Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/601360-adb9-4cb5-86d9-2bb2377e5a1c/1/9FZzVN2vjEyydu2HPBvNSGYaSHk.roa
File: 9FZzVN2vjEyydu2HPBvNSGYaSHk.roa (raw, json)
Hash identifier: 8SzknUKJ+MQJfXv+37h0eb2+zsZ85o/HFyQISWIca4U=
Subject key identifier: F4:56:73:54:DD:AF:8C:4C:B2:76:ED:87:3C:1B:CD:48:66:1A:48:79
Certificate issuer: /CN=68dafd6360636a6327747a07080f7f2e5e32ce85
Certificate serial: 01856EB8E3CF5B708B4637033B232A460068
Authority key identifier: 68:DA:FD:63:60:63:6A:63:27:74:7A:07:08:0F:7F:2E:5E:32:CE:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNr9Y2BjamMndHoHCA9_Ll4yzoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/601360-adb9-4cb5-86d9-2bb2377e5a1c/1/9FZzVN2vjEyydu2HPBvNSGYaSHk.roa
Signing time: Sun 01 Jan 2023 19:04:48 +0000
ROA not before: Sun 01 Jan 2023 19:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204626
IP address blocks: 91.218.152.0/24 maxlen: 24
91.218.152.0/23 maxlen: 23
91.218.153.0/24 maxlen: 24
2001:678:5f4::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:e3:cf:5b:70:8b:46:37:03:3b:23:2a:46:00:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68dafd6360636a6327747a07080f7f2e5e32ce85
Validity
Not Before: Jan 1 19:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4567354ddaf8c4cb276ed873c1bcd48661a4879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1c:dd:c4:c2:2c:0f:ce:e9:1f:04:74:1b:60:
3d:9d:55:dd:0a:df:2b:08:bf:6f:e3:56:21:c4:3f:
c5:d4:bd:61:ab:70:4d:27:d8:60:77:de:87:25:88:
88:97:b0:18:e9:01:a8:cc:29:ed:33:44:7d:48:09:
d7:83:1b:a3:ef:ef:13:2b:62:93:f8:6b:55:f2:80:
e5:5d:97:11:e0:9f:c1:39:69:67:71:6e:af:fc:10:
d1:2e:2e:a2:42:60:b0:8e:68:e5:a9:19:2b:e6:ed:
b6:d3:ff:dd:06:a8:4a:aa:dd:5c:4a:68:83:ed:16:
62:25:e1:d0:25:8a:db:be:5d:e5:e7:78:ed:2e:2a:
8a:24:32:25:8b:6b:01:b0:12:e5:d4:63:be:a9:82:
29:fd:61:1c:a5:23:6a:fd:3f:54:df:f9:b4:56:46:
c0:85:c5:fc:76:8d:6c:41:3b:cd:e4:07:f0:73:46:
3f:38:2e:72:8d:a8:f0:c2:9a:46:d5:1b:07:0c:c0:
70:7c:27:bc:87:7e:2d:37:ff:7e:8d:f6:90:b1:1d:
6c:f0:3f:36:2e:f3:1c:17:4c:6b:03:26:e7:6a:6e:
f1:b9:aa:5f:f3:d5:2b:27:87:66:83:f3:13:37:a7:
80:41:f8:8c:5b:05:c6:66:d4:a4:eb:10:e9:94:50:
a2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:56:73:54:DD:AF:8C:4C:B2:76:ED:87:3C:1B:CD:48:66:1A:48:79
X509v3 Authority Key Identifier:
keyid:68:DA:FD:63:60:63:6A:63:27:74:7A:07:08:0F:7F:2E:5E:32:CE:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNr9Y2BjamMndHoHCA9_Ll4yzoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/601360-adb9-4cb5-86d9-2bb2377e5a1c/1/9FZzVN2vjEyydu2HPBvNSGYaSHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/601360-adb9-4cb5-86d9-2bb2377e5a1c/1/aNr9Y2BjamMndHoHCA9_Ll4yzoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.152.0/23
IPv6:
2001:678:5f4::/48
Signature Algorithm: sha256WithRSAEncryption
3c:4d:ea:ba:9a:d1:9a:6d:de:cd:e0:c5:5b:26:38:9b:55:70:
f8:0b:b6:ad:e9:20:44:f4:de:da:a5:aa:85:1a:42:0b:8c:b7:
67:72:a5:d4:07:24:a0:00:99:58:99:33:1e:3b:35:a1:41:e8:
6c:b5:59:ce:76:3f:4d:60:11:50:e4:c0:91:0d:c9:4d:d3:72:
33:cd:8d:c4:c9:c3:9a:0d:d9:4d:02:e4:8b:93:be:9d:ac:72:
d1:9e:fc:a0:71:6b:21:ae:f0:2a:97:bb:22:9b:6c:28:ff:b9:
b3:7d:4d:89:56:c1:8f:74:63:ca:fd:11:d3:a0:f0:d2:b9:a0:
7c:13:24:d9:4c:79:88:f4:f7:1a:a9:b9:a9:e4:85:f5:df:97:
71:44:72:5d:f6:ae:0b:39:d2:e7:30:62:83:dc:da:47:89:22:
17:9f:db:25:77:c4:37:1b:c2:95:c6:36:a4:c2:ff:fa:17:7a:
e6:c9:97:15:77:b3:76:2b:ae:42:c9:93:f5:6e:6c:b1:80:f9:
96:73:8c:4a:86:0a:ca:8d:eb:27:21:55:74:f6:99:b3:5d:c5:
58:97:17:92:62:31:b8:d3:df:9e:f8:34:de:dd:44:78:18:92:
aa:d6:86:8e:bb:e9:92:82:92:d2:e1:c4:3c:64:4f:4f:56:e9:
97:13:ea:bb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuuOPPW3CLRjcDOyMqRgBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZGFmZDYzNjA2MzZhNjMyNzc0N2EwNzA4MGY3ZjJlNWUz
MmNlODUwHhcNMjMwMTAxMTkwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDU2NzM1NGRkYWY4YzRjYjI3NmVkODczYzFiY2Q0ODY2MWE0ODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBzdxMIsD87pHwR0G2A9nVXdCt8r
CL9v41YhxD/F1L1hq3BNJ9hgd96HJYiIl7AY6QGozCntM0R9SAnXgxuj7+8TK2KT
+GtV8oDlXZcR4J/BOWlncW6v/BDRLi6iQmCwjmjlqRkr5u220//dBqhKqt1cSmiD
7RZiJeHQJYrbvl3l53jtLiqKJDIli2sBsBLl1GO+qYIp/WEcpSNq/T9U3/m0VkbA
hcX8do1sQTvN5Afwc0Y/OC5yjajwwppG1RsHDMBwfCe8h34tN/9+jfaQsR1s8D82
LvMcF0xrAybnam7xuapf89UrJ4dmg/MTN6eAQfiMWwXGZtSk6xDplFCisQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPRWc1Tdr4xMsnbthzwbzUhmGkh5MB8GA1UdIwQY
MBaAFGja/WNgY2pjJ3R6BwgPfy5eMs6FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5yOVkyQmphbU1uZEhvSENBOV9MbDR5em9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi82MDEzNjAtYWRiOS00Y2I1LTg2ZDkt
MmJiMjM3N2U1YTFjLzEvOUZaelZOMnZqRXl5ZHUySFBCdk5TR1lhU0hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi82MDEzNjAtYWRiOS00Y2I1LTg2ZDktMmJiMjM3N2U1YTFj
LzEvYU5yOVkyQmphbU1uZEhvSENBOV9MbDR5em9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW9qYMA8E
AgACMAkDBwAgAQZ4BfQwDQYJKoZIhvcNAQELBQADggEBADxN6rqa0Zpt3s3gxVsm
OJtVcPgLtq3pIET03tqlqoUaQguMt2dypdQHJKAAmViZMx47NaFB6Gy1Wc52P01g
EVDkwJENyU3TcjPNjcTJw5oN2U0C5IuTvp2sctGe/KBxayGu8CqXuyKbbCj/ubN9
TYlWwY90Y8r9EdOg8NK5oHwTJNlMeYj09xqpuankhfXfl3FEcl32rgs50ucwYoPc
2keJIhef2yV3xDcbwpXGNqTC//oXeubJlxV3s3YrrkLJk/VubLGA+ZZzjEqGCsqN
6ychVXT2mbNdxViXF5JiMbjT3574NN7dRHgYkqrWho676ZKCktLhxDxkT09W6ZcT
6rs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:21 2024 by rpki-client on console-ams.rpki-client.org