Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/0a-21UuF3fpGrokTH6N0KnY526I.roa
File: 0a-21UuF3fpGrokTH6N0KnY526I.roa (raw, json)
Hash identifier: LTktZ+VKTdfU2UTAAQbT6PzCGtYJOU6gkOFURUZVcaA=
Subject key identifier: D1:AF:B6:D5:4B:85:DD:FA:46:AE:89:13:1F:A3:74:2A:76:39:DB:A2
Certificate issuer: /CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Certificate serial: 018A8D4E8DD75CB89C3F95341890A43B4113
Authority key identifier: 5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/0a-21UuF3fpGrokTH6N0KnY526I.roa
Signing time: Wed 13 Sep 2023 06:50:50 +0000
ROA not before: Wed 13 Sep 2023 06:50:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202391
IP address blocks: 91.237.254.0/24 maxlen: 24
91.237.254.0/23 maxlen: 23
91.237.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Oct 2023 12:13:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:4e:8d:d7:5c:b8:9c:3f:95:34:18:90:a4:3b:41:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Validity
Not Before: Sep 13 06:50:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1afb6d54b85ddfa46ae89131fa3742a7639dba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c9:ca:d2:02:38:2f:e1:f5:0e:22:07:25:c0:
72:cd:a9:81:42:25:59:73:38:79:b2:40:1d:04:32:
fc:7b:e7:0b:57:a6:71:15:0e:d2:ec:c2:a1:5f:71:
e2:67:71:a8:42:9d:99:39:7f:56:94:6d:97:c6:4c:
f5:81:be:71:89:bb:53:7a:bc:39:3a:13:3e:d5:4d:
58:5d:c3:0a:32:8a:89:36:ea:ee:68:fd:08:e2:96:
2a:25:65:67:45:7f:ed:eb:00:c9:cc:d2:a1:d6:8d:
8f:d2:b5:62:eb:f2:2b:81:3f:8a:7d:84:b4:3b:5e:
8b:13:c9:16:48:00:0f:8b:4c:f0:25:c5:77:86:46:
1d:3d:ca:1f:eb:7f:7f:b6:1c:74:f1:aa:ab:63:80:
1c:8f:1f:0e:21:f1:30:29:fd:a9:2c:5a:31:7b:2b:
be:ef:a1:f7:de:8d:d1:f1:87:24:af:24:93:35:de:
3c:59:5c:fd:50:5d:e4:5d:dc:c3:2c:16:ef:75:90:
8c:ea:17:53:41:8d:9e:20:bd:58:63:d0:9c:a2:fe:
ff:53:89:6b:b4:d8:7b:d4:15:74:61:ef:b9:55:dd:
38:9b:c0:11:40:70:02:96:2a:35:f3:22:35:d8:66:
5e:1c:c8:9e:a4:67:4d:25:05:0c:c9:39:a7:2e:01:
d2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:AF:B6:D5:4B:85:DD:FA:46:AE:89:13:1F:A3:74:2A:76:39:DB:A2
X509v3 Authority Key Identifier:
keyid:5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/0a-21UuF3fpGrokTH6N0KnY526I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.254.0/23
Signature Algorithm: sha256WithRSAEncryption
41:6d:69:65:d9:6b:e0:8f:27:5a:9f:00:09:a3:91:c0:5d:41:
6e:4b:a8:f5:10:8b:f3:e4:7d:9d:4d:34:ff:c0:ee:ec:12:d3:
a9:fe:07:73:0b:c5:c4:5c:6d:66:ed:0d:aa:8e:72:e3:79:b0:
71:ce:0a:92:10:84:99:7a:eb:ec:80:29:6a:94:de:58:8a:79:
d4:f9:a8:e9:cc:b8:ea:97:67:6f:77:5c:18:32:87:d8:e9:cc:
bb:b8:61:ab:af:05:1f:ff:c3:81:6e:e9:d9:da:58:2a:30:77:
db:ee:56:b9:58:56:5c:5a:7a:71:38:75:1d:e6:bd:46:31:75:
6a:d1:cb:f4:4b:67:87:05:53:4f:a1:12:62:c6:b7:78:9d:26:
c5:c6:e6:44:3d:1a:4a:7c:5d:ea:79:2f:65:74:99:23:ac:26:
6a:82:77:52:08:ae:8b:ba:df:ea:f4:22:43:71:2e:ab:dd:78:
f6:7d:dc:92:24:7e:97:61:4b:56:33:ae:d8:71:f3:c0:9c:7b:
94:83:ab:6c:4f:b7:fb:10:a0:7a:e5:24:df:2d:81:e2:94:e8:
37:90:9c:04:84:45:93:03:33:99:a2:1a:c8:71:d6:41:db:ac:
2c:c3:ce:d9:1d:74:2f:7d:a3:00:65:1b:62:3f:37:2b:57:d6:
d4:dc:0f:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqNTo3XXLicP5U0GJCkO0ETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNWU2NmIyNzU5ZTUwYmI2OWJiMGE0NDA5ZWViM2JhNDhj
NDZjNTYwHhcNMjMwOTEzMDY1MDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWFmYjZkNTRiODVkZGZhNDZhZTg5MTMxZmEzNzQyYTc2MzlkYmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncnK0gI4L+H1DiIHJcByzamBQiVZ
czh5skAdBDL8e+cLV6ZxFQ7S7MKhX3HiZ3GoQp2ZOX9WlG2Xxkz1gb5xibtTerw5
OhM+1U1YXcMKMoqJNuruaP0I4pYqJWVnRX/t6wDJzNKh1o2P0rVi6/IrgT+KfYS0
O16LE8kWSAAPi0zwJcV3hkYdPcof639/thx08aqrY4Acjx8OIfEwKf2pLFoxeyu+
76H33o3R8YckrySTNd48WVz9UF3kXdzDLBbvdZCM6hdTQY2eIL1YY9Ccov7/U4lr
tNh71BV0Ye+5Vd04m8ARQHAClio18yI12GZeHMiepGdNJQUMyTmnLgHSzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGvttVLhd36Rq6JEx+jdCp2OduiMB8GA1UdIwQY
MBaAFFpeZrJ1nlC7absKRAnus7pIxGxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWIt
NjUzZjIzOWZlOWEwLzEvMGEtMjFVdUYzZnBHcm9rVEg2TjBLblk1MjZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWItNjUzZjIzOWZlOWEw
LzEvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+3+MA0G
CSqGSIb3DQEBCwUAA4IBAQBBbWll2WvgjydanwAJo5HAXUFuS6j1EIvz5H2dTTT/
wO7sEtOp/gdzC8XEXG1m7Q2qjnLjebBxzgqSEISZeuvsgClqlN5YinnU+ajpzLjq
l2dvd1wYMofY6cy7uGGrrwUf/8OBbunZ2lgqMHfb7la5WFZcWnpxOHUd5r1GMXVq
0cv0S2eHBVNPoRJixrd4nSbFxuZEPRpKfF3qeS9ldJkjrCZqgndSCK6Lut/q9CJD
cS6r3Xj2fdySJH6XYUtWM67YcfPAnHuUg6tsT7f7EKB65STfLYHilOg3kJwEhEWT
AzOZohrIcdZB26wsw87ZHXQvfaMAZRtiPzcrV9bU3A9l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:23 2024 by rpki-client on console-fra.rpki-client.org