Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/18e5a9-123f-48ad-91c5-f6007482fa93/1/AyQ2dOmebANcK_fFhLt9bMN3P8A.roa
File: AyQ2dOmebANcK_fFhLt9bMN3P8A.roa (raw, json)
Hash identifier: 4hKnJReTFVdSCAdHt4tkAYfziR7GKCHeSldjLVfT25I=
Subject key identifier: 03:24:36:74:E9:9E:6C:03:5C:2B:F7:C5:84:BB:7D:6C:C3:77:3F:C0
Certificate issuer: /CN=14da869ba03374a192c8e3bdce950a90027adcaf
Certificate serial: 01856B8120CC21A964721E9DF328DCD0B075
Authority key identifier: 14:DA:86:9B:A0:33:74:A1:92:C8:E3:BD:CE:95:0A:90:02:7A:DC:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FNqGm6AzdKGSyOO9zpUKkAJ63K8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/18e5a9-123f-48ad-91c5-f6007482fa93/1/AyQ2dOmebANcK_fFhLt9bMN3P8A.roa
Signing time: Sun 01 Jan 2023 04:05:02 +0000
ROA not before: Sun 01 Jan 2023 04:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 91.188.192.0/22 maxlen: 24
217.68.208.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:81:20:cc:21:a9:64:72:1e:9d:f3:28:dc:d0:b0:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14da869ba03374a192c8e3bdce950a90027adcaf
Validity
Not Before: Jan 1 04:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03243674e99e6c035c2bf7c584bb7d6cc3773fc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:12:d5:6c:73:2f:3f:eb:86:9d:7d:f1:38:b9:
48:a8:91:13:4e:1f:6b:b2:cf:0a:65:61:00:cb:c2:
f2:33:fb:8e:ed:2c:8d:81:32:fa:53:65:15:52:d2:
fe:8b:e8:37:d0:c3:82:79:7f:71:f0:74:a1:08:3d:
2e:3b:ce:67:17:df:55:1f:19:a8:d0:aa:fd:80:45:
18:5e:59:ae:9e:b2:f5:0e:d8:e6:86:b6:35:d4:f7:
78:0f:4d:92:db:c5:69:3b:f4:15:e9:72:6e:f4:4f:
f3:6b:86:fb:5b:97:79:a7:53:9f:8e:49:6e:3a:a3:
a3:1c:17:7a:2e:43:9c:22:94:00:fc:ad:8a:89:ab:
bb:39:a5:03:ed:40:05:08:ef:73:85:c5:d1:74:9f:
2a:81:64:5f:d0:37:01:2a:91:e6:aa:60:7d:6a:85:
6e:86:e7:b1:be:38:cf:e9:a6:1c:8a:15:b6:e2:5b:
74:3b:2b:df:4e:cf:40:c5:ab:66:5b:f3:3c:12:84:
2a:31:25:ac:9c:f2:d7:bd:c7:9b:6b:60:f3:9c:da:
03:87:36:37:34:de:55:23:15:52:4b:bd:8a:5e:23:
4e:8c:1e:53:fa:4f:c3:f7:48:08:91:df:66:ff:40:
18:1d:3f:04:34:bf:34:83:ae:62:7a:10:e2:20:f3:
a8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:24:36:74:E9:9E:6C:03:5C:2B:F7:C5:84:BB:7D:6C:C3:77:3F:C0
X509v3 Authority Key Identifier:
keyid:14:DA:86:9B:A0:33:74:A1:92:C8:E3:BD:CE:95:0A:90:02:7A:DC:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FNqGm6AzdKGSyOO9zpUKkAJ63K8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/18e5a9-123f-48ad-91c5-f6007482fa93/1/AyQ2dOmebANcK_fFhLt9bMN3P8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/18e5a9-123f-48ad-91c5-f6007482fa93/1/FNqGm6AzdKGSyOO9zpUKkAJ63K8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.192.0/22
217.68.208.0/20
Signature Algorithm: sha256WithRSAEncryption
88:39:d1:eb:78:9d:c0:ff:0e:4b:fe:44:a9:29:5f:ac:f4:46:
4b:94:d0:58:13:24:d3:48:2c:b4:fe:70:7e:5e:37:dc:e7:e8:
c2:19:2c:97:b3:16:80:c0:9c:4f:30:54:65:8d:4e:f2:cc:fe:
6d:3c:41:f0:fd:42:da:88:66:cc:98:8a:65:c4:9f:7b:19:d5:
5a:6f:5b:a0:3d:82:f0:32:57:13:82:f7:74:59:70:4d:9f:b5:
f4:b2:c6:97:1c:f9:c4:a8:2f:56:c3:23:e2:1f:19:9e:9a:0c:
5d:49:32:f7:c3:aa:b6:48:2a:48:b1:ac:d7:d6:bf:10:36:fb:
c0:ba:a6:cb:e6:38:8f:48:07:4f:f4:a2:1c:62:8e:fd:54:d7:
bf:0d:50:bc:63:52:b9:3e:bd:1e:d7:1a:c5:97:03:95:d4:9c:
52:ce:3e:2a:59:48:c6:c3:e8:81:c4:79:6a:d9:ba:08:05:5d:
5e:84:6d:65:58:15:bc:31:7c:4b:6d:e8:4a:55:bf:e4:ea:85:
a5:85:c5:c6:73:84:0c:bb:62:d2:ae:25:d1:0d:76:4b:b5:00:
e0:43:95:32:47:46:10:a0:3b:94:3f:ee:33:47:d3:a7:9f:e5:
13:5b:a8:c7:52:bd:6f:66:81:34:36:84:8a:1a:bc:be:87:02:
d1:f8:92:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrgSDMIalkch6d8yjc0LB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZGE4NjliYTAzMzc0YTE5MmM4ZTNiZGNlOTUwYTkwMDI3
YWRjYWYwHhcNMjMwMTAxMDQwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzI0MzY3NGU5OWU2YzAzNWMyYmY3YzU4NGJiN2Q2Y2MzNzczZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBLVbHMvP+uGnX3xOLlIqJETTh9r
ss8KZWEAy8LyM/uO7SyNgTL6U2UVUtL+i+g30MOCeX9x8HShCD0uO85nF99VHxmo
0Kr9gEUYXlmunrL1DtjmhrY11Pd4D02S28VpO/QV6XJu9E/za4b7W5d5p1Ofjklu
OqOjHBd6LkOcIpQA/K2Kiau7OaUD7UAFCO9zhcXRdJ8qgWRf0DcBKpHmqmB9aoVu
huexvjjP6aYcihW24lt0OyvfTs9AxatmW/M8EoQqMSWsnPLXvceba2DznNoDhzY3
NN5VIxVSS72KXiNOjB5T+k/D90gIkd9m/0AYHT8ENL80g65iehDiIPOozQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAMkNnTpnmwDXCv3xYS7fWzDdz/AMB8GA1UdIwQY
MBaAFBTahpugM3Shksjjvc6VCpACetyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk5xR202QXpkS0dTeU9POXpwVUtrQUo2M0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8xOGU1YTktMTIzZi00OGFkLTkxYzUt
ZjYwMDc0ODJmYTkzLzEvQXlRMmRPbWViQU5jS19mRmhMdDliTU4zUDhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8xOGU1YTktMTIzZi00OGFkLTkxYzUtZjYwMDc0ODJmYTkz
LzEvRk5xR202QXpkS0dTeU9POXpwVUtrQUo2M0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW7zAAwQE
2UTQMA0GCSqGSIb3DQEBCwUAA4IBAQCIOdHreJ3A/w5L/kSpKV+s9EZLlNBYEyTT
SCy0/nB+Xjfc5+jCGSyXsxaAwJxPMFRljU7yzP5tPEHw/ULaiGbMmIplxJ97GdVa
b1ugPYLwMlcTgvd0WXBNn7X0ssaXHPnEqC9WwyPiHxmemgxdSTL3w6q2SCpIsazX
1r8QNvvAuqbL5jiPSAdP9KIcYo79VNe/DVC8Y1K5Pr0e1xrFlwOV1JxSzj4qWUjG
w+iBxHlq2boIBV1ehG1lWBW8MXxLbehKVb/k6oWlhcXGc4QMu2LSriXRDXZLtQDg
Q5UyR0YQoDuUP+4zR9Onn+UTW6jHUr1vZoE0NoSKGry+hwLR+JKl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:42 2024 by rpki-client on console-ams.rpki-client.org