Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/clGmFier74VQewIGi31Ne-3oUnQ.roa
File: clGmFier74VQewIGi31Ne-3oUnQ.roa (raw, json)
Hash identifier: yDGoYCJY+SGFTCSi5bG+0d/8J0G8W0F0Vfj3LO2WmmM=
Subject key identifier: 72:51:A6:16:27:AB:EF:85:50:7B:02:06:8B:7D:4D:7B:ED:E8:52:74
Certificate issuer: /CN=2450ca4aab2a3f8abc6c973aa7c0fa13f2571081
Certificate serial: 018AFFD8F85DAC6AE79102B56B5AEE86D58D
Authority key identifier: 24:50:CA:4A:AB:2A:3F:8A:BC:6C:97:3A:A7:C0:FA:13:F2:57:10:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFDKSqsqP4q8bJc6p8D6E_JXEIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/clGmFier74VQewIGi31Ne-3oUnQ.roa
Signing time: Thu 05 Oct 2023 12:38:44 +0000
ROA not before: Thu 05 Oct 2023 12:38:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16190
IP address blocks: 91.195.255.0/24 maxlen: 24
91.195.254.0/23 maxlen: 24
91.195.254.0/24 maxlen: 24
2.56.204.0/22 maxlen: 24
91.198.109.0/24 maxlen: 24
91.198.108.0/24 maxlen: 24
91.198.108.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:d8:f8:5d:ac:6a:e7:91:02:b5:6b:5a:ee:86:d5:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2450ca4aab2a3f8abc6c973aa7c0fa13f2571081
Validity
Not Before: Oct 5 12:38:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7251a61627abef85507b02068b7d4d7bede85274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5b:a9:84:70:3f:f4:28:26:63:61:a2:e8:16:
a0:dc:65:3b:6d:fe:0c:f3:d4:fa:8e:98:4a:70:d2:
02:d3:a5:f6:b2:77:75:14:48:d9:a1:c7:20:57:1c:
95:64:90:45:8c:c2:93:38:3a:6c:6e:67:1b:28:6a:
c5:85:13:29:91:65:02:76:0d:e8:57:05:33:17:89:
9c:f2:95:b3:8c:b7:d3:7f:ca:ad:cf:ab:8a:5d:86:
6d:31:e2:e2:90:83:37:99:bb:70:e2:56:b3:70:e9:
c0:af:19:cd:5e:a6:6c:fb:6f:cb:18:2d:c3:87:76:
4d:3c:df:25:79:f1:41:9a:ba:5c:f2:5c:90:af:62:
ca:37:f0:16:08:10:78:7a:10:1e:08:07:16:e7:5e:
87:f0:80:7e:d0:76:55:53:4e:1d:78:ee:dd:d8:5f:
b1:40:59:59:c0:be:6c:96:f1:f9:43:0e:0a:b0:0c:
9b:82:31:e7:c7:24:b6:23:f0:30:01:3a:ac:89:3d:
ba:e5:8d:48:b2:6f:20:50:71:10:2b:ea:3e:47:d4:
8d:b5:97:51:5b:b8:3b:b0:7f:ca:7b:3b:85:82:cd:
ae:36:6e:b3:3c:7f:3c:fc:9c:a3:c7:39:f1:7f:bb:
47:10:28:c2:b5:2c:8b:b6:c9:e2:62:be:ea:e2:0c:
72:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:51:A6:16:27:AB:EF:85:50:7B:02:06:8B:7D:4D:7B:ED:E8:52:74
X509v3 Authority Key Identifier:
keyid:24:50:CA:4A:AB:2A:3F:8A:BC:6C:97:3A:A7:C0:FA:13:F2:57:10:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFDKSqsqP4q8bJc6p8D6E_JXEIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/clGmFier74VQewIGi31Ne-3oUnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/JFDKSqsqP4q8bJc6p8D6E_JXEIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.204.0/22
91.195.254.0/23
91.198.108.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:95:f7:e6:c3:d7:09:50:6c:9e:3f:6d:1a:73:8e:44:96:c8:
53:1e:e8:54:ff:25:14:ae:0d:83:60:54:67:f1:f8:36:3c:6d:
50:4e:84:be:e3:6c:5c:12:71:82:9c:2b:23:ed:10:59:ea:f8:
d3:d2:01:3f:aa:da:a1:c5:f1:e7:1b:58:93:17:cc:ce:33:17:
47:18:48:ea:ee:1f:2b:c1:b6:d4:ba:6b:ac:e6:02:67:45:a7:
fb:74:e3:61:e0:a3:c2:e4:94:46:e4:31:86:64:46:1c:76:d5:
d5:5f:ac:5d:72:4d:39:e1:91:aa:46:27:b1:81:e0:ea:01:02:
f7:22:89:4c:4c:d4:8a:f0:26:bf:36:a2:04:76:1b:10:63:a4:
82:f4:9a:b6:70:b5:c7:6c:6c:4e:85:86:d9:ec:c3:88:17:eb:
e8:35:2c:19:47:44:0c:f9:c4:e2:f9:df:c3:fb:dc:92:2d:41:
e8:ab:9a:4f:a5:77:48:ce:de:7d:f7:d3:2c:e6:8e:0c:10:fe:
ee:d8:5b:e3:a1:8c:43:b0:70:09:8d:8a:ed:56:84:4a:00:7b:
37:cd:a9:5f:58:91:b1:97:11:5e:1f:79:45:bc:2e:1d:f4:38:
b4:8b:95:97:5c:7f:41:5f:09:08:9c:7f:a6:89:32:38:b6:3f:
74:51:4f:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYr/2PhdrGrnkQK1a1ruhtWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTBjYTRhYWIyYTNmOGFiYzZjOTczYWE3YzBmYTEzZjI1
NzEwODEwHhcNMjMxMDA1MTIzODQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjUxYTYxNjI3YWJlZjg1NTA3YjAyMDY4YjdkNGQ3YmVkZTg1Mjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmluphHA/9CgmY2Gi6Bag3GU7bf4M
89T6jphKcNIC06X2snd1FEjZoccgVxyVZJBFjMKTODpsbmcbKGrFhRMpkWUCdg3o
VwUzF4mc8pWzjLfTf8qtz6uKXYZtMeLikIM3mbtw4lazcOnArxnNXqZs+2/LGC3D
h3ZNPN8lefFBmrpc8lyQr2LKN/AWCBB4ehAeCAcW516H8IB+0HZVU04deO7d2F+x
QFlZwL5slvH5Qw4KsAybgjHnxyS2I/AwATqsiT265Y1Ism8gUHEQK+o+R9SNtZdR
W7g7sH/KezuFgs2uNm6zPH88/Jyjxznxf7tHECjCtSyLtsniYr7q4gxyiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHJRphYnq++FUHsCBot9TXvt6FJ0MB8GA1UdIwQY
MBaAFCRQykqrKj+KvGyXOqfA+hPyVxCBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZES1Nxc3FQNHE4YkpjNnA4RDZFX0pYRUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yMTljNmYtZTMwZi00YTllLWFjYzAt
ZTBkNTc2ZDU1NzdhLzEvY2xHbUZpZXI3NFZRZXdJR2kzMU5lLTNvVW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yMTljNmYtZTMwZi00YTllLWFjYzAtZTBkNTc2ZDU1Nzdh
LzEvSkZES1Nxc3FQNHE4YkpjNnA4RDZFX0pYRUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjjMAwQB
W8P+AwQBW8ZsMA0GCSqGSIb3DQEBCwUAA4IBAQCalffmw9cJUGyeP20ac45ElshT
HuhU/yUUrg2DYFRn8fg2PG1QToS+42xcEnGCnCsj7RBZ6vjT0gE/qtqhxfHnG1iT
F8zOMxdHGEjq7h8rwbbUumus5gJnRaf7dONh4KPC5JRG5DGGZEYcdtXVX6xdck05
4ZGqRiexgeDqAQL3IolMTNSK8Ca/NqIEdhsQY6SC9Jq2cLXHbGxOhYbZ7MOIF+vo
NSwZR0QM+cTi+d/D+9ySLUHoq5pPpXdIzt5999Ms5o4MEP7u2FvjoYxDsHAJjYrt
VoRKAHs3zalfWJGxlxFeH3lFvC4d9Di0i5WXXH9BXwkInH+miTI4tj90UU9B
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:13 2024 by rpki-client on console-ams.rpki-client.org