Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/9a4cce-fd12-4707-be95-0a246ab05946/1/ip_aT5HI5AaISJ8uQDBxEym8rA0.roa
File: ip_aT5HI5AaISJ8uQDBxEym8rA0.roa (raw, json)
Hash identifier: ZUKzStN3Z7NtABd+1rtgk/o92ud5WFsJWmpd62qwjxg=
Subject key identifier: 8A:9F:DA:4F:91:C8:E4:06:88:48:9F:2E:40:30:71:13:29:BC:AC:0D
Certificate issuer: /CN=b522787599f1798e245f993f8cb8182f99cfd104
Certificate serial: 018D1CF4581B1C5F6ED782D0FB6AC8780E31
Authority key identifier: B5:22:78:75:99:F1:79:8E:24:5F:99:3F:8C:B8:18:2F:99:CF:D1:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSJ4dZnxeY4kX5k_jLgYL5nP0QQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/9a4cce-fd12-4707-be95-0a246ab05946/1/ip_aT5HI5AaISJ8uQDBxEym8rA0.roa
Signing time: Thu 18 Jan 2024 14:23:11 +0000
ROA not before: Thu 18 Jan 2024 14:23:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50767
IP address blocks: 91.224.128.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 19 Jan 2024 09:39:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:f4:58:1b:1c:5f:6e:d7:82:d0:fb:6a:c8:78:0e:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b522787599f1798e245f993f8cb8182f99cfd104
Validity
Not Before: Jan 18 14:23:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a9fda4f91c8e40688489f2e4030711329bcac0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b5:e1:e5:19:90:4e:d2:25:8e:20:6d:f2:f4:
ac:95:63:62:cb:6b:65:4a:01:58:51:bd:70:5a:ec:
a4:0e:0f:85:78:7c:b2:12:d4:54:c3:04:1f:18:ba:
3a:86:3d:da:c5:67:fb:19:1b:1f:85:60:7c:6b:bc:
b8:3c:27:a4:39:30:34:c8:dd:c4:b9:78:f6:07:1c:
05:ba:b9:f4:54:f7:cc:5b:81:4e:90:44:7c:17:00:
8c:13:a8:96:95:56:0a:ec:ab:21:48:03:f5:f4:1f:
ce:c0:ed:9e:a3:c8:f2:02:74:00:0f:34:d4:cd:d1:
10:c6:d4:10:45:87:10:81:76:fb:16:87:4c:35:f5:
22:8d:71:45:3f:0f:65:ee:83:f3:a7:a2:58:11:4c:
9c:cb:71:0d:e4:fe:ae:91:58:89:80:a6:d0:12:d6:
1d:86:a5:cd:bb:4e:7b:ce:56:35:39:81:56:a5:62:
c7:f4:1b:70:f7:a7:9d:7f:4e:3c:4d:78:20:38:1d:
e5:97:f3:9a:cf:47:90:af:73:5d:b7:43:58:5e:27:
fa:30:96:1d:53:fe:81:88:43:ee:90:7d:c7:ba:46:
a6:47:a5:0a:6f:d1:7e:d6:a6:fc:fa:e9:43:b7:e3:
99:98:2e:9b:8e:bd:91:1a:48:aa:2c:c7:76:35:3f:
53:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:9F:DA:4F:91:C8:E4:06:88:48:9F:2E:40:30:71:13:29:BC:AC:0D
X509v3 Authority Key Identifier:
keyid:B5:22:78:75:99:F1:79:8E:24:5F:99:3F:8C:B8:18:2F:99:CF:D1:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSJ4dZnxeY4kX5k_jLgYL5nP0QQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/9a4cce-fd12-4707-be95-0a246ab05946/1/ip_aT5HI5AaISJ8uQDBxEym8rA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/9a4cce-fd12-4707-be95-0a246ab05946/1/tSJ4dZnxeY4kX5k_jLgYL5nP0QQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.128.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:04:4c:16:a5:4b:85:a3:f7:8e:26:07:e1:6e:27:ee:14:b0:
6c:7e:bb:86:1e:2c:09:da:d0:fb:4a:db:9d:40:ea:27:c2:c3:
4e:24:da:85:78:85:63:cb:d9:8b:fd:be:67:dd:56:36:c3:55:
eb:7c:e6:52:87:54:69:bd:aa:5a:1e:5b:c9:c0:58:3f:86:11:
6c:0f:f2:4b:bd:8d:ae:bd:38:65:7b:71:c7:7a:16:23:79:5f:
cd:88:e1:71:45:e8:a1:c9:d4:63:32:ce:7b:6d:61:eb:47:ad:
b7:ca:16:a4:cc:7d:50:cb:0e:4c:50:7b:a6:68:78:f9:25:11:
ce:f6:7d:d1:b1:74:ab:3a:60:1e:1d:b2:71:f0:13:04:fb:e9:
64:cd:db:37:e4:68:29:ac:d9:40:cd:d9:ab:30:2d:eb:d8:cb:
bf:93:67:da:01:97:76:47:f2:e7:45:27:05:93:be:33:0f:23:
b2:8c:bb:c7:95:f9:7d:8c:50:e0:6f:b6:6d:09:55:ac:f3:64:
1a:7a:00:a1:9a:8a:bc:b8:b2:e2:d1:00:64:a2:5a:54:a6:7e:
60:11:3a:19:fd:2c:66:ab:21:b1:97:87:29:0c:15:69:c5:cc:
e7:dd:84:3c:28:c2:df:53:e2:b9:41:6a:76:f4:41:c5:8f:28:
e3:cb:ea:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0c9FgbHF9u14LQ+2rIeA4xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MjI3ODc1OTlmMTc5OGUyNDVmOTkzZjhjYjgxODJmOTlj
ZmQxMDQwHhcNMjQwMTE4MTQyMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTlmZGE0ZjkxYzhlNDA2ODg0ODlmMmU0MDMwNzExMzI5YmNhYzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7Xh5RmQTtIljiBt8vSslWNiy2tl
SgFYUb1wWuykDg+FeHyyEtRUwwQfGLo6hj3axWf7GRsfhWB8a7y4PCekOTA0yN3E
uXj2BxwFurn0VPfMW4FOkER8FwCME6iWlVYK7KshSAP19B/OwO2eo8jyAnQADzTU
zdEQxtQQRYcQgXb7FodMNfUijXFFPw9l7oPzp6JYEUycy3EN5P6ukViJgKbQEtYd
hqXNu057zlY1OYFWpWLH9Btw96edf048TXggOB3ll/Oaz0eQr3Ndt0NYXif6MJYd
U/6BiEPukH3HukamR6UKb9F+1qb8+ulDt+OZmC6bjr2RGkiqLMd2NT9TjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIqf2k+RyOQGiEifLkAwcRMpvKwNMB8GA1UdIwQY
MBaAFLUieHWZ8XmOJF+ZP4y4GC+Zz9EEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFNKNGRabnhlWTRrWDVrX2pMZ1lMNW5QMFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85YTRjY2UtZmQxMi00NzA3LWJlOTUt
MGEyNDZhYjA1OTQ2LzEvaXBfYVQ1SEk1QWFJU0o4dVFEQnhFeW04ckEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS85YTRjY2UtZmQxMi00NzA3LWJlOTUtMGEyNDZhYjA1OTQ2
LzEvdFNKNGRabnhlWTRrWDVrX2pMZ1lMNW5QMFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+CAMA0G
CSqGSIb3DQEBCwUAA4IBAQCLBEwWpUuFo/eOJgfhbifuFLBsfruGHiwJ2tD7Stud
QOonwsNOJNqFeIVjy9mL/b5n3VY2w1XrfOZSh1RpvapaHlvJwFg/hhFsD/JLvY2u
vThle3HHehYjeV/NiOFxReihydRjMs57bWHrR623yhakzH1Qyw5MUHumaHj5JRHO
9n3RsXSrOmAeHbJx8BME++lkzds35GgprNlAzdmrMC3r2Mu/k2faAZd2R/LnRScF
k74zDyOyjLvHlfl9jFDgb7ZtCVWs82QaegChmoq8uLLi0QBkolpUpn5gEToZ/Sxm
qyGxl4cpDBVpxczn3YQ8KMLfU+K5QWp29EHFjyjjy+qm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:05 2024 by rpki-client on console-fra.rpki-client.org