Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/8bbfac-0780-4bbd-bca2-34a14a2bb401/1/itll7ZRQ64MaXVU6iW_WQuXgBWw.roa
File: itll7ZRQ64MaXVU6iW_WQuXgBWw.roa (raw, json)
Hash identifier: 2/lOu/eEDHEqIGbKcdLYX6dX7bVCIHiPkbzeQvqot0M=
Subject key identifier: 8A:D9:65:ED:94:50:EB:83:1A:5D:55:3A:89:6F:D6:42:E5:E0:05:6C
Certificate issuer: /CN=f28fa1a2e4491891c19b0f10b086f655984f5879
Certificate serial: 01856FE6E9B0C80A5F58CF5EF3917009837B
Authority key identifier: F2:8F:A1:A2:E4:49:18:91:C1:9B:0F:10:B0:86:F6:55:98:4F:58:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8o-houRJGJHBmw8QsIb2VZhPWHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/8bbfac-0780-4bbd-bca2-34a14a2bb401/1/itll7ZRQ64MaXVU6iW_WQuXgBWw.roa
Signing time: Mon 02 Jan 2023 00:34:42 +0000
ROA not before: Mon 02 Jan 2023 00:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57813
IP address blocks: 91.235.164.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:e9:b0:c8:0a:5f:58:cf:5e:f3:91:70:09:83:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f28fa1a2e4491891c19b0f10b086f655984f5879
Validity
Not Before: Jan 2 00:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ad965ed9450eb831a5d553a896fd642e5e0056c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:25:f3:93:f7:52:f3:75:1e:16:3d:a2:ce:26:
e1:89:a8:3f:c2:d2:80:86:ec:31:66:db:de:fc:3a:
42:b7:2f:24:9d:51:b0:2f:e4:c0:d3:da:31:eb:64:
4a:5b:c0:32:fb:d7:01:40:40:a4:ab:55:98:3a:de:
18:17:fd:7b:7e:74:86:38:53:17:f5:22:f6:8d:3c:
2f:b4:e3:55:dd:23:9f:71:2f:ac:5d:38:48:3b:6b:
5a:a4:ab:89:b1:4e:8a:b9:1c:1a:da:7f:d8:28:fe:
9b:f3:04:cb:ab:cc:9f:b8:92:d5:b3:d4:38:8b:bd:
8e:0a:28:39:58:49:3e:3a:18:39:b7:8c:8c:e2:af:
c2:56:77:0c:3b:df:fd:18:07:1a:ea:ae:95:8c:c9:
ae:1e:9c:9e:e8:55:c9:4f:8f:c7:58:3a:50:ec:18:
52:ee:23:a3:8f:62:2f:63:cf:33:5a:6d:e8:92:a3:
36:e1:05:d3:97:b0:a3:4d:0a:8c:15:80:40:9e:93:
68:54:87:b6:7a:6d:56:de:58:33:4e:38:ac:0e:dc:
16:cc:fe:cd:de:f3:dd:dd:14:d4:62:a4:08:ee:76:
cb:d1:16:f9:e1:e3:f0:17:35:b5:c2:c3:0d:5c:7d:
35:21:c4:dd:76:b9:92:54:6b:9f:48:e4:17:9e:24:
9e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D9:65:ED:94:50:EB:83:1A:5D:55:3A:89:6F:D6:42:E5:E0:05:6C
X509v3 Authority Key Identifier:
keyid:F2:8F:A1:A2:E4:49:18:91:C1:9B:0F:10:B0:86:F6:55:98:4F:58:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8o-houRJGJHBmw8QsIb2VZhPWHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8bbfac-0780-4bbd-bca2-34a14a2bb401/1/itll7ZRQ64MaXVU6iW_WQuXgBWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8bbfac-0780-4bbd-bca2-34a14a2bb401/1/8o-houRJGJHBmw8QsIb2VZhPWHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.164.0/24
Signature Algorithm: sha256WithRSAEncryption
72:9f:73:08:49:91:c6:3a:ee:5a:5c:04:af:66:b7:d3:2a:8f:
ce:0c:a0:3b:86:fe:1a:50:d1:1b:71:09:ce:97:13:13:3a:f6:
45:93:b1:9b:b3:aa:b3:d2:f3:7b:d2:51:21:42:7a:d2:d2:a0:
59:53:fd:b2:b7:2b:88:34:a3:33:a2:a3:69:15:d1:d6:21:73:
f1:67:b5:84:c9:b9:1e:f4:4d:6d:6c:89:a4:c2:02:08:e8:27:
66:1d:3e:57:4b:1a:25:10:ba:01:9f:1d:6f:f3:65:58:f5:6c:
01:f0:38:e3:2b:0a:2a:b8:5f:07:b8:80:ea:6d:74:20:59:01:
0f:11:09:0c:96:a2:7d:85:eb:77:b4:bb:69:40:42:27:28:15:
33:4a:22:06:04:5e:34:e3:31:b9:ca:c9:71:45:98:70:dd:9a:
ba:3f:93:fe:82:81:38:32:87:66:77:9d:c4:75:ea:63:db:78:
6a:3e:2e:85:b5:16:0a:a3:09:22:17:a8:80:20:cd:32:0e:c2:
d9:73:59:29:69:7e:f6:5c:8c:63:f7:08:fa:6c:82:eb:32:c4:
0d:23:07:e0:0a:b4:ea:5e:72:2e:c9:bc:b3:c3:62:97:26:c9:
0d:db:c5:a1:b5:7d:b2:0d:1e:48:95:26:db:84:09:ef:16:0f:
1a:89:74:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5umwyApfWM9e85FwCYN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOGZhMWEyZTQ0OTE4OTFjMTliMGYxMGIwODZmNjU1OTg0
ZjU4NzkwHhcNMjMwMTAyMDAzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWQ5NjVlZDk0NTBlYjgzMWE1ZDU1M2E4OTZmZDY0MmU1ZTAwNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSXzk/dS83UeFj2izibhiag/wtKA
huwxZtve/DpCty8knVGwL+TA09ox62RKW8Ay+9cBQECkq1WYOt4YF/17fnSGOFMX
9SL2jTwvtONV3SOfcS+sXThIO2tapKuJsU6KuRwa2n/YKP6b8wTLq8yfuJLVs9Q4
i72OCig5WEk+Ohg5t4yM4q/CVncMO9/9GAca6q6VjMmuHpye6FXJT4/HWDpQ7BhS
7iOjj2IvY88zWm3okqM24QXTl7CjTQqMFYBAnpNoVIe2em1W3lgzTjisDtwWzP7N
3vPd3RTUYqQI7nbL0Rb54ePwFzW1wsMNXH01IcTddrmSVGufSOQXniSeRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIrZZe2UUOuDGl1VOolv1kLl4AVsMB8GA1UdIwQY
MBaAFPKPoaLkSRiRwZsPELCG9lWYT1h5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG8taG91UkpHSkhCbXc4UXNJYjJWWmhQV0hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84YmJmYWMtMDc4MC00YmJkLWJjYTIt
MzRhMTRhMmJiNDAxLzEvaXRsbDdaUlE2NE1hWFZVNmlXX1dRdVhnQld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84YmJmYWMtMDc4MC00YmJkLWJjYTItMzRhMTRhMmJiNDAx
LzEvOG8taG91UkpHSkhCbXc4UXNJYjJWWmhQV0hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+ukMA0G
CSqGSIb3DQEBCwUAA4IBAQByn3MISZHGOu5aXASvZrfTKo/ODKA7hv4aUNEbcQnO
lxMTOvZFk7Gbs6qz0vN70lEhQnrS0qBZU/2ytyuINKMzoqNpFdHWIXPxZ7WEybke
9E1tbImkwgII6CdmHT5XSxolELoBnx1v82VY9WwB8DjjKwoquF8HuIDqbXQgWQEP
EQkMlqJ9het3tLtpQEInKBUzSiIGBF404zG5yslxRZhw3Zq6P5P+goE4Modmd53E
depj23hqPi6FtRYKowkiF6iAIM0yDsLZc1kpaX72XIxj9wj6bILrMsQNIwfgCrTq
XnIuybyzw2KXJskN28WhtX2yDR5IlSbbhAnvFg8aiXSL
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:09 2024 by rpki-client on console-fra.rpki-client.org