Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/46bece-502f-4f0d-b724-1097da9ddf27/1/ig1uuYMJY2Kl1wI7o-G5NQtReK0.roa
File: ig1uuYMJY2Kl1wI7o-G5NQtReK0.roa (raw, json)
Hash identifier: lVI9Ra60RgdluUBB8/a7371w6NJO+5Bbqwbaj9IR4G0=
Subject key identifier: 8A:0D:6E:B9:83:09:63:62:A5:D7:02:3B:A3:E1:B9:35:0B:51:78:AD
Certificate issuer: /CN=8afbc64d593fc073c693143566310295de0a8337
Certificate serial: 01856FC24E1846E1C2CFC0A8A24FC15CC9E0
Authority key identifier: 8A:FB:C6:4D:59:3F:C0:73:C6:93:14:35:66:31:02:95:DE:0A:83:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ivvGTVk_wHPGkxQ1ZjECld4Kgzc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/46bece-502f-4f0d-b724-1097da9ddf27/1/ig1uuYMJY2Kl1wI7o-G5NQtReK0.roa
Signing time: Sun 01 Jan 2023 23:54:43 +0000
ROA not before: Sun 01 Jan 2023 23:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202288
IP address blocks: 91.244.245.0/24 maxlen: 24
2001:678:728::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:4e:18:46:e1:c2:cf:c0:a8:a2:4f:c1:5c:c9:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8afbc64d593fc073c693143566310295de0a8337
Validity
Not Before: Jan 1 23:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a0d6eb983096362a5d7023ba3e1b9350b5178ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:84:19:f2:9c:23:4d:3e:0d:aa:54:c1:2b:62:
9e:2e:c6:f8:ff:f0:b7:21:ab:9b:e1:ef:11:7a:fe:
09:47:11:5e:43:cb:e3:54:12:a5:9a:4e:ad:aa:bd:
b1:8a:2b:eb:fe:e4:af:3e:94:02:c1:37:da:78:62:
6f:e9:8f:eb:6e:02:2b:c6:e1:01:a2:9c:5d:94:da:
ec:09:d4:93:f8:57:d9:60:55:3e:f8:89:c3:f0:eb:
90:d1:37:83:d9:5a:3a:c3:1c:16:3b:7e:c3:01:5a:
e1:cd:10:df:e6:ee:08:0f:59:5e:54:7e:d2:c6:9c:
44:85:a2:6d:e3:4a:7f:a1:44:24:7b:21:31:d4:4b:
3f:b9:b3:a7:95:df:35:10:4d:40:30:3a:7a:91:c5:
bf:f4:5e:e6:0d:3b:e4:1c:e9:92:19:11:f9:a0:de:
94:0d:a6:f9:19:2b:00:fa:1d:74:b3:c7:0e:90:a4:
36:2f:97:0a:7b:8c:2c:d7:c3:96:a3:f8:1a:cd:ca:
66:a6:e0:df:19:b7:08:cd:95:1d:79:95:97:31:7a:
85:da:74:31:22:3f:8a:6a:f3:83:1c:8e:0a:f9:31:
6d:83:6e:0d:3e:53:34:b6:59:52:a0:09:b1:81:f1:
11:e0:10:4e:02:d8:7b:ab:08:93:73:22:21:fa:92:
a0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:0D:6E:B9:83:09:63:62:A5:D7:02:3B:A3:E1:B9:35:0B:51:78:AD
X509v3 Authority Key Identifier:
keyid:8A:FB:C6:4D:59:3F:C0:73:C6:93:14:35:66:31:02:95:DE:0A:83:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ivvGTVk_wHPGkxQ1ZjECld4Kgzc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/46bece-502f-4f0d-b724-1097da9ddf27/1/ig1uuYMJY2Kl1wI7o-G5NQtReK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/46bece-502f-4f0d-b724-1097da9ddf27/1/ivvGTVk_wHPGkxQ1ZjECld4Kgzc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.244.245.0/24
IPv6:
2001:678:728::/48
Signature Algorithm: sha256WithRSAEncryption
39:ef:64:6f:66:4e:00:8f:13:63:bf:c5:43:c5:68:02:9d:b1:
d6:4d:71:67:e1:1e:7f:8a:65:a2:fe:f0:d7:12:45:02:48:17:
f2:06:4c:29:b2:b4:c8:e6:fc:d2:86:62:a8:7a:95:52:91:36:
b8:e7:36:6b:56:89:f8:ec:26:24:9f:d6:0f:86:4b:6c:3a:f8:
56:e7:5a:ea:45:40:38:1b:b4:42:7d:2d:93:70:9b:4e:4d:77:
bb:74:e5:b0:87:bd:1b:8a:af:f4:54:19:35:71:3b:72:a1:bf:
fe:50:8e:ed:f4:a3:39:ef:67:d7:89:c2:c4:7c:5b:33:9d:b7:
ab:01:2f:5b:cc:5c:71:24:cc:d7:16:4b:30:1d:d8:3e:c3:8b:
76:da:25:8d:62:03:ea:de:47:d0:1e:b4:99:d7:9d:8e:25:a2:
04:a8:6b:fd:74:73:43:72:38:b5:00:56:b4:7e:2c:c0:28:51:
b1:02:3a:b6:58:e2:9e:e7:66:40:15:6f:67:48:25:95:7a:81:
a6:b0:e7:d6:9b:aa:59:56:bb:80:28:be:15:6c:a7:f2:33:b6:
c8:74:67:05:6e:71:4a:14:75:80:2a:69:dd:52:f7:17:00:e5:
90:e5:38:19:12:6e:34:48:44:d3:af:6f:6b:8d:52:04:3b:ad:
3d:85:11:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvwk4YRuHCz8Cook/BXMngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZmJjNjRkNTkzZmMwNzNjNjkzMTQzNTY2MzEwMjk1ZGUw
YTgzMzcwHhcNMjMwMTAxMjM1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTBkNmViOTgzMDk2MzYyYTVkNzAyM2JhM2UxYjkzNTBiNTE3OGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoQZ8pwjTT4NqlTBK2KeLsb4//C3
Iaub4e8Rev4JRxFeQ8vjVBKlmk6tqr2xiivr/uSvPpQCwTfaeGJv6Y/rbgIrxuEB
opxdlNrsCdST+FfZYFU++InD8OuQ0TeD2Vo6wxwWO37DAVrhzRDf5u4ID1leVH7S
xpxEhaJt40p/oUQkeyEx1Es/ubOnld81EE1AMDp6kcW/9F7mDTvkHOmSGRH5oN6U
Dab5GSsA+h10s8cOkKQ2L5cKe4ws18OWo/gazcpmpuDfGbcIzZUdeZWXMXqF2nQx
Ij+KavODHI4K+TFtg24NPlM0tllSoAmxgfER4BBOAth7qwiTcyIh+pKgQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIoNbrmDCWNipdcCO6PhuTULUXitMB8GA1UdIwQY
MBaAFIr7xk1ZP8BzxpMUNWYxApXeCoM3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXZ2R1RWa193SFBHa3hRMVpqRUNsZDRLZ3pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC80NmJlY2UtNTAyZi00ZjBkLWI3MjQt
MTA5N2RhOWRkZjI3LzEvaWcxdXVZTUpZMktsMXdJN28tRzVOUXRSZUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC80NmJlY2UtNTAyZi00ZjBkLWI3MjQtMTA5N2RhOWRkZjI3
LzEvaXZ2R1RWa193SFBHa3hRMVpqRUNsZDRLZ3pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW/T1MA8E
AgACMAkDBwAgAQZ4BygwDQYJKoZIhvcNAQELBQADggEBADnvZG9mTgCPE2O/xUPF
aAKdsdZNcWfhHn+KZaL+8NcSRQJIF/IGTCmytMjm/NKGYqh6lVKRNrjnNmtWifjs
JiSf1g+GS2w6+FbnWupFQDgbtEJ9LZNwm05Nd7t05bCHvRuKr/RUGTVxO3Khv/5Q
ju30oznvZ9eJwsR8WzOdt6sBL1vMXHEkzNcWSzAd2D7Di3baJY1iA+reR9AetJnX
nY4logSoa/10c0NyOLUAVrR+LMAoUbECOrZY4p7nZkAVb2dIJZV6gaaw59abqllW
u4AovhVsp/Iztsh0ZwVucUoUdYAqad1S9xcA5ZDlOBkSbjRIRNOvb2uNUgQ7rT2F
ERk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:28 2024 by rpki-client on console-fra.rpki-client.org