Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/3CPtLSOkdlZBwkncXfBhr0uFbAQ.roa
File: 3CPtLSOkdlZBwkncXfBhr0uFbAQ.roa (raw, json)
Hash identifier: sNfaD1kTzz8dPLL0ddv8Q6pMZfYRyRK7J624wPnX0ls=
Subject key identifier: DC:23:ED:2D:23:A4:76:56:41:C2:49:DC:5D:F0:61:AF:4B:85:6C:04
Certificate issuer: /CN=6cefa411f0936a466d841ec290cd80cc550a7f6e
Certificate serial: 01856E1D310D2133EAA7E8EAF54EAA609850
Authority key identifier: 6C:EF:A4:11:F0:93:6A:46:6D:84:1E:C2:90:CD:80:CC:55:0A:7F:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bO-kEfCTakZthB7CkM2AzFUKf24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/3CPtLSOkdlZBwkncXfBhr0uFbAQ.roa
Signing time: Sun 01 Jan 2023 16:14:44 +0000
ROA not before: Sun 01 Jan 2023 16:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210626
IP address blocks: 91.242.247.0/24 maxlen: 24
2a11:af40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:1d:31:0d:21:33:ea:a7:e8:ea:f5:4e:aa:60:98:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cefa411f0936a466d841ec290cd80cc550a7f6e
Validity
Not Before: Jan 1 16:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc23ed2d23a4765641c249dc5df061af4b856c04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0e:39:47:fe:63:90:17:fc:a4:b3:5e:d0:12:
2e:16:78:a1:16:b4:ef:7b:07:77:66:e3:e5:93:36:
1e:36:78:4f:c1:06:b2:61:00:3a:9a:6d:fe:5b:a9:
fa:69:08:55:11:78:5d:e9:84:87:e2:36:29:3b:5d:
a3:c7:47:b8:5e:c9:91:81:66:88:4b:96:c9:80:73:
e5:fd:18:40:c6:4a:d8:f0:da:47:6f:fa:67:a4:65:
29:00:f7:04:64:2f:3e:26:a2:1b:5c:84:b6:25:d4:
39:41:6b:34:dd:96:17:d5:d1:76:f4:cc:16:cb:c8:
27:88:55:8f:be:a7:be:61:e5:11:23:90:e0:64:92:
3d:ed:8d:b0:b3:31:30:29:2c:ec:c8:84:30:2a:56:
85:68:7e:54:f5:cd:8e:b5:85:3d:ec:2e:fc:bf:35:
b6:4f:24:2a:94:08:a0:fb:e9:7d:7c:cb:b3:1e:33:
5e:2c:72:e1:7a:57:f3:23:56:34:fa:1e:cd:d1:e5:
a0:1a:78:b4:0e:5a:a7:6b:38:58:6d:d2:25:dd:f8:
e4:b3:fe:c6:e5:ad:ae:10:94:91:6f:b8:aa:71:4b:
5c:b0:50:9a:1d:8e:2f:4d:08:0d:bc:56:03:3d:e1:
da:4e:ec:71:55:f3:a9:45:c6:a3:95:d0:e8:11:6a:
fa:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:23:ED:2D:23:A4:76:56:41:C2:49:DC:5D:F0:61:AF:4B:85:6C:04
X509v3 Authority Key Identifier:
keyid:6C:EF:A4:11:F0:93:6A:46:6D:84:1E:C2:90:CD:80:CC:55:0A:7F:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bO-kEfCTakZthB7CkM2AzFUKf24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/3CPtLSOkdlZBwkncXfBhr0uFbAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/bO-kEfCTakZthB7CkM2AzFUKf24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.247.0/24
IPv6:
2a11:af40::/29
Signature Algorithm: sha256WithRSAEncryption
5e:00:75:ff:97:e7:ba:b2:7c:d1:dc:d4:a9:28:94:cb:c3:96:
39:38:dc:aa:84:05:3b:d8:58:6d:b0:88:53:65:95:77:d9:28:
8b:05:6d:ca:ba:9f:32:88:91:96:0c:b2:70:0b:38:e1:ec:96:
f3:75:32:93:75:60:db:34:96:a7:e1:da:99:7f:cf:2b:85:b7:
85:a1:14:65:8c:02:d9:4d:5e:10:e4:4c:02:65:87:bb:65:46:
c0:66:60:4d:e4:15:f7:48:6d:65:32:d1:f0:6b:6f:77:fb:ad:
77:fb:99:cd:97:56:a9:5b:38:86:ce:6a:28:14:94:c6:ff:95:
79:c5:b4:57:49:59:c5:e7:79:f8:2a:20:ec:1d:88:95:f1:34:
9f:a9:d8:76:52:89:c6:71:21:88:e9:56:dd:59:89:a1:6d:22:
db:a2:1f:73:9f:ac:e9:1f:40:c6:2e:33:fd:4c:a0:05:5e:1e:
96:92:5b:7d:50:47:b9:d5:98:e3:69:0c:5d:5e:f6:22:a8:da:
d8:be:a1:05:eb:6f:b7:45:c5:92:cf:19:d3:bd:bf:77:50:88:
de:a5:89:67:6b:45:8b:11:62:dc:a9:c6:1b:a1:10:a5:3b:72:
f7:c8:2c:da:6c:fb:06:ff:eb:ae:ba:92:fe:28:f5:2f:be:8b:
67:d7:61:b1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuHTENITPqp+jq9U6qYJhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZWZhNDExZjA5MzZhNDY2ZDg0MWVjMjkwY2Q4MGNjNTUw
YTdmNmUwHhcNMjMwMTAxMTYxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzIzZWQyZDIzYTQ3NjU2NDFjMjQ5ZGM1ZGYwNjFhZjRiODU2YzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ45R/5jkBf8pLNe0BIuFnihFrTv
ewd3ZuPlkzYeNnhPwQayYQA6mm3+W6n6aQhVEXhd6YSH4jYpO12jx0e4XsmRgWaI
S5bJgHPl/RhAxkrY8NpHb/pnpGUpAPcEZC8+JqIbXIS2JdQ5QWs03ZYX1dF29MwW
y8gniFWPvqe+YeURI5DgZJI97Y2wszEwKSzsyIQwKlaFaH5U9c2OtYU97C78vzW2
TyQqlAig++l9fMuzHjNeLHLhelfzI1Y0+h7N0eWgGni0DlqnazhYbdIl3fjks/7G
5a2uEJSRb7iqcUtcsFCaHY4vTQgNvFYDPeHaTuxxVfOpRcajldDoEWr6UwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNwj7S0jpHZWQcJJ3F3wYa9LhWwEMB8GA1UdIwQY
MBaAFGzvpBHwk2pGbYQewpDNgMxVCn9uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk8ta0VmQ1Rha1p0aEI3Q2tNMkF6RlVLZjI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81M2IxM2UtZGViYi00NTZhLThkYzEt
ZTgxMWQ5NDA3ZTdhLzEvM0NQdExTT2tkbFpCd2tuY1hmQmhyMHVGYkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81M2IxM2UtZGViYi00NTZhLThkYzEtZTgxMWQ5NDA3ZTdh
LzEvYk8ta0VmQ1Rha1p0aEI3Q2tNMkF6RlVLZjI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW/L3MA0E
AgACMAcDBQMqEa9AMA0GCSqGSIb3DQEBCwUAA4IBAQBeAHX/l+e6snzR3NSpKJTL
w5Y5ONyqhAU72FhtsIhTZZV32SiLBW3Kup8yiJGWDLJwCzjh7JbzdTKTdWDbNJan
4dqZf88rhbeFoRRljALZTV4Q5EwCZYe7ZUbAZmBN5BX3SG1lMtHwa293+613+5nN
l1apWziGzmooFJTG/5V5xbRXSVnF53n4KiDsHYiV8TSfqdh2UonGcSGI6VbdWYmh
bSLboh9zn6zpH0DGLjP9TKAFXh6Wklt9UEe51ZjjaQxdXvYiqNrYvqEF62+3RcWS
zxnTvb93UIjepYlna0WLEWLcqcYboRClO3L3yCzabPsG/+uuupL+KPUvvotn12Gx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:31 2024 by rpki-client on console-fra.rpki-client.org