Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/idP_Q6Lcu7Qgk35Yi3-isavDf50.roa
File: idP_Q6Lcu7Qgk35Yi3-isavDf50.roa (raw, json)
Hash identifier: fxxOPl8RtdXpr5PL37mljGYzdMYVzz6hQFgrvYQa4sE=
Subject key identifier: 89:D3:FF:43:A2:DC:BB:B4:20:93:7E:58:8B:7F:A2:B1:AB:C3:7F:9D
Certificate issuer: /CN=6de2aab077c9eef103f97984f309d891e5a19983
Certificate serial: 018ACA2CA199EA026A2C2DD3628DACDAE4ED
Authority key identifier: 6D:E2:AA:B0:77:C9:EE:F1:03:F9:79:84:F3:09:D8:91:E5:A1:99:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/beKqsHfJ7vED-XmE8wnYkeWhmYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/idP_Q6Lcu7Qgk35Yi3-isavDf50.roa
Signing time: Mon 25 Sep 2023 02:30:37 +0000
ROA not before: Mon 25 Sep 2023 02:30:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200590
IP address blocks: 91.147.98.0/24 maxlen: 24
91.147.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ca:2c:a1:99:ea:02:6a:2c:2d:d3:62:8d:ac:da:e4:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6de2aab077c9eef103f97984f309d891e5a19983
Validity
Not Before: Sep 25 02:30:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89d3ff43a2dcbbb420937e588b7fa2b1abc37f9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:48:1e:31:c4:4b:6c:df:7c:37:60:92:23:04:
7a:da:3d:a3:2f:20:af:76:6d:ee:41:fa:d7:8f:2d:
3f:7e:08:c4:86:80:41:7c:9b:9f:a9:71:a1:d9:27:
ce:5e:8f:49:9b:8f:f4:59:f8:87:71:8b:e3:75:90:
17:8b:0c:bc:8b:c5:01:de:f3:76:9f:30:0e:11:4c:
bc:17:4c:ab:a6:76:f6:80:50:6e:10:b4:1c:15:86:
ee:70:ab:be:58:00:1a:35:5b:f5:2a:8f:e8:03:01:
11:ae:30:d9:fd:40:07:ae:52:c1:97:43:a3:1b:a1:
85:5b:e8:1e:53:5e:dd:82:c9:14:64:61:c3:c7:76:
78:61:d2:c5:0d:1b:15:0f:e1:f1:c0:ba:8a:21:20:
fe:8b:5b:53:a8:5e:b2:fa:ab:19:40:ea:cb:71:7e:
9c:e2:04:97:b8:80:11:3e:e0:d3:35:5f:1a:3f:0d:
ff:52:3e:01:df:da:70:7d:81:f8:13:ee:3e:96:91:
a9:5f:c5:b0:31:d2:e2:a7:80:27:06:e7:9d:82:8d:
62:e9:4a:b4:b0:e9:fe:eb:7a:cc:eb:1a:0e:1f:b2:
aa:63:86:b5:86:00:8c:45:bb:7d:9b:dd:4d:01:31:
75:c1:9c:29:39:49:7f:96:9e:77:06:10:62:b3:b5:
74:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D3:FF:43:A2:DC:BB:B4:20:93:7E:58:8B:7F:A2:B1:AB:C3:7F:9D
X509v3 Authority Key Identifier:
keyid:6D:E2:AA:B0:77:C9:EE:F1:03:F9:79:84:F3:09:D8:91:E5:A1:99:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/beKqsHfJ7vED-XmE8wnYkeWhmYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/idP_Q6Lcu7Qgk35Yi3-isavDf50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/beKqsHfJ7vED-XmE8wnYkeWhmYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.98.0/23
Signature Algorithm: sha256WithRSAEncryption
10:41:04:d4:e3:33:d4:d0:3a:f9:f0:b6:7d:b0:57:3b:50:cc:
6e:3c:5a:ff:d3:24:b1:d1:ef:b2:1a:76:b4:a6:86:d5:43:a5:
36:6b:3b:bc:1d:ea:a8:c2:70:09:a7:d5:24:ed:c2:e6:53:69:
39:1a:91:dd:8e:8c:e6:8c:22:a2:42:12:4e:e1:32:ed:91:7b:
cb:62:5b:8f:7e:a5:5a:7a:b0:c9:38:04:43:82:e9:d8:6c:63:
ac:4f:ec:cb:11:4d:db:b9:92:0a:95:52:87:1a:70:af:f8:47:
52:25:e7:a6:af:b4:64:fb:f7:db:06:7c:4e:cb:8f:c4:91:dd:
6c:80:51:cf:38:12:73:82:58:20:cc:97:6e:aa:6c:e7:fd:d4:
45:4d:91:0a:29:b0:ba:02:83:62:04:5a:6c:6a:66:9a:ee:55:
a4:67:fb:23:a9:0b:88:4f:65:4f:be:5a:b5:f5:60:cf:7c:1f:
5b:7b:8f:8b:9b:00:b8:01:48:69:d1:d2:66:56:0d:52:3b:f4:
eb:ca:a9:91:c5:01:40:3d:b8:18:94:87:0f:f1:69:e2:8b:bb:
87:fd:ef:92:8c:13:82:ee:7f:82:10:62:1f:43:9f:ae:4a:72:
ba:e5:c0:8b:1b:88:bf:9c:85:84:04:82:16:c4:7c:62:23:ca:
7c:9d:68:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrKLKGZ6gJqLC3TYo2s2uTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZTJhYWIwNzdjOWVlZjEwM2Y5Nzk4NGYzMDlkODkxZTVh
MTk5ODMwHhcNMjMwOTI1MDIzMDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWQzZmY0M2EyZGNiYmI0MjA5MzdlNTg4YjdmYTJiMWFiYzM3ZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkgeMcRLbN98N2CSIwR62j2jLyCv
dm3uQfrXjy0/fgjEhoBBfJufqXGh2SfOXo9Jm4/0WfiHcYvjdZAXiwy8i8UB3vN2
nzAOEUy8F0yrpnb2gFBuELQcFYbucKu+WAAaNVv1Ko/oAwERrjDZ/UAHrlLBl0Oj
G6GFW+geU17dgskUZGHDx3Z4YdLFDRsVD+HxwLqKISD+i1tTqF6y+qsZQOrLcX6c
4gSXuIARPuDTNV8aPw3/Uj4B39pwfYH4E+4+lpGpX8WwMdLip4AnBuedgo1i6Uq0
sOn+63rM6xoOH7KqY4a1hgCMRbt9m91NATF1wZwpOUl/lp53BhBis7V0AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFInT/0Oi3Lu0IJN+WIt/orGrw3+dMB8GA1UdIwQY
MBaAFG3iqrB3ye7xA/l5hPMJ2JHloZmDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmVLcXNIZko3dkVELVhtRTh3bllrZVdobVlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9hNDAwNzAtYWExNy00MmZlLTg2ZGQt
YjlhZTU3Mzk0MTg5LzEvaWRQX1E2TGN1N1FnazM1WWkzLWlzYXZEZjUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9hNDAwNzAtYWExNy00MmZlLTg2ZGQtYjlhZTU3Mzk0MTg5
LzEvYmVLcXNIZko3dkVELVhtRTh3bllrZVdobVlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW5NiMA0G
CSqGSIb3DQEBCwUAA4IBAQAQQQTU4zPU0Dr58LZ9sFc7UMxuPFr/0ySx0e+yGna0
pobVQ6U2azu8HeqownAJp9Uk7cLmU2k5GpHdjozmjCKiQhJO4TLtkXvLYluPfqVa
erDJOARDgunYbGOsT+zLEU3buZIKlVKHGnCv+EdSJeemr7Rk+/fbBnxOy4/Ekd1s
gFHPOBJzglggzJduqmzn/dRFTZEKKbC6AoNiBFpsamaa7lWkZ/sjqQuIT2VPvlq1
9WDPfB9be4+LmwC4AUhp0dJmVg1SO/TryqmRxQFAPbgYlIcP8Wnii7uH/e+SjBOC
7n+CEGIfQ5+uSnK65cCLG4i/nIWEBIIWxHxiI8p8nWi+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:57 2024 by rpki-client on console-ams.rpki-client.org