Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/NfRWgqP62qDlnQ9GOWypsOaC0VM.roa
File: NfRWgqP62qDlnQ9GOWypsOaC0VM.roa (raw, json)
Hash identifier: S+6EPq0BG/sRguSpr66fOEBloiCVITwnB0vQ2mrFiSs=
Subject key identifier: 35:F4:56:82:A3:FA:DA:A0:E5:9D:0F:46:39:6C:A9:B0:E6:82:D1:53
Certificate issuer: /CN=b91464767773f1239b646bb66bdcf4f7fb1206ce
Certificate serial: 018C77412182C05EF10B55079EFD4B85CA83
Authority key identifier: B9:14:64:76:77:73:F1:23:9B:64:6B:B6:6B:DC:F4:F7:FB:12:06:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRRkdndz8SObZGu2a9z09_sSBs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/NfRWgqP62qDlnQ9GOWypsOaC0VM.roa
Signing time: Sun 17 Dec 2023 10:10:06 +0000
ROA not before: Sun 17 Dec 2023 10:10:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 91.192.4.0/24 maxlen: 24
91.192.5.0/24 maxlen: 24
91.192.6.0/24 maxlen: 24
91.192.7.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:77:41:21:82:c0:5e:f1:0b:55:07:9e:fd:4b:85:ca:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91464767773f1239b646bb66bdcf4f7fb1206ce
Validity
Not Before: Dec 17 10:10:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35f45682a3fadaa0e59d0f46396ca9b0e682d153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7d:f5:34:2f:b8:92:08:58:ea:d2:9a:37:5e:
c1:ae:8b:06:88:d7:fc:38:73:da:ec:03:91:83:68:
94:37:93:66:09:ef:16:20:e5:2d:2a:38:cd:e1:b2:
89:53:17:1c:a4:96:b0:9f:a7:64:db:17:03:7c:75:
84:ec:ed:e6:8e:ae:e9:f1:5a:60:09:f7:65:37:3a:
de:23:2e:3c:21:3b:e1:a8:02:2d:5e:4e:da:ab:28:
51:4b:d0:85:19:ea:a5:cb:e9:8c:f9:0a:7b:9b:e3:
e4:26:fe:0a:91:80:24:61:09:ff:d3:ea:20:27:32:
07:4b:d1:d7:5b:d7:66:79:e5:0c:8c:e1:8a:2c:3a:
62:4e:f1:e8:18:50:a2:c5:30:92:e6:ed:45:9d:7f:
78:b2:41:4c:00:f5:6f:87:f3:12:a7:31:4b:b3:51:
9c:82:81:7b:5a:d0:b9:d2:00:b3:d8:5d:67:79:3e:
38:2d:8b:d7:86:0b:45:3b:f7:8a:d4:ae:f8:f4:11:
dc:b4:da:af:50:ad:54:2f:76:77:9d:0f:38:70:95:
26:ea:0b:a9:9f:82:f8:83:5d:48:c5:2e:12:be:cd:
f6:db:3a:15:ad:be:57:b2:0d:75:70:94:55:31:2e:
08:f0:76:ef:8f:78:ef:94:94:cc:c9:b0:de:02:cd:
bb:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F4:56:82:A3:FA:DA:A0:E5:9D:0F:46:39:6C:A9:B0:E6:82:D1:53
X509v3 Authority Key Identifier:
keyid:B9:14:64:76:77:73:F1:23:9B:64:6B:B6:6B:DC:F4:F7:FB:12:06:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRRkdndz8SObZGu2a9z09_sSBs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/NfRWgqP62qDlnQ9GOWypsOaC0VM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/uRRkdndz8SObZGu2a9z09_sSBs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.4.0/22
Signature Algorithm: sha256WithRSAEncryption
c7:88:43:83:d9:5c:b6:10:1d:28:0a:fe:96:35:de:fa:45:f3:
ba:25:ec:48:11:17:6d:1c:df:8a:a1:75:3b:d5:b8:4f:a7:4d:
af:c9:ee:03:b5:5c:90:a6:52:77:ff:fc:e5:12:51:f2:70:50:
72:7a:f1:7d:64:94:32:be:1e:20:bb:eb:5d:a2:21:ae:49:ee:
83:71:b9:f5:27:be:81:48:10:b6:f3:46:94:a4:87:3b:d7:0a:
d9:11:a2:af:4b:bd:91:fd:bf:1f:9b:05:94:27:24:43:6e:7d:
6f:13:b5:19:81:e8:ad:80:18:4c:aa:d4:24:67:a4:34:6e:c8:
04:b9:f6:a1:b0:d5:55:a3:80:41:8f:cd:43:84:de:ce:e4:63:
04:6e:76:d1:31:97:e6:68:8c:78:9e:08:2b:f3:d9:7c:b1:23:
8f:61:f1:17:90:74:6f:c2:d4:8f:d5:8a:4d:b9:1e:77:11:a4:
07:0f:ab:43:d1:ae:11:50:e8:9b:17:bb:77:45:82:28:40:59:
ea:7c:43:5e:4f:75:bb:63:bf:43:cb:43:dc:87:4a:6e:8a:1d:
64:f8:51:11:16:02:46:60:ec:b3:ed:9d:2b:a2:e0:6c:8b:c3:
e3:68:15:93:87:a3:86:5f:7e:b2:8a:5c:b9:9b:4f:c8:01:92:
02:55:cc:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYx3QSGCwF7xC1UHnv1LhcqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ2NDc2Nzc3M2YxMjM5YjY0NmJiNjZiZGNmNGY3ZmIx
MjA2Y2UwHhcNMjMxMjE3MTAxMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWY0NTY4MmEzZmFkYWEwZTU5ZDBmNDYzOTZjYTliMGU2ODJkMTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX31NC+4kghY6tKaN17BrosGiNf8
OHPa7AORg2iUN5NmCe8WIOUtKjjN4bKJUxccpJawn6dk2xcDfHWE7O3mjq7p8Vpg
CfdlNzreIy48ITvhqAItXk7aqyhRS9CFGeqly+mM+Qp7m+PkJv4KkYAkYQn/0+og
JzIHS9HXW9dmeeUMjOGKLDpiTvHoGFCixTCS5u1FnX94skFMAPVvh/MSpzFLs1Gc
goF7WtC50gCz2F1neT44LYvXhgtFO/eK1K749BHctNqvUK1UL3Z3nQ84cJUm6gup
n4L4g11IxS4Svs322zoVrb5Xsg11cJRVMS4I8Hbvj3jvlJTMybDeAs27YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDX0VoKj+tqg5Z0PRjlsqbDmgtFTMB8GA1UdIwQY
MBaAFLkUZHZ3c/Ejm2Rrtmvc9Pf7EgbOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJSa2RuZHo4U09iWkd1MmE5ejA5X3NTQnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8xM2ZjZDEtZDgwNi00ZTU2LTg1MzMt
NDc1ZGJiYjBjMDhjLzEvTmZSV2dxUDYycURsblE5R09XeXBzT2FDMFZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8xM2ZjZDEtZDgwNi00ZTU2LTg1MzMtNDc1ZGJiYjBjMDhj
LzEvdVJSa2RuZHo4U09iWkd1MmE5ejA5X3NTQnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8AEMA0G
CSqGSIb3DQEBCwUAA4IBAQDHiEOD2Vy2EB0oCv6WNd76RfO6JexIERdtHN+KoXU7
1bhPp02vye4DtVyQplJ3//zlElHycFByevF9ZJQyvh4gu+tdoiGuSe6Dcbn1J76B
SBC280aUpIc71wrZEaKvS72R/b8fmwWUJyRDbn1vE7UZgeitgBhMqtQkZ6Q0bsgE
ufahsNVVo4BBj81DhN7O5GMEbnbRMZfmaIx4nggr89l8sSOPYfEXkHRvwtSP1YpN
uR53EaQHD6tD0a4RUOibF7t3RYIoQFnqfENeT3W7Y79Dy0Pch0puih1k+FERFgJG
YOyz7Z0rouBsi8PjaBWTh6OGX36yily5m0/IAZICVczn
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:37 2024 by rpki-client on console-fra.rpki-client.org