Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/f67dczilP7aXV1HDf273UWjmcpM.roa
File: f67dczilP7aXV1HDf273UWjmcpM.roa (raw, json)
Hash identifier: tnMPR3WWoNRsJAq1Lm6C+1dlgURYC6WEdMlxxX5dW9c=
Subject key identifier: 7F:AE:DD:73:38:A5:3F:B6:97:57:51:C3:7F:6E:F7:51:68:E6:72:93
Certificate issuer: /CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Certificate serial: 018CC34940238224D182384BB0A51B88DF43
Authority key identifier: 61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/f67dczilP7aXV1HDf273UWjmcpM.roa
Signing time: Mon 01 Jan 2024 04:30:06 +0000
ROA not before: Mon 01 Jan 2024 04:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210756
IP address blocks: 91.202.245.0/24 maxlen: 24
91.202.246.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 30 Jul 2024 05:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:40:23:82:24:d1:82:38:4b:b0:a5:1b:88:df:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Validity
Not Before: Jan 1 04:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7faedd7338a53fb6975751c37f6ef75168e67293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:47:a5:37:20:22:5a:b7:5d:bc:7a:f5:2d:ae:
02:d6:31:ac:c6:bd:5b:0f:fb:c6:1d:04:25:a8:9a:
9d:e5:06:64:97:fb:f1:2c:99:02:a0:73:d8:32:4e:
d8:ad:6f:58:e6:ce:49:ab:56:92:68:b1:1a:1d:be:
de:b6:0a:32:81:57:d4:e3:15:f8:f9:b2:18:de:b1:
58:5e:48:11:a8:b6:8e:40:33:de:b7:4f:a1:13:5b:
15:58:2b:2f:8f:ae:80:46:d6:a7:97:07:51:aa:6f:
3f:2b:2b:33:8b:30:5e:57:e0:9a:fc:91:b0:d5:b2:
ac:4b:46:69:c1:fc:06:de:61:9d:80:71:4e:66:38:
50:b4:12:0b:7a:9a:78:ef:b5:c2:9b:e1:ec:8d:67:
27:d8:50:1f:99:9a:54:13:f4:1b:cf:61:54:4f:c0:
47:75:e1:13:f7:ff:a2:3a:9b:0b:6d:e1:be:9d:a0:
f5:c1:b4:d2:0e:a8:b7:8a:ff:2c:51:c1:85:14:98:
97:34:c3:03:c6:ae:93:cb:ba:79:d0:bd:0e:87:05:
cd:96:1a:53:09:21:9a:90:1a:a6:3c:c1:b8:6c:05:
7c:d0:53:be:05:a6:fa:19:c5:9c:a6:1e:a8:25:27:
72:da:05:b4:9c:21:e6:d8:45:bb:ff:85:71:32:9c:
a9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:AE:DD:73:38:A5:3F:B6:97:57:51:C3:7F:6E:F7:51:68:E6:72:93
X509v3 Authority Key Identifier:
keyid:61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/f67dczilP7aXV1HDf273UWjmcpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.245.0-91.202.247.255
Signature Algorithm: sha256WithRSAEncryption
00:a2:f7:54:b6:1f:6b:81:de:6a:e3:f3:07:5c:bb:bd:f3:75:
80:71:34:42:a1:b8:ed:f7:41:77:32:16:5f:77:79:57:fc:f0:
43:77:ad:69:08:c8:d7:b6:c3:32:f6:a3:d5:3c:d5:ce:02:37:
58:44:dc:6f:8f:81:c8:83:4d:da:35:c7:9a:91:e9:9c:6c:8b:
66:c6:3d:3c:93:fb:d3:6d:c9:f0:7a:87:80:37:d9:4b:d0:60:
2b:68:a3:af:2a:d6:f3:c7:5a:10:df:b7:67:d7:1e:2a:29:df:
ef:aa:3d:47:a5:93:84:ac:6e:cb:31:ee:a6:5c:eb:ee:56:3c:
89:9b:51:c7:4b:3a:45:43:fc:f6:53:08:66:ba:c7:14:9f:83:
19:c3:66:db:81:00:ec:74:97:3f:2e:86:0e:be:6b:84:ff:a2:
7c:4c:70:f4:12:cb:48:87:cd:cf:1d:5a:fd:75:23:17:bb:4a:
e5:17:21:a8:e2:a3:a4:61:ae:da:e8:c1:f1:a0:18:f9:7e:29:
f7:46:a6:49:61:96:3f:85:4c:40:89:54:4b:21:ad:a0:5f:f9:
36:6f:17:3f:11:d0:6a:75:be:5e:65:79:92:aa:19:a8:72:dc:
ba:6c:68:f1:d5:43:96:4a:a2:7a:f8:bf:23:b6:bb:e5:e4:7e:
22:d8:75:10
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDSUAjgiTRgjhLsKUbiN9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNjE0NzBkMzliZTRiYTJkZDVkZjhmYTQ3YjE2Mzk2Mjc4
ZTY3MGEwHhcNMjQwMTAxMDQzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmFlZGQ3MzM4YTUzZmI2OTc1NzUxYzM3ZjZlZjc1MTY4ZTY3MjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUelNyAiWrddvHr1La4C1jGsxr1b
D/vGHQQlqJqd5QZkl/vxLJkCoHPYMk7YrW9Y5s5Jq1aSaLEaHb7etgoygVfU4xX4
+bIY3rFYXkgRqLaOQDPet0+hE1sVWCsvj66ARtanlwdRqm8/KyszizBeV+Ca/JGw
1bKsS0ZpwfwG3mGdgHFOZjhQtBILepp477XCm+HsjWcn2FAfmZpUE/Qbz2FUT8BH
deET9/+iOpsLbeG+naD1wbTSDqi3iv8sUcGFFJiXNMMDxq6Ty7p50L0OhwXNlhpT
CSGakBqmPMG4bAV80FO+Bab6GcWcph6oJSdy2gW0nCHm2EW7/4VxMpyphwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFH+u3XM4pT+2l1dRw39u91Fo5nKTMB8GA1UdIwQY
MBaAFGFhRw05vkui3V34+kexY5YnjmcKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVdGSERUbS1TNkxkWGZqNlI3RmpsaWVPWndvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9lNTE4NTYtZTUyZS00YjI0LThjOTkt
YzI0MGJmYzljYmMxLzEvZjY3ZGN6aWxQN2FYVjFIRGYyNzNVV2ptY3BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9lNTE4NTYtZTUyZS00YjI0LThjOTktYzI0MGJmYzljYmMx
LzEvWVdGSERUbS1TNkxkWGZqNlI3RmpsaWVPWndvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABbyvUD
BANbyvAwDQYJKoZIhvcNAQELBQADggEBAACi91S2H2uB3mrj8wdcu73zdYBxNEKh
uO33QXcyFl93eVf88EN3rWkIyNe2wzL2o9U81c4CN1hE3G+PgciDTdo1x5qR6Zxs
i2bGPTyT+9NtyfB6h4A32UvQYCtoo68q1vPHWhDft2fXHiop3++qPUelk4Ssbssx
7qZc6+5WPImbUcdLOkVD/PZTCGa6xxSfgxnDZtuBAOx0lz8uhg6+a4T/onxMcPQS
y0iHzc8dWv11Ixe7SuUXIajio6RhrtrowfGgGPl+KfdGpklhlj+FTECJVEshraBf
+TZvFz8R0Gp1vl5leZKqGahy3LpsaPHVQ5ZKonr4vyO2u+XkfiLYdRA=
-----END CERTIFICATE-----
Generated at Tue Jul 30 08:08:27 2024 by rpki-client on console-ams.rpki-client.org