Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/ws2-6NBR_qmiS7me5SeZxzsB2w8.roa
File: ws2-6NBR_qmiS7me5SeZxzsB2w8.roa (raw, json)
Hash identifier: lzdpFHmViMtvj2bOgU/mwsRLEcKl2tn53TDkjT5RwrA=
Subject key identifier: C2:CD:BE:E8:D0:51:FE:A9:A2:4B:B9:9E:E5:27:99:C7:3B:01:DB:0F
Certificate issuer: /CN=9520bf8c77226a3fa88ebe11cc8f1169cc560a79
Certificate serial: 0185737AA82704DA4CC19DAA63A9A863B7BF
Authority key identifier: 95:20:BF:8C:77:22:6A:3F:A8:8E:BE:11:CC:8F:11:69:CC:56:0A:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSC_jHciaj-ojr4RzI8RacxWCnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/ws2-6NBR_qmiS7me5SeZxzsB2w8.roa
Signing time: Mon 02 Jan 2023 17:14:56 +0000
ROA not before: Mon 02 Jan 2023 17:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57265
IP address blocks: 91.216.41.0/24 maxlen: 24
2001:678:71c::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:a8:27:04:da:4c:c1:9d:aa:63:a9:a8:63:b7:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9520bf8c77226a3fa88ebe11cc8f1169cc560a79
Validity
Not Before: Jan 2 17:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2cdbee8d051fea9a24bb99ee52799c73b01db0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:79:64:35:52:a7:88:79:46:1d:79:7f:99:d7:
04:03:6f:d2:81:da:46:26:0d:56:e8:88:55:04:3b:
76:aa:c5:b8:7d:de:a6:46:d0:10:91:a8:e3:45:50:
21:62:15:be:e0:92:cc:94:a5:91:4a:92:ab:45:54:
6e:1b:f4:14:24:60:7e:09:5c:fc:fe:88:e4:5d:30:
29:21:e7:55:1f:3d:be:fc:9b:74:5f:96:bf:1d:9b:
cb:9e:71:0d:7c:59:46:16:9a:a6:b8:3d:13:94:30:
4f:46:76:97:ea:ff:d6:80:7c:5f:46:e6:1b:e7:52:
2c:09:1b:df:fc:02:9f:5c:e4:a1:14:37:2b:21:f4:
65:6f:d0:5f:33:a9:be:8f:c8:28:e8:db:bb:d5:d2:
a1:ec:19:c5:09:ba:5d:3f:3b:6e:48:45:47:1e:0f:
f0:87:e2:9d:7a:7a:bf:bc:9e:7b:6b:1a:a4:db:2e:
4d:6f:5a:bd:fa:fd:b7:68:2c:92:2d:0b:35:ee:20:
67:31:b4:58:ff:ff:41:ec:c1:92:9d:ca:fd:12:27:
16:e3:77:b4:03:8a:da:a9:bf:57:42:c0:7f:8a:41:
e0:99:c0:56:91:2f:9c:4f:8b:75:16:86:09:dd:d9:
64:11:89:3e:78:7d:9e:e5:a3:77:02:e3:e4:e5:91:
a8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:CD:BE:E8:D0:51:FE:A9:A2:4B:B9:9E:E5:27:99:C7:3B:01:DB:0F
X509v3 Authority Key Identifier:
keyid:95:20:BF:8C:77:22:6A:3F:A8:8E:BE:11:CC:8F:11:69:CC:56:0A:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSC_jHciaj-ojr4RzI8RacxWCnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/ws2-6NBR_qmiS7me5SeZxzsB2w8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/lSC_jHciaj-ojr4RzI8RacxWCnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.41.0/24
IPv6:
2001:678:71c::/48
Signature Algorithm: sha256WithRSAEncryption
5f:95:40:59:3f:57:f9:b9:2c:b0:20:eb:db:59:56:ca:d1:0c:
b3:78:ed:89:e8:b4:4c:41:a1:2a:ab:ef:49:90:2b:09:7a:7d:
f9:3b:61:c6:f5:c3:24:9e:e3:b9:99:a8:da:ed:08:a7:1f:d1:
91:ab:44:ad:b6:3b:9f:3e:f4:d6:60:08:42:49:c8:99:ee:90:
77:ba:c9:10:52:3f:b6:5d:a1:ba:cf:92:23:41:94:53:20:03:
fa:6c:c2:6d:53:94:cb:f5:23:dc:6c:15:9d:ea:6d:86:db:7c:
95:bb:40:2c:55:59:d0:03:1c:9f:50:7e:3f:0a:e7:7f:0d:89:
fc:cd:95:8b:29:1c:97:23:97:72:98:9c:42:35:9f:c1:68:36:
fb:24:cc:34:30:a4:4a:d8:f7:b3:03:1f:22:8f:f1:7b:64:35:
a4:5b:ad:dc:40:34:91:d0:b0:ab:54:ab:63:07:4e:9b:a1:c4:
7b:a2:00:4f:e0:77:1a:65:9d:56:f2:b5:11:00:23:56:6f:a1:
c7:c2:62:f9:1d:f1:c8:a2:42:f0:71:14:11:40:15:9b:66:fe:
8a:b0:84:27:c0:39:18:76:8c:c5:2b:6e:9a:99:67:02:4f:52:
ab:2e:5f:b7:05:05:1d:ce:6b:72:b1:68:7e:b0:b0:ce:35:a9:
61:75:f6:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVzeqgnBNpMwZ2qY6moY7e/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjBiZjhjNzcyMjZhM2ZhODhlYmUxMWNjOGYxMTY5Y2M1
NjBhNzkwHhcNMjMwMTAyMTcxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmNkYmVlOGQwNTFmZWE5YTI0YmI5OWVlNTI3OTljNzNiMDFkYjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHlkNVKniHlGHXl/mdcEA2/SgdpG
Jg1W6IhVBDt2qsW4fd6mRtAQkajjRVAhYhW+4JLMlKWRSpKrRVRuG/QUJGB+CVz8
/ojkXTApIedVHz2+/Jt0X5a/HZvLnnENfFlGFpqmuD0TlDBPRnaX6v/WgHxfRuYb
51IsCRvf/AKfXOShFDcrIfRlb9BfM6m+j8go6Nu71dKh7BnFCbpdPztuSEVHHg/w
h+Kdenq/vJ57axqk2y5Nb1q9+v23aCySLQs17iBnMbRY//9B7MGSncr9EicW43e0
A4raqb9XQsB/ikHgmcBWkS+cT4t1FoYJ3dlkEYk+eH2e5aN3AuPk5ZGo9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMLNvujQUf6poku5nuUnmcc7AdsPMB8GA1UdIwQY
MBaAFJUgv4x3Imo/qI6+EcyPEWnMVgp5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNDX2pIY2lhai1vanI0UnpJOFJhY3hXQ25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9mMDlhN2YtNTc2MS00NWE3LTljY2It
MWYzZWQ2ZDg4MWI4LzEvd3MyLTZOQlJfcW1pUzdtZTVTZVp4enNCMnc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9mMDlhN2YtNTc2MS00NWE3LTljY2ItMWYzZWQ2ZDg4MWI4
LzEvbFNDX2pIY2lhai1vanI0UnpJOFJhY3hXQ25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9gpMA8E
AgACMAkDBwAgAQZ4BxwwDQYJKoZIhvcNAQELBQADggEBAF+VQFk/V/m5LLAg69tZ
VsrRDLN47YnotExBoSqr70mQKwl6ffk7Ycb1wySe47mZqNrtCKcf0ZGrRK22O58+
9NZgCEJJyJnukHe6yRBSP7ZdobrPkiNBlFMgA/pswm1TlMv1I9xsFZ3qbYbbfJW7
QCxVWdADHJ9Qfj8K538NifzNlYspHJcjl3KYnEI1n8FoNvskzDQwpErY97MDHyKP
8XtkNaRbrdxANJHQsKtUq2MHTpuhxHuiAE/gdxplnVbytREAI1ZvocfCYvkd8cii
QvBxFBFAFZtm/oqwhCfAORh2jMUrbpqZZwJPUqsuX7cFBR3Oa3KxaH6wsM41qWF1
9mI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:15 2024 by rpki-client on console-fra.rpki-client.org