Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/xinXgdd8deEObbXHyRAki5GC0OQ.roa
File: xinXgdd8deEObbXHyRAki5GC0OQ.roa (raw, json)
Hash identifier: OT7S//iairKJwDaG7ajWOYvwjPK2Ko67X5LKBGXz/hI=
Subject key identifier: C6:29:D7:81:D7:7C:75:E1:0E:6D:B5:C7:C9:10:24:8B:91:82:D0:E4
Certificate issuer: /CN=ad4c830b11261483a62b6696a4c3720e8ad88a0d
Certificate serial: 01856DEF798C169F1143CC6DA11269020F64
Authority key identifier: AD:4C:83:0B:11:26:14:83:A6:2B:66:96:A4:C3:72:0E:8A:D8:8A:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rUyDCxEmFIOmK2aWpMNyDorYig0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/xinXgdd8deEObbXHyRAki5GC0OQ.roa
Signing time: Sun 01 Jan 2023 15:24:48 +0000
ROA not before: Sun 01 Jan 2023 15:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8879
IP address blocks: 91.216.108.0/24 maxlen: 24
195.66.76.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:79:8c:16:9f:11:43:cc:6d:a1:12:69:02:0f:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad4c830b11261483a62b6696a4c3720e8ad88a0d
Validity
Not Before: Jan 1 15:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c629d781d77c75e10e6db5c7c910248b9182d0e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ac:83:28:d9:6d:f4:6d:78:3a:00:d3:90:aa:
3f:c9:69:54:3a:fc:38:ad:dd:05:f4:ff:8e:b0:9d:
30:b7:05:af:cd:da:3a:7a:e3:50:85:65:d2:2c:f4:
5e:b0:89:ff:e2:06:1b:4e:94:2a:19:8b:d2:54:0e:
c3:22:39:ad:12:0d:06:7f:7e:ab:82:4e:9b:84:52:
1b:21:99:9a:ff:b2:5d:8c:08:ce:6a:b7:c9:e9:9e:
4b:e5:e2:23:83:d9:ca:ba:06:70:32:4c:7d:9f:e4:
a0:24:37:19:aa:b0:c6:a2:67:65:d0:fb:d3:8d:5b:
e3:7e:8c:36:79:61:71:fd:97:77:e5:cf:a2:87:dc:
a5:14:15:40:05:29:d6:b6:b8:32:a0:b9:b6:54:a5:
d5:b9:1b:7f:cf:38:d5:eb:d2:93:74:dc:6b:23:2c:
75:a0:a5:96:19:b5:d2:91:a7:57:b2:18:24:eb:0e:
cd:57:20:6e:20:30:88:f5:fd:a9:68:64:a2:d5:c6:
35:65:fe:e0:ca:53:a5:0a:ba:0d:2c:f0:9b:d0:47:
9b:c2:89:26:91:00:69:f1:20:64:d1:33:be:d0:cb:
6d:a1:2f:d8:b7:a0:f9:be:72:72:a9:f0:30:63:ec:
10:4f:14:ef:2b:52:c9:a6:30:55:8d:a3:17:90:47:
c9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:29:D7:81:D7:7C:75:E1:0E:6D:B5:C7:C9:10:24:8B:91:82:D0:E4
X509v3 Authority Key Identifier:
keyid:AD:4C:83:0B:11:26:14:83:A6:2B:66:96:A4:C3:72:0E:8A:D8:8A:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rUyDCxEmFIOmK2aWpMNyDorYig0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/xinXgdd8deEObbXHyRAki5GC0OQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/rUyDCxEmFIOmK2aWpMNyDorYig0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.108.0/24
195.66.76.0/24
Signature Algorithm: sha256WithRSAEncryption
93:4f:7a:51:be:d1:b3:d3:df:05:b2:95:84:37:e7:fd:3c:4a:
52:fd:a3:be:5e:bb:28:7f:ae:c1:ef:ec:16:1f:70:73:92:d3:
98:e0:6e:7e:88:8d:fe:16:45:4b:78:51:a8:c4:63:7d:5a:11:
f7:f1:4f:06:9c:97:82:3a:cb:52:a2:5d:a5:c0:70:59:2f:70:
e4:d3:fc:0b:3a:aa:6d:45:94:82:be:98:d0:ad:44:1f:cc:39:
17:69:8b:63:04:72:27:97:29:e1:cd:04:a6:81:bd:ea:07:0f:
5e:49:6a:df:06:c3:f2:2a:d6:92:ef:e3:92:63:59:66:0e:a6:
25:0e:aa:07:85:42:41:88:48:ce:23:d4:66:57:01:c0:95:f3:
b0:68:c7:f4:6b:a4:60:14:8c:0d:b0:9d:d7:1e:b6:3e:82:1c:
76:60:2c:1e:4d:e7:13:b2:81:42:44:bc:99:67:68:d6:6c:99:
48:a2:26:07:70:5c:dd:4c:7e:16:0c:ab:b4:93:4b:b1:d7:35:
46:df:fa:5f:22:ab:08:00:1f:27:d1:8f:52:c1:57:f4:a5:c5:
e0:26:15:75:65:03:8b:07:ef:d5:ee:ae:73:2a:39:5d:76:e0:
1a:6b:32:6c:c4:99:68:2c:2a:ed:ee:ca:54:b7:84:0d:5a:c3:
22:09:ac:fc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt73mMFp8RQ8xtoRJpAg9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNGM4MzBiMTEyNjE0ODNhNjJiNjY5NmE0YzM3MjBlOGFk
ODhhMGQwHhcNMjMwMTAxMTUyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjI5ZDc4MWQ3N2M3NWUxMGU2ZGI1YzdjOTEwMjQ4YjkxODJkMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqyDKNlt9G14OgDTkKo/yWlUOvw4
rd0F9P+OsJ0wtwWvzdo6euNQhWXSLPResIn/4gYbTpQqGYvSVA7DIjmtEg0Gf36r
gk6bhFIbIZma/7JdjAjOarfJ6Z5L5eIjg9nKugZwMkx9n+SgJDcZqrDGomdl0PvT
jVvjfow2eWFx/Zd35c+ih9ylFBVABSnWtrgyoLm2VKXVuRt/zzjV69KTdNxrIyx1
oKWWGbXSkadXshgk6w7NVyBuIDCI9f2paGSi1cY1Zf7gylOlCroNLPCb0Eebwokm
kQBp8SBk0TO+0MttoS/Yt6D5vnJyqfAwY+wQTxTvK1LJpjBVjaMXkEfJ+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMYp14HXfHXhDm21x8kQJIuRgtDkMB8GA1UdIwQY
MBaAFK1MgwsRJhSDpitmlqTDcg6K2IoNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclV5REN4RW1GSU9tSzJhV3BNTnlEb3JZaWcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNmE2YmEtYWUwNS00NTI0LTg0ZDEt
MjIyY2ViNmMzNDRjLzEveGluWGdkZDhkZUVPYmJYSHlSQWtpNUdDME9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNmE2YmEtYWUwNS00NTI0LTg0ZDEtMjIyY2ViNmMzNDRj
LzEvclV5REN4RW1GSU9tSzJhV3BNTnlEb3JZaWcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9hsAwQA
w0JMMA0GCSqGSIb3DQEBCwUAA4IBAQCTT3pRvtGz098FspWEN+f9PEpS/aO+Xrso
f67B7+wWH3BzktOY4G5+iI3+FkVLeFGoxGN9WhH38U8GnJeCOstSol2lwHBZL3Dk
0/wLOqptRZSCvpjQrUQfzDkXaYtjBHInlynhzQSmgb3qBw9eSWrfBsPyKtaS7+OS
Y1lmDqYlDqoHhUJBiEjOI9RmVwHAlfOwaMf0a6RgFIwNsJ3XHrY+ghx2YCweTecT
soFCRLyZZ2jWbJlIoiYHcFzdTH4WDKu0k0ux1zVG3/pfIqsIAB8n0Y9SwVf0pcXg
JhV1ZQOLB+/V7q5zKjldduAaazJsxJloLCrt7spUt4QNWsMiCaz8
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:31 2024 by rpki-client on console-fra.rpki-client.org