Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/xkt5FSaP49yPLpjHbTQGfElciOs.roa
File: xkt5FSaP49yPLpjHbTQGfElciOs.roa (raw, json)
Hash identifier: b/MwW5P9gskQRONgRPbtIUAiOyqHuMYnb27cC7Tptvo=
Subject key identifier: C6:4B:79:15:26:8F:E3:DC:8F:2E:98:C7:6D:34:06:7C:49:5C:88:EB
Certificate issuer: /CN=1a14445259732aa6736c248234465947fc2374d0
Certificate serial: 01897C4901FAA02C8BE66146D3ED81109D7D
Authority key identifier: 1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/xkt5FSaP49yPLpjHbTQGfElciOs.roa
Signing time: Sat 22 Jul 2023 06:28:26 +0000
ROA not before: Sat 22 Jul 2023 06:28:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 91.236.118.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:7c:49:01:fa:a0:2c:8b:e6:61:46:d3:ed:81:10:9d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a14445259732aa6736c248234465947fc2374d0
Validity
Not Before: Jul 22 06:28:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c64b7915268fe3dc8f2e98c76d34067c495c88eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:74:7c:ca:36:ca:48:a7:6d:83:6f:e6:45:9a:
29:af:56:82:db:8a:ea:b9:6b:13:c5:e5:12:90:77:
17:c7:dc:b5:ec:09:8b:6f:44:b2:20:f9:39:68:6c:
8e:f0:a9:59:31:c7:31:7c:90:86:30:ed:69:26:af:
12:3f:c9:64:a8:69:72:5e:74:7b:fc:c1:e7:38:e4:
2c:e6:43:fb:2e:97:90:60:7f:cc:c7:f8:e8:ef:06:
b0:fe:6d:00:55:f5:a5:0a:74:e5:18:46:de:69:6b:
fd:ad:86:f5:b8:42:84:b1:68:53:f8:4f:77:ed:c8:
80:bc:74:c0:67:b5:a1:ce:f9:cb:fb:19:bf:6a:5e:
68:0d:b9:5c:4b:19:3f:32:75:d9:bc:92:68:f3:5e:
d6:3a:78:4d:2b:ef:cd:10:cd:6d:f7:0b:1d:ac:34:
eb:cb:34:77:0f:df:96:5d:82:2d:b9:de:a1:e7:8d:
e6:65:e3:69:fa:6a:67:95:ed:18:f5:42:ea:a1:c3:
61:9c:87:4a:11:50:b3:87:4d:59:04:5c:96:a9:d4:
bc:54:98:5c:84:c4:3b:7c:96:e2:f8:1b:7e:e0:fe:
8d:ca:e3:e6:6d:03:ee:de:46:49:08:21:73:13:10:
6e:3e:de:c4:c3:f3:6a:41:6b:a3:fa:81:a6:06:dd:
5c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4B:79:15:26:8F:E3:DC:8F:2E:98:C7:6D:34:06:7C:49:5C:88:EB
X509v3 Authority Key Identifier:
keyid:1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/xkt5FSaP49yPLpjHbTQGfElciOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.118.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:4f:6e:95:5f:03:d8:1a:d7:66:24:1f:7d:54:3d:4f:38:db:
f2:0f:5c:0f:ca:1b:8d:f5:2a:ba:4d:e9:40:0a:64:59:af:af:
f3:05:8c:d7:6e:95:b1:19:f3:a9:0b:e5:2b:eb:d1:0e:3a:5a:
94:be:40:36:12:04:b2:b1:8e:67:6a:0e:ac:22:bd:4e:0b:3c:
99:2f:f0:fb:d2:b1:ce:f9:f6:e3:98:c6:e7:c2:46:a4:4d:de:
6d:bb:4a:9f:fc:65:18:7a:28:44:d4:2b:da:89:f6:c9:e3:7d:
b5:13:38:07:4f:da:7d:e0:b7:b3:cd:50:de:66:a1:07:b6:73:
fd:1b:75:cb:79:cb:d4:7f:f5:3d:63:65:fd:40:da:3c:38:a9:
a5:32:1f:c7:44:65:84:0a:ec:21:b5:33:22:de:b8:8f:04:83:
23:ca:a1:07:3b:3e:43:3c:9a:f9:1d:1a:aa:e8:0f:f8:fa:28:
aa:c2:75:3e:6e:65:ba:a8:c0:16:1d:9f:17:cd:0c:67:0b:27:
d1:04:93:5e:42:23:af:77:10:63:f9:aa:57:f1:5f:65:47:3f:
2e:c3:6f:eb:f8:c8:7b:90:5a:c6:dd:ca:7d:62:b2:ff:dc:65:
28:16:bc:a8:f1:6a:64:5a:95:07:e2:d8:51:4d:a6:45:70:a1:
ea:d9:df:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl8SQH6oCyL5mFG0+2BEJ19MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTQ0NDUyNTk3MzJhYTY3MzZjMjQ4MjM0NDY1OTQ3ZmMy
Mzc0ZDAwHhcNMjMwNzIyMDYyODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRiNzkxNTI2OGZlM2RjOGYyZTk4Yzc2ZDM0MDY3YzQ5NWM4OGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHR8yjbKSKdtg2/mRZopr1aC24rq
uWsTxeUSkHcXx9y17AmLb0SyIPk5aGyO8KlZMccxfJCGMO1pJq8SP8lkqGlyXnR7
/MHnOOQs5kP7LpeQYH/Mx/jo7waw/m0AVfWlCnTlGEbeaWv9rYb1uEKEsWhT+E93
7ciAvHTAZ7WhzvnL+xm/al5oDblcSxk/MnXZvJJo817WOnhNK+/NEM1t9wsdrDTr
yzR3D9+WXYItud6h543mZeNp+mpnle0Y9ULqocNhnIdKEVCzh01ZBFyWqdS8VJhc
hMQ7fJbi+Bt+4P6NyuPmbQPu3kZJCCFzExBuPt7Ew/NqQWuj+oGmBt1cEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZLeRUmj+Pcjy6Yx200BnxJXIjrMB8GA1UdIwQY
MBaAFBoURFJZcyqmc2wkgjRGWUf8I3TQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMt
MzgxZjIzZjE4M2Q3LzEveGt0NUZTYVA0OXlQTHBqSGJUUUdmRWxjaU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMtMzgxZjIzZjE4M2Q3
LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+x2MA0G
CSqGSIb3DQEBCwUAA4IBAQBLT26VXwPYGtdmJB99VD1PONvyD1wPyhuN9Sq6TelA
CmRZr6/zBYzXbpWxGfOpC+Ur69EOOlqUvkA2EgSysY5nag6sIr1OCzyZL/D70rHO
+fbjmMbnwkakTd5tu0qf/GUYeihE1CvaifbJ4321EzgHT9p94LezzVDeZqEHtnP9
G3XLecvUf/U9Y2X9QNo8OKmlMh/HRGWECuwhtTMi3riPBIMjyqEHOz5DPJr5HRqq
6A/4+iiqwnU+bmW6qMAWHZ8XzQxnCyfRBJNeQiOvdxBj+apX8V9lRz8uw2/r+Mh7
kFrG3cp9YrL/3GUoFryo8WpkWpUH4thRTaZFcKHq2d/C
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:03 2024 by rpki-client on console-ams.rpki-client.org