Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/I82HO8jmZmK2bg_WsBCKqJ1Dxgs.roa
File: I82HO8jmZmK2bg_WsBCKqJ1Dxgs.roa (raw, json)
Hash identifier: 2GcK30vIChWLTLOrsHMePa51HBCeovdoC8Jc5A3YxEM=
Subject key identifier: 23:CD:87:3B:C8:E6:66:62:B6:6E:0F:D6:B0:10:8A:A8:9D:43:C6:0B
Certificate issuer: /CN=2841262acd62c90e68081a6f777375df2c3713c2
Certificate serial: 018572033DDFEE7325BA2791F151CEA47357
Authority key identifier: 28:41:26:2A:CD:62:C9:0E:68:08:1A:6F:77:73:75:DF:2C:37:13:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KEEmKs1iyQ5oCBpvd3N13yw3E8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/I82HO8jmZmK2bg_WsBCKqJ1Dxgs.roa
Signing time: Mon 02 Jan 2023 10:24:52 +0000
ROA not before: Mon 02 Jan 2023 10:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196792
IP address blocks: 91.217.98.0/23 maxlen: 23
91.217.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:3d:df:ee:73:25:ba:27:91:f1:51:ce:a4:73:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2841262acd62c90e68081a6f777375df2c3713c2
Validity
Not Before: Jan 2 10:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23cd873bc8e66662b66e0fd6b0108aa89d43c60b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:11:16:39:b5:28:d9:18:4f:c2:08:29:87:15:
e2:c1:a7:c4:22:13:db:c1:0d:ad:7f:1a:c1:09:d9:
f3:6d:77:b0:0f:8a:c6:9e:d1:6f:e3:66:86:d6:87:
bf:b7:a0:90:d4:88:ba:77:17:42:45:74:a6:a3:9c:
78:10:f4:44:d7:b5:ab:b1:f8:1b:ea:35:93:ae:1b:
aa:6f:8e:0c:f6:28:86:c4:49:80:9d:cd:7a:68:06:
96:63:24:5a:e0:2d:8c:cc:d3:e8:84:ba:9f:db:f0:
bb:ee:52:c5:9d:95:c5:40:da:cd:9f:69:d0:cd:df:
df:3e:4f:bf:b3:2f:27:08:97:9a:48:9e:99:ad:65:
dc:d2:aa:0a:67:2e:70:4d:27:3c:77:f4:24:0e:c2:
b3:35:a3:20:32:cd:9f:06:69:02:7d:97:5e:06:34:
54:2f:ff:5f:6d:53:bf:93:38:2d:69:b7:52:8d:1f:
ce:df:62:c8:0b:38:7f:ff:47:1b:bb:a5:00:69:39:
88:2d:96:1c:e0:35:9a:19:1b:e4:66:b2:bd:30:9e:
aa:a3:1d:4f:9b:36:71:ef:64:ae:1c:e4:08:83:ab:
3d:a0:40:75:a3:9c:5c:e0:77:19:99:65:0f:a4:58:
e9:6e:45:47:be:ee:a1:79:32:9d:be:2a:07:16:69:
01:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:CD:87:3B:C8:E6:66:62:B6:6E:0F:D6:B0:10:8A:A8:9D:43:C6:0B
X509v3 Authority Key Identifier:
keyid:28:41:26:2A:CD:62:C9:0E:68:08:1A:6F:77:73:75:DF:2C:37:13:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KEEmKs1iyQ5oCBpvd3N13yw3E8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/I82HO8jmZmK2bg_WsBCKqJ1Dxgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/KEEmKs1iyQ5oCBpvd3N13yw3E8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.98.0/23
Signature Algorithm: sha256WithRSAEncryption
42:87:00:9c:02:0b:5d:f0:b1:9a:96:48:b7:d9:dd:d0:aa:16:
2d:69:44:54:c9:0d:18:3b:2c:d3:08:b3:53:3b:fc:ca:7b:55:
f2:bf:8e:08:ef:a0:0b:c5:66:65:d6:26:f2:00:b3:d5:06:5f:
5b:c1:29:20:e7:66:57:6d:f5:91:cc:37:10:d1:2a:4a:e2:e0:
5b:5e:47:8c:e7:9c:ce:95:74:45:6d:c6:9c:b8:3f:8a:25:76:
5a:17:b1:ca:a7:80:6c:0c:50:f2:52:af:db:e0:6d:57:72:d3:
ca:3b:8a:4b:ba:2c:7a:bc:fd:cf:26:31:7b:37:ac:78:0d:18:
f9:a5:6c:85:8b:17:b2:af:3e:ab:06:ce:7f:97:ac:91:5f:79:
fc:6d:52:e1:1b:b1:9a:17:ef:ca:09:4a:e6:9f:58:56:01:c0:
be:54:c9:95:77:dd:f5:ee:db:f0:6c:d1:31:a8:8c:8d:5f:4c:
00:93:43:23:29:0e:a4:65:0d:36:5b:e8:69:c4:37:0a:54:f1:
54:e7:6f:91:2a:bd:58:15:21:be:0a:b9:55:0f:98:97:86:47:
d0:07:4e:11:65:e7:e4:92:97:44:0e:c9:e9:3c:87:db:7d:be:
81:e8:b3:37:72:a9:94:d1:54:7d:20:4e:82:30:86:c9:06:d9:
ac:0f:54:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyAz3f7nMluieR8VHOpHNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NDEyNjJhY2Q2MmM5MGU2ODA4MWE2Zjc3NzM3NWRmMmMz
NzEzYzIwHhcNMjMwMTAyMTAyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2NkODczYmM4ZTY2NjYyYjY2ZTBmZDZiMDEwOGFhODlkNDNjNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxEWObUo2RhPwggphxXiwafEIhPb
wQ2tfxrBCdnzbXewD4rGntFv42aG1oe/t6CQ1Ii6dxdCRXSmo5x4EPRE17Wrsfgb
6jWTrhuqb44M9iiGxEmAnc16aAaWYyRa4C2MzNPohLqf2/C77lLFnZXFQNrNn2nQ
zd/fPk+/sy8nCJeaSJ6ZrWXc0qoKZy5wTSc8d/QkDsKzNaMgMs2fBmkCfZdeBjRU
L/9fbVO/kzgtabdSjR/O32LICzh//0cbu6UAaTmILZYc4DWaGRvkZrK9MJ6qox1P
mzZx72SuHOQIg6s9oEB1o5xc4HcZmWUPpFjpbkVHvu6heTKdvioHFmkBLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPNhzvI5mZitm4P1rAQiqidQ8YLMB8GA1UdIwQY
MBaAFChBJirNYskOaAgab3dzdd8sNxPCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0VFbUtzMWl5UTVvQ0JwdmQzTjEzeXczRThJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8wMzIyNzYtMjVkYy00YzMwLThhN2It
OTVhMzNlMTJhM2FkLzEvSTgySE84am1abUsyYmdfV3NCQ0txSjFEeGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8wMzIyNzYtMjVkYy00YzMwLThhN2ItOTVhMzNlMTJhM2Fk
LzEvS0VFbUtzMWl5UTVvQ0JwdmQzTjEzeXczRThJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9liMA0G
CSqGSIb3DQEBCwUAA4IBAQBChwCcAgtd8LGalki32d3QqhYtaURUyQ0YOyzTCLNT
O/zKe1Xyv44I76ALxWZl1ibyALPVBl9bwSkg52ZXbfWRzDcQ0SpK4uBbXkeM55zO
lXRFbcacuD+KJXZaF7HKp4BsDFDyUq/b4G1XctPKO4pLuix6vP3PJjF7N6x4DRj5
pWyFixeyrz6rBs5/l6yRX3n8bVLhG7GaF+/KCUrmn1hWAcC+VMmVd9317tvwbNEx
qIyNX0wAk0MjKQ6kZQ02W+hpxDcKVPFU52+RKr1YFSG+CrlVD5iXhkfQB04RZefk
kpdEDsnpPIfbfb6B6LM3cqmU0VR9IE6CMIbJBtmsD1Sz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:16 2024 by rpki-client on console-ams.rpki-client.org