Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/1912e8-0d6b-4ed6-8ae4-7d482aa48c68/1/gCOcI-lOXL8GRSfNoNNDYpfQ1qE.roa
File: gCOcI-lOXL8GRSfNoNNDYpfQ1qE.roa (raw, json)
Hash identifier: OR9/ZlTCI8e3VHJEyifCPqhq3FG8JXumxgv6nf4OHZI=
Subject key identifier: 80:23:9C:23:E9:4E:5C:BF:06:45:27:CD:A0:D3:43:62:97:D0:D6:A1
Certificate issuer: /CN=31836010eedef15f76adeba9f729a828bf2be8cb
Certificate serial: 01856F8B80A77CFB90F820202FA28435C644
Authority key identifier: 31:83:60:10:EE:DE:F1:5F:76:AD:EB:A9:F7:29:A8:28:BF:2B:E8:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYNgEO7e8V92reup9ymoKL8r6Ms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/1912e8-0d6b-4ed6-8ae4-7d482aa48c68/1/gCOcI-lOXL8GRSfNoNNDYpfQ1qE.roa
Signing time: Sun 01 Jan 2023 22:54:51 +0000
ROA not before: Sun 01 Jan 2023 22:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8820
IP address blocks: 91.239.211.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:80:a7:7c:fb:90:f8:20:20:2f:a2:84:35:c6:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31836010eedef15f76adeba9f729a828bf2be8cb
Validity
Not Before: Jan 1 22:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80239c23e94e5cbf064527cda0d3436297d0d6a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1f:6e:56:7d:9f:26:70:8e:8a:a8:80:08:43:
ce:c6:e8:fe:ab:c1:c8:cd:41:89:9d:bb:ba:c1:bf:
93:67:f7:4c:bc:28:61:4d:c2:a2:a2:00:0d:c2:e1:
5b:a9:17:21:6a:78:24:ae:2f:e9:57:28:de:eb:25:
ce:7b:7f:ce:17:03:ea:f9:99:ba:7d:0f:95:41:b7:
23:25:80:8e:31:48:e4:83:35:b0:fd:04:f8:61:dd:
bf:8d:9a:e4:01:97:89:df:36:9e:24:a7:e5:79:6d:
9a:84:f0:24:34:85:ce:13:e8:05:a2:f6:fa:21:5c:
08:04:99:aa:0c:91:e3:bb:9e:0a:70:37:cd:46:e7:
57:b9:03:c6:30:4e:7c:52:3c:5d:50:7a:66:54:a4:
82:a4:9c:f6:ed:fc:ab:23:ab:77:a7:b0:26:8d:db:
bc:c8:8c:00:aa:05:f3:36:6e:fe:17:99:20:c4:f6:
4a:8d:74:4c:32:7c:a3:00:bd:f1:b7:8d:60:52:74:
d8:96:ee:c7:a6:f0:5e:39:c2:2f:39:c6:85:6e:e9:
40:3b:ae:68:32:3a:d5:13:3a:76:64:13:f2:c1:bc:
7d:3e:8b:a3:92:4a:44:b0:15:52:d0:b8:9b:9d:29:
0c:64:3e:0d:19:3e:72:7b:32:e0:eb:41:92:ad:5d:
a7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:23:9C:23:E9:4E:5C:BF:06:45:27:CD:A0:D3:43:62:97:D0:D6:A1
X509v3 Authority Key Identifier:
keyid:31:83:60:10:EE:DE:F1:5F:76:AD:EB:A9:F7:29:A8:28:BF:2B:E8:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYNgEO7e8V92reup9ymoKL8r6Ms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/1912e8-0d6b-4ed6-8ae4-7d482aa48c68/1/gCOcI-lOXL8GRSfNoNNDYpfQ1qE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/1912e8-0d6b-4ed6-8ae4-7d482aa48c68/1/MYNgEO7e8V92reup9ymoKL8r6Ms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.211.0/24
Signature Algorithm: sha256WithRSAEncryption
73:79:2f:27:3f:08:ad:66:d0:95:67:60:26:5e:39:d4:7c:5c:
0e:5b:48:0e:72:0a:a7:c4:20:b2:d5:a6:69:14:d5:ff:8a:b7:
ec:e5:d3:08:16:de:8a:d3:74:9c:7d:88:51:c0:25:32:7e:8a:
59:2e:d2:54:27:24:ef:e7:2f:01:89:40:d5:24:b6:24:e8:02:
89:fd:12:73:82:41:7a:f1:c1:2c:c4:c0:b7:7c:f2:f7:ff:db:
31:52:1a:3d:1b:ca:5d:02:52:37:e3:91:6f:fd:35:56:27:87:
e5:c4:25:dc:07:da:2d:7a:0c:a3:40:1a:01:93:8a:aa:33:22:
69:8b:bb:26:3d:95:c5:d8:9a:b8:52:cc:48:84:40:0a:05:18:
6a:c2:3e:8d:4b:e0:e2:6a:dc:8c:7f:8b:75:b4:a1:07:31:b0:
b0:83:56:a7:7c:90:4a:c0:cc:12:49:03:e0:6a:42:16:28:71:
09:dc:d8:67:fe:d5:41:32:ea:bd:5a:54:ab:90:51:c8:66:90:
3a:44:5d:e8:fa:33:57:99:d6:3a:70:17:cf:ed:0b:d3:2c:4d:
93:41:71:fc:48:21:3d:e6:b2:18:22:ff:27:36:04:68:f1:80:
7c:b0:9d:e3:25:5b:45:9b:e3:fa:d5:a3:6a:4a:24:d0:c3:44:
be:9f:22:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi4CnfPuQ+CAgL6KENcZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM2MDEwZWVkZWYxNWY3NmFkZWJhOWY3MjlhODI4YmYy
YmU4Y2IwHhcNMjMwMTAxMjI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDIzOWMyM2U5NGU1Y2JmMDY0NTI3Y2RhMGQzNDM2Mjk3ZDBkNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuR9uVn2fJnCOiqiACEPOxuj+q8HI
zUGJnbu6wb+TZ/dMvChhTcKiogANwuFbqRchangkri/pVyje6yXOe3/OFwPq+Zm6
fQ+VQbcjJYCOMUjkgzWw/QT4Yd2/jZrkAZeJ3zaeJKfleW2ahPAkNIXOE+gFovb6
IVwIBJmqDJHju54KcDfNRudXuQPGME58UjxdUHpmVKSCpJz27fyrI6t3p7Amjdu8
yIwAqgXzNm7+F5kgxPZKjXRMMnyjAL3xt41gUnTYlu7HpvBeOcIvOcaFbulAO65o
MjrVEzp2ZBPywbx9PoujkkpEsBVS0LibnSkMZD4NGT5yezLg60GSrV2nXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIAjnCPpTly/BkUnzaDTQ2KX0NahMB8GA1UdIwQY
MBaAFDGDYBDu3vFfdq3rqfcpqCi/K+jLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlOZ0VPN2U4VjkycmV1cDl5bW9LTDhyNk1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8xOTEyZTgtMGQ2Yi00ZWQ2LThhZTQt
N2Q0ODJhYTQ4YzY4LzEvZ0NPY0ktbE9YTDhHUlNmTm9OTkRZcGZRMXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8xOTEyZTgtMGQ2Yi00ZWQ2LThhZTQtN2Q0ODJhYTQ4YzY4
LzEvTVlOZ0VPN2U4VjkycmV1cDl5bW9LTDhyNk1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+/TMA0G
CSqGSIb3DQEBCwUAA4IBAQBzeS8nPwitZtCVZ2AmXjnUfFwOW0gOcgqnxCCy1aZp
FNX/irfs5dMIFt6K03ScfYhRwCUyfopZLtJUJyTv5y8BiUDVJLYk6AKJ/RJzgkF6
8cEsxMC3fPL3/9sxUho9G8pdAlI345Fv/TVWJ4flxCXcB9otegyjQBoBk4qqMyJp
i7smPZXF2Jq4UsxIhEAKBRhqwj6NS+DiatyMf4t1tKEHMbCwg1anfJBKwMwSSQPg
akIWKHEJ3Nhn/tVBMuq9WlSrkFHIZpA6RF3o+jNXmdY6cBfP7QvTLE2TQXH8SCE9
5rIYIv8nNgRo8YB8sJ3jJVtFm+P61aNqSiTQw0S+nyIQ
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:39:58 2024 by rpki-client on console-ams.rpki-client.org