Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/d0a0a0-d25a-4746-9139-a71456df9997/1/ytZbH_fTbiJryjkV--WJCOrKqKs.roa
File: ytZbH_fTbiJryjkV--WJCOrKqKs.roa (raw, json)
Hash identifier: Y7HEEt/BSaBwdNM3Zte+1FO51Z8MxT5hFcmig4rVe84=
Subject key identifier: CA:D6:5B:1F:F7:D3:6E:22:6B:CA:39:15:FB:E5:89:08:EA:CA:A8:AB
Certificate issuer: /CN=35135b81b6c1edd2f6f5bc1c608a5fc9fe926474
Certificate serial: 01856C00FC2D2389C12BE7EB25C367C92218
Authority key identifier: 35:13:5B:81:B6:C1:ED:D2:F6:F5:BC:1C:60:8A:5F:C9:FE:92:64:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRNbgbbB7dL29bwcYIpfyf6SZHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/d0a0a0-d25a-4746-9139-a71456df9997/1/ytZbH_fTbiJryjkV--WJCOrKqKs.roa
Signing time: Sun 01 Jan 2023 06:24:41 +0000
ROA not before: Sun 01 Jan 2023 06:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51241
IP address blocks: 91.207.139.0/24 maxlen: 24
91.207.138.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:00:fc:2d:23:89:c1:2b:e7:eb:25:c3:67:c9:22:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35135b81b6c1edd2f6f5bc1c608a5fc9fe926474
Validity
Not Before: Jan 1 06:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cad65b1ff7d36e226bca3915fbe58908eacaa8ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ed:73:3b:6c:be:17:93:14:e1:e9:45:24:97:
8e:86:db:c4:9c:af:07:c2:79:b0:f8:1d:17:31:0b:
2d:96:2c:d7:8e:f0:dd:dd:58:74:9f:e2:69:d6:83:
8c:57:77:b4:74:b5:0d:12:bf:52:40:c7:d0:7a:be:
5c:cb:23:48:22:dd:89:fd:c0:5c:fc:03:6c:41:ca:
56:fc:8e:c6:3c:c9:51:f1:9c:7e:5a:da:88:24:50:
ce:45:18:91:65:2d:49:d8:9c:27:07:17:60:cb:22:
dc:57:60:25:3f:9c:09:89:cc:ad:66:89:00:5a:d5:
eb:32:92:21:61:2e:c9:53:b8:f0:2c:26:32:7a:4f:
89:6e:a9:69:74:9e:c1:a9:15:4b:14:30:c6:eb:28:
96:c9:c9:41:a1:72:d6:18:91:04:60:0b:d1:24:d9:
a2:a2:94:42:66:68:f0:6f:94:b5:60:72:9f:4a:58:
83:86:8b:f1:32:0e:75:66:8e:93:88:65:59:a4:37:
61:b3:4c:04:23:41:40:da:d8:ad:4c:98:16:ff:a7:
0f:ba:3e:07:1c:c5:a3:2f:3f:b6:99:81:2c:47:ab:
00:e3:59:cb:d5:6d:39:92:ba:ad:c4:c0:87:fd:11:
48:cd:d2:fc:19:1b:ca:db:e6:df:43:e7:1e:2c:05:
ed:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D6:5B:1F:F7:D3:6E:22:6B:CA:39:15:FB:E5:89:08:EA:CA:A8:AB
X509v3 Authority Key Identifier:
keyid:35:13:5B:81:B6:C1:ED:D2:F6:F5:BC:1C:60:8A:5F:C9:FE:92:64:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRNbgbbB7dL29bwcYIpfyf6SZHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d0a0a0-d25a-4746-9139-a71456df9997/1/ytZbH_fTbiJryjkV--WJCOrKqKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d0a0a0-d25a-4746-9139-a71456df9997/1/NRNbgbbB7dL29bwcYIpfyf6SZHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.138.0/23
Signature Algorithm: sha256WithRSAEncryption
87:dd:32:e7:52:f6:e1:5e:c5:bb:50:78:8c:62:1f:66:7c:c7:
a4:2c:8a:da:fa:6c:5a:4f:fc:23:d5:3c:16:cd:19:ff:e9:6e:
d2:0b:68:b3:dd:8e:a2:d9:3d:db:8f:e2:5d:e8:8e:6c:b8:9a:
24:e1:e8:b7:af:fb:21:9a:5e:90:6e:37:c4:d6:ca:85:71:3f:
21:db:ce:cb:b9:2a:eb:74:f3:35:19:1b:df:e6:63:56:bf:b2:
b2:83:7d:0b:5e:7f:63:d2:7d:68:07:a2:eb:07:46:80:9b:4c:
86:6b:ce:5d:67:5f:15:0f:68:66:c5:a6:47:81:80:93:ad:6a:
71:73:00:cf:e2:4c:7e:2a:c9:19:ba:57:5f:b5:58:76:c7:8f:
c2:bc:d3:a7:96:21:43:23:d8:1b:0f:3b:85:ba:5e:3c:81:62:
3c:f6:99:62:d7:7f:8e:07:0e:14:e3:0f:e6:0e:b3:53:06:17:
31:e8:78:5d:0b:46:f0:c1:f5:92:75:db:75:5a:76:d9:94:47:
5b:90:17:52:9e:bc:61:d5:7f:86:66:23:13:5d:8f:12:90:b0:
d9:3c:56:48:9b:4c:93:11:94:81:90:38:7b:b8:21:1b:b0:60:
2b:29:fe:dc:d1:da:c0:b8:3f:a1:c6:a6:ef:3a:89:77:d4:b9:
5f:02:cc:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsAPwtI4nBK+frJcNnySIYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTM1YjgxYjZjMWVkZDJmNmY1YmMxYzYwOGE1ZmM5ZmU5
MjY0NzQwHhcNMjMwMTAxMDYyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWQ2NWIxZmY3ZDM2ZTIyNmJjYTM5MTVmYmU1ODkwOGVhY2FhOGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlu1zO2y+F5MU4elFJJeOhtvEnK8H
wnmw+B0XMQstlizXjvDd3Vh0n+Jp1oOMV3e0dLUNEr9SQMfQer5cyyNIIt2J/cBc
/ANsQcpW/I7GPMlR8Zx+WtqIJFDORRiRZS1J2JwnBxdgyyLcV2AlP5wJicytZokA
WtXrMpIhYS7JU7jwLCYyek+JbqlpdJ7BqRVLFDDG6yiWyclBoXLWGJEEYAvRJNmi
opRCZmjwb5S1YHKfSliDhovxMg51Zo6TiGVZpDdhs0wEI0FA2titTJgW/6cPuj4H
HMWjLz+2mYEsR6sA41nL1W05krqtxMCH/RFIzdL8GRvK2+bfQ+ceLAXtDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMrWWx/3024ia8o5FfvliQjqyqirMB8GA1UdIwQY
MBaAFDUTW4G2we3S9vW8HGCKX8n+kmR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJOYmdiYkI3ZEwyOWJ3Y1lJcGZ5ZjZTWkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kMGEwYTAtZDI1YS00NzQ2LTkxMzkt
YTcxNDU2ZGY5OTk3LzEveXRaYkhfZlRiaUpyeWprVi0tV0pDT3JLcUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kMGEwYTAtZDI1YS00NzQ2LTkxMzktYTcxNDU2ZGY5OTk3
LzEvTlJOYmdiYkI3ZEwyOWJ3Y1lJcGZ5ZjZTWkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8+KMA0G
CSqGSIb3DQEBCwUAA4IBAQCH3TLnUvbhXsW7UHiMYh9mfMekLIra+mxaT/wj1TwW
zRn/6W7SC2iz3Y6i2T3bj+Jd6I5suJok4ei3r/shml6QbjfE1sqFcT8h287LuSrr
dPM1GRvf5mNWv7Kyg30LXn9j0n1oB6LrB0aAm0yGa85dZ18VD2hmxaZHgYCTrWpx
cwDP4kx+KskZuldftVh2x4/CvNOnliFDI9gbDzuFul48gWI89pli13+OBw4U4w/m
DrNTBhcx6HhdC0bwwfWSddt1WnbZlEdbkBdSnrxh1X+GZiMTXY8SkLDZPFZIm0yT
EZSBkDh7uCEbsGArKf7c0drAuD+hxqbvOol31LlfAsxu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:10 2024 by rpki-client on console-fra.rpki-client.org