Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/5sttdH-Tq2fpWBCz6wooE_eO1J4.roa
File: 5sttdH-Tq2fpWBCz6wooE_eO1J4.roa (raw, json)
Hash identifier: AarqiQ9uxdxbLaSj0alxhf5Ww+CoL5IOIowHPSj+Mzw=
Subject key identifier: E6:CB:6D:74:7F:93:AB:67:E9:58:10:B3:EB:0A:28:13:F7:8E:D4:9E
Certificate issuer: /CN=f58acd43c0033b13b88bb397415583aa51d9303a
Certificate serial: 0185BC0BB5D5498136F79787A8880354CE17
Authority key identifier: F5:8A:CD:43:C0:03:3B:13:B8:8B:B3:97:41:55:83:AA:51:D9:30:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/5sttdH-Tq2fpWBCz6wooE_eO1J4.roa
Signing time: Mon 16 Jan 2023 19:26:02 +0000
ROA not before: Mon 16 Jan 2023 19:26:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204672
IP address blocks: 91.137.80.0/22 maxlen: 22
91.137.86.0/23 maxlen: 23
91.137.118.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bc:0b:b5:d5:49:81:36:f7:97:87:a8:88:03:54:ce:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f58acd43c0033b13b88bb397415583aa51d9303a
Validity
Not Before: Jan 16 19:26:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6cb6d747f93ab67e95810b3eb0a2813f78ed49e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c0:29:fd:51:98:ef:8f:ab:91:d8:f0:cb:ad:
49:06:17:ad:6e:31:a8:91:6a:d2:5d:54:26:05:c3:
b6:0b:ab:6d:6f:d8:61:86:fd:01:8a:97:26:f5:b8:
21:a9:a4:1e:f2:d1:a0:c1:2e:6c:cd:3b:93:57:4d:
67:eb:b5:71:de:45:c4:27:d4:4b:98:b6:d5:07:13:
83:7a:54:ca:ad:41:c8:a9:0c:5d:52:e0:36:33:84:
01:59:0e:02:ed:9f:68:6b:5b:b8:7d:ef:2d:db:a9:
8b:33:4b:13:f1:d7:1c:62:a6:54:f7:b6:cd:de:71:
22:61:39:32:72:4a:9c:79:e7:72:3a:6f:65:4b:f4:
53:ff:ee:47:d9:ee:03:b7:5a:b0:ab:8e:0f:47:82:
62:b4:25:d3:f6:9f:b7:d0:70:c2:a3:6b:60:30:07:
3e:d3:17:40:8f:c6:fe:c0:8a:85:fb:7e:b6:a1:60:
c7:e0:83:e7:3d:bb:db:5a:50:83:93:53:7f:a0:a8:
13:df:07:0b:ba:6f:81:91:e4:38:7c:b2:c2:51:98:
32:bd:fc:20:f8:c2:18:29:13:39:42:a4:c8:b2:b5:
00:a1:c6:ee:72:65:d0:77:fb:05:1c:ac:63:75:7d:
3e:40:60:2d:b5:af:2c:50:90:ea:d0:c9:60:7c:5b:
dc:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:CB:6D:74:7F:93:AB:67:E9:58:10:B3:EB:0A:28:13:F7:8E:D4:9E
X509v3 Authority Key Identifier:
keyid:F5:8A:CD:43:C0:03:3B:13:B8:8B:B3:97:41:55:83:AA:51:D9:30:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/5sttdH-Tq2fpWBCz6wooE_eO1J4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.137.80.0/22
91.137.86.0/23
91.137.118.0/23
Signature Algorithm: sha256WithRSAEncryption
05:68:b1:26:ec:7a:4b:18:c7:85:3a:a6:41:c8:50:f9:ea:ea:
86:de:f0:0d:e9:0f:78:58:45:10:fa:fa:5c:3d:72:95:b5:e0:
b3:18:02:c2:c5:41:dd:8c:90:ce:95:a0:53:1d:86:ae:2d:b3:
23:36:ab:a6:58:2c:e9:69:b6:f7:a0:9d:1c:5c:01:4c:9a:6d:
9e:69:23:90:a1:2b:0c:02:c9:b6:9b:eb:b9:98:68:8a:76:fe:
82:fe:ba:9a:e4:b7:5b:e9:b2:76:e7:eb:83:db:6c:a3:b0:b8:
bf:65:a1:52:63:76:34:c9:ed:49:77:d9:58:a6:e6:d0:bd:29:
64:be:16:14:5c:4c:86:62:06:d2:a6:16:78:cb:3a:66:41:58:
00:e4:bd:e1:8c:d8:e1:11:68:39:67:50:8f:5c:7e:b5:c0:73:
d6:1b:54:51:b0:b5:9b:30:ba:b9:39:25:96:f3:43:f6:94:a9:
ff:be:02:19:b7:55:2f:0b:78:d1:62:8c:7a:e9:9c:76:11:f8:
3a:83:ae:a2:9f:a0:84:84:ca:16:21:d3:3c:68:77:b0:a7:49:
89:45:2f:d6:33:75:8e:8a:ca:36:70:6a:73:12:d7:10:93:cc:
d6:b3:56:8e:de:1a:6f:20:eb:94:6f:1a:32:33:62:2e:d9:21:
6e:3f:4f:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYW8C7XVSYE295eHqIgDVM4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1OGFjZDQzYzAwMzNiMTNiODhiYjM5NzQxNTU4M2FhNTFk
OTMwM2EwHhcNMjMwMTE2MTkyNjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmNiNmQ3NDdmOTNhYjY3ZTk1ODEwYjNlYjBhMjgxM2Y3OGVkNDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMAp/VGY74+rkdjwy61JBhetbjGo
kWrSXVQmBcO2C6ttb9hhhv0Bipcm9bghqaQe8tGgwS5szTuTV01n67Vx3kXEJ9RL
mLbVBxODelTKrUHIqQxdUuA2M4QBWQ4C7Z9oa1u4fe8t26mLM0sT8dccYqZU97bN
3nEiYTkyckqceedyOm9lS/RT/+5H2e4Dt1qwq44PR4JitCXT9p+30HDCo2tgMAc+
0xdAj8b+wIqF+362oWDH4IPnPbvbWlCDk1N/oKgT3wcLum+BkeQ4fLLCUZgyvfwg
+MIYKRM5QqTIsrUAocbucmXQd/sFHKxjdX0+QGAtta8sUJDq0MlgfFvcNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFObLbXR/k6tn6VgQs+sKKBP3jtSeMB8GA1UdIwQY
MBaAFPWKzUPAAzsTuIuzl0FVg6pR2TA6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVlyTlE4QURPeE80aTdPWFFWV0RxbEhaTURvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8wZTY2ZTktY2YyZC00MGRmLWFhYWUt
Y2YyZDU4ZDBlMGVlLzEvNXN0dGRILVRxMmZwV0JDejZ3b29FX2VPMUo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8wZTY2ZTktY2YyZC00MGRmLWFhYWUtY2YyZDU4ZDBlMGVl
LzEvOVlyTlE4QURPeE80aTdPWFFWV0RxbEhaTURvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW4lQAwQB
W4lWAwQBW4l2MA0GCSqGSIb3DQEBCwUAA4IBAQAFaLEm7HpLGMeFOqZByFD56uqG
3vAN6Q94WEUQ+vpcPXKVteCzGALCxUHdjJDOlaBTHYauLbMjNqumWCzpabb3oJ0c
XAFMmm2eaSOQoSsMAsm2m+u5mGiKdv6C/rqa5Ldb6bJ25+uD22yjsLi/ZaFSY3Y0
ye1Jd9lYpubQvSlkvhYUXEyGYgbSphZ4yzpmQVgA5L3hjNjhEWg5Z1CPXH61wHPW
G1RRsLWbMLq5OSWW80P2lKn/vgIZt1UvC3jRYox66Zx2Efg6g66in6CEhMoWIdM8
aHewp0mJRS/WM3WOiso2cGpzEtcQk8zWs1aO3hpvIOuUbxoyM2Iu2SFuP08B
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:53:40 2024 by rpki-client on console-ams.rpki-client.org