Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/dIw928I_htdLoGgptdC6NfaMHbg.roa
File: dIw928I_htdLoGgptdC6NfaMHbg.roa (raw, json)
Hash identifier: T5RiQqnprXZTlReb6HT770s6xRZg98yCDcyoqOMxO6Q=
Subject key identifier: 74:8C:3D:DB:C2:3F:86:D7:4B:A0:68:29:B5:D0:BA:35:F6:8C:1D:B8
Certificate issuer: /CN=b91464767773f1239b646bb66bdcf4f7fb1206ce
Certificate serial: 018572B432A8801D580FFC1A7032E56FC258
Authority key identifier: B9:14:64:76:77:73:F1:23:9B:64:6B:B6:6B:DC:F4:F7:FB:12:06:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRRkdndz8SObZGu2a9z09_sSBs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/dIw928I_htdLoGgptdC6NfaMHbg.roa
Signing time: Mon 02 Jan 2023 13:38:10 +0000
ROA not before: Mon 02 Jan 2023 13:38:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203735
IP address blocks: 91.192.4.0/24 maxlen: 24
91.192.7.0/24 maxlen: 24
91.192.6.0/24 maxlen: 24
91.192.5.0/24 maxlen: 24
2a0c:64c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 07 Nov 2023 19:52:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:32:a8:80:1d:58:0f:fc:1a:70:32:e5:6f:c2:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91464767773f1239b646bb66bdcf4f7fb1206ce
Validity
Not Before: Jan 2 13:38:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=748c3ddbc23f86d74ba06829b5d0ba35f68c1db8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:53:08:ee:18:93:c9:38:72:a8:93:50:67:dd:
e8:e2:5b:b5:d8:6b:a7:7b:49:99:5d:2d:89:7a:d9:
8d:72:cc:f9:1a:3c:e1:2e:51:3e:0e:d2:2a:89:2f:
20:6c:0e:3a:2b:cd:4b:8d:9c:fd:af:6d:0b:f9:2b:
ec:e4:5b:ff:a2:f4:7b:b9:4f:bb:fa:58:9b:b8:f5:
6c:e3:09:ed:5d:a3:e1:a1:fa:c3:52:ad:35:bf:96:
e4:c9:25:5a:15:c2:f7:e5:a4:d6:ee:38:e6:17:ce:
8f:04:d5:0b:84:68:ad:a0:00:e7:b1:af:94:be:28:
02:ff:b6:29:96:13:b0:c1:6c:24:e1:29:6b:42:98:
d1:fd:8c:33:c3:bc:b0:1e:be:fb:d5:0d:f9:1a:5e:
a6:5a:6a:72:5e:ce:9f:30:7d:bb:be:fe:5e:63:3d:
d4:ed:85:f3:c1:9e:d2:70:3e:34:ce:8c:28:b4:f6:
f2:4f:84:a5:76:31:71:5b:1c:75:90:1d:8c:e1:51:
eb:95:9b:0c:57:19:2e:26:d0:2e:46:1f:05:97:dc:
80:59:b4:a3:43:5b:cd:45:f9:4d:bc:ba:51:aa:85:
43:0d:e4:99:75:f8:c2:45:1e:75:83:33:9e:1a:cb:
85:56:d1:11:f3:f7:20:3a:bf:84:a6:b5:90:e3:db:
e5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:8C:3D:DB:C2:3F:86:D7:4B:A0:68:29:B5:D0:BA:35:F6:8C:1D:B8
X509v3 Authority Key Identifier:
keyid:B9:14:64:76:77:73:F1:23:9B:64:6B:B6:6B:DC:F4:F7:FB:12:06:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRRkdndz8SObZGu2a9z09_sSBs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/dIw928I_htdLoGgptdC6NfaMHbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/uRRkdndz8SObZGu2a9z09_sSBs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.4.0/22
IPv6:
2a0c:64c0::/29
Signature Algorithm: sha256WithRSAEncryption
89:71:53:04:46:cd:e0:e7:37:25:5e:62:0a:e0:f2:67:c0:5d:
a4:05:0c:77:ce:d1:a5:26:ad:e6:57:3c:55:5c:8a:a1:a9:50:
e0:8c:f8:6c:93:7e:7b:d0:14:b9:f4:2f:f8:b1:5a:f8:83:10:
17:59:89:d8:4c:df:d3:22:66:7b:18:62:d9:ff:13:9e:49:be:
76:3f:df:f2:f1:5c:70:c1:c7:2a:bf:34:38:56:d0:59:b0:be:
f0:71:9e:09:49:e9:43:1a:90:4e:c4:c2:96:dc:39:23:44:ea:
2c:1b:f3:99:19:be:aa:b9:a7:53:26:ff:a5:46:1a:dc:6f:7d:
b2:47:25:0a:24:8a:73:be:ad:53:98:82:45:96:9b:12:ae:a0:
ec:d9:f4:36:b9:3b:bb:b3:8a:37:a9:f9:c1:e7:36:a4:99:41:
93:0e:f4:23:47:de:a7:8f:4d:da:3a:b1:dd:1a:a0:ee:2f:68:
3b:a1:7c:5f:58:4c:46:92:c3:07:85:43:e9:bd:25:75:6d:97:
f0:78:cf:26:7d:99:80:ae:19:e2:89:63:ee:eb:01:97:41:71:
85:d6:eb:96:45:1b:a5:7f:dc:fd:ec:d9:84:32:a7:0b:1a:0e:
5b:b9:1e:de:ed:51:15:1f:df:f0:97:d9:05:ad:88:d6:14:82:
c9:07:7d:10
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVytDKogB1YD/wacDLlb8JYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ2NDc2Nzc3M2YxMjM5YjY0NmJiNjZiZGNmNGY3ZmIx
MjA2Y2UwHhcNMjMwMTAyMTMzODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDhjM2RkYmMyM2Y4NmQ3NGJhMDY4MjliNWQwYmEzNWY2OGMxZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlMI7hiTyThyqJNQZ93o4lu12Gun
e0mZXS2JetmNcsz5GjzhLlE+DtIqiS8gbA46K81LjZz9r20L+Svs5Fv/ovR7uU+7
+libuPVs4wntXaPhofrDUq01v5bkySVaFcL35aTW7jjmF86PBNULhGitoADnsa+U
vigC/7YplhOwwWwk4SlrQpjR/Ywzw7ywHr771Q35Gl6mWmpyXs6fMH27vv5eYz3U
7YXzwZ7ScD40zowotPbyT4SldjFxWxx1kB2M4VHrlZsMVxkuJtAuRh8Fl9yAWbSj
Q1vNRflNvLpRqoVDDeSZdfjCRR51gzOeGsuFVtER8/cgOr+EprWQ49vlzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHSMPdvCP4bXS6BoKbXQujX2jB24MB8GA1UdIwQY
MBaAFLkUZHZ3c/Ejm2Rrtmvc9Pf7EgbOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJSa2RuZHo4U09iWkd1MmE5ejA5X3NTQnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8xM2ZjZDEtZDgwNi00ZTU2LTg1MzMt
NDc1ZGJiYjBjMDhjLzEvZEl3OTI4SV9odGRMb0dncHRkQzZOZmFNSGJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8xM2ZjZDEtZDgwNi00ZTU2LTg1MzMtNDc1ZGJiYjBjMDhj
LzEvdVJSa2RuZHo4U09iWkd1MmE5ejA5X3NTQnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCW8AEMA0E
AgACMAcDBQMqDGTAMA0GCSqGSIb3DQEBCwUAA4IBAQCJcVMERs3g5zclXmIK4PJn
wF2kBQx3ztGlJq3mVzxVXIqhqVDgjPhsk3570BS59C/4sVr4gxAXWYnYTN/TImZ7
GGLZ/xOeSb52P9/y8VxwwccqvzQ4VtBZsL7wcZ4JSelDGpBOxMKW3DkjROosG/OZ
Gb6quadTJv+lRhrcb32yRyUKJIpzvq1TmIJFlpsSrqDs2fQ2uTu7s4o3qfnB5zak
mUGTDvQjR96nj03aOrHdGqDuL2g7oXxfWExGksMHhUPpvSV1bZfweM8mfZmArhni
iWPu6wGXQXGF1uuWRRulf9z97NmEMqcLGg5buR7e7VEVH9/wl9kFrYjWFILJB30Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:11 2024 by rpki-client on console-ams.rpki-client.org