Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/89286f-0e59-4626-a617-602151522a09/1/jB6VCg3UDbQXwPsJ7nAazbjc3FE.roa
File: jB6VCg3UDbQXwPsJ7nAazbjc3FE.roa (raw, json)
Hash identifier: Qibj+bnEtH3B1WLIvOXDRWnpxu8JgALhEy+lqclFBk4=
Subject key identifier: 8C:1E:95:0A:0D:D4:0D:B4:17:C0:FB:09:EE:70:1A:CD:B8:DC:DC:51
Certificate issuer: /CN=43b92ec2b0e32cb7b2db13e3765298d6d2e585cd
Certificate serial: 018C9090323046517FF6E5F8E64D6250FB9D
Authority key identifier: 43:B9:2E:C2:B0:E3:2C:B7:B2:DB:13:E3:76:52:98:D6:D2:E5:85:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q7kuwrDjLLey2xPjdlKY1tLlhc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/89286f-0e59-4626-a617-602151522a09/1/jB6VCg3UDbQXwPsJ7nAazbjc3FE.roa
Signing time: Fri 22 Dec 2023 08:06:58 +0000
ROA not before: Fri 22 Dec 2023 08:06:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56441
IP address blocks: 91.231.125.0/24 maxlen: 24
91.224.118.0/24 maxlen: 24
91.224.119.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:90:90:32:30:46:51:7f:f6:e5:f8:e6:4d:62:50:fb:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43b92ec2b0e32cb7b2db13e3765298d6d2e585cd
Validity
Not Before: Dec 22 08:06:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c1e950a0dd40db417c0fb09ee701acdb8dcdc51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c4:0d:b2:ce:16:98:e0:f8:72:b1:9c:84:6c:
8a:38:d6:d1:46:74:0a:89:a6:6c:27:f6:73:37:f7:
c1:bd:7b:d3:d4:66:45:a9:ca:74:df:df:3a:29:48:
35:9a:1d:b1:66:04:b4:d4:c3:82:8a:d7:d9:96:17:
cc:a0:50:71:4d:a3:db:83:79:0f:f9:a7:71:33:df:
8f:92:b3:a0:cd:4d:0f:ce:ec:3f:66:43:e0:cf:2d:
5e:84:d8:3a:07:90:95:e1:b0:6a:05:93:35:87:89:
29:b0:20:71:ee:82:73:28:51:d4:76:63:15:f5:d6:
cf:59:0d:66:c0:83:d1:6e:a4:fe:32:29:aa:c1:5a:
df:5d:20:61:85:26:79:1c:e6:5c:2e:7d:77:7d:60:
17:2c:2e:fc:93:e8:f4:97:40:6e:ab:7f:1d:97:87:
14:68:7f:aa:bf:46:09:ff:c1:65:76:6e:8d:f3:20:
6d:6a:eb:11:9c:c1:99:a7:1e:c0:1f:f1:7d:c6:1e:
c0:13:26:7d:b8:f2:32:b6:34:6e:7f:b6:f9:2f:61:
64:ac:c6:13:f0:32:9f:e6:cb:1f:66:55:74:d6:84:
4f:91:cc:ee:ce:3f:de:0c:dc:9f:af:0f:74:20:b2:
45:8b:e7:b6:ae:10:6d:fa:f6:b4:e0:71:1b:0f:9f:
ce:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:1E:95:0A:0D:D4:0D:B4:17:C0:FB:09:EE:70:1A:CD:B8:DC:DC:51
X509v3 Authority Key Identifier:
keyid:43:B9:2E:C2:B0:E3:2C:B7:B2:DB:13:E3:76:52:98:D6:D2:E5:85:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q7kuwrDjLLey2xPjdlKY1tLlhc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/89286f-0e59-4626-a617-602151522a09/1/jB6VCg3UDbQXwPsJ7nAazbjc3FE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/89286f-0e59-4626-a617-602151522a09/1/Q7kuwrDjLLey2xPjdlKY1tLlhc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.118.0/23
91.231.125.0/24
Signature Algorithm: sha256WithRSAEncryption
73:8b:ab:da:21:40:5e:98:a2:d6:9f:16:28:86:43:b4:5d:41:
11:fa:84:08:3e:ef:8c:33:89:11:46:69:2b:53:79:87:5d:c4:
5b:f9:80:6d:61:db:ea:6c:7f:f7:63:b9:9a:8a:90:07:91:f6:
18:0e:16:53:1d:87:06:e9:22:19:31:76:9a:bb:af:c0:ce:ad:
22:d1:03:c5:93:6d:1f:b4:33:8a:37:30:76:4d:99:47:bb:1f:
07:73:6a:f2:e4:5e:7e:89:f7:e7:5f:cf:1b:18:c1:55:64:a9:
f3:a3:db:0c:06:59:24:d8:3b:58:08:81:8f:12:9d:93:b6:53:
31:0e:48:1d:42:55:33:12:a6:2d:fb:4c:2c:2e:a0:6c:bc:11:
94:2b:fd:c5:87:90:13:0a:fb:30:fe:05:50:0e:3c:82:63:5d:
49:85:07:c9:3b:01:b2:8f:45:b9:00:96:30:f7:a7:4b:7c:e2:
87:82:cf:04:21:12:9c:72:b6:76:36:ab:0a:2d:36:67:c7:b7:
67:87:0b:84:a6:f5:b8:ea:bf:df:95:30:d9:dc:41:c3:c1:4e:
5c:56:c7:4e:36:15:da:04:07:34:14:d2:8d:93:ba:57:f2:df:
21:86:ed:7f:b9:9e:b3:53:b8:41:d2:ce:84:b6:fd:a2:34:82:
8e:1a:c1:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyQkDIwRlF/9uX45k1iUPudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYjkyZWMyYjBlMzJjYjdiMmRiMTNlMzc2NTI5OGQ2ZDJl
NTg1Y2QwHhcNMjMxMjIyMDgwNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzFlOTUwYTBkZDQwZGI0MTdjMGZiMDllZTcwMWFjZGI4ZGNkYzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscQNss4WmOD4crGchGyKONbRRnQK
iaZsJ/ZzN/fBvXvT1GZFqcp03986KUg1mh2xZgS01MOCitfZlhfMoFBxTaPbg3kP
+adxM9+PkrOgzU0Pzuw/ZkPgzy1ehNg6B5CV4bBqBZM1h4kpsCBx7oJzKFHUdmMV
9dbPWQ1mwIPRbqT+MimqwVrfXSBhhSZ5HOZcLn13fWAXLC78k+j0l0Buq38dl4cU
aH+qv0YJ/8Fldm6N8yBtausRnMGZpx7AH/F9xh7AEyZ9uPIytjRuf7b5L2FkrMYT
8DKf5ssfZlV01oRPkczuzj/eDNyfrw90ILJFi+e2rhBt+va04HEbD5/O9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIwelQoN1A20F8D7Ce5wGs243NxRMB8GA1UdIwQY
MBaAFEO5LsKw4yy3stsT43ZSmNbS5YXNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTdrdXdyRGpMTGV5MnhQamRsS1kxdExsaGMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84OTI4NmYtMGU1OS00NjI2LWE2MTct
NjAyMTUxNTIyYTA5LzEvakI2VkNnM1VEYlFYd1BzSjduQWF6YmpjM0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84OTI4NmYtMGU1OS00NjI2LWE2MTctNjAyMTUxNTIyYTA5
LzEvUTdrdXdyRGpMTGV5MnhQamRsS1kxdExsaGMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+B2AwQA
W+d9MA0GCSqGSIb3DQEBCwUAA4IBAQBzi6vaIUBemKLWnxYohkO0XUER+oQIPu+M
M4kRRmkrU3mHXcRb+YBtYdvqbH/3Y7maipAHkfYYDhZTHYcG6SIZMXaau6/Azq0i
0QPFk20ftDOKNzB2TZlHux8Hc2ry5F5+iffnX88bGMFVZKnzo9sMBlkk2DtYCIGP
Ep2TtlMxDkgdQlUzEqYt+0wsLqBsvBGUK/3Fh5ATCvsw/gVQDjyCY11JhQfJOwGy
j0W5AJYw96dLfOKHgs8EIRKccrZ2NqsKLTZnx7dnhwuEpvW46r/flTDZ3EHDwU5c
VsdONhXaBAc0FNKNk7pX8t8hhu1/uZ6zU7hB0s6Etv2iNIKOGsGr
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:23 2024 by rpki-client on console-fra.rpki-client.org