Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/bbfcc4-a277-4b43-b25c-a24d68e36705/1/X0zQqdzJmwuo9vEB7CXr3ZYfqwA.roa
File: X0zQqdzJmwuo9vEB7CXr3ZYfqwA.roa (raw, json)
Hash identifier: 9wLTJHdPvEnfk4UiYL7UFY/KDzCx7sd1XkKwfh1J3rs=
Subject key identifier: 5F:4C:D0:A9:DC:C9:9B:0B:A8:F6:F1:01:EC:25:EB:DD:96:1F:AB:00
Certificate issuer: /CN=11084b7d378b993c5f5e749f6a344de23e45ad00
Certificate serial: 01856C78400BE94C4A0CE8A15CEAB07D1CD4
Authority key identifier: 11:08:4B:7D:37:8B:99:3C:5F:5E:74:9F:6A:34:4D:E2:3E:45:AD:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EQhLfTeLmTxfXnSfajRN4j5FrQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/bbfcc4-a277-4b43-b25c-a24d68e36705/1/X0zQqdzJmwuo9vEB7CXr3ZYfqwA.roa
Signing time: Sun 01 Jan 2023 08:34:58 +0000
ROA not before: Sun 01 Jan 2023 08:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43418
IP address blocks: 91.197.49.0/24 maxlen: 24
91.197.50.0/24 maxlen: 24
91.197.51.0/24 maxlen: 24
91.197.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:40:0b:e9:4c:4a:0c:e8:a1:5c:ea:b0:7d:1c:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11084b7d378b993c5f5e749f6a344de23e45ad00
Validity
Not Before: Jan 1 08:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f4cd0a9dcc99b0ba8f6f101ec25ebdd961fab00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:1a:5a:61:58:ac:03:8c:ce:9e:32:37:f3:ef:
24:6d:b0:5f:5e:8f:85:21:38:40:a9:29:a1:4c:d5:
d4:5d:44:27:5c:2d:88:a6:ef:6e:52:9a:a4:1e:e7:
d2:49:06:6a:35:10:44:21:88:4a:64:ae:4b:51:df:
c6:3b:e6:29:d1:a3:34:b7:42:69:57:b8:8c:c3:b1:
f6:b0:6c:85:f5:5a:2f:04:72:09:22:bb:4b:e7:45:
a0:8e:9f:7c:56:58:2a:1f:8d:fa:b1:a6:64:8e:76:
86:39:34:8c:05:29:4b:74:aa:f1:47:0c:17:ab:d2:
20:1a:dd:7f:98:9b:90:dd:19:57:02:c4:9a:25:76:
2b:0e:15:0e:b9:21:58:fd:18:06:2d:4b:b0:85:08:
ad:f6:92:f5:64:8f:93:eb:92:e6:4a:c7:41:86:e6:
22:cc:d2:19:eb:67:0e:ed:2d:df:03:8a:e1:59:a2:
f5:a2:a3:7b:1d:01:8c:59:7a:b3:1b:49:26:88:3e:
26:de:6e:c7:19:1f:8e:64:10:16:a8:75:42:0a:04:
72:c6:f9:44:5f:33:35:ae:e7:9e:5e:dd:51:79:1e:
47:35:b9:1b:8d:b8:e7:28:37:ee:77:0b:c2:78:77:
11:1e:fb:06:39:d8:fb:8a:46:87:55:02:d3:11:65:
ce:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:4C:D0:A9:DC:C9:9B:0B:A8:F6:F1:01:EC:25:EB:DD:96:1F:AB:00
X509v3 Authority Key Identifier:
keyid:11:08:4B:7D:37:8B:99:3C:5F:5E:74:9F:6A:34:4D:E2:3E:45:AD:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EQhLfTeLmTxfXnSfajRN4j5FrQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bbfcc4-a277-4b43-b25c-a24d68e36705/1/X0zQqdzJmwuo9vEB7CXr3ZYfqwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bbfcc4-a277-4b43-b25c-a24d68e36705/1/EQhLfTeLmTxfXnSfajRN4j5FrQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.48.0/22
Signature Algorithm: sha256WithRSAEncryption
70:6e:11:b4:74:7b:0c:9f:f3:28:a7:d9:70:0f:98:51:45:a7:
dc:76:0c:db:7e:ab:b2:a1:f1:2e:cb:d4:49:e1:1e:85:45:9c:
14:5d:da:0e:15:93:82:3f:33:eb:02:fa:ca:ae:8b:6b:84:8c:
62:8f:88:86:8a:fe:b3:d1:99:17:c1:70:e7:07:01:ae:1a:a1:
53:23:b8:dd:65:7b:d2:4c:67:52:52:e6:f6:6a:14:bb:11:44:
d9:f4:56:66:86:4b:f9:bb:3f:26:00:5b:01:8f:2a:b2:cc:7a:
2a:22:10:0c:45:49:2b:2a:a5:48:9d:66:2a:70:c4:d6:dc:62:
98:89:74:e9:7a:db:d2:f9:d6:ea:48:bb:f9:ae:dc:41:03:10:
56:9a:42:d6:ec:3d:b6:7c:3b:ff:b8:5b:c4:6a:51:c2:67:9c:
d3:8e:e3:6d:49:6e:62:55:c6:7a:7f:8e:ef:ff:0c:78:91:f8:
5a:c0:56:95:04:87:1b:57:ef:3c:08:23:13:6b:09:6d:43:34:
90:00:4e:c5:58:6d:bf:a9:2a:cc:0c:86:b0:51:8e:6b:be:a5:
d7:a0:6d:3d:a2:b6:cb:c8:1a:be:7d:3b:d2:c7:53:35:89:31:
f5:9c:bf:4d:5d:ed:6a:fe:e9:bc:1c:66:7f:72:99:df:13:39:
f7:51:1a:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseEAL6UxKDOihXOqwfRzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMDg0YjdkMzc4Yjk5M2M1ZjVlNzQ5ZjZhMzQ0ZGUyM2U0
NWFkMDAwHhcNMjMwMTAxMDgzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjRjZDBhOWRjYzk5YjBiYThmNmYxMDFlYzI1ZWJkZDk2MWZhYjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxpaYVisA4zOnjI38+8kbbBfXo+F
IThAqSmhTNXUXUQnXC2Ipu9uUpqkHufSSQZqNRBEIYhKZK5LUd/GO+Yp0aM0t0Jp
V7iMw7H2sGyF9VovBHIJIrtL50Wgjp98VlgqH436saZkjnaGOTSMBSlLdKrxRwwX
q9IgGt1/mJuQ3RlXAsSaJXYrDhUOuSFY/RgGLUuwhQit9pL1ZI+T65LmSsdBhuYi
zNIZ62cO7S3fA4rhWaL1oqN7HQGMWXqzG0kmiD4m3m7HGR+OZBAWqHVCCgRyxvlE
XzM1rueeXt1ReR5HNbkbjbjnKDfudwvCeHcRHvsGOdj7ikaHVQLTEWXOUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF9M0KncyZsLqPbxAewl692WH6sAMB8GA1UdIwQY
MBaAFBEIS303i5k8X150n2o0TeI+Ra0AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVFoTGZUZUxtVHhmWG5TZmFqUk40ajVGclFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iYmZjYzQtYTI3Ny00YjQzLWIyNWMt
YTI0ZDY4ZTM2NzA1LzEvWDB6UXFkekptd3VvOXZFQjdDWHIzWllmcXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iYmZjYzQtYTI3Ny00YjQzLWIyNWMtYTI0ZDY4ZTM2NzA1
LzEvRVFoTGZUZUxtVHhmWG5TZmFqUk40ajVGclFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8UwMA0G
CSqGSIb3DQEBCwUAA4IBAQBwbhG0dHsMn/Mop9lwD5hRRafcdgzbfquyofEuy9RJ
4R6FRZwUXdoOFZOCPzPrAvrKrotrhIxij4iGiv6z0ZkXwXDnBwGuGqFTI7jdZXvS
TGdSUub2ahS7EUTZ9FZmhkv5uz8mAFsBjyqyzHoqIhAMRUkrKqVInWYqcMTW3GKY
iXTpetvS+dbqSLv5rtxBAxBWmkLW7D22fDv/uFvEalHCZ5zTjuNtSW5iVcZ6f47v
/wx4kfhawFaVBIcbV+88CCMTawltQzSQAE7FWG2/qSrMDIawUY5rvqXXoG09orbL
yBq+fTvSx1M1iTH1nL9NXe1q/um8HGZ/cpnfEzn3URqO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:58 2024 by rpki-client on console-ams.rpki-client.org