Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/01608d-08f1-4ab5-a926-be561ccded2c/1/rB3NrZ7uaSYgp42uSFNyx46Fp_A.roa
File: rB3NrZ7uaSYgp42uSFNyx46Fp_A.roa (raw, json)
Hash identifier: hAzMg1cWJmn3V+AA6ykEAU0En3y9KQjgTRT2THRXqNk=
Subject key identifier: AC:1D:CD:AD:9E:EE:69:26:20:A7:8D:AE:48:53:72:C7:8E:85:A7:F0
Certificate issuer: /CN=ff8ced3b09a905eb96869c58f66b4f8b591503b0
Certificate serial: 018572835D2C084702E1150F4C00E7978634
Authority key identifier: FF:8C:ED:3B:09:A9:05:EB:96:86:9C:58:F6:6B:4F:8B:59:15:03:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4ztOwmpBeuWhpxY9mtPi1kVA7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/01608d-08f1-4ab5-a926-be561ccded2c/1/rB3NrZ7uaSYgp42uSFNyx46Fp_A.roa
Signing time: Mon 02 Jan 2023 12:44:49 +0000
ROA not before: Mon 02 Jan 2023 12:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24881
IP address blocks: 91.192.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:5d:2c:08:47:02:e1:15:0f:4c:00:e7:97:86:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8ced3b09a905eb96869c58f66b4f8b591503b0
Validity
Not Before: Jan 2 12:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac1dcdad9eee692620a78dae485372c78e85a7f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:95:9c:54:4f:0a:08:c1:b7:19:71:ee:0d:00:
7d:67:73:34:1f:65:99:37:b2:20:1a:07:1e:2a:62:
cb:98:ec:1c:6c:32:2b:fb:3f:dc:b5:dc:c6:ea:8e:
ca:e7:e4:76:4d:73:6e:33:76:22:24:53:b4:a5:4a:
19:7a:11:df:bd:e5:60:24:03:56:14:6d:37:ed:c3:
c3:9b:44:68:23:d2:33:e8:2a:c8:0a:62:af:2d:8e:
52:9a:29:f4:22:66:ab:a0:66:42:07:62:79:e8:b6:
0d:5a:a7:d3:ca:8d:1c:6f:87:aa:b8:e8:ef:66:ea:
ef:06:80:bf:a0:16:03:a2:19:21:6b:61:0a:40:17:
ec:75:d7:5a:3b:f3:72:75:bc:81:c5:05:1d:8f:75:
a7:1a:98:0a:e9:56:6f:48:a0:23:f9:e7:8c:5c:e6:
c3:6d:5b:76:d9:1b:a7:40:b6:38:41:7e:21:f0:51:
34:df:61:cb:09:08:04:8f:62:5d:16:e2:9e:81:ed:
8d:1d:45:77:4e:66:df:f6:83:c8:5e:6c:b9:a4:92:
61:ef:48:b5:55:72:ab:cb:4f:ea:53:13:c4:ba:bd:
64:17:0f:9a:1f:ca:ff:fb:9b:57:6f:1b:86:dd:13:
c6:26:38:34:9b:2d:e3:f1:cb:c5:00:07:a4:3f:cb:
45:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:1D:CD:AD:9E:EE:69:26:20:A7:8D:AE:48:53:72:C7:8E:85:A7:F0
X509v3 Authority Key Identifier:
keyid:FF:8C:ED:3B:09:A9:05:EB:96:86:9C:58:F6:6B:4F:8B:59:15:03:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4ztOwmpBeuWhpxY9mtPi1kVA7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/01608d-08f1-4ab5-a926-be561ccded2c/1/rB3NrZ7uaSYgp42uSFNyx46Fp_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/01608d-08f1-4ab5-a926-be561ccded2c/1/_4ztOwmpBeuWhpxY9mtPi1kVA7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.156.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:27:14:cb:4c:9f:17:5a:c9:03:30:d0:3d:86:f0:59:5f:7b:
60:21:ef:4d:7a:b7:cc:fb:6e:d6:1e:5a:ed:24:cc:92:59:62:
b1:78:e1:30:c5:e8:90:41:47:3a:e0:e8:53:2b:2b:ae:1e:80:
df:9f:3e:53:66:cf:11:c7:a8:e8:82:1b:b0:d5:4d:b2:91:58:
7e:3d:a0:05:82:74:cf:d4:07:ce:75:7b:1d:5d:7d:cd:11:11:
25:4e:d2:90:b7:d0:ac:93:a0:be:e9:69:50:6c:7a:29:c5:0c:
7f:7f:51:17:2d:f8:2a:42:e9:3a:54:88:a7:9a:19:c8:85:56:
60:f7:6a:4d:ac:99:88:e8:3e:7c:9c:d3:fe:ea:41:02:57:62:
e5:f4:61:fc:7a:93:fb:cb:e4:fd:d1:86:61:39:b8:be:62:7f:
7e:f1:c4:2f:1b:cf:e6:0c:84:e4:46:e1:aa:33:34:07:62:8a:
2f:58:db:0c:ec:ba:6a:de:59:f0:6c:93:da:79:65:b7:fe:cc:
09:ea:d0:06:92:24:eb:51:95:5e:ba:16:85:a4:cd:ba:c5:09:
d8:11:65:5a:1a:30:32:17:28:90:ed:3d:88:71:1a:e5:09:38:
77:b2:fd:e0:06:a6:32:88:ff:b1:7e:9f:06:07:64:bc:bb:b7:
26:69:69:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyg10sCEcC4RUPTADnl4Y0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmOGNlZDNiMDlhOTA1ZWI5Njg2OWM1OGY2NmI0ZjhiNTkx
NTAzYjAwHhcNMjMwMTAyMTI0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzFkY2RhZDllZWU2OTI2MjBhNzhkYWU0ODUzNzJjNzhlODVhN2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJWcVE8KCMG3GXHuDQB9Z3M0H2WZ
N7IgGgceKmLLmOwcbDIr+z/ctdzG6o7K5+R2TXNuM3YiJFO0pUoZehHfveVgJANW
FG037cPDm0RoI9Iz6CrICmKvLY5Smin0ImaroGZCB2J56LYNWqfTyo0cb4equOjv
ZurvBoC/oBYDohkha2EKQBfsdddaO/NydbyBxQUdj3WnGpgK6VZvSKAj+eeMXObD
bVt22RunQLY4QX4h8FE032HLCQgEj2JdFuKege2NHUV3Tmbf9oPIXmy5pJJh70i1
VXKry0/qUxPEur1kFw+aH8r/+5tXbxuG3RPGJjg0my3j8cvFAAekP8tF5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKwdza2e7mkmIKeNrkhTcseOhafwMB8GA1UdIwQY
MBaAFP+M7TsJqQXrloacWPZrT4tZFQOwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzR6dE93bXBCZXVXaHB4WTltdFBpMWtWQTdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wMTYwOGQtMDhmMS00YWI1LWE5MjYt
YmU1NjFjY2RlZDJjLzEvckIzTnJaN3VhU1lncDQydVNGTnl4NDZGcF9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wMTYwOGQtMDhmMS00YWI1LWE5MjYtYmU1NjFjY2RlZDJj
LzEvXzR6dE93bXBCZXVXaHB4WTltdFBpMWtWQTdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8CcMA0G
CSqGSIb3DQEBCwUAA4IBAQBuJxTLTJ8XWskDMNA9hvBZX3tgIe9NerfM+27WHlrt
JMySWWKxeOEwxeiQQUc64OhTKyuuHoDfnz5TZs8Rx6joghuw1U2ykVh+PaAFgnTP
1AfOdXsdXX3NERElTtKQt9Csk6C+6WlQbHopxQx/f1EXLfgqQuk6VIinmhnIhVZg
92pNrJmI6D58nNP+6kECV2Ll9GH8epP7y+T90YZhObi+Yn9+8cQvG8/mDITkRuGq
MzQHYoovWNsM7Lpq3lnwbJPaeWW3/swJ6tAGkiTrUZVeuhaFpM26xQnYEWVaGjAy
FyiQ7T2IcRrlCTh3sv3gBqYyiP+xfp8GB2S8u7cmaWmV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:43 2024 by rpki-client on console-fra.rpki-client.org