Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/zUbMcEeiS7IjRp7jyU416u0FDDA.roa
File: zUbMcEeiS7IjRp7jyU416u0FDDA.roa (raw, json)
Hash identifier: 5470QvRa/4i3fpMZkKchXK7nEMfIKMbIFA7DZpwDzKs=
Subject key identifier: CD:46:CC:70:47:A2:4B:B2:23:46:9E:E3:C9:4E:35:EA:ED:05:0C:30
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 01861253D57F9A0196D6F2A03A53309A20BD
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/zUbMcEeiS7IjRp7jyU416u0FDDA.roa
Signing time: Thu 02 Feb 2023 13:32:09 +0000
ROA not before: Thu 02 Feb 2023 13:32:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34686
IP address blocks: 91.216.32.0/24 maxlen: 24
2001:67c:1084::/48 maxlen: 48
2a13:5240::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:53:d5:7f:9a:01:96:d6:f2:a0:3a:53:30:9a:20:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Feb 2 13:32:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd46cc7047a24bb223469ee3c94e35eaed050c30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b1:57:ee:b6:d1:f1:08:d5:ca:c1:4f:a5:c7:
7e:07:b7:73:b8:4e:60:b1:dd:80:38:58:4e:31:98:
3e:d5:a9:29:f9:4a:a1:e5:0e:f4:cd:6f:ac:a4:05:
22:6e:b4:b9:00:a8:b7:c3:25:be:0b:d2:0f:57:61:
b6:de:2d:a6:ba:c7:4f:83:8c:7f:b4:38:b7:94:01:
4d:15:31:02:32:68:15:61:a0:9b:68:db:5e:4b:a0:
1a:e7:d2:01:30:f0:e6:3a:37:27:48:a9:bf:94:19:
65:91:42:a2:fc:50:6a:e0:27:6e:1d:33:f1:6c:40:
71:51:ba:3c:9c:b0:23:d5:20:89:c6:97:dc:2f:52:
66:2f:87:96:64:f8:b5:13:75:2a:4f:c9:1c:48:3b:
9b:3f:d6:0c:3e:80:b5:d4:12:5a:0e:47:d1:28:aa:
56:46:6c:bf:10:7d:cf:6e:78:54:84:b9:c8:97:c3:
2f:2f:78:dd:2e:f1:ec:0d:f7:b8:7b:17:65:70:19:
dc:eb:90:ae:56:49:48:16:a3:76:91:ce:41:f7:4f:
d1:74:bf:c1:a9:15:60:68:cf:8a:1e:ab:71:33:a9:
38:f5:f3:b0:4d:cf:ed:2b:11:25:3a:6e:63:a1:0c:
72:28:8b:17:33:c0:9d:8e:d6:7e:7d:ad:4c:e3:c5:
a6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:46:CC:70:47:A2:4B:B2:23:46:9E:E3:C9:4E:35:EA:ED:05:0C:30
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/zUbMcEeiS7IjRp7jyU416u0FDDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.32.0/24
IPv6:
2001:67c:1084::/48
2a13:5240::/32
Signature Algorithm: sha256WithRSAEncryption
a6:ad:04:bc:7c:1d:44:64:74:fb:0b:b7:2b:01:66:3a:4b:e0:
ca:82:99:ec:34:ea:0e:58:e6:8a:19:c7:a4:9b:8c:1c:53:65:
59:a8:77:fd:84:65:62:a8:93:9c:f8:30:50:52:aa:f5:ba:f8:
41:be:80:4f:03:1d:fa:a5:23:df:7f:ca:19:d3:a0:31:bc:e1:
9c:d7:10:e6:de:78:5c:4d:0b:f0:6b:4c:6c:64:7e:7f:a4:9d:
46:21:c0:0f:07:74:0c:79:02:2e:fd:74:e4:0a:88:bf:7a:66:
6b:b8:fc:39:9c:e5:dd:d5:3e:18:21:f8:89:e8:5c:04:4c:cf:
71:17:49:cb:56:6a:cf:14:2b:3b:57:c5:79:a1:01:93:25:19:
f5:0d:3c:04:f3:3f:ae:31:86:22:b4:c9:e5:34:dc:09:ab:a9:
1a:00:29:1a:84:67:73:5a:0c:6a:99:f7:81:53:e5:8a:fb:96:
b0:e5:34:d3:e5:6a:2f:10:91:d5:4c:8c:b4:98:1a:32:60:3e:
19:5e:7f:44:c3:41:00:3b:27:7b:71:71:65:1a:0f:05:88:34:
4c:3a:df:44:31:a7:da:9d:1e:35:45:35:9e:b2:fe:d6:94:b8:
76:5b:ab:7b:1c:e6:ed:77:ab:2d:ce:72:9d:ff:32:3a:4b:64:
98:3e:f3:5c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYSU9V/mgGW1vKgOlMwmiC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjMwMjAyMTMzMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDQ2Y2M3MDQ3YTI0YmIyMjM0NjllZTNjOTRlMzVlYWVkMDUwYzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLFX7rbR8QjVysFPpcd+B7dzuE5g
sd2AOFhOMZg+1akp+Uqh5Q70zW+spAUibrS5AKi3wyW+C9IPV2G23i2musdPg4x/
tDi3lAFNFTECMmgVYaCbaNteS6Aa59IBMPDmOjcnSKm/lBllkUKi/FBq4CduHTPx
bEBxUbo8nLAj1SCJxpfcL1JmL4eWZPi1E3UqT8kcSDubP9YMPoC11BJaDkfRKKpW
Rmy/EH3PbnhUhLnIl8MvL3jdLvHsDfe4exdlcBnc65CuVklIFqN2kc5B90/RdL/B
qRVgaM+KHqtxM6k49fOwTc/tKxElOm5joQxyKIsXM8CdjtZ+fa1M48WmzwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM1GzHBHokuyI0ae48lONertBQwwMB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvelViTWNFZWlTN0lqUnA3anlVNDE2dTBGRERBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAW9ggMBYE
AgACMBADBwAgAQZ8EIQDBQAqE1JAMA0GCSqGSIb3DQEBCwUAA4IBAQCmrQS8fB1E
ZHT7C7crAWY6S+DKgpnsNOoOWOaKGcekm4wcU2VZqHf9hGViqJOc+DBQUqr1uvhB
voBPAx36pSPff8oZ06AxvOGc1xDm3nhcTQvwa0xsZH5/pJ1GIcAPB3QMeQIu/XTk
Coi/emZruPw5nOXd1T4YIfiJ6FwETM9xF0nLVmrPFCs7V8V5oQGTJRn1DTwE8z+u
MYYitMnlNNwJq6kaACkahGdzWgxqmfeBU+WK+5aw5TTT5WovEJHVTIy0mBoyYD4Z
Xn9Ew0EAOyd7cXFlGg8FiDRMOt9EMafanR41RTWesv7WlLh2W6t7HObtd6stznKd
/zI6S2SYPvNc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:03 2024 by rpki-client on console-ams.rpki-client.org