Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a3deec-dca2-4559-94b8-d9ba096bf5bc/1/g59a-UflBFscqaZ-rNkq4D9PSGg.roa
File: g59a-UflBFscqaZ-rNkq4D9PSGg.roa (raw, json)
Hash identifier: Ib6bfgtQtNIjcGm+9eDRxs8oIZt3pKm0EJEwrQqPYh8=
Subject key identifier: 83:9F:5A:F9:47:E5:04:5B:1C:A9:A6:7E:AC:D9:2A:E0:3F:4F:48:68
Certificate issuer: /CN=032755057c69bd7ba7da22520109e49b5b04cc03
Certificate serial: 01856CAF0B4E3DD602AF17CA08C58EECEC15
Authority key identifier: 03:27:55:05:7C:69:BD:7B:A7:DA:22:52:01:09:E4:9B:5B:04:CC:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AydVBXxpvXun2iJSAQnkm1sEzAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a3deec-dca2-4559-94b8-d9ba096bf5bc/1/g59a-UflBFscqaZ-rNkq4D9PSGg.roa
Signing time: Sun 01 Jan 2023 09:34:49 +0000
ROA not before: Sun 01 Jan 2023 09:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49817
IP address blocks: 91.195.2.0/24 maxlen: 24
91.195.3.0/24 maxlen: 24
91.195.2.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:0b:4e:3d:d6:02:af:17:ca:08:c5:8e:ec:ec:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=032755057c69bd7ba7da22520109e49b5b04cc03
Validity
Not Before: Jan 1 09:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=839f5af947e5045b1ca9a67eacd92ae03f4f4868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4c:4d:ea:d9:f1:fa:36:61:70:48:ee:e9:24:
ea:f7:63:01:78:0c:eb:e4:ce:0f:b7:c1:eb:e1:77:
49:57:ac:1b:c9:e1:7b:a6:62:97:d7:71:ce:9c:f3:
f3:83:f5:d2:d9:45:ea:23:7b:31:32:5f:6f:5b:c9:
28:53:7d:d3:c9:dc:a1:91:8d:a6:ea:33:c1:50:12:
26:81:9b:08:af:e7:6b:d7:e8:05:28:85:43:17:a7:
f3:80:d1:2f:7e:13:30:58:94:ee:87:d8:86:c8:88:
de:e1:e1:0d:86:92:c1:ae:4d:45:07:7c:a0:18:35:
32:e8:91:e1:1e:f7:a4:dc:26:7f:41:bc:01:d1:c0:
7a:eb:9e:66:fe:d6:37:c1:88:54:0e:91:ad:35:11:
ca:05:a1:d3:5f:65:46:33:5b:f2:cb:6c:9f:b2:88:
93:1a:fe:06:18:06:0b:c2:b9:10:b3:05:1f:b3:30:
eb:85:88:24:b7:bc:8a:93:05:1e:4f:8b:15:8b:48:
c1:aa:64:89:b9:cb:bc:b6:94:93:17:2e:3d:98:cf:
cd:ba:3a:9e:3c:5b:7a:29:79:5c:5a:b8:96:96:a7:
03:08:d8:9c:82:9b:7a:57:86:fd:cc:f8:4d:86:ac:
c6:fc:01:6d:c5:6c:65:77:e5:2a:22:b0:df:c1:6f:
7d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:9F:5A:F9:47:E5:04:5B:1C:A9:A6:7E:AC:D9:2A:E0:3F:4F:48:68
X509v3 Authority Key Identifier:
keyid:03:27:55:05:7C:69:BD:7B:A7:DA:22:52:01:09:E4:9B:5B:04:CC:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AydVBXxpvXun2iJSAQnkm1sEzAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a3deec-dca2-4559-94b8-d9ba096bf5bc/1/g59a-UflBFscqaZ-rNkq4D9PSGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a3deec-dca2-4559-94b8-d9ba096bf5bc/1/AydVBXxpvXun2iJSAQnkm1sEzAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.2.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:bc:da:c1:e6:07:1e:e1:d9:c8:a6:5e:68:8d:14:2f:02:cb:
7e:51:b4:06:f6:f6:63:b0:f2:64:69:09:08:0f:b1:30:2f:6a:
9e:70:40:dd:6f:d0:7a:df:4f:a6:78:c7:90:f7:f9:76:0e:65:
c4:ef:98:47:fe:77:c4:c2:17:16:32:6d:66:fc:6c:54:0e:b0:
d9:17:18:ef:4b:de:92:9b:a2:bb:f6:d4:52:b6:72:7f:4f:5a:
b4:26:31:97:75:14:b9:30:b7:db:9a:74:81:d1:ca:e4:99:3e:
04:fe:c8:c1:6b:7c:2c:89:7c:29:c6:80:e7:83:75:19:ed:fd:
52:75:0d:17:85:f1:8a:d2:12:df:c1:8f:d5:9c:f9:a9:cb:5f:
9d:0d:49:ba:b1:b3:b8:a7:69:eb:e6:54:34:95:72:f2:a6:85:
db:5e:64:cf:3f:e5:0e:74:81:88:9a:ab:9e:a7:30:80:74:7e:
85:66:0e:72:b8:51:57:8f:11:f7:43:3b:1f:7f:94:81:b3:f9:
59:57:18:1c:17:98:1d:45:95:e9:3f:8e:d3:61:16:28:d3:50:
b0:e1:9a:0f:af:2e:4c:63:a7:f6:53:69:b2:1f:d0:56:6c:64:
fc:dc:96:80:b1:ff:a3:0d:7a:4f:b0:05:fd:5a:03:65:7f:32:
e8:9d:1a:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrwtOPdYCrxfKCMWO7OwVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMjc1NTA1N2M2OWJkN2JhN2RhMjI1MjAxMDllNDliNWIw
NGNjMDMwHhcNMjMwMTAxMDkzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzlmNWFmOTQ3ZTUwNDViMWNhOWE2N2VhY2Q5MmFlMDNmNGY0ODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUxN6tnx+jZhcEju6STq92MBeAzr
5M4Pt8Hr4XdJV6wbyeF7pmKX13HOnPPzg/XS2UXqI3sxMl9vW8koU33TydyhkY2m
6jPBUBImgZsIr+dr1+gFKIVDF6fzgNEvfhMwWJTuh9iGyIje4eENhpLBrk1FB3yg
GDUy6JHhHvek3CZ/QbwB0cB6655m/tY3wYhUDpGtNRHKBaHTX2VGM1vyy2yfsoiT
Gv4GGAYLwrkQswUfszDrhYgkt7yKkwUeT4sVi0jBqmSJucu8tpSTFy49mM/Nujqe
PFt6KXlcWriWlqcDCNicgpt6V4b9zPhNhqzG/AFtxWxld+UqIrDfwW99rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIOfWvlH5QRbHKmmfqzZKuA/T0hoMB8GA1UdIwQY
MBaAFAMnVQV8ab17p9oiUgEJ5JtbBMwDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXlkVkJYeHB2WHVuMmlKU0FRbmttMXNFekFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hM2RlZWMtZGNhMi00NTU5LTk0Yjgt
ZDliYTA5NmJmNWJjLzEvZzU5YS1VZmxCRnNjcWFaLXJOa3E0RDlQU0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hM2RlZWMtZGNhMi00NTU5LTk0YjgtZDliYTA5NmJmNWJj
LzEvQXlkVkJYeHB2WHVuMmlKU0FRbmttMXNFekFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8MCMA0G
CSqGSIb3DQEBCwUAA4IBAQB/vNrB5gce4dnIpl5ojRQvAst+UbQG9vZjsPJkaQkI
D7EwL2qecEDdb9B630+meMeQ9/l2DmXE75hH/nfEwhcWMm1m/GxUDrDZFxjvS96S
m6K79tRStnJ/T1q0JjGXdRS5MLfbmnSB0crkmT4E/sjBa3wsiXwpxoDng3UZ7f1S
dQ0XhfGK0hLfwY/VnPmpy1+dDUm6sbO4p2nr5lQ0lXLypoXbXmTPP+UOdIGImque
pzCAdH6FZg5yuFFXjxH3Qzsff5SBs/lZVxgcF5gdRZXpP47TYRYo01Cw4ZoPry5M
Y6f2U2myH9BWbGT83JaAsf+jDXpPsAX9WgNlfzLonRrb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:43 2024 by rpki-client on console-fra.rpki-client.org