Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/c4386f-d1be-43c8-992f-2edafc60f2df/1/1H_8SHTO9EizWMMpZveboDt54Qo.roa
File: 1H_8SHTO9EizWMMpZveboDt54Qo.roa (raw, json)
Hash identifier: 5FHlxMTZ0a2ESlgiQC9iLGijQDOi6qJDmT/cBsjcm7A=
Subject key identifier: D4:7F:FC:48:74:CE:F4:48:B3:58:C3:29:66:F7:9B:A0:3B:79:E1:0A
Certificate issuer: /CN=5cb7939ed70c8aea31be493e78e88f4861f53121
Certificate serial: 0185724C78805DE1731CFE86D52DA662469F
Authority key identifier: 5C:B7:93:9E:D7:0C:8A:EA:31:BE:49:3E:78:E8:8F:48:61:F5:31:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XLeTntcMiuoxvkk-eOiPSGH1MSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/c4386f-d1be-43c8-992f-2edafc60f2df/1/1H_8SHTO9EizWMMpZveboDt54Qo.roa
Signing time: Mon 02 Jan 2023 11:44:52 +0000
ROA not before: Mon 02 Jan 2023 11:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24660
IP address blocks: 91.195.44.0/23 maxlen: 23
2001:67c:17a8::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:78:80:5d:e1:73:1c:fe:86:d5:2d:a6:62:46:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cb7939ed70c8aea31be493e78e88f4861f53121
Validity
Not Before: Jan 2 11:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d47ffc4874cef448b358c32966f79ba03b79e10a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b9:05:84:76:74:da:6c:0f:f6:62:1e:2e:c3:
14:9b:b1:2f:ae:d0:20:ca:b3:ed:ca:1b:c5:1d:b0:
f6:5f:47:58:94:76:50:01:ce:f7:6e:34:00:c8:d7:
eb:eb:d5:12:8c:0a:9c:b9:db:be:2e:a7:8f:43:cd:
cf:e8:c7:a1:f5:cb:06:aa:6d:82:fe:09:db:a6:00:
a9:2e:4b:65:06:ac:1c:3e:d8:77:4f:88:bb:84:e0:
15:18:c6:24:39:86:52:d5:ac:a5:ba:24:8b:d2:9b:
ef:fc:28:da:59:e9:1b:00:99:d5:8b:17:89:9b:c9:
de:d8:b4:18:1e:26:8a:4f:0b:b6:e2:de:d2:55:ef:
6e:ca:c0:43:c9:c5:89:09:f5:e6:e4:c1:c8:be:4b:
1e:e3:cc:8e:13:2c:18:bd:7e:92:fc:a1:78:55:da:
7f:7d:37:da:68:f7:01:22:93:21:ff:bd:44:eb:7d:
bd:af:e9:42:b7:6a:d2:8e:eb:f8:44:42:73:71:c1:
06:d6:bf:25:1f:e3:0e:af:f2:02:b4:93:37:50:40:
7c:97:c2:d8:05:44:e8:34:fd:5b:ac:94:54:da:94:
b7:fd:a8:88:00:eb:bd:5b:88:ed:a2:3e:43:ef:65:
c3:32:8f:04:3d:65:17:6f:ed:01:e9:80:47:bb:0c:
bc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:7F:FC:48:74:CE:F4:48:B3:58:C3:29:66:F7:9B:A0:3B:79:E1:0A
X509v3 Authority Key Identifier:
keyid:5C:B7:93:9E:D7:0C:8A:EA:31:BE:49:3E:78:E8:8F:48:61:F5:31:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XLeTntcMiuoxvkk-eOiPSGH1MSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c4386f-d1be-43c8-992f-2edafc60f2df/1/1H_8SHTO9EizWMMpZveboDt54Qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c4386f-d1be-43c8-992f-2edafc60f2df/1/XLeTntcMiuoxvkk-eOiPSGH1MSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.44.0/23
IPv6:
2001:67c:17a8::/48
Signature Algorithm: sha256WithRSAEncryption
41:70:07:ca:f2:84:a6:b5:ef:dc:10:02:c7:d2:ec:1c:17:c0:
fd:ac:bd:31:96:49:57:7b:f8:82:4e:10:ec:56:6f:86:14:a0:
a0:7d:50:fe:82:d2:99:d4:50:ed:f5:7d:7f:b4:a4:2e:36:90:
aa:88:51:80:4d:94:61:e0:60:db:88:77:2a:2b:ad:16:a3:f8:
55:22:06:be:1d:95:ca:c4:93:ae:03:ae:87:73:09:b3:de:36:
5c:e9:05:2e:99:3a:b2:13:c1:2e:8b:2e:3e:0e:e1:ec:df:98:
09:c4:27:aa:c9:0c:48:5c:f2:20:5d:33:77:3a:41:8f:65:49:
7c:22:7b:55:1e:b5:f2:a2:07:29:7e:34:da:48:56:98:00:f9:
d9:99:72:d8:8c:8b:74:39:8a:f2:34:6f:33:7b:77:01:28:1f:
a9:78:c1:6e:45:fe:f5:eb:a0:ff:cf:c0:47:f9:b0:7b:21:81:
45:4c:fd:f8:e6:34:6f:5f:9c:8f:13:13:2e:c9:7b:62:80:86:
72:a0:17:96:1e:ea:08:3c:32:3c:73:e7:0c:41:28:39:ee:e7:
df:c9:90:90:64:3c:6f:2a:ce:fb:33:ef:5c:9f:29:40:18:e9:
85:83:40:1e:41:f3:d5:7e:ac:42:db:dd:a5:3d:0f:85:12:a6:
38:66:14:da
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyTHiAXeFzHP6G1S2mYkafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYjc5MzllZDcwYzhhZWEzMWJlNDkzZTc4ZTg4ZjQ4NjFm
NTMxMjEwHhcNMjMwMTAyMTE0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDdmZmM0ODc0Y2VmNDQ4YjM1OGMzMjk2NmY3OWJhMDNiNzllMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrkFhHZ02mwP9mIeLsMUm7EvrtAg
yrPtyhvFHbD2X0dYlHZQAc73bjQAyNfr69USjAqcudu+LqePQ83P6Meh9csGqm2C
/gnbpgCpLktlBqwcPth3T4i7hOAVGMYkOYZS1ayluiSL0pvv/CjaWekbAJnVixeJ
m8ne2LQYHiaKTwu24t7SVe9uysBDycWJCfXm5MHIvkse48yOEywYvX6S/KF4Vdp/
fTfaaPcBIpMh/71E6329r+lCt2rSjuv4REJzccEG1r8lH+MOr/ICtJM3UEB8l8LY
BUToNP1brJRU2pS3/aiIAOu9W4jtoj5D72XDMo8EPWUXb+0B6YBHuwy8JQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNR//Eh0zvRIs1jDKWb3m6A7eeEKMB8GA1UdIwQY
MBaAFFy3k57XDIrqMb5JPnjoj0hh9TEhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWExlVG50Y01pdW94dmtrLWVPaVBTR0gxTVNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9jNDM4NmYtZDFiZS00M2M4LTk5MmYt
MmVkYWZjNjBmMmRmLzEvMUhfOFNIVE85RWl6V01NcFp2ZWJvRHQ1NFFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9jNDM4NmYtZDFiZS00M2M4LTk5MmYtMmVkYWZjNjBmMmRm
LzEvWExlVG50Y01pdW94dmtrLWVPaVBTR0gxTVNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8MsMA8E
AgACMAkDBwAgAQZ8F6gwDQYJKoZIhvcNAQELBQADggEBAEFwB8ryhKa179wQAsfS
7BwXwP2svTGWSVd7+IJOEOxWb4YUoKB9UP6C0pnUUO31fX+0pC42kKqIUYBNlGHg
YNuIdyorrRaj+FUiBr4dlcrEk64DrodzCbPeNlzpBS6ZOrITwS6LLj4O4ezfmAnE
J6rJDEhc8iBdM3c6QY9lSXwie1UetfKiByl+NNpIVpgA+dmZctiMi3Q5ivI0bzN7
dwEoH6l4wW5F/vXroP/PwEf5sHshgUVM/fjmNG9fnI8TEy7Je2KAhnKgF5Ye6gg8
Mjxz5wxBKDnu59/JkJBkPG8qzvsz71yfKUAY6YWDQB5B89V+rELb3aU9D4USpjhm
FNo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:09 2024 by rpki-client on console-ams.rpki-client.org