Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/0d5d9f-5808-4871-a24d-bebdf4cd485b/1/_XOLhc7nxqZNyJ9qkvhIVos-XfE.roa
File: _XOLhc7nxqZNyJ9qkvhIVos-XfE.roa (raw, json)
Hash identifier: jhsw8rP+cgQ6plmG1VqWz2j/cXXqOUL+9EtFM9dloAM=
Subject key identifier: FD:73:8B:85:CE:E7:C6:A6:4D:C8:9F:6A:92:F8:48:56:8B:3E:5D:F1
Certificate issuer: /CN=ee0bd0ea95a190c703a85e09ebc5e5fda5cdce32
Certificate serial: 018570CBD40A383B59E16443978D52F3C25E
Authority key identifier: EE:0B:D0:EA:95:A1:90:C7:03:A8:5E:09:EB:C5:E5:FD:A5:CD:CE:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7gvQ6pWhkMcDqF4J68Xl_aXNzjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/0d5d9f-5808-4871-a24d-bebdf4cd485b/1/_XOLhc7nxqZNyJ9qkvhIVos-XfE.roa
Signing time: Mon 02 Jan 2023 04:44:44 +0000
ROA not before: Mon 02 Jan 2023 04:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197255
IP address blocks: 91.217.60.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:d4:0a:38:3b:59:e1:64:43:97:8d:52:f3:c2:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee0bd0ea95a190c703a85e09ebc5e5fda5cdce32
Validity
Not Before: Jan 2 04:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd738b85cee7c6a64dc89f6a92f848568b3e5df1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f3:df:f5:57:30:2d:ad:21:61:06:5f:66:96:
ab:fe:3c:37:50:ce:36:f3:5e:a9:0c:8d:c5:c2:0b:
2f:bb:85:24:b8:6f:b7:be:9d:ac:f0:a1:98:e5:3c:
f2:2a:40:c3:13:14:9a:4b:31:dd:0a:fb:9c:62:1a:
7e:5d:c7:75:a4:bd:4a:8c:0a:58:9e:d9:2d:b3:cb:
a4:c6:86:7b:8d:22:e7:3d:60:60:07:a9:d6:16:84:
0b:ee:77:49:69:21:67:fc:f0:b7:8d:0c:58:1a:b0:
ac:eb:55:10:89:5c:1e:4b:d6:e7:5d:12:d2:29:45:
c7:cc:29:5f:54:cb:a8:da:ba:ca:90:c7:f7:cd:43:
92:8b:fc:45:7b:89:61:96:04:0d:27:d0:f3:9a:48:
1c:c2:40:5f:5a:2c:34:86:0f:ff:3e:bc:80:4e:64:
d6:e3:22:0b:99:dc:22:1e:58:eb:8f:d3:9c:8a:50:
d9:61:6e:26:f1:0f:1a:44:64:b3:ca:5c:9e:53:7a:
33:50:89:60:61:e4:26:76:e8:2e:c7:31:d0:c5:90:
ca:95:ac:8a:28:a0:d2:c1:e4:9f:cf:71:d8:61:a8:
1b:4e:83:76:aa:03:c8:fc:0c:a5:f1:a6:10:c2:1d:
c1:9b:00:a5:17:ae:d4:f8:78:fa:a2:53:cc:7e:64:
a2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:73:8B:85:CE:E7:C6:A6:4D:C8:9F:6A:92:F8:48:56:8B:3E:5D:F1
X509v3 Authority Key Identifier:
keyid:EE:0B:D0:EA:95:A1:90:C7:03:A8:5E:09:EB:C5:E5:FD:A5:CD:CE:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gvQ6pWhkMcDqF4J68Xl_aXNzjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/0d5d9f-5808-4871-a24d-bebdf4cd485b/1/_XOLhc7nxqZNyJ9qkvhIVos-XfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/0d5d9f-5808-4871-a24d-bebdf4cd485b/1/7gvQ6pWhkMcDqF4J68Xl_aXNzjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.60.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:c7:24:ae:6d:9c:ea:47:cf:19:73:be:a8:87:e4:6c:d7:ba:
06:8e:dd:80:7d:22:71:99:78:15:bd:ea:f3:ce:ec:11:4a:9a:
b0:7a:27:3c:00:77:19:53:2f:6e:c2:6e:8b:f6:f6:07:59:9e:
c5:6d:e8:c2:db:74:fd:37:bc:7c:a4:85:9f:bc:ac:48:d1:e7:
70:f6:f2:22:ca:31:f8:97:ad:70:20:38:af:20:3d:71:22:88:
18:37:3f:8c:d3:72:e2:9a:32:04:31:c0:59:44:97:e3:a4:96:
4b:7e:bc:aa:5c:53:5d:95:07:7f:82:d4:68:48:c1:82:98:92:
40:33:60:e0:2d:58:f5:e9:b8:15:bc:53:e7:2c:b6:a9:88:1a:
ec:a0:81:a7:76:d1:c4:fa:5f:cb:4b:e6:fe:4b:80:f3:f9:01:
5d:a5:27:00:17:34:b5:96:29:06:10:bc:cb:29:dc:17:46:28:
b8:92:c6:d5:b4:ec:39:68:35:c2:87:03:07:5c:e5:cd:89:da:
25:6f:e9:09:d0:64:2c:2a:d8:02:25:60:ac:45:d3:ca:c9:22:
83:12:c6:a1:7a:d4:e1:58:28:e9:60:a3:70:c5:7a:0b:44:69:
6a:20:fc:03:4b:c1:ef:00:ec:84:94:53:dd:ba:5f:9d:aa:84:
25:7b:ed:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy9QKODtZ4WRDl41S88JeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMGJkMGVhOTVhMTkwYzcwM2E4NWUwOWViYzVlNWZkYTVj
ZGNlMzIwHhcNMjMwMTAyMDQ0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDczOGI4NWNlZTdjNmE2NGRjODlmNmE5MmY4NDg1NjhiM2U1ZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfPf9VcwLa0hYQZfZpar/jw3UM42
816pDI3Fwgsvu4UkuG+3vp2s8KGY5TzyKkDDExSaSzHdCvucYhp+Xcd1pL1KjApY
ntkts8ukxoZ7jSLnPWBgB6nWFoQL7ndJaSFn/PC3jQxYGrCs61UQiVweS9bnXRLS
KUXHzClfVMuo2rrKkMf3zUOSi/xFe4lhlgQNJ9DzmkgcwkBfWiw0hg//PryATmTW
4yILmdwiHljrj9OcilDZYW4m8Q8aRGSzylyeU3ozUIlgYeQmduguxzHQxZDKlayK
KKDSweSfz3HYYagbToN2qgPI/Ayl8aYQwh3BmwClF67U+Hj6olPMfmSiJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1zi4XO58amTcifapL4SFaLPl3xMB8GA1UdIwQY
MBaAFO4L0OqVoZDHA6heCevF5f2lzc4yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2d2UTZwV2hrTWNEcUY0SjY4WGxfYVhOempJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8wZDVkOWYtNTgwOC00ODcxLWEyNGQt
YmViZGY0Y2Q0ODViLzEvX1hPTGhjN254cVpOeUo5cWt2aElWb3MtWGZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8wZDVkOWYtNTgwOC00ODcxLWEyNGQtYmViZGY0Y2Q0ODVi
LzEvN2d2UTZwV2hrTWNEcUY0SjY4WGxfYVhOempJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9k8MA0G
CSqGSIb3DQEBCwUAA4IBAQDAxySubZzqR88Zc76oh+Rs17oGjt2AfSJxmXgVverz
zuwRSpqweic8AHcZUy9uwm6L9vYHWZ7FbejC23T9N7x8pIWfvKxI0edw9vIiyjH4
l61wIDivID1xIogYNz+M03LimjIEMcBZRJfjpJZLfryqXFNdlQd/gtRoSMGCmJJA
M2DgLVj16bgVvFPnLLapiBrsoIGndtHE+l/LS+b+S4Dz+QFdpScAFzS1likGELzL
KdwXRii4ksbVtOw5aDXChwMHXOXNidolb+kJ0GQsKtgCJWCsRdPKySKDEsahetTh
WCjpYKNwxXoLRGlqIPwDS8HvAOyElFPdul+dqoQle+27
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:42 2024 by rpki-client on console-ams.rpki-client.org