Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/91zh7JHY0GtzhczYkzkaw-H5CWE.roa
File: 91zh7JHY0GtzhczYkzkaw-H5CWE.roa (raw, json)
Hash identifier: zEAe9Canzf1gSaI3YvHOYqAd6DToahwCMyAB+BesnJE=
Subject key identifier: F7:5C:E1:EC:91:D8:D0:6B:73:85:CC:D8:93:39:1A:C3:E1:F9:09:61
Certificate issuer: /CN=3e43277b7ca79d0e9e07fc4a4b318041df415cb3
Certificate serial: 018C30E5DF62F9FF2A86018D5DD22112C5E9
Authority key identifier: 3E:43:27:7B:7C:A7:9D:0E:9E:07:FC:4A:4B:31:80:41:DF:41:5C:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/91zh7JHY0GtzhczYkzkaw-H5CWE.roa
Signing time: Sun 03 Dec 2023 18:17:00 +0000
ROA not before: Sun 03 Dec 2023 18:17:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61400
IP address blocks: 195.93.173.0/24 maxlen: 24
195.14.123.0/24 maxlen: 24
2001:678:cfc::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 04 Dec 2023 06:16:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:30:e5:df:62:f9:ff:2a:86:01:8d:5d:d2:21:12:c5:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e43277b7ca79d0e9e07fc4a4b318041df415cb3
Validity
Not Before: Dec 3 18:17:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f75ce1ec91d8d06b7385ccd893391ac3e1f90961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bd:44:56:f0:29:c5:c0:25:5f:e0:f4:31:66:
47:24:0d:7a:58:31:09:64:c2:60:ee:a1:5a:d5:3d:
7d:48:9f:b5:d6:2a:62:b4:44:f2:5f:f0:45:3c:02:
fe:00:b5:4a:17:60:75:4e:04:87:6f:ab:de:27:42:
3c:52:d9:e7:54:b9:59:5f:85:41:86:84:1f:92:83:
ec:b1:99:f1:09:ae:17:b6:6b:3e:5b:1f:ff:74:b5:
82:1c:b2:0e:d8:de:1a:24:86:df:35:c2:d1:b0:af:
5b:fa:17:29:79:16:7f:93:57:28:1d:6e:77:4b:6e:
9e:8e:2c:66:09:09:72:64:ab:4a:56:46:5f:94:59:
f1:4f:54:d9:30:35:9e:21:b9:6c:8e:82:fb:17:c2:
40:1e:04:62:4b:3e:10:96:0f:3c:ae:dc:01:bc:62:
c1:e9:78:94:08:00:df:d3:49:af:29:07:74:53:97:
08:ba:79:fc:79:0d:ed:e7:04:b2:c1:2a:11:6b:1e:
8f:b7:c3:33:e2:92:a5:c1:fd:77:97:f4:d5:bd:0c:
d1:5f:a1:45:73:08:43:76:35:4c:de:1a:3f:7f:c3:
c3:e4:bc:26:db:71:8a:ce:c2:dd:3b:ff:a1:fe:4b:
dd:1d:f7:24:0b:ce:48:2b:18:87:74:1f:00:c1:10:
e8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:5C:E1:EC:91:D8:D0:6B:73:85:CC:D8:93:39:1A:C3:E1:F9:09:61
X509v3 Authority Key Identifier:
keyid:3E:43:27:7B:7C:A7:9D:0E:9E:07:FC:4A:4B:31:80:41:DF:41:5C:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/91zh7JHY0GtzhczYkzkaw-H5CWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/PkMne3ynnQ6eB_xKSzGAQd9BXLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.14.123.0/24
195.93.173.0/24
IPv6:
2001:678:cfc::/48
Signature Algorithm: sha256WithRSAEncryption
29:38:0f:f8:d7:ba:83:a2:43:cf:fe:54:12:3d:3e:00:30:03:
84:0c:b3:be:ea:c5:e4:62:e4:4b:9b:2d:3b:d9:c6:db:b6:62:
75:f6:15:db:ab:4b:23:b1:1e:10:0a:e0:fc:d3:f0:c1:5f:3b:
3a:f7:dd:cc:b0:8f:87:31:9d:88:d6:b6:53:88:64:a3:fb:6e:
74:5f:d7:2d:b2:06:b2:8b:5c:d0:f1:fc:9f:61:64:41:e5:b0:
5a:90:dd:21:f0:86:6b:bf:df:e1:bb:fb:f6:cd:c4:e3:ef:9b:
86:b0:7d:a8:08:50:3d:9d:a8:ec:c9:e8:e0:a7:e8:08:66:0b:
83:52:7d:db:2a:60:c8:36:33:20:36:84:98:f4:d1:35:f3:55:
de:16:4a:7e:ce:b1:5b:c7:c7:69:da:ff:85:de:5d:85:6b:8b:
50:fc:3c:3b:8e:8f:33:06:ce:9b:28:98:48:b6:44:83:91:ec:
0a:5b:6f:9a:15:93:a3:69:e0:24:c4:31:d2:6a:85:a3:c0:3a:
08:ac:10:0d:a0:e3:46:9a:73:c6:a2:93:10:4d:fe:6c:61:7d:
9d:84:3d:8a:74:32:9f:0d:b2:fc:bf:e2:2a:ea:91:eb:9c:28:
d8:4e:d4:21:06:c1:ba:75:77:0b:58:78:46:2c:44:63:e0:86:
1f:69:cf:ba
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYww5d9i+f8qhgGNXdIhEsXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDMyNzdiN2NhNzlkMGU5ZTA3ZmM0YTRiMzE4MDQxZGY0
MTVjYjMwHhcNMjMxMjAzMTgxNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzVjZTFlYzkxZDhkMDZiNzM4NWNjZDg5MzM5MWFjM2UxZjkwOTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkb1EVvApxcAlX+D0MWZHJA16WDEJ
ZMJg7qFa1T19SJ+11ipitETyX/BFPAL+ALVKF2B1TgSHb6veJ0I8UtnnVLlZX4VB
hoQfkoPssZnxCa4Xtms+Wx//dLWCHLIO2N4aJIbfNcLRsK9b+hcpeRZ/k1coHW53
S26ejixmCQlyZKtKVkZflFnxT1TZMDWeIblsjoL7F8JAHgRiSz4Qlg88rtwBvGLB
6XiUCADf00mvKQd0U5cIunn8eQ3t5wSywSoRax6Pt8Mz4pKlwf13l/TVvQzRX6FF
cwhDdjVM3ho/f8PD5Lwm23GKzsLdO/+h/kvdHfckC85IKxiHdB8AwRDo3wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPdc4eyR2NBrc4XM2JM5GsPh+QlhMB8GA1UdIwQY
MBaAFD5DJ3t8p50Ongf8SksxgEHfQVyzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtNbmUzeW5uUTZlQl94S1N6R0FRZDlCWExNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMjE5NDUtYTc0ZS00Nzc1LWFlYTUt
M2NmMmE0NjIyZmJjLzEvOTF6aDdKSFkwR3R6aGN6WWt6a2F3LUg1Q1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMjE5NDUtYTc0ZS00Nzc1LWFlYTUtM2NmMmE0NjIyZmJj
LzEvUGtNbmUzeW5uUTZlQl94S1N6R0FRZDlCWExNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAww57AwQA
w12tMA8EAgACMAkDBwAgAQZ4DPwwDQYJKoZIhvcNAQELBQADggEBACk4D/jXuoOi
Q8/+VBI9PgAwA4QMs77qxeRi5EubLTvZxtu2YnX2FdurSyOxHhAK4PzT8MFfOzr3
3cywj4cxnYjWtlOIZKP7bnRf1y2yBrKLXNDx/J9hZEHlsFqQ3SHwhmu/3+G7+/bN
xOPvm4awfagIUD2dqOzJ6OCn6AhmC4NSfdsqYMg2MyA2hJj00TXzVd4WSn7OsVvH
x2na/4XeXYVri1D8PDuOjzMGzpsomEi2RIOR7Apbb5oVk6Np4CTEMdJqhaPAOgis
EA2g40aac8aikxBN/mxhfZ2EPYp0Mp8Nsvy/4irqkeucKNhO1CEGwbp1dwtYeEYs
RGPghh9pz7o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:13 2024 by rpki-client on console-ams.rpki-client.org