Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/12e72c-7491-47e2-ac53-ac0c60100478/1/RbXogvXpC9KrCMZCCODaWIxWbek.roa
File: RbXogvXpC9KrCMZCCODaWIxWbek.roa (raw, json)
Hash identifier: OtOcCnhclOAjbTLl40CBSjNKeIR+spYBnp5bRHDZa2c=
Subject key identifier: 45:B5:E8:82:F5:E9:0B:D2:AB:08:C6:42:08:E0:DA:58:8C:56:6D:E9
Certificate issuer: /CN=eb50d3084bf8aa9ea777d245b60d511be189eab2
Certificate serial: 01856F823FDB6CA27C9EA6EDEC09EF869704
Authority key identifier: EB:50:D3:08:4B:F8:AA:9E:A7:77:D2:45:B6:0D:51:1B:E1:89:EA:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/61DTCEv4qp6nd9JFtg1RG-GJ6rI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/12e72c-7491-47e2-ac53-ac0c60100478/1/RbXogvXpC9KrCMZCCODaWIxWbek.roa
Signing time: Sun 01 Jan 2023 22:44:45 +0000
ROA not before: Sun 01 Jan 2023 22:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49127
IP address blocks: 91.217.253.0/24 maxlen: 24
91.220.28.0/24 maxlen: 24
91.220.35.0/24 maxlen: 24
164.138.248.0/21 maxlen: 24
164.138.254.0/24 maxlen: 24
91.220.71.0/24 maxlen: 24
2a0a:7d40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:3f:db:6c:a2:7c:9e:a6:ed:ec:09:ef:86:97:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb50d3084bf8aa9ea777d245b60d511be189eab2
Validity
Not Before: Jan 1 22:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45b5e882f5e90bd2ab08c64208e0da588c566de9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b0:19:5d:30:40:af:31:b4:85:ae:1d:d9:0b:
97:e9:e3:af:4c:aa:f3:31:a7:03:af:39:01:be:9a:
fd:23:d9:27:64:a4:3e:4f:88:b6:92:9f:0c:46:b8:
21:6f:a4:38:ac:06:1d:6e:f5:57:d9:fd:be:32:00:
9f:6c:c1:cc:11:81:f9:17:e0:ef:df:1d:6c:46:5b:
1a:d4:15:d8:38:22:77:e0:8b:8b:1d:9a:14:3c:cc:
33:3c:c7:9e:67:e7:a8:ec:a3:35:ea:e9:1a:7f:6a:
41:08:57:4f:03:a8:63:25:47:20:78:5c:c5:0b:5b:
75:c2:6f:6f:a4:6e:86:de:1b:a9:58:a9:4e:14:31:
d8:df:eb:63:f6:9a:f5:06:63:4e:a1:27:71:49:f4:
da:12:70:43:e5:78:c9:40:b3:1a:a4:95:41:97:cb:
bd:dd:77:2a:68:cc:e2:9e:44:b3:aa:3c:0f:d3:f1:
2f:57:0a:88:42:af:55:ff:c2:88:22:ec:a9:41:a6:
a2:66:35:69:b5:b6:07:55:2f:8e:15:2a:c6:b9:ac:
ce:8a:65:b2:9d:b9:ff:e7:58:ee:4b:d3:e6:c3:ab:
0f:e3:61:33:59:21:bb:69:10:8e:b9:05:ab:76:4e:
bc:ed:61:f0:76:e3:c0:3a:80:15:5c:a9:81:39:a4:
de:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:B5:E8:82:F5:E9:0B:D2:AB:08:C6:42:08:E0:DA:58:8C:56:6D:E9
X509v3 Authority Key Identifier:
keyid:EB:50:D3:08:4B:F8:AA:9E:A7:77:D2:45:B6:0D:51:1B:E1:89:EA:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/61DTCEv4qp6nd9JFtg1RG-GJ6rI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/12e72c-7491-47e2-ac53-ac0c60100478/1/RbXogvXpC9KrCMZCCODaWIxWbek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/12e72c-7491-47e2-ac53-ac0c60100478/1/61DTCEv4qp6nd9JFtg1RG-GJ6rI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.253.0/24
91.220.28.0/24
91.220.35.0/24
91.220.71.0/24
164.138.248.0/21
IPv6:
2a0a:7d40::/32
Signature Algorithm: sha256WithRSAEncryption
34:b2:94:b2:d0:08:70:87:61:08:f9:1b:08:95:10:d1:ec:6c:
7d:ce:98:a0:34:60:61:0d:6b:e0:79:70:c6:7c:6d:ee:28:d1:
21:6e:4d:eb:ee:00:ae:cd:cc:6a:f9:5d:45:45:ee:d8:df:2a:
1d:1b:76:73:5b:31:ae:ba:e8:8c:8b:a2:54:a7:cb:a2:82:d0:
54:fa:fc:22:73:d2:3f:4d:48:49:39:a5:06:bf:ab:c3:bd:d7:
1f:08:d4:c1:fc:d0:0e:46:92:48:70:7b:52:f0:a5:1a:d0:88:
42:35:01:c4:7c:8e:dd:18:9d:4b:ec:1b:75:a9:c0:25:cd:e5:
e1:0b:7a:ca:7e:da:6c:b3:19:26:3d:67:ee:8d:4f:17:c4:87:
25:84:a2:eb:41:6b:cf:9f:cf:03:63:e4:ad:13:4e:7f:f6:7d:
4a:ed:3d:b8:21:59:87:a6:8c:d0:c2:c1:89:d1:57:83:84:a1:
ec:43:12:b9:b2:72:c8:cc:53:89:30:bc:e3:14:f0:9b:66:92:
3b:e2:17:c3:d4:f4:d4:33:f1:df:26:bd:6d:47:5c:65:3e:7a:
0f:44:57:b0:ea:ca:fc:37:f4:c8:5b:5e:1f:51:69:b9:7f:39:
7b:12:00:ed:34:7a:10:a6:0b:87:43:b2:15:a1:1d:4d:bd:ba:
c7:ee:da:0e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVvgj/bbKJ8nqbt7AnvhpcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNTBkMzA4NGJmOGFhOWVhNzc3ZDI0NWI2MGQ1MTFiZTE4
OWVhYjIwHhcNMjMwMTAxMjI0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWI1ZTg4MmY1ZTkwYmQyYWIwOGM2NDIwOGUwZGE1ODhjNTY2ZGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7AZXTBArzG0ha4d2QuX6eOvTKrz
MacDrzkBvpr9I9knZKQ+T4i2kp8MRrghb6Q4rAYdbvVX2f2+MgCfbMHMEYH5F+Dv
3x1sRlsa1BXYOCJ34IuLHZoUPMwzPMeeZ+eo7KM16ukaf2pBCFdPA6hjJUcgeFzF
C1t1wm9vpG6G3hupWKlOFDHY3+tj9pr1BmNOoSdxSfTaEnBD5XjJQLMapJVBl8u9
3XcqaMzinkSzqjwP0/EvVwqIQq9V/8KIIuypQaaiZjVptbYHVS+OFSrGuazOimWy
nbn/51juS9Pmw6sP42EzWSG7aRCOuQWrdk687WHwduPAOoAVXKmBOaTedQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEW16IL16QvSqwjGQgjg2liMVm3pMB8GA1UdIwQY
MBaAFOtQ0whL+Kqep3fSRbYNURvhieqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjFEVENFdjRxcDZuZDlKRnRnMVJHLUdKNnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8xMmU3MmMtNzQ5MS00N2UyLWFjNTMt
YWMwYzYwMTAwNDc4LzEvUmJYb2d2WHBDOUtyQ01aQ0NPRGFXSXhXYmVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8xMmU3MmMtNzQ5MS00N2UyLWFjNTMtYWMwYzYwMTAwNDc4
LzEvNjFEVENFdjRxcDZuZDlKRnRnMVJHLUdKNnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW9n9AwQA
W9wcAwQAW9wjAwQAW9xHAwQDpIr4MA0EAgACMAcDBQAqCn1AMA0GCSqGSIb3DQEB
CwUAA4IBAQA0spSy0Ahwh2EI+RsIlRDR7Gx9zpigNGBhDWvgeXDGfG3uKNEhbk3r
7gCuzcxq+V1FRe7Y3yodG3ZzWzGuuuiMi6JUp8uigtBU+vwic9I/TUhJOaUGv6vD
vdcfCNTB/NAORpJIcHtS8KUa0IhCNQHEfI7dGJ1L7Bt1qcAlzeXhC3rKftpssxkm
PWfujU8XxIclhKLrQWvPn88DY+StE05/9n1K7T24IVmHpozQwsGJ0VeDhKHsQxK5
snLIzFOJMLzjFPCbZpI74hfD1PTUM/HfJr1tR1xlPnoPRFew6sr8N/TIW14fUWm5
fzl7EgDtNHoQpguHQ7IVoR1NvbrH7toO
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:35:58 2024 by rpki-client on console-fra.rpki-client.org