Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/de8662-993f-47f7-a27f-00b92c1c1ef4/1/kqK-OxMLET7uOUPzslAL_I40l_w.roa
File: kqK-OxMLET7uOUPzslAL_I40l_w.roa (raw, json)
Hash identifier: FcqzODJO3/kiYae2LN1FjfBJuRuE4QJdE3R00Mb1cAU=
Subject key identifier: 92:A2:BE:3B:13:0B:11:3E:EE:39:43:F3:B2:50:0B:FC:8E:34:97:FC
Certificate issuer: /CN=f440e5eba2f8bfc8fe8fe56cc88a4289652390ba
Certificate serial: 01856D8ABB57E7FDA849DE9A40355D140243
Authority key identifier: F4:40:E5:EB:A2:F8:BF:C8:FE:8F:E5:6C:C8:8A:42:89:65:23:90:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9EDl66L4v8j-j-VsyIpCiWUjkLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/de8662-993f-47f7-a27f-00b92c1c1ef4/1/kqK-OxMLET7uOUPzslAL_I40l_w.roa
Signing time: Sun 01 Jan 2023 13:34:46 +0000
ROA not before: Sun 01 Jan 2023 13:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 91.192.240.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:bb:57:e7:fd:a8:49:de:9a:40:35:5d:14:02:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f440e5eba2f8bfc8fe8fe56cc88a4289652390ba
Validity
Not Before: Jan 1 13:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92a2be3b130b113eee3943f3b2500bfc8e3497fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:51:ae:47:dc:00:df:fb:6b:81:21:ce:3f:be:
32:b8:58:e6:92:29:d3:d5:48:d5:20:31:ba:7f:8f:
ea:9b:d9:2d:be:77:1b:fd:16:f6:ad:e9:b8:85:5d:
72:40:9c:30:4b:5b:bf:bd:f4:77:c1:ae:4c:64:d3:
f7:3b:d2:ec:f1:54:4d:df:a9:ef:dd:ed:7b:03:7d:
9a:2a:52:f9:04:41:98:50:3a:1e:02:df:b0:45:44:
16:30:30:d0:40:56:77:8a:7d:1d:c4:54:25:1b:aa:
66:70:07:df:d2:9e:38:b2:a8:24:c0:c7:81:8d:b6:
44:82:6b:0b:70:6b:95:c9:13:d6:02:2c:3f:cc:ca:
51:95:76:31:47:4c:5a:ad:04:42:84:a6:7d:91:1f:
91:ab:81:89:bc:fe:6f:44:01:b2:d9:75:2d:87:b6:
00:7b:9f:c8:d7:22:07:2e:65:4f:e1:1a:c3:89:5e:
b6:61:bc:6f:d5:a6:e2:3b:4b:5e:54:71:cd:f7:af:
a2:c7:b5:b5:e0:ee:df:7a:cc:f1:45:8d:16:3d:b9:
19:d2:a2:b2:d3:c5:48:35:47:44:bf:63:0c:7e:c8:
96:c3:c3:e9:4e:ec:bd:4d:e0:01:c8:54:d2:9e:2f:
38:66:83:a3:ea:72:27:5a:f3:10:d1:4d:cd:b7:df:
48:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A2:BE:3B:13:0B:11:3E:EE:39:43:F3:B2:50:0B:FC:8E:34:97:FC
X509v3 Authority Key Identifier:
keyid:F4:40:E5:EB:A2:F8:BF:C8:FE:8F:E5:6C:C8:8A:42:89:65:23:90:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9EDl66L4v8j-j-VsyIpCiWUjkLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de8662-993f-47f7-a27f-00b92c1c1ef4/1/kqK-OxMLET7uOUPzslAL_I40l_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de8662-993f-47f7-a27f-00b92c1c1ef4/1/9EDl66L4v8j-j-VsyIpCiWUjkLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.240.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:d3:16:1a:5e:c2:b4:50:87:b7:c9:5e:52:db:81:a2:8f:c7:
d0:22:ee:79:d9:ab:7f:9f:20:6e:6f:df:d9:83:ec:e7:78:17:
20:ad:c4:32:32:b1:36:e1:c0:9a:4f:ab:f6:ac:91:08:60:b6:
c2:af:36:28:8b:ac:b4:15:5b:97:27:a5:3a:df:6d:94:95:15:
df:2b:e2:47:df:e5:06:63:58:74:d8:5a:3a:68:6a:4e:10:d6:
7d:94:34:de:52:22:48:18:4d:a7:91:9b:85:87:da:18:e9:a4:
cb:f7:de:8c:72:47:3e:f8:d2:1d:44:f5:02:95:03:c7:82:b4:
13:79:ad:24:d8:14:49:d5:9e:b6:aa:7d:9f:52:3a:e5:c9:4d:
1d:ed:5a:3f:0b:22:78:8d:b8:87:aa:ae:28:a1:89:95:0c:30:
e6:af:4e:f4:56:d4:f0:60:e7:aa:3a:4c:ef:58:2c:2d:df:32:
91:b9:46:50:6a:01:5d:fa:64:31:1b:8d:76:1d:19:1e:63:b4:
e2:df:d8:5d:38:ed:cf:dc:5f:57:01:5b:30:79:9c:2f:20:14:
c3:0e:45:ec:be:6f:9f:1d:4e:86:dc:70:53:02:a3:b9:32:85:
1c:a4:13:e4:32:5d:e6:9a:1a:21:45:6b:04:a1:61:83:aa:cb:
f4:97:a7:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtirtX5/2oSd6aQDVdFAJDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NDBlNWViYTJmOGJmYzhmZThmZTU2Y2M4OGE0Mjg5NjUy
MzkwYmEwHhcNMjMwMTAxMTMzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmEyYmUzYjEzMGIxMTNlZWUzOTQzZjNiMjUwMGJmYzhlMzQ5N2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVGuR9wA3/trgSHOP74yuFjmkinT
1UjVIDG6f4/qm9ktvncb/Rb2rem4hV1yQJwwS1u/vfR3wa5MZNP3O9Ls8VRN36nv
3e17A32aKlL5BEGYUDoeAt+wRUQWMDDQQFZ3in0dxFQlG6pmcAff0p44sqgkwMeB
jbZEgmsLcGuVyRPWAiw/zMpRlXYxR0xarQRChKZ9kR+Rq4GJvP5vRAGy2XUth7YA
e5/I1yIHLmVP4RrDiV62Ybxv1abiO0teVHHN96+ix7W14O7feszxRY0WPbkZ0qKy
08VINUdEv2MMfsiWw8PpTuy9TeAByFTSni84ZoOj6nInWvMQ0U3Nt99IOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJKivjsTCxE+7jlD87JQC/yONJf8MB8GA1UdIwQY
MBaAFPRA5eui+L/I/o/lbMiKQollI5C6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUVEbDY2TDR2OGotai1Wc3lJcENpV1Vqa0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kZTg2NjItOTkzZi00N2Y3LWEyN2Yt
MDBiOTJjMWMxZWY0LzEva3FLLU94TUxFVDd1T1VQenNsQUxfSTQwbF93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kZTg2NjItOTkzZi00N2Y3LWEyN2YtMDBiOTJjMWMxZWY0
LzEvOUVEbDY2TDR2OGotai1Wc3lJcENpV1Vqa0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8DwMA0G
CSqGSIb3DQEBCwUAA4IBAQAK0xYaXsK0UIe3yV5S24Gij8fQIu552at/nyBub9/Z
g+zneBcgrcQyMrE24cCaT6v2rJEIYLbCrzYoi6y0FVuXJ6U6322UlRXfK+JH3+UG
Y1h02Fo6aGpOENZ9lDTeUiJIGE2nkZuFh9oY6aTL996Mckc++NIdRPUClQPHgrQT
ea0k2BRJ1Z62qn2fUjrlyU0d7Vo/CyJ4jbiHqq4ooYmVDDDmr070VtTwYOeqOkzv
WCwt3zKRuUZQagFd+mQxG412HRkeY7Ti39hdOO3P3F9XAVsweZwvIBTDDkXsvm+f
HU6G3HBTAqO5MoUcpBPkMl3mmhohRWsEoWGDqsv0l6ef
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:16 2024 by rpki-client on console-fra.rpki-client.org