Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/3cdd92-724a-4fd8-a5f8-370b3a87bf98/1/_pWhrLyW435G-8761nf3tdas9fU.roa
File: _pWhrLyW435G-8761nf3tdas9fU.roa (raw, json)
Hash identifier: 4deFWMzKAC47uz1mZhH/KgoXVlynHy+WY3xGjSfMTec=
Subject key identifier: FE:95:A1:AC:BC:96:E3:7E:46:FB:CE:FA:D6:77:F7:B5:D6:AC:F5:F5
Certificate issuer: /CN=76ad2abb73df96bcb1b1d1b8d99d35f5b9fd9828
Certificate serial: 018C5EA562AB8434388DE2EDFD43AB5DD6A7
Authority key identifier: 76:AD:2A:BB:73:DF:96:BC:B1:B1:D1:B8:D9:9D:35:F5:B9:FD:98:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dq0qu3PflryxsdG42Z019bn9mCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/3cdd92-724a-4fd8-a5f8-370b3a87bf98/1/_pWhrLyW435G-8761nf3tdas9fU.roa
Signing time: Tue 12 Dec 2023 15:29:06 +0000
ROA not before: Tue 12 Dec 2023 15:29:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215852
IP address blocks: 91.203.31.0/24 maxlen: 24
2001:67c:10bc::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:a5:62:ab:84:34:38:8d:e2:ed:fd:43:ab:5d:d6:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76ad2abb73df96bcb1b1d1b8d99d35f5b9fd9828
Validity
Not Before: Dec 12 15:29:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe95a1acbc96e37e46fbcefad677f7b5d6acf5f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:04:53:7f:6f:fa:e7:63:cf:54:44:1a:d9:f8:
ba:83:05:5a:aa:dd:fe:90:75:dd:f9:03:5f:65:05:
4f:6e:89:5b:bf:5e:38:09:0d:ee:a3:14:62:e2:8c:
11:2d:25:f3:7a:74:c1:f1:1f:0e:aa:d1:2d:25:ca:
82:bb:b3:f5:ba:cd:1a:5d:5d:26:34:29:5c:6c:f1:
ca:29:9d:5f:73:ed:05:95:06:d3:56:f9:9a:06:c3:
74:84:26:96:45:f0:5b:09:16:88:f0:07:ea:07:a1:
11:d5:ed:92:68:8c:59:a0:e7:70:0f:50:a7:d9:9c:
5a:f6:55:c2:b7:0e:0f:e5:62:4c:0d:4a:d8:c1:de:
49:e7:fc:94:e5:ba:46:fe:2b:e7:32:31:9d:2d:11:
1d:56:57:81:8e:f8:c3:16:9a:11:5c:f3:8b:fc:d5:
20:0c:3b:8e:94:e9:15:6f:dc:69:12:06:7a:3e:ba:
a1:fd:b5:75:52:f6:71:84:e4:bb:09:12:12:5d:08:
67:87:5f:cf:d5:32:f6:01:0b:59:7e:5e:a3:51:1b:
40:81:7b:b3:4c:3a:f6:49:6c:6a:31:0f:14:cc:67:
a2:72:42:c3:05:bb:78:36:ac:96:cd:57:1f:f5:f7:
2c:b2:d6:97:78:e3:42:90:fb:e6:79:d0:47:37:fd:
80:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:95:A1:AC:BC:96:E3:7E:46:FB:CE:FA:D6:77:F7:B5:D6:AC:F5:F5
X509v3 Authority Key Identifier:
keyid:76:AD:2A:BB:73:DF:96:BC:B1:B1:D1:B8:D9:9D:35:F5:B9:FD:98:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dq0qu3PflryxsdG42Z019bn9mCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/3cdd92-724a-4fd8-a5f8-370b3a87bf98/1/_pWhrLyW435G-8761nf3tdas9fU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/3cdd92-724a-4fd8-a5f8-370b3a87bf98/1/dq0qu3PflryxsdG42Z019bn9mCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.31.0/24
IPv6:
2001:67c:10bc::/48
Signature Algorithm: sha256WithRSAEncryption
71:8e:41:33:5f:37:f2:25:b3:39:ce:8a:2d:88:e8:bd:a4:59:
b7:9d:23:5a:b1:2a:a6:95:93:c2:36:33:12:cd:a8:36:f3:4e:
67:34:78:9a:00:62:e1:bf:a3:dc:04:dc:79:8c:a6:4a:d8:f1:
5e:74:38:2a:c8:d0:ed:eb:1b:a6:31:42:95:3b:f6:4b:9e:2e:
47:52:c8:d1:ee:57:cb:fb:b0:b2:53:8e:0b:d5:25:9d:f1:5b:
88:cf:95:92:44:1c:37:fd:a0:cc:09:18:46:4c:ec:c5:b7:ac:
b4:d8:8f:8a:fd:62:0e:6e:17:f6:d8:ec:13:df:38:2f:04:93:
5c:61:44:3e:7e:9d:c4:1c:8b:25:cd:7e:68:09:a3:2f:77:77:
80:b9:17:89:a8:cf:02:32:14:ac:37:16:6e:2f:4e:f4:7e:cf:
b0:19:10:ec:33:9e:1e:02:03:60:be:ab:ca:e8:e0:06:55:70:
05:51:ba:d8:2d:ab:a9:d6:ee:6d:83:17:b5:f4:8e:37:bc:02:
e0:96:e9:7f:f7:f6:b4:0a:29:fe:58:26:85:cd:8e:a3:68:13:
04:e5:db:54:13:a5:2e:ed:8e:5c:f5:a6:d8:d8:22:27:3b:4c:
2d:6e:2a:a4:09:b5:06:15:bc:f7:71:c0:8b:9c:cb:11:7c:81:
0d:f5:17:1b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxepWKrhDQ4jeLt/UOrXdanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YWQyYWJiNzNkZjk2YmNiMWIxZDFiOGQ5OWQzNWY1Yjlm
ZDk4MjgwHhcNMjMxMjEyMTUyOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTk1YTFhY2JjOTZlMzdlNDZmYmNlZmFkNjc3ZjdiNWQ2YWNmNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzARTf2/652PPVEQa2fi6gwVaqt3+
kHXd+QNfZQVPbolbv144CQ3uoxRi4owRLSXzenTB8R8OqtEtJcqCu7P1us0aXV0m
NClcbPHKKZ1fc+0FlQbTVvmaBsN0hCaWRfBbCRaI8AfqB6ER1e2SaIxZoOdwD1Cn
2Zxa9lXCtw4P5WJMDUrYwd5J5/yU5bpG/ivnMjGdLREdVleBjvjDFpoRXPOL/NUg
DDuOlOkVb9xpEgZ6Prqh/bV1UvZxhOS7CRISXQhnh1/P1TL2AQtZfl6jURtAgXuz
TDr2SWxqMQ8UzGeickLDBbt4NqyWzVcf9fcsstaXeONCkPvmedBHN/2AvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP6Voay8luN+RvvO+tZ397XWrPX1MB8GA1UdIwQY
MBaAFHatKrtz35a8sbHRuNmdNfW5/ZgoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHEwcXUzUGZscnl4c2RHNDJaMDE5Ym45bUNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8zY2RkOTItNzI0YS00ZmQ4LWE1Zjgt
MzcwYjNhODdiZjk4LzEvX3BXaHJMeVc0MzVHLTg3NjFuZjN0ZGFzOWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8zY2RkOTItNzI0YS00ZmQ4LWE1ZjgtMzcwYjNhODdiZjk4
LzEvZHEwcXUzUGZscnl4c2RHNDJaMDE5Ym45bUNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8sfMA8E
AgACMAkDBwAgAQZ8ELwwDQYJKoZIhvcNAQELBQADggEBAHGOQTNfN/IlsznOii2I
6L2kWbedI1qxKqaVk8I2MxLNqDbzTmc0eJoAYuG/o9wE3HmMpkrY8V50OCrI0O3r
G6YxQpU79kueLkdSyNHuV8v7sLJTjgvVJZ3xW4jPlZJEHDf9oMwJGEZM7MW3rLTY
j4r9Yg5uF/bY7BPfOC8Ek1xhRD5+ncQciyXNfmgJoy93d4C5F4mozwIyFKw3Fm4v
TvR+z7AZEOwznh4CA2C+q8ro4AZVcAVRutgtq6nW7m2DF7X0jje8AuCW6X/39rQK
Kf5YJoXNjqNoEwTl21QTpS7tjlz1ptjYIic7TC1uKqQJtQYVvPdxwIucyxF8gQ31
Fxs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:15 2024 by rpki-client on console-ams.rpki-client.org