Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/1-JGErYPg6sBkyrCN1OGVlYCHF0U.roa
File: 1-JGErYPg6sBkyrCN1OGVlYCHF0U.roa (raw, json)
Hash identifier: FbNvQkONRqHvLUPk4P6q9/Q8S2ykt8hGUSX0Wv0RR/o=
Subject key identifier: F8:91:84:AD:83:E0:EA:C0:64:CA:B0:8D:D4:E1:95:95:80:87:17:45
Certificate issuer: /CN=4368330bea2dfe880ffa62f67b566aeae2d287fd
Certificate serial: 01856C9CDC64C39237F63FBFE3D3E279A4BC
Authority key identifier: 43:68:33:0B:EA:2D:FE:88:0F:FA:62:F6:7B:56:6A:EA:E2:D2:87:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/1-JGErYPg6sBkyrCN1OGVlYCHF0U.roa
Signing time: Sun 01 Jan 2023 09:14:57 +0000
ROA not before: Sun 01 Jan 2023 09:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47873
IP address blocks: 91.205.123.0/24 maxlen: 24
91.205.120.0/24 maxlen: 24
91.205.121.0/24 maxlen: 24
91.205.122.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:dc:64:c3:92:37:f6:3f:bf:e3:d3:e2:79:a4:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4368330bea2dfe880ffa62f67b566aeae2d287fd
Validity
Not Before: Jan 1 09:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f89184ad83e0eac064cab08dd4e1959580871745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:75:1b:9b:22:1c:ed:93:b4:9b:cb:78:6b:02:
c4:7c:aa:fc:86:67:38:5a:bc:32:a4:62:89:a1:72:
31:42:f8:6a:3c:6a:1c:ec:2d:82:3f:f0:fb:6c:1a:
ab:f6:3c:9b:b1:89:7c:2b:16:e0:17:06:e7:c1:cb:
0b:2a:bd:c8:7c:3e:97:ef:1f:1a:ae:2c:2d:ad:44:
55:29:c1:3f:ad:cf:8f:0c:db:32:82:ac:4f:b9:f5:
8d:7b:fd:cd:ca:a3:70:9f:0d:34:9d:3a:db:3a:b5:
04:5e:f5:2d:cd:78:37:f8:40:95:56:f0:b4:40:ac:
9a:64:a7:39:3e:b4:e4:85:32:ef:2a:e1:59:67:5b:
55:f6:21:4a:28:74:98:a2:b6:e6:a5:9d:46:77:30:
bf:75:2f:1b:18:8f:1e:67:41:c5:94:c4:a7:85:c7:
09:89:ae:27:12:ca:d0:bb:eb:f6:93:13:1a:9d:f7:
0d:3d:df:28:bb:53:52:2a:7d:09:34:f4:7c:16:39:
d1:c0:18:49:6f:6d:4a:d9:e4:2c:b4:2e:11:a8:47:
5d:ac:11:0c:ba:a4:df:7c:be:0f:c2:26:8e:b4:8d:
37:93:21:12:57:43:0c:8e:4e:8f:76:43:b9:43:38:
19:85:aa:6c:ab:d4:d9:27:2d:8e:4d:6f:1a:05:d1:
52:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:91:84:AD:83:E0:EA:C0:64:CA:B0:8D:D4:E1:95:95:80:87:17:45
X509v3 Authority Key Identifier:
keyid:43:68:33:0B:EA:2D:FE:88:0F:FA:62:F6:7B:56:6A:EA:E2:D2:87:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/1-JGErYPg6sBkyrCN1OGVlYCHF0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.120.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:a7:97:71:8a:7a:50:a4:36:b1:d5:e9:3f:09:1a:a9:13:3d:
4d:97:d0:5c:bc:da:c9:49:fd:7d:ed:c5:c7:ba:6b:e2:8d:c8:
d3:fe:ea:a6:f4:eb:59:4e:52:aa:92:d9:da:3c:d7:29:b0:ae:
ff:7d:14:42:1d:9b:ad:fd:1e:57:cb:0e:65:30:d4:ed:94:cd:
53:79:f2:50:06:bd:6d:11:24:94:f2:84:74:6d:13:11:3a:b4:
db:3b:1a:45:7e:46:fa:e9:3a:aa:49:e4:99:64:49:d6:43:93:
c1:ff:6f:51:6f:f4:05:37:5d:18:e0:b9:69:ba:16:ee:12:bf:
92:e2:aa:73:80:b3:f2:ad:9b:77:ae:d9:a1:18:89:b7:55:59:
80:ad:88:33:b1:de:1d:11:02:97:d8:8d:a9:2a:02:56:30:fa:
6a:f5:f0:b3:ac:53:ae:4c:c2:64:ce:ee:4d:6e:ac:97:77:5d:
fb:61:02:9a:d2:43:a7:dc:e5:fa:78:f5:b7:c1:17:23:46:d6:
31:bc:c7:10:5e:f7:9b:d7:28:fc:d2:79:73:13:e7:67:a0:94:
b8:41:25:d3:68:c8:1c:1e:d9:be:cc:fe:f3:e5:a8:68:02:b8:
28:77:d4:5b:9e:d5:57:19:ad:3e:97:fc:b1:be:19:84:07:51:
26:a2:37:a3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVsnNxkw5I39j+/49PieaS8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNjgzMzBiZWEyZGZlODgwZmZhNjJmNjdiNTY2YWVhZTJk
Mjg3ZmQwHhcNMjMwMTAxMDkxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODkxODRhZDgzZTBlYWMwNjRjYWIwOGRkNGUxOTU5NTgwODcxNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnUbmyIc7ZO0m8t4awLEfKr8hmc4
WrwypGKJoXIxQvhqPGoc7C2CP/D7bBqr9jybsYl8KxbgFwbnwcsLKr3IfD6X7x8a
riwtrURVKcE/rc+PDNsygqxPufWNe/3NyqNwnw00nTrbOrUEXvUtzXg3+ECVVvC0
QKyaZKc5PrTkhTLvKuFZZ1tV9iFKKHSYorbmpZ1GdzC/dS8bGI8eZ0HFlMSnhccJ
ia4nEsrQu+v2kxManfcNPd8ou1NSKn0JNPR8FjnRwBhJb21K2eQstC4RqEddrBEM
uqTffL4PwiaOtI03kyESV0MMjk6PdkO5QzgZhapsq9TZJy2OTW8aBdFSlQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPiRhK2D4OrAZMqwjdThlZWAhxdFMB8GA1UdIwQY
MBaAFENoMwvqLf6ID/pi9ntWauri0of9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTJnekMtb3Rfb2dQLW1MMmUxWnE2dUxTaF8wLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS84ZmMzYjAtOTcwNC00NzUxLWIxNDkt
NWEzN2Y2YTFiY2E5LzEvMS1KR0VyWVBnNnNCa3lyQ04xT0dWbFlDSEYwVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTEvOGZjM2IwLTk3MDQtNDc1MS1iMTQ5LTVhMzdmNmExYmNh
OS8xL1EyZ3pDLW90X29nUC1tTDJlMVpxNnVMU2hfMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlvNeDAN
BgkqhkiG9w0BAQsFAAOCAQEAGqeXcYp6UKQ2sdXpPwkaqRM9TZfQXLzayUn9fe3F
x7pr4o3I0/7qpvTrWU5SqpLZ2jzXKbCu/30UQh2brf0eV8sOZTDU7ZTNU3nyUAa9
bREklPKEdG0TETq02zsaRX5G+uk6qknkmWRJ1kOTwf9vUW/0BTddGOC5aboW7hK/
kuKqc4Cz8q2bd67ZoRiJt1VZgK2IM7HeHRECl9iNqSoCVjD6avXws6xTrkzCZM7u
TW6sl3dd+2ECmtJDp9zl+nj1t8EXI0bWMbzHEF73m9co/NJ5cxPnZ6CUuEEl02jI
HB7Zvsz+8+WoaAK4KHfUW57VVxmtPpf8sb4ZhAdRJqI3ow==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:04 2024 by rpki-client on console-fra.rpki-client.org