Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Le1jWzLqHMz27uoCMP3k1Znn4vQ.roa
File: Le1jWzLqHMz27uoCMP3k1Znn4vQ.roa (raw, json)
Hash identifier: MgB75ObaGEC2ae27PcaDKHD2oIMr+zXMptgQ3NzMvuc=
Subject key identifier: 2D:ED:63:5B:32:EA:1C:CC:F6:EE:EA:02:30:FD:E4:D5:99:E7:E2:F4
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 01856DC19DAF6BACCD32DEC0711C1F369425
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Le1jWzLqHMz27uoCMP3k1Znn4vQ.roa
Signing time: Sun 01 Jan 2023 14:34:43 +0000
ROA not before: Sun 01 Jan 2023 14:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 91.202.232.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:9d:af:6b:ac:cd:32:de:c0:71:1c:1f:36:94:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Jan 1 14:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ded635b32ea1cccf6eeea0230fde4d599e7e2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d7:12:69:de:79:f9:88:5a:33:55:80:ed:f0:
6d:cb:75:68:50:93:85:57:55:4c:3a:c6:58:d7:39:
3d:07:05:d0:85:f0:9c:68:ac:8b:c7:79:19:a7:04:
e8:66:52:8f:5a:a7:88:26:fb:9d:23:85:17:e7:85:
7a:fa:7a:99:00:44:9e:26:85:b9:81:ff:0a:55:d8:
06:68:25:05:2f:ae:df:dd:40:5d:7a:79:7f:19:0a:
2b:24:c0:9d:1c:83:f2:8a:58:34:c4:ea:4f:9c:17:
90:cd:88:2e:0b:2d:3e:a2:1e:c0:55:d4:36:40:8f:
bc:10:34:b8:5b:8f:3c:c2:0c:b5:35:17:64:83:2a:
ab:df:4e:49:c7:06:a1:82:60:81:3c:54:45:e2:93:
5b:20:72:84:52:f2:da:56:d4:20:50:b3:73:f1:ec:
6e:a2:c0:6c:3e:84:80:24:5f:7b:da:ae:e2:78:1e:
ae:7d:fb:7c:ce:ff:15:20:a8:1d:96:8a:c2:fe:42:
30:ce:6c:0b:91:9d:6a:25:c8:18:c0:bb:5e:b3:d8:
ca:1c:81:94:cc:1e:14:e9:8d:cd:3d:cf:07:68:da:
9d:c7:52:3e:81:db:3e:59:ec:2a:a0:e5:bc:ad:ad:
7c:1b:87:b4:43:6d:cb:ed:d8:aa:9d:fe:e7:3d:71:
98:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:ED:63:5B:32:EA:1C:CC:F6:EE:EA:02:30:FD:E4:D5:99:E7:E2:F4
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Le1jWzLqHMz27uoCMP3k1Znn4vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.232.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:b0:45:3b:f4:34:bf:02:d2:37:fa:7e:92:ac:84:ec:55:be:
29:1f:3e:d7:1e:54:1e:03:5c:52:6b:39:b8:ad:17:21:bc:d4:
bd:56:6b:bc:61:16:df:fb:20:a8:9b:60:f4:3f:5b:bd:6f:3e:
59:79:8d:3f:2f:57:39:c9:93:24:50:bd:d1:f7:33:36:ab:3c:
47:74:80:7e:84:1c:a5:af:5b:de:72:30:a2:b6:bf:58:8e:49:
aa:e1:23:48:01:8c:e0:9d:7b:c7:05:55:b4:56:b4:ca:b8:5d:
55:6d:b4:88:79:93:78:eb:3b:6a:a8:6d:f7:26:9e:b8:39:63:
83:2a:84:16:c3:9d:4c:51:81:26:bb:74:cc:b2:18:ce:62:22:
ca:5e:73:cd:15:85:0f:a9:97:88:da:25:44:0f:88:0d:9d:72:
a2:f3:62:91:ed:95:0e:f3:93:bb:1e:fe:8b:1f:f2:5e:0d:f2:
9a:78:9e:16:17:39:fc:77:75:f8:25:39:c7:d8:a6:0b:a4:0b:
35:ca:cd:5b:88:6f:11:24:82:ec:5a:61:e7:2b:27:dc:eb:b3:
92:24:04:76:ca:c7:ee:2a:e6:5d:cb:73:e0:0b:8d:fd:ec:7d:
51:33:54:8d:6d:ac:6f:a1:dd:90:d5:0f:e8:70:e5:3f:9f:98:
92:d0:d2:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwZ2va6zNMt7AcRwfNpQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjMwMTAxMTQzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGVkNjM1YjMyZWExY2NjZjZlZWVhMDIzMGZkZTRkNTk5ZTdlMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNcSad55+YhaM1WA7fBty3VoUJOF
V1VMOsZY1zk9BwXQhfCcaKyLx3kZpwToZlKPWqeIJvudI4UX54V6+nqZAESeJoW5
gf8KVdgGaCUFL67f3UBdenl/GQorJMCdHIPyilg0xOpPnBeQzYguCy0+oh7AVdQ2
QI+8EDS4W488wgy1NRdkgyqr305JxwahgmCBPFRF4pNbIHKEUvLaVtQgULNz8exu
osBsPoSAJF972q7ieB6ufft8zv8VIKgdlorC/kIwzmwLkZ1qJcgYwLtes9jKHIGU
zB4U6Y3NPc8HaNqdx1I+gds+WewqoOW8ra18G4e0Q23L7diqnf7nPXGYbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC3tY1sy6hzM9u7qAjD95NWZ5+L0MB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvTGUxald6THFITXoyN3VvQ01QM2sxWm5uNHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8roMA0G
CSqGSIb3DQEBCwUAA4IBAQAesEU79DS/AtI3+n6SrITsVb4pHz7XHlQeA1xSazm4
rRchvNS9Vmu8YRbf+yCom2D0P1u9bz5ZeY0/L1c5yZMkUL3R9zM2qzxHdIB+hByl
r1vecjCitr9Yjkmq4SNIAYzgnXvHBVW0VrTKuF1VbbSIeZN46ztqqG33Jp64OWOD
KoQWw51MUYEmu3TMshjOYiLKXnPNFYUPqZeI2iVED4gNnXKi82KR7ZUO85O7Hv6L
H/JeDfKaeJ4WFzn8d3X4JTnH2KYLpAs1ys1biG8RJILsWmHnKyfc67OSJAR2ysfu
KuZdy3PgC4397H1RM1SNbaxvod2Q1Q/ocOU/n5iS0NIQ
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:49 2024 by rpki-client on console-fra.rpki-client.org