Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/45ad5b-3ce1-48f1-bef7-641cfb6e3d9b/1/Cw0nxQ4cWXhLR4C7GoaQi7ROrmQ.roa
File: Cw0nxQ4cWXhLR4C7GoaQi7ROrmQ.roa (raw, json)
Hash identifier: BAy7AsJF4vcwZUJRIL5b55MbiU1a9OiYcRUZvo5avfk=
Subject key identifier: 0B:0D:27:C5:0E:1C:59:78:4B:47:80:BB:1A:86:90:8B:B4:4E:AE:64
Certificate issuer: /CN=a4e7777c7afb7d439b46f681c4c7bf6a8252e315
Certificate serial: 018572E82382C97146182A1FB73185F82F3B
Authority key identifier: A4:E7:77:7C:7A:FB:7D:43:9B:46:F6:81:C4:C7:BF:6A:82:52:E3:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOd3fHr7fUObRvaBxMe_aoJS4xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/45ad5b-3ce1-48f1-bef7-641cfb6e3d9b/1/Cw0nxQ4cWXhLR4C7GoaQi7ROrmQ.roa
Signing time: Mon 02 Jan 2023 14:34:54 +0000
ROA not before: Mon 02 Jan 2023 14:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31424
IP address blocks: 91.202.120.0/22 maxlen: 22
2001:67c:2e38::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:23:82:c9:71:46:18:2a:1f:b7:31:85:f8:2f:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7777c7afb7d439b46f681c4c7bf6a8252e315
Validity
Not Before: Jan 2 14:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b0d27c50e1c59784b4780bb1a86908bb44eae64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:30:b7:ae:f5:8d:06:b2:75:4d:b0:88:20:8c:
a6:c2:3c:57:9f:d1:fa:b5:9a:20:f1:99:ab:9a:eb:
61:1c:36:30:98:c1:6e:94:cd:dd:c7:43:4b:3d:46:
01:c8:cf:52:f0:67:d0:8e:96:d7:0b:04:83:aa:30:
af:61:42:17:7f:a1:9d:14:e5:1b:b4:60:ae:6e:7d:
6e:83:6e:6e:9b:e3:43:5d:88:de:e3:72:11:77:f1:
05:b3:7a:03:42:8a:b0:43:c9:ef:68:ac:54:c7:e4:
bc:6c:5c:68:e3:c9:02:3a:eb:fe:0e:0c:c1:71:bf:
34:1c:63:7b:da:ea:31:69:d6:02:4a:de:7d:6b:c1:
5c:91:08:cd:37:8f:c1:dd:94:2b:b4:cd:4a:99:ad:
dd:8a:c0:4a:82:49:07:3d:a3:3a:57:9d:87:3b:5e:
f5:42:0b:d2:6a:1f:1a:d9:93:74:a6:d0:ee:1b:bd:
30:7a:ee:3f:69:c6:05:dd:cf:0e:2a:ea:4d:0a:a4:
55:a4:d4:4f:b6:4b:e1:27:25:12:ab:81:0e:2f:90:
68:66:3a:50:06:9d:79:8d:08:f3:f8:c8:60:d5:a8:
25:68:3c:ad:d3:59:87:5c:13:a1:7f:b1:55:df:a1:
ac:7e:db:89:97:97:62:f6:37:87:59:56:5f:2a:6a:
00:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:0D:27:C5:0E:1C:59:78:4B:47:80:BB:1A:86:90:8B:B4:4E:AE:64
X509v3 Authority Key Identifier:
keyid:A4:E7:77:7C:7A:FB:7D:43:9B:46:F6:81:C4:C7:BF:6A:82:52:E3:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOd3fHr7fUObRvaBxMe_aoJS4xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/45ad5b-3ce1-48f1-bef7-641cfb6e3d9b/1/Cw0nxQ4cWXhLR4C7GoaQi7ROrmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/45ad5b-3ce1-48f1-bef7-641cfb6e3d9b/1/pOd3fHr7fUObRvaBxMe_aoJS4xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.120.0/22
IPv6:
2001:67c:2e38::/48
Signature Algorithm: sha256WithRSAEncryption
08:f6:bb:53:bd:c1:a9:67:69:d2:45:78:95:9d:9b:22:66:80:
9f:b2:36:9a:28:45:22:31:1a:e6:69:48:32:9a:58:30:5a:69:
cd:4d:a4:37:4e:2e:93:82:83:71:6e:a5:e1:e2:a3:34:ab:f9:
50:c1:41:62:98:b4:01:1b:64:f5:85:7b:46:ca:ff:2e:a7:52:
6b:42:7f:fe:78:80:ea:91:2c:87:78:14:55:b0:e7:e2:d1:e4:
ff:c4:59:c5:29:6f:1b:e7:12:c0:06:d6:0c:f6:01:af:79:03:
c4:d2:d9:d9:ea:a2:cc:99:f2:8e:be:38:8e:85:a0:69:b7:63:
81:29:5c:bf:53:9c:3c:23:2c:56:ca:81:d8:a6:36:99:01:75:
34:83:24:2c:c4:e7:95:ca:e3:cb:b2:a4:6f:8a:8e:54:53:7e:
0f:9c:00:cc:f6:4b:89:a8:7f:4a:96:7a:ed:78:0f:35:67:d5:
7a:4f:b4:87:51:ce:88:bb:2c:3f:6f:6b:7f:02:a6:d9:33:f5:
03:f2:6b:cf:8f:ec:05:e0:73:44:7f:27:e5:1a:52:8e:b2:19:
17:d7:9b:a8:59:f6:b0:de:99:86:e3:e8:4d:2f:68:d1:cd:33:
6e:4b:f3:76:25:3c:84:33:d3:ab:7f:5e:4a:e9:82:14:bf:26:
84:be:fa:91
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVy6COCyXFGGCoftzGF+C87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTc3NzdjN2FmYjdkNDM5YjQ2ZjY4MWM0YzdiZjZhODI1
MmUzMTUwHhcNMjMwMTAyMTQzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjBkMjdjNTBlMWM1OTc4NGI0NzgwYmIxYTg2OTA4YmI0NGVhZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjC3rvWNBrJ1TbCIIIymwjxXn9H6
tZog8ZmrmuthHDYwmMFulM3dx0NLPUYByM9S8GfQjpbXCwSDqjCvYUIXf6GdFOUb
tGCubn1ug25um+NDXYje43IRd/EFs3oDQoqwQ8nvaKxUx+S8bFxo48kCOuv+DgzB
cb80HGN72uoxadYCSt59a8FckQjNN4/B3ZQrtM1Kma3disBKgkkHPaM6V52HO171
QgvSah8a2ZN0ptDuG70weu4/acYF3c8OKupNCqRVpNRPtkvhJyUSq4EOL5BoZjpQ
Bp15jQjz+Mhg1aglaDyt01mHXBOhf7FV36GsftuJl5di9jeHWVZfKmoADQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAsNJ8UOHFl4S0eAuxqGkIu0Tq5kMB8GA1UdIwQY
MBaAFKTnd3x6+31Dm0b2gcTHv2qCUuMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9kM2ZIcjdmVU9iUnZhQnhNZV9hb0pTNHhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS80NWFkNWItM2NlMS00OGYxLWJlZjct
NjQxY2ZiNmUzZDliLzEvQ3cwbnhRNGNXWGhMUjRDN0dvYVFpN1JPcm1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS80NWFkNWItM2NlMS00OGYxLWJlZjctNjQxY2ZiNmUzZDli
LzEvcE9kM2ZIcjdmVU9iUnZhQnhNZV9hb0pTNHhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW8p4MA8E
AgACMAkDBwAgAQZ8LjgwDQYJKoZIhvcNAQELBQADggEBAAj2u1O9walnadJFeJWd
myJmgJ+yNpooRSIxGuZpSDKaWDBaac1NpDdOLpOCg3FupeHiozSr+VDBQWKYtAEb
ZPWFe0bK/y6nUmtCf/54gOqRLId4FFWw5+LR5P/EWcUpbxvnEsAG1gz2Aa95A8TS
2dnqosyZ8o6+OI6FoGm3Y4EpXL9TnDwjLFbKgdimNpkBdTSDJCzE55XK48uypG+K
jlRTfg+cAMz2S4mof0qWeu14DzVn1XpPtIdRzoi7LD9va38Cptkz9QPya8+P7AXg
c0R/J+UaUo6yGRfXm6hZ9rDemYbj6E0vaNHNM25L83YlPIQz06t/XkrpghS/JoS+
+pE=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:03 2024 by rpki-client on console-fra.rpki-client.org