Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/7edd9a-fb72-43d7-b252-4cd11e8b7497/1/0om5xsxKawAuFeId4NtphlUi3fg.roa
File: 0om5xsxKawAuFeId4NtphlUi3fg.roa (raw, json)
Hash identifier: hh/Qr4HiKkADJmapN/0wWlgUY2DOWHylqgxf+/ReTiQ=
Subject key identifier: D2:89:B9:C6:CC:4A:6B:00:2E:15:E2:1D:E0:DB:69:86:55:22:DD:F8
Certificate issuer: /CN=178c8f20c939aaa9c80cce6a0d1567183ca1c599
Certificate serial: 01856F549B2041005791A14270F5B641157F
Authority key identifier: 17:8C:8F:20:C9:39:AA:A9:C8:0C:CE:6A:0D:15:67:18:3C:A1:C5:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F4yPIMk5qqnIDM5qDRVnGDyhxZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/7edd9a-fb72-43d7-b252-4cd11e8b7497/1/0om5xsxKawAuFeId4NtphlUi3fg.roa
Signing time: Sun 01 Jan 2023 21:54:53 +0000
ROA not before: Sun 01 Jan 2023 21:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35470
IP address blocks: 91.199.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:9b:20:41:00:57:91:a1:42:70:f5:b6:41:15:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=178c8f20c939aaa9c80cce6a0d1567183ca1c599
Validity
Not Before: Jan 1 21:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d289b9c6cc4a6b002e15e21de0db69865522ddf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bc:bb:df:ac:4c:bd:4f:51:06:b3:3b:f2:5c:
17:73:2f:eb:38:0d:ec:e5:8b:38:6b:aa:be:1a:f3:
ea:64:01:c0:8d:14:a6:aa:85:92:bb:06:3c:c1:f5:
97:d4:f3:1e:6b:ad:3a:5f:ee:80:2c:85:eb:04:7e:
90:22:20:c5:06:3f:ad:66:12:2b:d4:91:e6:d3:a8:
f6:46:66:30:3d:08:4f:ae:cf:1d:f6:06:7a:81:a8:
b6:07:76:3b:f9:1f:9d:86:c1:f8:46:9c:ec:dc:6d:
33:5b:69:4b:86:f1:98:c3:89:12:73:a6:c2:01:a7:
2c:b5:5c:ed:3c:10:15:dc:4d:04:53:53:16:ec:67:
70:16:4b:97:a8:4f:81:0e:70:ee:5b:ad:2b:d4:e9:
aa:04:88:c7:5a:27:2b:06:52:f5:c1:49:2c:b2:38:
e5:20:99:65:92:e8:e0:e8:38:ab:49:3d:61:2f:5d:
be:59:5e:61:aa:62:bc:92:16:29:da:98:e0:b2:ca:
fd:32:61:5e:a1:98:70:10:01:86:14:c1:2d:d3:4b:
d2:cd:df:f3:a9:ea:3d:8f:68:79:c1:2e:41:90:d1:
88:35:ce:d9:0c:ee:e0:f8:3f:db:de:33:6b:c3:54:
d4:62:ca:94:4e:cb:b2:45:49:70:54:68:d5:8a:a6:
10:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:89:B9:C6:CC:4A:6B:00:2E:15:E2:1D:E0:DB:69:86:55:22:DD:F8
X509v3 Authority Key Identifier:
keyid:17:8C:8F:20:C9:39:AA:A9:C8:0C:CE:6A:0D:15:67:18:3C:A1:C5:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F4yPIMk5qqnIDM5qDRVnGDyhxZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/7edd9a-fb72-43d7-b252-4cd11e8b7497/1/0om5xsxKawAuFeId4NtphlUi3fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/7edd9a-fb72-43d7-b252-4cd11e8b7497/1/F4yPIMk5qqnIDM5qDRVnGDyhxZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.74.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:fa:1b:95:e7:48:f4:0a:dc:be:4a:aa:e5:2e:2f:c7:24:b3:
0f:95:42:2e:26:b4:90:ca:42:58:cb:09:e7:1b:d1:30:0c:9e:
b9:58:cc:f3:d8:80:02:c9:2b:b4:5d:9d:8e:1d:cc:76:91:1d:
a3:fb:dd:f1:71:7d:eb:73:29:6e:e6:3b:cb:80:d7:9f:40:4e:
6d:0f:e0:0f:0e:42:cd:1d:79:0a:a6:2e:6b:e4:b2:5b:b9:a7:
cb:5d:da:72:ac:86:a9:19:2b:ca:b8:02:1f:e4:d7:e8:53:43:
49:75:b7:e0:0b:e6:df:ae:d9:33:a6:17:34:89:a6:39:87:c6:
90:47:6a:d3:3b:86:40:78:e6:36:c7:88:7d:e9:f5:c7:bf:da:
5a:66:43:1b:d7:91:71:91:4d:6c:50:51:2d:b8:ea:31:97:f5:
6c:ad:d2:3d:03:5a:a8:86:45:1e:77:5a:bf:40:80:91:5e:d3:
1c:79:0a:83:bc:d5:28:d4:7a:0f:f0:97:44:ad:1d:e1:0d:11:
94:57:ff:bd:7b:67:a8:97:82:79:29:7a:99:0d:c1:1f:c3:b4:
bf:c4:33:8c:56:4c:01:4b:77:52:1d:91:e4:8f:30:bb:6e:0c:
3e:ac:90:85:c3:f7:7a:22:96:8d:bb:2e:f4:5a:45:e7:2b:f3:
16:86:06:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVJsgQQBXkaFCcPW2QRV/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OGM4ZjIwYzkzOWFhYTljODBjY2U2YTBkMTU2NzE4M2Nh
MWM1OTkwHhcNMjMwMTAxMjE1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjg5YjljNmNjNGE2YjAwMmUxNWUyMWRlMGRiNjk4NjU1MjJkZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApby736xMvU9RBrM78lwXcy/rOA3s
5Ys4a6q+GvPqZAHAjRSmqoWSuwY8wfWX1PMea606X+6ALIXrBH6QIiDFBj+tZhIr
1JHm06j2RmYwPQhPrs8d9gZ6gai2B3Y7+R+dhsH4Rpzs3G0zW2lLhvGYw4kSc6bC
AacstVztPBAV3E0EU1MW7GdwFkuXqE+BDnDuW60r1OmqBIjHWicrBlL1wUkssjjl
IJllkujg6DirST1hL12+WV5hqmK8khYp2pjgssr9MmFeoZhwEAGGFMEt00vSzd/z
qeo9j2h5wS5BkNGINc7ZDO7g+D/b3jNrw1TUYsqUTsuyRUlwVGjViqYQcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKJucbMSmsALhXiHeDbaYZVIt34MB8GA1UdIwQY
MBaAFBeMjyDJOaqpyAzOag0VZxg8ocWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjR5UElNazVxcW5JRE01cURSVm5HRHloeFprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy83ZWRkOWEtZmI3Mi00M2Q3LWIyNTIt
NGNkMTFlOGI3NDk3LzEvMG9tNXhzeEthd0F1RmVJZDROdHBobFVpM2ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy83ZWRkOWEtZmI3Mi00M2Q3LWIyNTItNGNkMTFlOGI3NDk3
LzEvRjR5UElNazVxcW5JRE01cURSVm5HRHloeFprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8dKMA0G
CSqGSIb3DQEBCwUAA4IBAQAv+huV50j0Cty+SqrlLi/HJLMPlUIuJrSQykJYywnn
G9EwDJ65WMzz2IACySu0XZ2OHcx2kR2j+93xcX3rcylu5jvLgNefQE5tD+APDkLN
HXkKpi5r5LJbuafLXdpyrIapGSvKuAIf5NfoU0NJdbfgC+bfrtkzphc0iaY5h8aQ
R2rTO4ZAeOY2x4h96fXHv9paZkMb15FxkU1sUFEtuOoxl/VsrdI9A1qohkUed1q/
QICRXtMceQqDvNUo1HoP8JdErR3hDRGUV/+9e2eol4J5KXqZDcEfw7S/xDOMVkwB
S3dSHZHkjzC7bgw+rJCFw/d6IpaNuy70WkXnK/MWhgY0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:50 2024 by rpki-client on console-fra.rpki-client.org