6u1agThcrSfacST5P
eNi2XU0xr2QiYoPtPYQesDzRlUaEClfHyqBCJy1U7jmiIHCdbaTuA6HtapFz
-----END CERTIFICATE-----
Generated at Wed Feb 7 11:50:15 2024 by rpki-client on console-ams.rpki-client.org