Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/L-tU7tGqzFcx9JxJKiAathc6qFI.roa
File: L-tU7tGqzFcx9JxJKiAathc6qFI.roa (raw, json)
Hash identifier: sHG8SW2KC6Gia5blhZd75SNw0wkGDhh2yCCPQCX3X3g=
Subject key identifier: 2F:EB:54:EE:D1:AA:CC:57:31:F4:9C:49:2A:20:1A:B6:17:3A:A8:52
Certificate issuer: /CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Certificate serial: 01856F8B7CD23CD89B681B93AD21EC9C8073
Authority key identifier: 4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/L-tU7tGqzFcx9JxJKiAathc6qFI.roa
Signing time: Sun 01 Jan 2023 22:54:50 +0000
ROA not before: Sun 01 Jan 2023 22:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35120
IP address blocks: 91.223.100.0/24 maxlen: 24
91.209.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:7c:d2:3c:d8:9b:68:1b:93:ad:21:ec:9c:80:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Validity
Not Before: Jan 1 22:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2feb54eed1aacc5731f49c492a201ab6173aa852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:4b:3e:f8:b2:b2:29:f2:09:70:e7:7f:ca:6f:
0a:e9:70:59:7d:0b:6e:5c:12:99:20:f8:2d:9f:05:
4f:76:fa:95:75:26:6f:62:38:76:0e:0c:2f:4f:d8:
7f:a1:d4:83:c2:80:00:db:92:d2:5f:ab:4b:1d:24:
ac:ab:d3:74:fb:f5:c9:1b:f6:a5:95:6d:6c:6c:81:
67:bc:be:06:94:f8:91:44:46:8d:f9:4b:88:58:ab:
cf:b8:4e:bf:77:bc:97:8b:e9:aa:f2:4a:64:3d:0d:
2e:ea:bd:bc:00:10:ab:6c:33:54:20:bc:d8:86:ee:
f1:b8:e6:4a:49:1e:1c:30:e0:f3:c2:86:75:9e:ed:
22:ee:81:d9:16:63:42:ea:1e:d0:5d:15:51:5b:fd:
0c:9f:39:82:39:8b:8f:cd:c1:19:13:d6:81:46:5d:
86:7d:5c:97:61:aa:1c:f6:d1:30:25:69:45:a3:90:
9e:83:2e:98:23:2f:c3:95:66:32:76:b9:44:8d:40:
82:dd:b8:13:6d:c5:07:da:fb:03:cd:30:4e:81:a4:
9e:d2:23:53:4a:cf:2e:36:9b:b5:93:93:fe:9e:de:
23:4b:6e:bb:53:97:90:eb:85:47:1b:c0:5d:da:7a:
01:10:45:55:e1:87:15:66:4b:dd:c8:8d:02:fb:ff:
20:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:EB:54:EE:D1:AA:CC:57:31:F4:9C:49:2A:20:1A:B6:17:3A:A8:52
X509v3 Authority Key Identifier:
keyid:4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/L-tU7tGqzFcx9JxJKiAathc6qFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.212.0/24
91.223.100.0/24
Signature Algorithm: sha256WithRSAEncryption
84:eb:32:0b:40:74:72:61:35:05:e8:10:42:dd:26:9e:ee:e9:
f2:2a:39:99:03:bb:78:08:b3:39:74:62:92:18:50:0a:4f:c5:
92:ea:de:40:7e:56:a4:84:cb:04:0d:87:34:ff:41:95:fb:4e:
91:75:15:ea:fc:66:ad:29:54:9d:d9:99:3c:b3:00:96:53:ee:
76:9a:a2:fb:1b:de:82:55:56:91:b7:d3:89:7d:c7:c2:1b:46:
e9:05:20:84:c2:a0:35:80:0a:aa:88:fc:31:7a:07:31:43:f7:
02:fe:ea:87:35:a8:49:a3:91:d6:3c:7a:53:4a:f0:a5:91:be:
56:3a:90:97:d6:8b:3d:ac:06:55:4a:33:b0:ed:1e:a2:c7:42:
84:93:46:4a:4f:b4:6b:9f:89:ac:e5:ce:0b:8b:97:30:43:d4:
d5:74:a1:8c:24:a5:88:59:df:9e:88:d7:7e:18:ff:9f:1c:4a:
ec:30:7a:25:d8:41:c8:ae:cd:e2:be:25:c1:59:18:3d:e0:46:
fd:ab:3c:03:80:e1:b1:94:33:a7:67:33:8e:36:eb:50:4c:09:
79:ba:0b:2b:57:cd:c2:4b:1c:a3:40:cb:6b:fa:da:3d:86:c1:
5d:13:e5:51:c0:77:71:6f:a2:62:3c:4b:d7:9e:c2:9e:65:b0:
c1:2c:cf:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvi3zSPNibaBuTrSHsnIBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGFkZTU0YzI3ZTZmY2RkYWNlMjYyYzRmZGY3OTBmMzIw
ZmVkOWMwHhcNMjMwMTAxMjI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmViNTRlZWQxYWFjYzU3MzFmNDljNDkyYTIwMWFiNjE3M2FhODUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEs++LKyKfIJcOd/ym8K6XBZfQtu
XBKZIPgtnwVPdvqVdSZvYjh2DgwvT9h/odSDwoAA25LSX6tLHSSsq9N0+/XJG/al
lW1sbIFnvL4GlPiRREaN+UuIWKvPuE6/d7yXi+mq8kpkPQ0u6r28ABCrbDNUILzY
hu7xuOZKSR4cMODzwoZ1nu0i7oHZFmNC6h7QXRVRW/0MnzmCOYuPzcEZE9aBRl2G
fVyXYaoc9tEwJWlFo5Cegy6YIy/DlWYydrlEjUCC3bgTbcUH2vsDzTBOgaSe0iNT
Ss8uNpu1k5P+nt4jS267U5eQ64VHG8Bd2noBEEVV4YcVZkvdyI0C+/8gIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC/rVO7RqsxXMfScSSogGrYXOqhSMB8GA1UdIwQY
MBaAFE0K3lTCfm/N2s4mLE/feQ8yD+2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFyZVZNSi1iODNhemlZc1Q5OTVEeklQN1p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84ZWZkOGItZTUxNi00YzQ5LTkyY2It
ODkyOTZjY2IzNWY1LzEvTC10VTd0R3F6RmN4OUp4SktpQWF0aGM2cUZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84ZWZkOGItZTUxNi00YzQ5LTkyY2ItODkyOTZjY2IzNWY1
LzEvVFFyZVZNSi1iODNhemlZc1Q5OTVEeklQN1p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9HUAwQA
W99kMA0GCSqGSIb3DQEBCwUAA4IBAQCE6zILQHRyYTUF6BBC3Sae7unyKjmZA7t4
CLM5dGKSGFAKT8WS6t5AflakhMsEDYc0/0GV+06RdRXq/GatKVSd2Zk8swCWU+52
mqL7G96CVVaRt9OJfcfCG0bpBSCEwqA1gAqqiPwxegcxQ/cC/uqHNahJo5HWPHpT
SvClkb5WOpCX1os9rAZVSjOw7R6ix0KEk0ZKT7Rrn4ms5c4Li5cwQ9TVdKGMJKWI
Wd+eiNd+GP+fHErsMHol2EHIrs3iviXBWRg94Eb9qzwDgOGxlDOnZzOONutQTAl5
ugsrV83CSxyjQMtr+to9hsFdE+VRwHdxb6JiPEvXnsKeZbDBLM/F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:30 2024 by rpki-client on console-fra.rpki-client.org