Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/fgJnuytz2WL9hznq3zQYOiA4ri8.roa
File: fgJnuytz2WL9hznq3zQYOiA4ri8.roa (raw, json)
Hash identifier: YUEAjyB0c3naqidfljwz86oYBRSSwiOZkw5soyp6coA=
Subject key identifier: 7E:02:67:BB:2B:73:D9:62:FD:87:39:EA:DF:34:18:3A:20:38:AE:2F
Certificate issuer: /CN=1a14445259732aa6736c248234465947fc2374d0
Certificate serial: 0186124C840F52BC2F6A5E0A75C672402BAA
Authority key identifier: 1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/fgJnuytz2WL9hznq3zQYOiA4ri8.roa
Signing time: Thu 02 Feb 2023 13:24:09 +0000
ROA not before: Thu 02 Feb 2023 13:24:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30823
IP address blocks: 91.236.118.0/23 maxlen: 23
91.214.160.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 22 Jul 2023 06:31:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:4c:84:0f:52:bc:2f:6a:5e:0a:75:c6:72:40:2b:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a14445259732aa6736c248234465947fc2374d0
Validity
Not Before: Feb 2 13:24:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e0267bb2b73d962fd8739eadf34183a2038ae2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b6:ef:2c:b4:f4:01:00:10:de:86:60:e1:e8:
a3:c0:c9:c6:08:49:44:32:c9:71:8d:44:2d:50:4d:
61:b0:69:a5:db:2c:b0:b9:e7:6a:23:b6:1e:93:96:
de:c1:04:ca:07:76:ba:ae:54:68:63:27:8f:26:71:
cb:fa:50:97:58:bb:42:66:48:46:43:24:8f:3d:0b:
4d:3c:6d:22:e4:1f:fc:eb:c6:0e:a7:58:49:3b:b6:
33:29:84:f7:1e:23:1d:fe:12:d0:b2:d4:df:3e:5d:
f8:5b:08:f7:c6:1d:8a:19:24:7a:b3:f1:b7:49:be:
ca:c9:bc:d0:53:4c:78:4b:ba:e4:c3:d7:40:74:a5:
28:a3:3e:64:12:39:77:14:c6:6c:2e:55:68:be:13:
b9:f2:62:ce:41:3c:d6:ad:42:e0:7d:03:e2:9f:97:
f7:03:7b:f1:e9:3a:b0:d6:42:29:ed:18:5f:02:59:
05:3f:4b:b9:48:6f:30:c2:cb:06:60:92:53:0f:1f:
9d:b7:59:aa:bf:39:26:88:ee:b1:e8:8b:c2:52:06:
94:fe:56:90:b7:f3:02:24:a6:f9:44:bf:d4:a8:86:
f6:a6:b2:00:90:b4:8e:58:02:25:e3:72:16:b6:9a:
73:15:0f:f3:63:73:0a:e5:5b:6e:4f:11:65:2d:7d:
67:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:02:67:BB:2B:73:D9:62:FD:87:39:EA:DF:34:18:3A:20:38:AE:2F
X509v3 Authority Key Identifier:
keyid:1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/fgJnuytz2WL9hznq3zQYOiA4ri8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.160.0/22
91.236.118.0/23
Signature Algorithm: sha256WithRSAEncryption
51:f0:b3:34:67:26:40:ee:47:53:f6:4b:6f:54:9f:db:f6:7f:
3a:06:ab:66:6b:c1:95:0c:02:54:06:84:4c:91:bc:32:93:85:
0f:e4:00:29:bb:dd:ca:54:89:d6:e0:ed:b7:36:23:50:0d:5a:
87:68:80:b8:ad:5e:79:76:36:d5:5d:a0:40:7c:1d:88:88:7d:
94:d2:aa:33:14:fc:2b:03:8c:6b:c5:be:93:90:47:3a:b7:cf:
5c:01:52:4f:3f:af:22:2c:a8:20:94:d7:93:90:d7:40:8c:f7:
a1:39:49:41:bd:7e:44:ce:5a:d4:a2:48:84:dd:db:fe:de:1d:
65:a5:f5:1a:e7:d6:ea:3b:8c:27:96:fd:cd:97:c4:80:1a:2a:
f4:15:eb:62:ec:9c:32:17:e6:65:0e:12:72:83:2c:66:05:33:
93:af:da:1f:22:43:2f:b6:f5:ac:5a:15:b0:3c:94:06:2e:21:
e2:13:07:bb:b4:07:c6:3e:a8:41:e6:7a:96:01:ef:66:a9:0d:
ac:5d:59:6d:39:58:61:55:12:63:f6:a5:5e:b8:ea:3b:dd:a9:
b0:c2:55:35:c1:32:c1:27:08:f7:cd:e0:db:4b:53:e7:17:d2:
36:41:3f:9f:96:90:da:00:de:2c:b8:c7:de:16:db:dd:c1:d3:
62:82:38:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYSTIQPUrwval4KdcZyQCuqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTQ0NDUyNTk3MzJhYTY3MzZjMjQ4MjM0NDY1OTQ3ZmMy
Mzc0ZDAwHhcNMjMwMjAyMTMyNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTAyNjdiYjJiNzNkOTYyZmQ4NzM5ZWFkZjM0MTgzYTIwMzhhZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorbvLLT0AQAQ3oZg4eijwMnGCElE
MslxjUQtUE1hsGml2yywuedqI7Yek5bewQTKB3a6rlRoYyePJnHL+lCXWLtCZkhG
QySPPQtNPG0i5B/868YOp1hJO7YzKYT3HiMd/hLQstTfPl34Wwj3xh2KGSR6s/G3
Sb7KybzQU0x4S7rkw9dAdKUooz5kEjl3FMZsLlVovhO58mLOQTzWrULgfQPin5f3
A3vx6Tqw1kIp7RhfAlkFP0u5SG8wwssGYJJTDx+dt1mqvzkmiO6x6IvCUgaU/laQ
t/MCJKb5RL/UqIb2prIAkLSOWAIl43IWtppzFQ/zY3MK5VtuTxFlLX1n5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH4CZ7src9li/Yc56t80GDogOK4vMB8GA1UdIwQY
MBaAFBoURFJZcyqmc2wkgjRGWUf8I3TQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMt
MzgxZjIzZjE4M2Q3LzEvZmdKbnV5dHoyV0w5aHpucTN6UVlPaUE0cmk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMtMzgxZjIzZjE4M2Q3
LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9agAwQB
W+x2MA0GCSqGSIb3DQEBCwUAA4IBAQBR8LM0ZyZA7kdT9ktvVJ/b9n86Bqtma8GV
DAJUBoRMkbwyk4UP5AApu93KVInW4O23NiNQDVqHaIC4rV55djbVXaBAfB2IiH2U
0qozFPwrA4xrxb6TkEc6t89cAVJPP68iLKgglNeTkNdAjPehOUlBvX5EzlrUokiE
3dv+3h1lpfUa59bqO4wnlv3Nl8SAGir0Feti7JwyF+ZlDhJygyxmBTOTr9ofIkMv
tvWsWhWwPJQGLiHiEwe7tAfGPqhB5nqWAe9mqQ2sXVltOVhhVRJj9qVeuOo73amw
wlU1wTLBJwj3zeDbS1PnF9I2QT+flpDaAN4suMfeFtvdwdNigjjf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:21 2024 by rpki-client on console-ams.rpki-client.org