Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/nJFvUFXt855mlRy0RQ7VC7uus7w.roa
File: nJFvUFXt855mlRy0RQ7VC7uus7w.roa (raw, json)
Hash identifier: Rov8dUszRM13MiC1ymWFLAu/0OJTWq7Q5dvl4fmE9Ik=
Subject key identifier: 9C:91:6F:50:55:ED:F3:9E:66:95:1C:B4:45:0E:D5:0B:BB:AE:B3:BC
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 018CC3495AC3EC881B20A6DF130184F5B92D
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/nJFvUFXt855mlRy0RQ7VC7uus7w.roa
Signing time: Mon 01 Jan 2024 04:30:13 +0000
ROA not before: Mon 01 Jan 2024 04:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34686
IP address blocks: 91.216.32.0/24 maxlen: 24
2001:67c:1084::/48 maxlen: 48
2a13:5240::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 12 Mar 2024 13:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5a:c3:ec:88:1b:20:a6:df:13:01:84:f5:b9:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Jan 1 04:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c916f5055edf39e66951cb4450ed50bbbaeb3bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f0:e6:53:94:61:17:a6:4e:1a:6c:13:ea:60:
3d:4c:b6:56:2e:32:ff:fb:9a:3a:fa:80:e4:d9:dc:
30:da:e5:49:04:dd:67:a8:90:a3:24:5b:7c:8a:eb:
f5:49:2a:f2:eb:39:35:c5:60:0e:1e:1b:ab:7e:f6:
a6:03:4f:8a:1f:93:de:2e:09:99:6a:b5:8d:7a:a8:
3f:82:34:23:91:bd:fa:86:50:e6:3a:1f:14:a3:7b:
04:69:1f:8d:9d:ad:62:da:1e:de:72:7f:41:d3:2c:
48:d3:ed:bf:28:c7:11:e8:fb:ee:c0:10:1b:41:8c:
e0:91:4a:6e:c7:96:1b:d2:1c:be:3a:8d:75:9a:5c:
46:1c:74:c7:3c:38:51:c3:a6:4a:51:f5:a0:7e:a8:
d8:cf:51:ac:2a:1f:8b:58:9e:22:00:4f:61:41:70:
38:1c:82:43:89:b3:13:78:4c:85:36:4a:9c:dd:0b:
60:1b:bf:8e:e2:98:86:5b:fc:28:d9:e7:6a:83:9b:
0a:b1:85:88:99:b7:d6:7c:fd:ee:90:fd:8b:b4:65:
3e:e3:47:ed:03:16:85:8d:b6:bd:86:e6:43:84:f2:
5a:36:cd:db:a3:1b:c5:ef:3f:14:b6:85:ea:21:83:
6d:09:da:50:b4:f1:b0:9d:06:5b:da:00:35:d4:92:
76:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:91:6F:50:55:ED:F3:9E:66:95:1C:B4:45:0E:D5:0B:BB:AE:B3:BC
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/nJFvUFXt855mlRy0RQ7VC7uus7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.32.0/24
IPv6:
2001:67c:1084::/48
2a13:5240::/32
Signature Algorithm: sha256WithRSAEncryption
36:34:90:7e:87:2d:13:8c:2c:0d:2b:31:05:78:6e:17:24:bb:
b7:b6:38:bc:24:e3:76:b3:47:41:39:c9:15:dd:f0:7c:8f:bc:
ae:1d:d6:04:cf:a5:4a:de:09:ad:14:cb:89:29:5a:c8:68:c5:
aa:97:25:13:d6:62:9a:8b:b3:f0:47:a7:6c:a6:83:56:a5:ae:
c0:90:07:ee:f3:1b:3c:72:c0:63:ae:21:69:cb:da:35:12:a9:
05:f9:30:da:a7:e6:12:14:c4:4e:de:11:39:69:4b:e5:87:fc:
d1:a8:b8:ef:fb:da:86:41:d5:cb:f2:76:c4:a6:0f:c0:6d:ae:
1b:f2:e4:11:0a:af:05:65:cb:60:a0:45:0f:33:08:d1:01:d9:
e4:8b:a6:6a:ae:c0:c8:e3:b4:09:86:90:10:a8:38:6b:e8:a6:
1a:7f:8e:ca:76:73:36:8e:9a:dd:00:6e:07:b0:98:c3:ab:23:
9e:36:d1:52:e7:a9:7a:96:52:39:08:48:dc:eb:5a:52:7a:20:
19:97:a9:bc:cf:4f:b1:7c:fd:0e:d1:56:85:2c:18:ab:01:d7:
ac:b9:5f:d9:35:7b:f3:6e:20:5f:c8:26:ed:23:b1:e5:ea:29:
ac:fb:cd:26:99:db:ed:c9:68:54:f4:c2:97:cf:4d:1c:dc:85:
d5:06:9c:b8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzDSVrD7IgbIKbfEwGE9bktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjQwMTAxMDQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzkxNmY1MDU1ZWRmMzllNjY5NTFjYjQ0NTBlZDUwYmJiYWViM2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPDmU5RhF6ZOGmwT6mA9TLZWLjL/
+5o6+oDk2dww2uVJBN1nqJCjJFt8iuv1SSry6zk1xWAOHhurfvamA0+KH5PeLgmZ
arWNeqg/gjQjkb36hlDmOh8Uo3sEaR+Nna1i2h7ecn9B0yxI0+2/KMcR6PvuwBAb
QYzgkUpux5Yb0hy+Oo11mlxGHHTHPDhRw6ZKUfWgfqjYz1GsKh+LWJ4iAE9hQXA4
HIJDibMTeEyFNkqc3QtgG7+O4piGW/wo2edqg5sKsYWImbfWfP3ukP2LtGU+40ft
AxaFjba9huZDhPJaNs3boxvF7z8UtoXqIYNtCdpQtPGwnQZb2gA11JJ2RQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJyRb1BV7fOeZpUctEUO1Qu7rrO8MB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvbkpGdlVGWHQ4NTVtbFJ5MFJRN1ZDN3V1czd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAW9ggMBYE
AgACMBADBwAgAQZ8EIQDBQAqE1JAMA0GCSqGSIb3DQEBCwUAA4IBAQA2NJB+hy0T
jCwNKzEFeG4XJLu3tji8JON2s0dBOckV3fB8j7yuHdYEz6VK3gmtFMuJKVrIaMWq
lyUT1mKai7PwR6dspoNWpa7AkAfu8xs8csBjriFpy9o1EqkF+TDap+YSFMRO3hE5
aUvlh/zRqLjv+9qGQdXL8nbEpg/Aba4b8uQRCq8FZctgoEUPMwjRAdnki6ZqrsDI
47QJhpAQqDhr6KYaf47KdnM2jprdAG4HsJjDqyOeNtFS56l6llI5CEjc61pSeiAZ
l6m8z0+xfP0O0VaFLBirAdesuV/ZNXvzbiBfyCbtI7Hl6ims+80mmdvtyWhU9MKX
z00c3IXVBpy4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:03 2024 by rpki-client on console-ams.rpki-client.org