Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/91641b-fc66-4e6d-b9dc-7ef54afc4372/1/y9t5ITEVLgoKN6FKFhFuFoRaztk.roa
File: y9t5ITEVLgoKN6FKFhFuFoRaztk.roa (raw, json)
Hash identifier: hTmoID/5rBvlDGTPzJ7g2P9HfLvDbwa2VMUcBhHJQeg=
Subject key identifier: CB:DB:79:21:31:15:2E:0A:0A:37:A1:4A:16:11:6E:16:84:5A:CE:D9
Certificate issuer: /CN=fce2fd8df1a266ce13457fbe0f938b9abe3aa761
Certificate serial: 018570DE4ADD144536E52A42990BCDEB62C8
Authority key identifier: FC:E2:FD:8D:F1:A2:66:CE:13:45:7F:BE:0F:93:8B:9A:BE:3A:A7:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OL9jfGiZs4TRX--D5OLmr46p2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/91641b-fc66-4e6d-b9dc-7ef54afc4372/1/y9t5ITEVLgoKN6FKFhFuFoRaztk.roa
Signing time: Mon 02 Jan 2023 05:04:54 +0000
ROA not before: Mon 02 Jan 2023 05:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52114
IP address blocks: 91.223.94.0/24 maxlen: 24
2a03:e500:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 06 Aug 2023 09:22:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:4a:dd:14:45:36:e5:2a:42:99:0b:cd:eb:62:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fce2fd8df1a266ce13457fbe0f938b9abe3aa761
Validity
Not Before: Jan 2 05:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbdb792131152e0a0a37a14a16116e16845aced9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:43:92:6d:0c:08:64:43:ba:b6:78:0e:5a:e1:
fd:f4:b3:7a:c9:e7:00:47:a3:61:2f:46:b5:59:84:
8f:38:8a:2c:c9:a8:7b:6b:c1:43:d5:c2:c6:2c:34:
d0:47:19:17:91:09:e6:f1:4b:9e:b1:43:77:b8:71:
4c:86:d0:e1:9a:90:b1:a3:3b:cf:c8:d2:30:e5:de:
22:a0:25:a3:13:65:e4:9a:15:12:e6:99:10:39:02:
fd:5d:29:65:65:a9:c8:da:45:69:0e:1a:11:0f:5d:
be:54:25:9f:74:f6:32:8e:56:8c:af:74:50:0c:40:
99:a2:4c:37:76:d0:02:35:45:aa:d2:20:f6:73:69:
cd:29:32:e2:ad:89:22:0a:86:36:64:2b:e8:33:25:
6e:2d:69:39:66:70:21:6e:dd:b4:fd:b5:1d:80:bb:
b0:18:c3:7f:61:31:fe:d9:37:ce:c2:cd:5d:07:b6:
20:4b:c5:61:06:bb:c6:1c:48:8a:6a:0b:0e:40:0d:
66:3e:56:ae:4a:d0:46:9b:0b:cf:5a:49:53:c6:99:
ca:6b:de:e5:f0:2c:5e:50:55:f7:13:7a:27:ac:42:
59:41:15:c8:49:0a:87:fe:0f:92:b4:04:d6:ef:9f:
8e:50:4f:54:df:06:7d:ff:9e:4b:33:b9:91:d7:cf:
a5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:DB:79:21:31:15:2E:0A:0A:37:A1:4A:16:11:6E:16:84:5A:CE:D9
X509v3 Authority Key Identifier:
keyid:FC:E2:FD:8D:F1:A2:66:CE:13:45:7F:BE:0F:93:8B:9A:BE:3A:A7:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OL9jfGiZs4TRX--D5OLmr46p2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/91641b-fc66-4e6d-b9dc-7ef54afc4372/1/y9t5ITEVLgoKN6FKFhFuFoRaztk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/91641b-fc66-4e6d-b9dc-7ef54afc4372/1/_OL9jfGiZs4TRX--D5OLmr46p2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.94.0/24
IPv6:
2a03:e500:5::/48
Signature Algorithm: sha256WithRSAEncryption
3c:85:ca:7e:91:e1:02:f3:38:8d:b0:11:0a:b1:7e:77:80:a6:
b8:ac:87:36:64:89:9f:3a:20:7a:ff:ed:89:7d:27:09:63:2c:
52:45:71:92:73:88:77:2c:f0:9a:16:6e:96:db:c5:6e:15:ac:
12:29:78:9d:5d:71:9e:92:a2:a2:df:02:4f:88:91:f4:cc:ad:
87:a8:3f:62:2b:9a:cb:80:d7:34:62:66:c4:66:28:c4:bf:db:
8b:57:3b:3f:3d:fd:e7:09:1e:bb:92:57:24:40:09:78:05:30:
d4:1f:5c:f7:29:f8:2c:bf:0e:22:39:ef:52:9f:4c:4d:60:4b:
1b:1a:b7:f0:ab:67:6c:c2:7e:c9:6b:22:a4:93:e3:0c:93:d4:
97:63:99:b0:be:75:13:9d:03:dd:94:d0:27:78:88:da:ea:65:
2f:4a:c6:9e:53:ce:60:e0:2e:0c:81:bb:2f:2c:06:57:2f:fe:
ad:17:a3:6a:9d:20:b0:e0:3f:44:98:96:6f:17:dc:cb:aa:0e:
8f:72:f6:22:3f:09:ef:6a:db:83:13:52:5f:63:68:d5:8e:a5:
74:95:45:55:9c:2b:50:e8:e2:6c:57:16:c0:5a:61:27:38:bc:
db:41:b0:ce:0f:9c:4e:81:8e:92:e7:54:0a:4f:12:d4:06:a1:
31:5a:e0:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVw3krdFEU25SpCmQvN62LIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZTJmZDhkZjFhMjY2Y2UxMzQ1N2ZiZTBmOTM4YjlhYmUz
YWE3NjEwHhcNMjMwMTAyMDUwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmRiNzkyMTMxMTUyZTBhMGEzN2ExNGExNjExNmUxNjg0NWFjZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEOSbQwIZEO6tngOWuH99LN6yecA
R6NhL0a1WYSPOIosyah7a8FD1cLGLDTQRxkXkQnm8UuesUN3uHFMhtDhmpCxozvP
yNIw5d4ioCWjE2XkmhUS5pkQOQL9XSllZanI2kVpDhoRD12+VCWfdPYyjlaMr3RQ
DECZokw3dtACNUWq0iD2c2nNKTLirYkiCoY2ZCvoMyVuLWk5ZnAhbt20/bUdgLuw
GMN/YTH+2TfOws1dB7YgS8VhBrvGHEiKagsOQA1mPlauStBGmwvPWklTxpnKa97l
8CxeUFX3E3onrEJZQRXISQqH/g+StATW75+OUE9U3wZ9/55LM7mR18+lqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMvbeSExFS4KCjehShYRbhaEWs7ZMB8GA1UdIwQY
MBaAFPzi/Y3xombOE0V/vg+Ti5q+OqdhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09MOWpmR2laczRUUlgtLUQ1T0xtcjQ2cDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi85MTY0MWItZmM2Ni00ZTZkLWI5ZGMt
N2VmNTRhZmM0MzcyLzEveTl0NUlURVZMZ29LTjZGS0ZoRnVGb1JhenRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi85MTY0MWItZmM2Ni00ZTZkLWI5ZGMtN2VmNTRhZmM0Mzcy
LzEvX09MOWpmR2laczRUUlgtLUQ1T0xtcjQ2cDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW99eMA8E
AgACMAkDBwAqA+UAAAUwDQYJKoZIhvcNAQELBQADggEBADyFyn6R4QLzOI2wEQqx
fneAprishzZkiZ86IHr/7Yl9JwljLFJFcZJziHcs8JoWbpbbxW4VrBIpeJ1dcZ6S
oqLfAk+IkfTMrYeoP2IrmsuA1zRiZsRmKMS/24tXOz89/ecJHruSVyRACXgFMNQf
XPcp+Cy/DiI571KfTE1gSxsat/CrZ2zCfslrIqST4wyT1JdjmbC+dROdA92U0Cd4
iNrqZS9Kxp5TzmDgLgyBuy8sBlcv/q0Xo2qdILDgP0SYlm8X3MuqDo9y9iI/Ce9q
24MTUl9jaNWOpXSVRVWcK1Do4mxXFsBaYSc4vNtBsM4PnE6BjpLnVApPEtQGoTFa
4Hk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:03 2024 by rpki-client on console-fra.rpki-client.org