Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/73e1e0-3d46-428c-ab3b-2159efee6a07/1/R0CrCJEGFCDN570iuLnRHaVHW6E.roa
File: R0CrCJEGFCDN570iuLnRHaVHW6E.roa (raw, json)
Hash identifier: L0eK+sJmQxhj28IeP2uGSxd787hxANxwwIujser+aAs=
Subject key identifier: 47:40:AB:08:91:06:14:20:CD:E7:BD:22:B8:B9:D1:1D:A5:47:5B:A1
Certificate issuer: /CN=bb528c126aed0d7f5a06950eb2c2033486856a15
Certificate serial: 01856C78128781789105ADD44C470FD77329
Authority key identifier: BB:52:8C:12:6A:ED:0D:7F:5A:06:95:0E:B2:C2:03:34:86:85:6A:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u1KMEmrtDX9aBpUOssIDNIaFahU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/73e1e0-3d46-428c-ab3b-2159efee6a07/1/R0CrCJEGFCDN570iuLnRHaVHW6E.roa
Signing time: Sun 01 Jan 2023 08:34:46 +0000
ROA not before: Sun 01 Jan 2023 08:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211073
IP address blocks: 91.207.176.0/24 maxlen: 24
91.207.177.0/24 maxlen: 24
91.207.176.0/23 maxlen: 23
2001:67c:414::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:12:87:81:78:91:05:ad:d4:4c:47:0f:d7:73:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb528c126aed0d7f5a06950eb2c2033486856a15
Validity
Not Before: Jan 1 08:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4740ab0891061420cde7bd22b8b9d11da5475ba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:3d:cd:f6:3b:a3:7d:fa:97:c4:bc:07:83:1a:
9e:f9:1b:e2:9a:fb:78:19:81:11:32:92:30:e1:20:
e9:3e:af:bb:25:d5:dc:38:83:1d:97:9d:f4:2c:03:
da:74:08:cf:59:73:4a:b6:ad:4f:16:a4:12:3f:cb:
e7:8a:31:75:79:d8:4d:0e:27:63:ca:b6:b7:c8:96:
18:8b:ae:5d:a7:9c:79:cc:7a:d4:f3:22:42:fc:ff:
3d:b7:f7:f4:0f:af:e4:91:6d:9a:ab:50:31:56:e4:
1f:1f:4a:6e:7d:d3:41:17:f4:6c:8b:c1:e7:a5:67:
31:f2:a1:18:bb:0e:2e:15:6c:69:55:df:9c:ce:06:
41:83:97:01:44:12:8a:12:77:71:b8:af:02:86:17:
51:18:e7:2b:21:af:23:b4:00:90:71:5a:f2:6c:e1:
e0:be:b3:1b:27:f5:fb:4b:4a:b2:f9:23:d0:28:e3:
14:ad:f0:37:17:6d:f9:b2:a3:44:82:5a:12:f4:b5:
41:13:0f:e5:c3:5a:7f:b6:b7:bc:d6:be:a8:df:bd:
bd:bc:38:d3:78:1b:61:51:39:60:27:91:00:45:97:
7f:c0:5a:34:d2:d3:56:17:e4:e0:e0:59:65:b3:10:
e3:37:91:df:1b:89:03:5a:38:af:49:df:af:6c:13:
c3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:40:AB:08:91:06:14:20:CD:E7:BD:22:B8:B9:D1:1D:A5:47:5B:A1
X509v3 Authority Key Identifier:
keyid:BB:52:8C:12:6A:ED:0D:7F:5A:06:95:0E:B2:C2:03:34:86:85:6A:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u1KMEmrtDX9aBpUOssIDNIaFahU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/73e1e0-3d46-428c-ab3b-2159efee6a07/1/R0CrCJEGFCDN570iuLnRHaVHW6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/73e1e0-3d46-428c-ab3b-2159efee6a07/1/u1KMEmrtDX9aBpUOssIDNIaFahU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.176.0/23
IPv6:
2001:67c:414::/48
Signature Algorithm: sha256WithRSAEncryption
50:cf:82:64:f7:1e:8d:6c:4c:6c:c7:b7:91:07:7e:41:07:f2:
82:bf:da:32:c6:4d:03:40:f0:8e:ec:45:92:e0:06:cd:46:72:
0b:eb:3e:39:b5:8d:d6:da:21:d5:2c:aa:a5:59:8d:a3:9f:57:
30:69:18:fc:da:91:39:95:30:60:82:72:91:74:df:6a:83:c1:
e8:12:63:0f:66:77:9b:6b:6e:d2:9b:66:b3:13:ce:34:fc:ec:
ed:6a:bc:4e:ab:72:f5:9e:7b:38:2e:84:1b:91:0e:17:96:13:
63:1a:4b:8d:d9:14:3b:07:66:e8:df:6d:33:aa:89:cd:26:d1:
02:c0:05:02:17:2e:99:2d:73:4f:21:99:c7:cd:21:65:2a:f3:
27:d8:28:ef:62:d3:ce:0d:08:de:85:ba:21:4a:fe:37:65:52:
2e:8a:8c:b8:46:ef:76:45:90:c5:bf:be:57:34:74:d1:e6:00:
29:65:8c:bc:5e:3a:fb:5a:69:b9:08:7e:c4:d4:5d:f9:ec:fc:
62:74:c6:9d:8a:b1:f7:5f:14:d0:29:bd:99:34:7a:81:f5:e0:
0c:8e:25:1f:87:84:80:49:3e:cb:1d:51:42:a3:08:91:8d:f6:
6e:1f:37:41:38:d9:3b:a5:34:b6:35:a9:42:fa:58:63:03:14:
50:9c:fc:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVseBKHgXiRBa3UTEcP13MpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNTI4YzEyNmFlZDBkN2Y1YTA2OTUwZWIyYzIwMzM0ODY4
NTZhMTUwHhcNMjMwMTAxMDgzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzQwYWIwODkxMDYxNDIwY2RlN2JkMjJiOGI5ZDExZGE1NDc1YmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhz3N9jujffqXxLwHgxqe+Rvimvt4
GYERMpIw4SDpPq+7JdXcOIMdl530LAPadAjPWXNKtq1PFqQSP8vnijF1edhNDidj
yra3yJYYi65dp5x5zHrU8yJC/P89t/f0D6/kkW2aq1AxVuQfH0pufdNBF/Rsi8Hn
pWcx8qEYuw4uFWxpVd+czgZBg5cBRBKKEndxuK8ChhdRGOcrIa8jtACQcVrybOHg
vrMbJ/X7S0qy+SPQKOMUrfA3F235sqNEgloS9LVBEw/lw1p/tre81r6o3729vDjT
eBthUTlgJ5EARZd/wFo00tNWF+Tg4FllsxDjN5HfG4kDWjivSd+vbBPDOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEdAqwiRBhQgzee9Iri50R2lR1uhMB8GA1UdIwQY
MBaAFLtSjBJq7Q1/WgaVDrLCAzSGhWoVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTFLTUVtcnREWDlhQnBVT3NzSUROSWFGYWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi83M2UxZTAtM2Q0Ni00MjhjLWFiM2It
MjE1OWVmZWU2YTA3LzEvUjBDckNKRUdGQ0RONTcwaXVMblJIYVZIVzZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi83M2UxZTAtM2Q0Ni00MjhjLWFiM2ItMjE1OWVmZWU2YTA3
LzEvdTFLTUVtcnREWDlhQnBVT3NzSUROSWFGYWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8+wMA8E
AgACMAkDBwAgAQZ8BBQwDQYJKoZIhvcNAQELBQADggEBAFDPgmT3Ho1sTGzHt5EH
fkEH8oK/2jLGTQNA8I7sRZLgBs1GcgvrPjm1jdbaIdUsqqVZjaOfVzBpGPzakTmV
MGCCcpF032qDwegSYw9md5trbtKbZrMTzjT87O1qvE6rcvWeezguhBuRDheWE2Ma
S43ZFDsHZujfbTOqic0m0QLABQIXLpktc08hmcfNIWUq8yfYKO9i084NCN6FuiFK
/jdlUi6KjLhG73ZFkMW/vlc0dNHmAClljLxeOvtaabkIfsTUXfns/GJ0xp2Ksfdf
FNApvZk0eoH14AyOJR+HhIBJPssdUUKjCJGN9m4fN0E42TulNLY1qUL6WGMDFFCc
/A0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:23 2024 by rpki-client on console-fra.rpki-client.org