Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/locyuJwYSv9I936vWjCMV_fOBfs.roa
File: locyuJwYSv9I936vWjCMV_fOBfs.roa (raw, json)
Hash identifier: bbb9EaeWh4XcBxASIr3dhaWFTle5fhKMpzG916JSesY=
Subject key identifier: 96:87:32:B8:9C:18:4A:FF:48:F7:7E:AF:5A:30:8C:57:F7:CE:05:FB
Certificate issuer: /CN=72fa41a0a7a68102b53ab31742db61242f75908c
Certificate serial: 01856F5DEC20D0DF2A46449B5624FB9996BE
Authority key identifier: 72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/locyuJwYSv9I936vWjCMV_fOBfs.roa
Signing time: Sun 01 Jan 2023 22:05:04 +0000
ROA not before: Sun 01 Jan 2023 22:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43770
IP address blocks: 91.195.154.0/23 maxlen: 23
185.210.220.0/22 maxlen: 22
185.153.4.0/22 maxlen: 22
2a07:84c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:32:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:ec:20:d0:df:2a:46:44:9b:56:24:fb:99:96:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72fa41a0a7a68102b53ab31742db61242f75908c
Validity
Not Before: Jan 1 22:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=968732b89c184aff48f77eaf5a308c57f7ce05fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:bb:ef:ac:6d:75:69:8f:60:38:51:ef:40:2a:
ea:aa:fb:2f:2f:0c:36:79:1c:ec:22:a7:7c:c3:61:
dd:b3:e4:98:95:05:55:db:67:c2:f8:f8:e9:65:60:
8e:15:14:c1:1b:7a:0f:0c:9d:61:40:1c:92:b5:5a:
2a:f5:22:51:29:60:8a:f2:16:2a:4e:13:a1:25:d4:
b3:d9:67:74:81:30:4d:62:5b:0a:26:2f:9f:01:01:
1f:8f:1c:30:8f:d1:af:e6:2c:d5:5d:20:ab:69:75:
00:dc:ce:3c:88:82:21:8a:65:22:48:f9:ec:54:52:
98:40:8d:5d:3d:e3:cb:d1:d2:f4:8e:84:6b:3f:bf:
5a:81:a5:c0:38:8e:23:6c:57:53:cc:5e:ca:8b:b6:
90:fe:6d:6a:bd:09:f5:40:d5:32:ac:2d:22:d7:8c:
05:28:af:39:45:a3:82:c6:f3:f8:06:81:9a:c9:77:
b4:4d:d4:95:75:74:f8:01:a4:e7:05:1e:ac:04:99:
ce:5d:51:87:40:b1:24:66:a5:50:b1:a6:d9:04:5a:
05:34:a3:33:47:7a:94:57:e7:6e:fc:d7:a2:df:03:
a2:ca:1f:67:d1:66:1d:7d:e1:73:40:ea:87:15:f5:
7c:2b:58:31:9c:3e:13:6d:03:ab:a0:22:91:24:94:
97:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:87:32:B8:9C:18:4A:FF:48:F7:7E:AF:5A:30:8C:57:F7:CE:05:FB
X509v3 Authority Key Identifier:
keyid:72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/locyuJwYSv9I936vWjCMV_fOBfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.154.0/23
185.153.4.0/22
185.210.220.0/22
IPv6:
2a07:84c0::/29
Signature Algorithm: sha256WithRSAEncryption
67:1f:f9:54:a7:9d:63:2c:a4:7a:df:8a:3e:79:53:18:9b:59:
14:58:74:cc:a4:8c:fc:ab:73:2f:88:71:80:2d:1e:1b:75:8c:
6e:f3:2c:49:a1:09:05:39:d2:e2:be:0a:44:fa:44:db:a6:97:
6a:01:6b:cd:d1:31:26:fb:de:ba:13:db:e7:86:6b:96:44:a6:
94:56:95:3c:3c:fe:93:77:5e:2f:3b:f9:99:2a:7b:0e:83:4c:
27:19:15:d3:30:7f:d5:b3:42:ba:b5:dd:1f:4b:b1:c4:82:d2:
32:d3:d8:92:cd:e9:34:53:c9:66:6f:51:d6:89:d3:b5:ee:2c:
69:c2:9a:89:7e:a5:ea:75:e6:dc:b6:cb:b0:0f:10:2b:bf:3d:
8f:7b:e9:f1:6b:6c:bd:ea:0d:f6:e5:7c:a9:f2:a3:6d:62:77:
3a:ca:6c:b5:35:01:1c:a7:33:1d:f2:9a:a3:87:0b:78:b6:9b:
c7:09:5e:dd:6c:34:e1:65:e2:54:d9:bd:8e:ac:a1:b0:1d:8c:
ae:96:26:ff:2a:3c:bd:4d:93:6f:6d:03:b4:0c:96:2a:b9:c9:
e4:b5:50:24:5f:67:a5:07:4c:4c:09:65:87:a4:1b:f8:f2:61:
f0:7e:53:5d:61:cf:81:37:e6:42:29:e9:cf:15:fd:b8:35:b0:
81:e3:46:ce
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvXewg0N8qRkSbViT7mZa+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZmE0MWEwYTdhNjgxMDJiNTNhYjMxNzQyZGI2MTI0MmY3
NTkwOGMwHhcNMjMwMTAxMjIwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njg3MzJiODljMTg0YWZmNDhmNzdlYWY1YTMwOGM1N2Y3Y2UwNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrvvrG11aY9gOFHvQCrqqvsvLww2
eRzsIqd8w2Hds+SYlQVV22fC+PjpZWCOFRTBG3oPDJ1hQByStVoq9SJRKWCK8hYq
ThOhJdSz2Wd0gTBNYlsKJi+fAQEfjxwwj9Gv5izVXSCraXUA3M48iIIhimUiSPns
VFKYQI1dPePL0dL0joRrP79agaXAOI4jbFdTzF7Ki7aQ/m1qvQn1QNUyrC0i14wF
KK85RaOCxvP4BoGayXe0TdSVdXT4AaTnBR6sBJnOXVGHQLEkZqVQsabZBFoFNKMz
R3qUV+du/Nei3wOiyh9n0WYdfeFzQOqHFfV8K1gxnD4TbQOroCKRJJSX9QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJaHMricGEr/SPd+r1owjFf3zgX7MB8GA1UdIwQY
MBaAFHL6QaCnpoECtTqzF0LbYSQvdZCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMt
ZmNlYmRjMGRmYzNmLzEvbG9jeXVKd1lTdjlJOTM2dldqQ01WX2ZPQmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMtZmNlYmRjMGRmYzNm
LzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBW8OaAwQC
uZkEAwQCudLcMA0EAgACMAcDBQMqB4TAMA0GCSqGSIb3DQEBCwUAA4IBAQBnH/lU
p51jLKR634o+eVMYm1kUWHTMpIz8q3MviHGALR4bdYxu8yxJoQkFOdLivgpE+kTb
ppdqAWvN0TEm+966E9vnhmuWRKaUVpU8PP6Td14vO/mZKnsOg0wnGRXTMH/Vs0K6
td0fS7HEgtIy09iSzek0U8lmb1HWidO17ixpwpqJfqXqdebctsuwDxArvz2Pe+nx
a2y96g325Xyp8qNtYnc6ymy1NQEcpzMd8pqjhwt4tpvHCV7dbDThZeJU2b2OrKGw
HYyulib/Kjy9TZNvbQO0DJYqucnktVAkX2elB0xMCWWHpBv48mHwflNdYc+BN+ZC
KenPFf24NbCB40bO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:01 2024 by rpki-client on console-ams.rpki-client.org