Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/9d0245-7855-4031-9648-54628dfcba4c/1/tI-favDVX33Qg7x4CQMhAFZhhug.roa
File: tI-favDVX33Qg7x4CQMhAFZhhug.roa (raw, json)
Hash identifier: qvuCZtOPvsJ2iu+5P0EbI1Y22eK4IlN++gzOWpJwf/A=
Subject key identifier: B4:8F:9F:6A:F0:D5:5F:7D:D0:83:BC:78:09:03:21:00:56:61:86:E8
Certificate issuer: /CN=0a84e473aa564eb51a7e7eb8b18f14ac0cbc2c9c
Certificate serial: 0185BB53AEB0F75EF160BEA4B780815ECD35
Authority key identifier: 0A:84:E4:73:AA:56:4E:B5:1A:7E:7E:B8:B1:8F:14:AC:0C:BC:2C:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CoTkc6pWTrUafn64sY8UrAy8LJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/9d0245-7855-4031-9648-54628dfcba4c/1/tI-favDVX33Qg7x4CQMhAFZhhug.roa
Signing time: Mon 16 Jan 2023 16:05:01 +0000
ROA not before: Mon 16 Jan 2023 16:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200000
IP address blocks: 91.222.136.0/22 maxlen: 22
194.247.12.0/23 maxlen: 23
91.206.200.0/23 maxlen: 23
2001:67c:2070::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bb:53:ae:b0:f7:5e:f1:60:be:a4:b7:80:81:5e:cd:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a84e473aa564eb51a7e7eb8b18f14ac0cbc2c9c
Validity
Not Before: Jan 16 16:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b48f9f6af0d55f7dd083bc7809032100566186e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:59:5c:e6:7a:36:5d:0a:4c:9b:e6:2a:11:ce:
81:3b:88:6f:b2:fa:28:65:11:22:9c:78:de:91:5c:
57:0b:c9:c4:39:ea:19:7c:0c:46:6c:4b:75:37:50:
00:2a:16:99:50:2f:53:5a:7c:fb:77:04:6c:88:f8:
9b:38:3b:32:2d:ae:16:8c:3b:54:40:d9:2e:b4:e2:
5d:39:0e:83:b9:d3:fd:06:03:91:2f:40:40:8f:0c:
d9:4e:3f:cb:a4:11:fa:27:0b:df:f8:62:c9:fd:6c:
ee:ec:d2:a9:0c:33:1b:a1:34:93:ca:48:2e:fb:df:
2f:10:64:be:40:bc:06:9b:76:c3:4e:db:c8:fb:c3:
2c:0d:d5:89:6f:fc:02:c5:97:39:2c:af:2a:bc:fa:
14:e3:59:56:7a:60:9a:a4:86:86:46:be:af:8b:7e:
5a:49:b6:2e:19:b5:62:9c:df:41:cd:0e:38:4f:da:
5c:0c:e8:fc:57:90:97:39:33:f5:0c:45:27:ad:22:
78:4c:1d:09:57:6c:d4:20:10:5c:52:50:6d:1b:62:
43:66:e7:be:28:ec:77:8d:94:a5:d8:08:79:e3:1c:
25:65:a8:6e:0b:31:e2:56:56:ca:00:2a:20:60:3c:
20:51:fe:d7:72:cb:3f:7f:88:85:cb:4b:8b:66:15:
aa:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:8F:9F:6A:F0:D5:5F:7D:D0:83:BC:78:09:03:21:00:56:61:86:E8
X509v3 Authority Key Identifier:
keyid:0A:84:E4:73:AA:56:4E:B5:1A:7E:7E:B8:B1:8F:14:AC:0C:BC:2C:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoTkc6pWTrUafn64sY8UrAy8LJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9d0245-7855-4031-9648-54628dfcba4c/1/tI-favDVX33Qg7x4CQMhAFZhhug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9d0245-7855-4031-9648-54628dfcba4c/1/CoTkc6pWTrUafn64sY8UrAy8LJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.200.0/23
91.222.136.0/22
194.247.12.0/23
IPv6:
2001:67c:2070::/48
Signature Algorithm: sha256WithRSAEncryption
74:ba:44:0f:af:ec:ef:9f:bf:38:7e:9e:0a:76:8a:df:a6:51:
8a:c3:5f:3a:94:38:9f:1b:1d:84:fa:37:e2:b8:ef:28:e9:ba:
46:b4:94:1f:64:ad:9f:63:17:a1:f1:18:1c:d4:d8:29:c7:d6:
3e:fa:33:e7:0c:af:54:52:4a:99:23:3e:e2:be:ab:2f:82:1f:
9d:6a:75:25:de:89:a9:24:cf:39:4a:e5:62:ad:c5:55:17:73:
b7:b2:4c:be:c3:74:57:52:55:16:d2:94:ff:da:af:06:ed:88:
f6:7e:4b:70:5f:a4:11:5d:33:92:40:8a:1d:b4:a3:ca:f8:1e:
32:fe:5f:67:8a:51:6c:47:ba:30:92:07:73:8f:d3:56:a5:be:
cc:8c:4b:b2:7d:30:35:27:e4:41:a7:de:30:0e:56:98:89:24:
31:9b:5b:26:0a:f1:39:c1:f5:f2:58:45:7b:85:7f:35:d7:73:
1d:bb:54:0b:12:9f:29:33:ad:a7:3f:5f:69:79:15:f7:4c:73:
d9:4c:fd:b9:9c:be:2a:f7:0c:16:a7:5c:ba:f1:43:2a:e4:ab:
fa:4c:69:f7:6b:87:2d:c1:fd:d5:92:80:ad:d2:97:c7:83:10:
3f:74:b0:4c:2a:15:e5:04:bb:01:db:91:d5:1e:fd:f0:ec:d5:
98:41:60:b2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYW7U66w917xYL6kt4CBXs01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODRlNDczYWE1NjRlYjUxYTdlN2ViOGIxOGYxNGFjMGNi
YzJjOWMwHhcNMjMwMTE2MTYwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDhmOWY2YWYwZDU1ZjdkZDA4M2JjNzgwOTAzMjEwMDU2NjE4NmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7llc5no2XQpMm+YqEc6BO4hvsvoo
ZREinHjekVxXC8nEOeoZfAxGbEt1N1AAKhaZUC9TWnz7dwRsiPibODsyLa4WjDtU
QNkutOJdOQ6DudP9BgORL0BAjwzZTj/LpBH6Jwvf+GLJ/Wzu7NKpDDMboTSTykgu
+98vEGS+QLwGm3bDTtvI+8MsDdWJb/wCxZc5LK8qvPoU41lWemCapIaGRr6vi35a
SbYuGbVinN9BzQ44T9pcDOj8V5CXOTP1DEUnrSJ4TB0JV2zUIBBcUlBtG2JDZue+
KOx3jZSl2Ah54xwlZahuCzHiVlbKACogYDwgUf7Xcss/f4iFy0uLZhWqRwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLSPn2rw1V990IO8eAkDIQBWYYboMB8GA1UdIwQY
MBaAFAqE5HOqVk61Gn5+uLGPFKwMvCycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29Ua2M2cFdUclVhZm42NHNZOFVyQXk4TEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy85ZDAyNDUtNzg1NS00MDMxLTk2NDgt
NTQ2MjhkZmNiYTRjLzEvdEktZmF2RFZYMzNRZzd4NENRTWhBRlpoaHVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy85ZDAyNDUtNzg1NS00MDMxLTk2NDgtNTQ2MjhkZmNiYTRj
LzEvQ29Ua2M2cFdUclVhZm42NHNZOFVyQXk4TEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBW87IAwQC
W96IAwQBwvcMMA8EAgACMAkDBwAgAQZ8IHAwDQYJKoZIhvcNAQELBQADggEBAHS6
RA+v7O+fvzh+ngp2it+mUYrDXzqUOJ8bHYT6N+K47yjpuka0lB9krZ9jF6HxGBzU
2CnH1j76M+cMr1RSSpkjPuK+qy+CH51qdSXeiakkzzlK5WKtxVUXc7eyTL7DdFdS
VRbSlP/arwbtiPZ+S3BfpBFdM5JAih20o8r4HjL+X2eKUWxHujCSB3OP01alvsyM
S7J9MDUn5EGn3jAOVpiJJDGbWyYK8TnB9fJYRXuFfzXXcx27VAsSnykzrac/X2l5
FfdMc9lM/bmcvir3DBanXLrxQyrkq/pMafdrhy3B/dWSgK3Sl8eDED90sEwqFeUE
uwHbkdUe/fDs1ZhBYLI=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:28 2024 by rpki-client on console-fra.rpki-client.org