Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/pyDslYz0oP4xx8_XoTK1ubObz0s.roa
File: pyDslYz0oP4xx8_XoTK1ubObz0s.roa (raw, json)
Hash identifier: Us6beTc0Zf/q7y9J71u1Xvew1fx0JKdamo/3MRdySdo=
Subject key identifier: A7:20:EC:95:8C:F4:A0:FE:31:C7:CF:D7:A1:32:B5:B9:B3:9B:CF:4B
Certificate issuer: /CN=923603c981868916b0b1701dcf3720caa2484fdc
Certificate serial: 01857227E1ADFBF2A824AB75BFD0CFCE5850
Authority key identifier: 92:36:03:C9:81:86:89:16:B0:B1:70:1D:CF:37:20:CA:A2:48:4F:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kjYDyYGGiRawsXAdzzcgyqJIT9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/pyDslYz0oP4xx8_XoTK1ubObz0s.roa
Signing time: Mon 02 Jan 2023 11:04:54 +0000
ROA not before: Mon 02 Jan 2023 11:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16044
IP address blocks: 91.226.252.0/24 maxlen: 24
91.226.252.0/22 maxlen: 22
91.226.253.0/24 maxlen: 24
91.226.254.0/24 maxlen: 24
91.226.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jan 2023 10:03:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:e1:ad:fb:f2:a8:24:ab:75:bf:d0:cf:ce:58:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=923603c981868916b0b1701dcf3720caa2484fdc
Validity
Not Before: Jan 2 11:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a720ec958cf4a0fe31c7cfd7a132b5b9b39bcf4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:12:10:9d:c4:da:39:31:10:fd:80:a2:09:57:
67:72:10:cc:92:14:99:51:68:9d:5e:91:dc:09:2e:
9b:56:94:be:be:69:7c:4a:a9:07:df:73:88:bf:c7:
94:90:e9:c3:e4:39:34:8a:4e:6a:64:1a:57:0e:ea:
ab:90:af:71:08:13:41:4c:99:b7:0e:81:19:1c:e2:
54:d8:a8:97:21:4c:de:5b:d9:2a:b5:c0:dc:43:ca:
a9:ac:02:7c:f7:f2:8c:98:2a:1c:38:06:12:4b:00:
25:4a:75:e2:27:c9:d7:c2:3a:00:73:82:59:8f:cf:
52:87:75:08:b2:94:ab:43:f5:0b:37:00:39:6c:1b:
3d:98:bf:0a:d0:a7:96:6f:19:19:a0:73:dd:dc:e1:
de:88:81:21:74:59:e9:61:cd:fa:63:f4:62:ce:97:
24:9b:f0:03:f1:90:13:77:a7:7f:9e:7f:f9:c4:3c:
65:1b:84:db:6b:b7:5e:5e:9f:6a:35:92:c2:18:96:
b0:8b:bb:fa:5f:3a:b6:c1:19:ed:d6:df:fd:c2:f5:
bd:fb:a1:45:fb:bf:08:8d:6a:09:05:4f:b7:36:16:
34:70:8f:2d:26:39:69:64:66:b1:fb:5e:21:ac:66:
03:bd:39:1b:43:23:42:8b:51:f5:ff:8d:0e:89:e4:
80:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:20:EC:95:8C:F4:A0:FE:31:C7:CF:D7:A1:32:B5:B9:B3:9B:CF:4B
X509v3 Authority Key Identifier:
keyid:92:36:03:C9:81:86:89:16:B0:B1:70:1D:CF:37:20:CA:A2:48:4F:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjYDyYGGiRawsXAdzzcgyqJIT9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/pyDslYz0oP4xx8_XoTK1ubObz0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/kjYDyYGGiRawsXAdzzcgyqJIT9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.252.0/22
Signature Algorithm: sha256WithRSAEncryption
22:05:dd:ba:e8:bf:fb:43:11:27:d4:29:bf:7c:2f:1a:5d:a6:
b8:ef:9a:c5:14:df:e3:89:71:16:79:70:39:7b:8c:bb:32:53:
42:27:d1:3d:62:7f:df:3e:b0:c2:90:bc:1a:f1:99:b8:6a:cb:
db:a0:53:37:7b:4c:c6:73:c1:5d:51:22:85:8a:d9:e5:ef:5d:
84:81:bf:58:90:86:95:b5:88:27:3d:c3:50:43:d3:0c:ac:d0:
68:31:8f:bc:8d:f3:51:69:45:0c:24:83:9c:de:71:fc:a9:de:
22:39:ac:43:e4:3a:06:94:f3:44:3d:a9:8a:4c:e0:b4:13:5e:
36:4f:ec:c6:80:6b:63:45:b0:f1:64:a4:b8:e7:09:91:a3:d3:
b9:dc:9b:8a:40:56:6d:71:95:d1:79:7d:04:cb:8d:63:83:87:
d3:05:68:03:43:a2:de:c1:c1:fe:de:b7:38:ed:c1:a5:2a:a1:
61:bb:e0:a3:8d:53:85:6b:99:d2:d8:35:f8:95:bc:fa:48:22:
cd:4e:42:93:de:73:8e:be:12:e9:b6:dd:e8:87:58:cf:49:89:
5e:84:23:d3:88:6b:23:60:e9:83:73:ec:38:64:53:af:25:e3:
f2:16:6b:5e:16:d5:e9:d1:86:5f:ce:14:35:70:f1:dc:d7:b1:
b9:24:f8:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyJ+Gt+/KoJKt1v9DPzlhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMzYwM2M5ODE4Njg5MTZiMGIxNzAxZGNmMzcyMGNhYTI0
ODRmZGMwHhcNMjMwMTAyMTEwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzIwZWM5NThjZjRhMGZlMzFjN2NmZDdhMTMyYjViOWIzOWJjZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRIQncTaOTEQ/YCiCVdnchDMkhSZ
UWidXpHcCS6bVpS+vml8SqkH33OIv8eUkOnD5Dk0ik5qZBpXDuqrkK9xCBNBTJm3
DoEZHOJU2KiXIUzeW9kqtcDcQ8qprAJ89/KMmCocOAYSSwAlSnXiJ8nXwjoAc4JZ
j89Sh3UIspSrQ/ULNwA5bBs9mL8K0KeWbxkZoHPd3OHeiIEhdFnpYc36Y/Rizpck
m/AD8ZATd6d/nn/5xDxlG4Tba7deXp9qNZLCGJawi7v6Xzq2wRnt1t/9wvW9+6FF
+78IjWoJBU+3NhY0cI8tJjlpZGax+14hrGYDvTkbQyNCi1H1/40OieSAtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKcg7JWM9KD+McfP16Eytbmzm89LMB8GA1UdIwQY
MBaAFJI2A8mBhokWsLFwHc83IMqiSE/cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pZRHlZR0dpUmF3c1hBZHp6Y2d5cUpJVDl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9hZjI2NzEtMDUxOC00MTlmLTk5ZTAt
YTMxOTllYThkMTNlLzEvcHlEc2xZejBvUDR4eDhfWG9USzF1Yk9iejBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9hZjI2NzEtMDUxOC00MTlmLTk5ZTAtYTMxOTllYThkMTNl
LzEva2pZRHlZR0dpUmF3c1hBZHp6Y2d5cUpJVDl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+L8MA0G
CSqGSIb3DQEBCwUAA4IBAQAiBd266L/7QxEn1Cm/fC8aXaa475rFFN/jiXEWeXA5
e4y7MlNCJ9E9Yn/fPrDCkLwa8Zm4asvboFM3e0zGc8FdUSKFitnl712Egb9YkIaV
tYgnPcNQQ9MMrNBoMY+8jfNRaUUMJIOc3nH8qd4iOaxD5DoGlPNEPamKTOC0E142
T+zGgGtjRbDxZKS45wmRo9O53JuKQFZtcZXReX0Ey41jg4fTBWgDQ6LewcH+3rc4
7cGlKqFhu+CjjVOFa5nS2DX4lbz6SCLNTkKT3nOOvhLptt3oh1jPSYlehCPTiGsj
YOmDc+w4ZFOvJePyFmteFtXp0YZfzhQ1cPHc17G5JPgh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:04 2024 by rpki-client on console-ams.rpki-client.org