Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/761b48-69ea-40e4-8d7c-64cd194f7f4f/1/qI_F1Jm02hSiFelM9EUhoqIlQWQ.roa
File: qI_F1Jm02hSiFelM9EUhoqIlQWQ.roa (raw, json)
Hash identifier: S5uHs2Z2IvEqs8jXwKXgoXzLHrUbkVO4mXS/vIzpNW0=
Subject key identifier: A8:8F:C5:D4:99:B4:DA:14:A2:15:E9:4C:F4:45:21:A2:A2:25:41:64
Certificate issuer: /CN=cf6843ce15229a8023d97fa27a37e59278b2bfd7
Certificate serial: 018572035141938D86CDCC970CCBCB7F536E
Authority key identifier: CF:68:43:CE:15:22:9A:80:23:D9:7F:A2:7A:37:E5:92:78:B2:BF:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z2hDzhUimoAj2X-iejflkniyv9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/761b48-69ea-40e4-8d7c-64cd194f7f4f/1/qI_F1Jm02hSiFelM9EUhoqIlQWQ.roa
Signing time: Mon 02 Jan 2023 10:24:58 +0000
ROA not before: Mon 02 Jan 2023 10:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197944
IP address blocks: 91.230.90.0/24 maxlen: 24
2001:67c:24dc::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:51:41:93:8d:86:cd:cc:97:0c:cb:cb:7f:53:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf6843ce15229a8023d97fa27a37e59278b2bfd7
Validity
Not Before: Jan 2 10:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a88fc5d499b4da14a215e94cf44521a2a2254164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e0:9f:25:54:83:43:16:8e:3a:51:94:84:79:
08:de:f8:30:21:13:a8:9f:cc:4a:2f:0e:ce:35:fc:
55:cd:7f:db:26:13:d0:9d:8d:37:5f:a1:17:13:0b:
cf:0a:d5:80:f9:4a:89:2e:9b:d0:0f:f5:82:04:3d:
37:26:e7:f7:3a:64:a4:ce:fd:63:6f:4e:94:7a:bb:
d3:01:83:f6:e7:38:c9:77:26:58:96:67:35:1a:7c:
b9:84:19:64:4f:e6:4e:9c:b5:50:f9:ec:4a:12:37:
52:62:59:e5:a9:74:21:17:6f:61:d6:a0:99:92:b3:
10:cf:b8:1b:74:4a:37:f9:b3:83:8f:42:5b:fc:cb:
3c:2f:e8:c7:88:23:8d:3c:8b:1e:f9:56:df:e8:6c:
27:33:b1:d5:b4:ec:fc:e2:1a:4d:66:33:24:09:af:
79:66:3f:0d:a4:f6:2e:2d:80:f0:06:eb:94:2c:e0:
97:2b:13:de:97:7c:a8:62:9a:23:85:9a:63:fd:4b:
5f:bf:95:92:64:07:84:ef:4e:b0:29:95:d8:0c:dc:
ed:27:36:05:f1:bd:fb:37:3f:b6:fc:f2:87:c9:b7:
f8:f1:39:19:fc:70:29:a3:22:3c:00:c9:28:11:85:
c6:bf:9c:1b:55:e5:7a:e2:aa:2e:3c:d0:dd:18:f2:
e0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:8F:C5:D4:99:B4:DA:14:A2:15:E9:4C:F4:45:21:A2:A2:25:41:64
X509v3 Authority Key Identifier:
keyid:CF:68:43:CE:15:22:9A:80:23:D9:7F:A2:7A:37:E5:92:78:B2:BF:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2hDzhUimoAj2X-iejflkniyv9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/761b48-69ea-40e4-8d7c-64cd194f7f4f/1/qI_F1Jm02hSiFelM9EUhoqIlQWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/761b48-69ea-40e4-8d7c-64cd194f7f4f/1/z2hDzhUimoAj2X-iejflkniyv9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.90.0/24
IPv6:
2001:67c:24dc::/48
Signature Algorithm: sha256WithRSAEncryption
60:18:21:20:f6:3d:ab:25:15:39:43:4c:38:9e:75:cf:54:93:
14:06:52:19:a3:cc:fd:06:b8:fe:ef:d1:2e:f3:7c:42:83:bb:
73:98:12:5c:fb:09:70:5f:e6:72:cb:cc:0f:48:31:dd:6f:ee:
8c:a0:61:0c:c7:0e:01:12:ae:86:31:87:e9:5b:6b:02:f4:55:
94:2e:a1:45:26:cf:57:da:1b:a1:0c:ea:ee:c1:de:55:4b:d3:
0e:78:ae:a3:ed:b2:0b:42:31:59:6b:a1:8b:02:a0:e9:07:9a:
97:b3:3c:02:df:8e:31:98:b8:0f:61:a2:23:f9:3b:4d:db:17:
ae:3f:40:76:85:a2:e2:40:0b:66:09:e6:ea:ca:29:86:73:10:
8c:45:29:db:1d:08:51:bc:5a:e0:28:00:64:fe:db:af:4c:93:
b6:c2:27:1a:0d:9f:0f:c4:1f:e3:b7:a8:1e:28:34:39:97:f1:
7e:a0:e3:64:7a:47:25:6d:d1:7f:cc:7c:54:7b:67:1a:a3:f9:
9e:44:d6:5a:8d:be:0d:fc:99:79:4e:94:e1:fd:b8:b9:61:6f:
e8:59:f0:6b:63:4a:52:e1:96:f0:91:0f:b6:b5:cc:3c:12:d3:
22:4f:db:a7:80:c8:7b:3d:6d:a4:08:0b:41:7e:7c:66:27:af:
ab:07:29:f3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyA1FBk42GzcyXDMvLf1NuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNjg0M2NlMTUyMjlhODAyM2Q5N2ZhMjdhMzdlNTkyNzhi
MmJmZDcwHhcNMjMwMTAyMTAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODhmYzVkNDk5YjRkYTE0YTIxNWU5NGNmNDQ1MjFhMmEyMjU0MTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquCfJVSDQxaOOlGUhHkI3vgwIROo
n8xKLw7ONfxVzX/bJhPQnY03X6EXEwvPCtWA+UqJLpvQD/WCBD03Juf3OmSkzv1j
b06UervTAYP25zjJdyZYlmc1Gny5hBlkT+ZOnLVQ+exKEjdSYlnlqXQhF29h1qCZ
krMQz7gbdEo3+bODj0Jb/Ms8L+jHiCONPIse+Vbf6GwnM7HVtOz84hpNZjMkCa95
Zj8NpPYuLYDwBuuULOCXKxPel3yoYpojhZpj/Utfv5WSZAeE706wKZXYDNztJzYF
8b37Nz+2/PKHybf48TkZ/HApoyI8AMkoEYXGv5wbVeV64qouPNDdGPLggQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKiPxdSZtNoUohXpTPRFIaKiJUFkMB8GA1UdIwQY
MBaAFM9oQ84VIpqAI9l/ono35ZJ4sr/XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejJoRHpoVWltb0FqMlgtaWVqZmxrbml5djljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy83NjFiNDgtNjllYS00MGU0LThkN2Mt
NjRjZDE5NGY3ZjRmLzEvcUlfRjFKbTAyaFNpRmVsTTlFVWhvcUlsUVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy83NjFiNDgtNjllYS00MGU0LThkN2MtNjRjZDE5NGY3ZjRm
LzEvejJoRHpoVWltb0FqMlgtaWVqZmxrbml5djljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+ZaMA8E
AgACMAkDBwAgAQZ8JNwwDQYJKoZIhvcNAQELBQADggEBAGAYISD2PaslFTlDTDie
dc9UkxQGUhmjzP0GuP7v0S7zfEKDu3OYElz7CXBf5nLLzA9IMd1v7oygYQzHDgES
roYxh+lbawL0VZQuoUUmz1faG6EM6u7B3lVL0w54rqPtsgtCMVlroYsCoOkHmpez
PALfjjGYuA9hoiP5O03bF64/QHaFouJAC2YJ5urKKYZzEIxFKdsdCFG8WuAoAGT+
269Mk7bCJxoNnw/EH+O3qB4oNDmX8X6g42R6RyVt0X/MfFR7Zxqj+Z5E1lqNvg38
mXlOlOH9uLlhb+hZ8GtjSlLhlvCRD7a1zDwS0yJP26eAyHs9baQIC0F+fGYnr6sH
KfM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:40 2024 by rpki-client on console-ams.rpki-client.org