Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/Y5wiFgsjKhkECAWcxdXuGR0JdIQ.roa
File: Y5wiFgsjKhkECAWcxdXuGR0JdIQ.roa (raw, json)
Hash identifier: h5vP88uwdnNUlGSqJigqDQMX1QguJ9ryiet+Pw5KH7g=
Subject key identifier: 63:9C:22:16:0B:23:2A:19:04:08:05:9C:C5:D5:EE:19:1D:09:74:84
Certificate issuer: /CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Certificate serial: 01856EAFDFADFD80299C5F4CAE3336249B3C
Authority key identifier: 85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/Y5wiFgsjKhkECAWcxdXuGR0JdIQ.roa
Signing time: Sun 01 Jan 2023 18:54:57 +0000
ROA not before: Sun 01 Jan 2023 18:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8508
IP address blocks: 91.220.103.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:df:ad:fd:80:29:9c:5f:4c:ae:33:36:24:9b:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Validity
Not Before: Jan 1 18:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=639c22160b232a190408059cc5d5ee191d097484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:aa:18:93:ef:9d:be:cb:27:09:35:2f:59:8b:
93:95:a3:91:a6:26:89:68:2d:05:cb:75:3b:4b:56:
0d:6c:3f:6b:2e:0b:5a:fb:df:bf:ac:92:46:eb:e3:
b0:aa:44:0d:d4:b2:81:04:1d:80:74:b7:6b:21:ba:
22:58:81:ab:bf:76:f7:0c:80:d2:68:e0:1f:f5:53:
98:2e:e5:9a:7b:50:b5:10:04:99:28:17:2e:96:fc:
19:03:b3:e4:7e:13:7f:03:6e:82:7c:cc:0e:0c:33:
76:61:02:4d:0d:92:43:89:66:11:ea:6f:d0:ab:3d:
a5:0a:9f:8b:15:9f:6b:5c:39:84:45:be:32:5a:b1:
d7:ea:cc:79:27:8d:6c:9f:3e:e1:bd:96:4d:4d:53:
6f:ed:94:9e:c1:07:eb:81:74:f8:82:f5:29:02:6e:
e4:ff:17:5f:96:9b:af:f4:28:25:c1:bc:08:59:25:
e1:80:02:95:76:17:2c:91:03:63:90:81:e7:9c:e0:
45:7a:df:81:23:b3:c7:32:f3:5a:df:af:6e:1c:e7:
bc:88:ab:62:b0:31:45:2a:b0:e5:28:b6:e8:b9:d1:
c4:be:64:91:98:da:d6:a2:3c:3c:d0:53:b6:07:85:
c1:3a:80:eb:72:6f:68:8f:be:81:bf:c1:05:0d:81:
8b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:9C:22:16:0B:23:2A:19:04:08:05:9C:C5:D5:EE:19:1D:09:74:84
X509v3 Authority Key Identifier:
keyid:85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/Y5wiFgsjKhkECAWcxdXuGR0JdIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.103.0/24
Signature Algorithm: sha256WithRSAEncryption
07:43:f3:9a:e3:b9:89:8f:3f:43:22:13:ac:d1:a0:f5:23:df:
37:f9:bc:08:4f:d4:7d:b0:a7:36:f5:c5:8f:e6:6b:e9:90:57:
ba:ed:31:fa:24:29:07:4f:c7:22:b9:e8:fc:16:f1:ea:0a:6d:
63:cb:7c:67:5f:7d:42:ee:0a:df:07:6f:c9:23:b3:dc:90:63:
79:f0:59:b0:e4:f4:11:fc:11:bb:22:c3:fb:a7:02:31:3a:fd:
c7:25:b5:1b:62:0a:2a:6d:dc:16:28:39:69:09:a8:e5:25:77:
d0:b7:09:f2:87:68:60:20:7f:d8:51:9b:20:83:eb:0d:49:73:
22:58:02:71:be:f8:7e:8c:f6:17:24:74:ac:b7:49:8f:75:02:
8c:85:03:4f:cb:70:43:b7:4b:bc:5f:4d:41:e6:0b:01:5a:07:
41:53:08:12:1f:24:fb:ff:5b:b0:a1:5b:05:01:91:41:a8:6b:
54:94:81:6c:01:81:1c:ed:90:3e:41:77:22:eb:68:d0:6e:a9:
83:7c:8c:3d:f7:9f:18:44:ca:3c:10:8b:8c:3e:52:5f:26:f1:
c1:7a:c4:2f:b4:46:29:37:44:c9:78:af:58:5d:5b:39:9a:41:
a8:59:67:99:e8:15:29:82:ef:59:74:75:ee:12:68:1c:8c:56:
5b:32:b2:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur9+t/YApnF9MrjM2JJs8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjM4Y2U3ZWFmNjlhNWJhMmYwOTQ3YjJiYTA1MzM5NGI0
NWI2Y2QwHhcNMjMwMTAxMTg1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzljMjIxNjBiMjMyYTE5MDQwODA1OWNjNWQ1ZWUxOTFkMDk3NDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaoYk++dvssnCTUvWYuTlaORpiaJ
aC0Fy3U7S1YNbD9rLgta+9+/rJJG6+OwqkQN1LKBBB2AdLdrIboiWIGrv3b3DIDS
aOAf9VOYLuWae1C1EASZKBculvwZA7PkfhN/A26CfMwODDN2YQJNDZJDiWYR6m/Q
qz2lCp+LFZ9rXDmERb4yWrHX6sx5J41snz7hvZZNTVNv7ZSewQfrgXT4gvUpAm7k
/xdflpuv9CglwbwIWSXhgAKVdhcskQNjkIHnnOBFet+BI7PHMvNa369uHOe8iKti
sDFFKrDlKLboudHEvmSRmNrWojw80FO2B4XBOoDrcm9oj76Bv8EFDYGLVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGOcIhYLIyoZBAgFnMXV7hkdCXSEMB8GA1UdIwQY
MBaAFIUjjOfq9ppbovCUeyugUzlLRbbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1Mjgt
MDMyYWY4MzZjMTcyLzEvWTV3aUZnc2pLaGtFQ0FXY3hkWHVHUjBKZElRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1MjgtMDMyYWY4MzZjMTcy
LzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9xnMA0G
CSqGSIb3DQEBCwUAA4IBAQAHQ/Oa47mJjz9DIhOs0aD1I983+bwIT9R9sKc29cWP
5mvpkFe67TH6JCkHT8ciuej8FvHqCm1jy3xnX31C7grfB2/JI7PckGN58Fmw5PQR
/BG7IsP7pwIxOv3HJbUbYgoqbdwWKDlpCajlJXfQtwnyh2hgIH/YUZsgg+sNSXMi
WAJxvvh+jPYXJHSst0mPdQKMhQNPy3BDt0u8X01B5gsBWgdBUwgSHyT7/1uwoVsF
AZFBqGtUlIFsAYEc7ZA+QXci62jQbqmDfIw9958YRMo8EIuMPlJfJvHBesQvtEYp
N0TJeK9YXVs5mkGoWWeZ6BUpgu9ZdHXuEmgcjFZbMrIa
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:32 2024 by rpki-client on console-fra.rpki-client.org