Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/9QKYWHiNA3VMI6_P8TTsNzuNQXU.roa
File: 9QKYWHiNA3VMI6_P8TTsNzuNQXU.roa (raw, json)
Hash identifier: +e1Jl7fs/YtE6ZKRS2ezT/SRYWfLM++MKtVIuJzlfFE=
Subject key identifier: F5:02:98:58:78:8D:03:75:4C:23:AF:CF:F1:34:EC:37:3B:8D:41:75
Certificate issuer: /CN=d3c35bc9b7f8550be3e467c54a9d3a66e2443bd4
Certificate serial: 0192D7317A5C9ECB62D46202F47AF8CFA1B8
Authority key identifier: D3:C3:5B:C9:B7:F8:55:0B:E3:E4:67:C5:4A:9D:3A:66:E2:44:3B:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/9QKYWHiNA3VMI6_P8TTsNzuNQXU.roa
Signing time: Tue 29 Oct 2024 07:33:16 +0000
ROA not before: Tue 29 Oct 2024 07:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.246.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 21:13:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d7:31:7a:5c:9e:cb:62:d4:62:02:f4:7a:f8:cf:a1:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3c35bc9b7f8550be3e467c54a9d3a66e2443bd4
Validity
Not Before: Oct 29 07:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5029858788d03754c23afcff134ec373b8d4175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:50:3e:b9:32:38:12:04:80:4b:54:e0:23:05:
14:32:81:40:57:e2:19:55:d1:9d:3c:1b:0a:2d:56:
4f:e1:6f:a0:1d:2e:16:73:64:06:fa:70:33:76:20:
18:4f:47:d0:dc:ac:0d:9c:be:85:e6:92:46:96:d1:
e0:10:71:0e:dc:00:b6:1e:e2:b4:7f:97:56:68:4b:
19:67:6e:0a:1d:5d:d5:31:24:6a:fc:4a:7a:4d:fa:
c9:d2:96:53:10:c9:29:35:79:b4:6c:18:b9:89:72:
a8:88:2b:9a:53:8f:c4:be:7b:92:83:63:cd:87:19:
e2:90:95:46:6b:01:78:2e:2b:fe:8d:2f:03:c8:69:
d6:41:e4:22:84:43:71:04:a3:3f:c3:69:91:34:cb:
cd:53:1f:5c:71:02:65:03:0e:aa:8d:51:c5:6f:74:
a3:77:6f:cf:89:ee:fd:fe:b3:a3:a2:cf:a9:69:5f:
a7:34:12:ab:08:d5:11:73:ca:67:c9:9e:8f:45:55:
21:2d:df:21:1f:2b:df:26:8d:6e:d0:88:e9:16:da:
34:4d:bf:eb:b7:bb:dd:0e:62:3a:d3:da:6a:e3:33:
36:fe:a4:fd:eb:60:ac:90:6d:ab:5c:7f:14:36:52:
d7:ec:84:90:d6:e9:0e:00:05:66:fb:7e:2c:bb:d1:
39:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:02:98:58:78:8D:03:75:4C:23:AF:CF:F1:34:EC:37:3B:8D:41:75
X509v3 Authority Key Identifier:
keyid:D3:C3:5B:C9:B7:F8:55:0B:E3:E4:67:C5:4A:9D:3A:66:E2:44:3B:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/9QKYWHiNA3VMI6_P8TTsNzuNQXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/08Nbybf4VQvj5GfFSp06ZuJEO9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.55.0/24
Signature Algorithm: sha256WithRSAEncryption
07:ca:c3:42:7d:37:cd:04:2f:ea:b3:9c:d3:d1:67:df:ec:12:
3b:c1:4e:c4:cf:e5:4f:0b:3e:19:47:ed:3f:18:bc:8a:8e:df:
3f:8e:31:19:90:8e:11:46:59:e6:dd:4a:fa:c5:94:fb:c3:e5:
b8:32:6d:17:71:16:5d:15:7d:c0:cf:bb:58:89:50:60:44:cd:
6f:07:76:46:9a:36:43:bc:74:ce:34:ac:e4:e1:42:1a:dd:05:
d5:38:7d:6c:2f:03:a2:b5:19:e4:9a:3d:eb:64:bb:27:8c:8e:
08:c7:ad:a8:61:a8:9b:f4:64:4c:c5:03:b6:6e:66:3f:32:92:
d9:3f:70:98:1b:d7:5c:d7:9b:f4:4d:6b:81:53:00:e5:48:f2:
c0:65:ca:97:11:f2:ce:25:d4:52:8a:b7:56:72:ec:bc:e9:cf:
93:ba:da:83:b2:6d:e9:59:06:45:f7:34:3e:03:69:94:cd:92:
43:34:72:cf:a4:64:9e:9e:b9:34:10:52:bc:d9:f8:31:ba:14:
d7:78:2f:f6:32:4f:a2:62:48:4e:fb:55:97:2c:14:9c:c0:48:
fb:9b:e1:a9:76:8b:93:40:f1:d2:7e:89:c5:df:a9:19:9c:0f:
ae:3c:28:a7:a0:d0:45:9e:b1:94:cd:f1:4e:7d:dc:d1:ca:96:
d7:bd:23:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLXMXpcnsti1GIC9Hr4z6G4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYzM1YmM5YjdmODU1MGJlM2U0NjdjNTRhOWQzYTY2ZTI0
NDNiZDQwHhcNMjQxMDI5MDczMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTAyOTg1ODc4OGQwMzc1NGMyM2FmY2ZmMTM0ZWMzNzNiOGQ0MTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFA+uTI4EgSAS1TgIwUUMoFAV+IZ
VdGdPBsKLVZP4W+gHS4Wc2QG+nAzdiAYT0fQ3KwNnL6F5pJGltHgEHEO3AC2HuK0
f5dWaEsZZ24KHV3VMSRq/Ep6TfrJ0pZTEMkpNXm0bBi5iXKoiCuaU4/EvnuSg2PN
hxnikJVGawF4Liv+jS8DyGnWQeQihENxBKM/w2mRNMvNUx9ccQJlAw6qjVHFb3Sj
d2/Pie79/rOjos+paV+nNBKrCNURc8pnyZ6PRVUhLd8hHyvfJo1u0IjpFto0Tb/r
t7vdDmI609pq4zM2/qT962CskG2rXH8UNlLX7ISQ1ukOAAVm+34su9E5GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPUCmFh4jQN1TCOvz/E07Dc7jUF1MB8GA1UdIwQY
MBaAFNPDW8m3+FUL4+RnxUqdOmbiRDvUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDhOYnliZjRWUXZqNUdmRlNwMDZadUpFTzlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84YmE4YmItYzFjMC00ZDM1LTkwYTct
Y2RhNWMzNzY2ZjAzLzEvOVFLWVdIaU5BM1ZNSTZfUDhUVHNOenVOUVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84YmE4YmItYzFjMC00ZDM1LTkwYTctY2RhNWMzNzY2ZjAz
LzEvMDhOYnliZjRWUXZqNUdmRlNwMDZadUpFTzlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/Y3MA0G
CSqGSIb3DQEBCwUAA4IBAQAHysNCfTfNBC/qs5zT0Wff7BI7wU7Ez+VPCz4ZR+0/
GLyKjt8/jjEZkI4RRlnm3Ur6xZT7w+W4Mm0XcRZdFX3Az7tYiVBgRM1vB3ZGmjZD
vHTONKzk4UIa3QXVOH1sLwOitRnkmj3rZLsnjI4Ix62oYaib9GRMxQO2bmY/MpLZ
P3CYG9dc15v0TWuBUwDlSPLAZcqXEfLOJdRSirdWcuy86c+TutqDsm3pWQZF9zQ+
A2mUzZJDNHLPpGSenrk0EFK82fgxuhTXeC/2Mk+iYkhO+1WXLBScwEj7m+GpdouT
QPHSfonF36kZnA+uPCinoNBFnrGUzfFOfdzRypbXvSPl
-----END CERTIFICATE-----
Generated at Fri Nov 1 22:33:00 2024 by rpki-client on console-ams.rpki-client.org