Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/4ce933-488f-46b9-ac2c-7c93cae227bd/1/kdXJxFs8jt_YgScJ8dizbpwfMog.roa
File: kdXJxFs8jt_YgScJ8dizbpwfMog.roa (raw, json)
Hash identifier: wr8Vm9b5K/B3u7o6s0tB9I6/w6/JhDGHyH3Zb7NFj0k=
Subject key identifier: 91:D5:C9:C4:5B:3C:8E:DF:D8:81:27:09:F1:D8:B3:6E:9C:1F:32:88
Certificate issuer: /CN=9717bafb7018dc43bdae53b23a23e16567e1f21c
Certificate serial: 01857169C62EFB3E7A0B9ACB32DD2F3536AC
Authority key identifier: 97:17:BA:FB:70:18:DC:43:BD:AE:53:B2:3A:23:E1:65:67:E1:F2:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxe6-3AY3EO9rlOyOiPhZWfh8hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/4ce933-488f-46b9-ac2c-7c93cae227bd/1/kdXJxFs8jt_YgScJ8dizbpwfMog.roa
Signing time: Mon 02 Jan 2023 07:37:15 +0000
ROA not before: Mon 02 Jan 2023 07:37:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56835
IP address blocks: 91.227.180.0/22 maxlen: 22
176.113.164.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:c6:2e:fb:3e:7a:0b:9a:cb:32:dd:2f:35:36:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9717bafb7018dc43bdae53b23a23e16567e1f21c
Validity
Not Before: Jan 2 07:37:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91d5c9c45b3c8edfd8812709f1d8b36e9c1f3288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5d:6d:52:3d:74:18:b0:ee:63:9f:30:ab:ea:
af:3b:cc:a2:ea:ab:d1:fc:b5:35:0f:f2:7d:b0:e6:
3d:a2:55:32:19:89:dc:d1:5c:e8:58:24:fd:8c:b8:
c4:fc:ca:d6:5c:00:e0:47:be:13:76:be:9f:e9:22:
2d:59:b1:8b:d5:d0:cb:76:ee:1a:40:fb:12:82:2b:
8c:cb:1c:be:53:e3:23:07:6e:bf:0a:c5:24:dd:9a:
b1:1f:7f:6d:6c:c6:51:7f:a7:6f:fe:5e:4e:48:62:
47:08:0e:18:e5:ff:2c:a5:c4:47:94:f9:c9:07:72:
2a:17:b2:88:22:dd:59:b4:1a:0d:53:f8:63:65:7a:
b1:f1:e2:9b:b9:a2:e1:9a:0f:ce:f2:df:97:80:95:
b8:bd:a5:19:d3:00:d0:ba:ff:c5:18:98:1b:f0:5e:
3c:ad:51:45:ec:3d:8c:70:01:5d:ae:9e:8a:2a:22:
88:6f:b0:2c:42:07:56:19:5a:4e:46:1c:69:1a:40:
7f:f1:e7:36:47:f2:6d:3c:52:6d:85:9a:bd:d8:5a:
24:e6:2f:ed:0a:15:92:ef:55:67:d0:77:14:8e:a2:
cd:ba:e1:9a:86:aa:21:0b:c7:15:34:ce:d3:de:fc:
57:af:58:9c:14:53:53:50:c8:24:7e:b7:1f:f5:77:
67:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D5:C9:C4:5B:3C:8E:DF:D8:81:27:09:F1:D8:B3:6E:9C:1F:32:88
X509v3 Authority Key Identifier:
keyid:97:17:BA:FB:70:18:DC:43:BD:AE:53:B2:3A:23:E1:65:67:E1:F2:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxe6-3AY3EO9rlOyOiPhZWfh8hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/4ce933-488f-46b9-ac2c-7c93cae227bd/1/kdXJxFs8jt_YgScJ8dizbpwfMog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/4ce933-488f-46b9-ac2c-7c93cae227bd/1/lxe6-3AY3EO9rlOyOiPhZWfh8hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.180.0/22
176.113.164.0/22
Signature Algorithm: sha256WithRSAEncryption
86:bb:23:ce:21:8c:1b:ce:f7:ed:df:8c:5f:9a:b0:2a:8b:ae:
f1:28:48:7f:da:f2:cf:98:6e:fa:7f:f8:91:d7:0d:1e:17:e9:
d0:bb:55:82:85:10:b7:5a:85:28:72:18:05:e9:af:ad:e1:da:
d7:96:56:a1:fd:61:4b:d4:d4:de:66:90:24:97:20:29:38:43:
d9:dd:29:65:2c:fc:1e:c1:83:7c:0f:d7:5d:8b:cd:fa:d3:8b:
d0:e4:9d:dd:80:0a:01:0d:db:a5:89:02:82:2a:43:24:d4:c3:
c4:cb:66:db:0e:b5:5d:17:64:ff:c4:63:d9:9e:8f:1f:58:c4:
f1:d7:6e:ba:5d:7a:61:31:33:18:46:d7:af:24:de:09:3a:7a:
0e:ca:84:9f:94:89:05:e3:92:80:26:f7:62:3f:b2:75:93:b5:
2c:8d:d5:11:3b:89:67:3d:88:30:82:64:e3:6a:3b:a2:d1:6a:
5c:2e:6d:ef:56:e6:e4:f7:28:70:78:c1:e4:38:de:dd:42:cc:
20:b5:e5:40:fb:72:bf:51:2e:ab:ea:7e:0e:57:4d:f5:dd:0c:
df:b8:27:86:a0:f3:0f:e7:ca:61:cc:d4:d8:51:29:01:2e:31:
c5:e1:84:cc:7b:8f:26:0e:9d:6f:de:c5:85:0a:a7:9b:17:b4:
ae:fe:20:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxacYu+z56C5rLMt0vNTasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MTdiYWZiNzAxOGRjNDNiZGFlNTNiMjNhMjNlMTY1Njdl
MWYyMWMwHhcNMjMwMTAyMDczNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWQ1YzljNDViM2M4ZWRmZDg4MTI3MDlmMWQ4YjM2ZTljMWYzMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm11tUj10GLDuY58wq+qvO8yi6qvR
/LU1D/J9sOY9olUyGYnc0VzoWCT9jLjE/MrWXADgR74Tdr6f6SItWbGL1dDLdu4a
QPsSgiuMyxy+U+MjB26/CsUk3ZqxH39tbMZRf6dv/l5OSGJHCA4Y5f8spcRHlPnJ
B3IqF7KIIt1ZtBoNU/hjZXqx8eKbuaLhmg/O8t+XgJW4vaUZ0wDQuv/FGJgb8F48
rVFF7D2McAFdrp6KKiKIb7AsQgdWGVpORhxpGkB/8ec2R/JtPFJthZq92Fok5i/t
ChWS71Vn0HcUjqLNuuGahqohC8cVNM7T3vxXr1icFFNTUMgkfrcf9XdnbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJHVycRbPI7f2IEnCfHYs26cHzKIMB8GA1UdIwQY
MBaAFJcXuvtwGNxDva5Tsjoj4WVn4fIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHhlNi0zQVkzRU85cmxPeU9pUGhaV2ZoOGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi80Y2U5MzMtNDg4Zi00NmI5LWFjMmMt
N2M5M2NhZTIyN2JkLzEva2RYSnhGczhqdF9ZZ1NjSjhkaXpicHdmTW9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi80Y2U5MzMtNDg4Zi00NmI5LWFjMmMtN2M5M2NhZTIyN2Jk
LzEvbHhlNi0zQVkzRU85cmxPeU9pUGhaV2ZoOGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+O0AwQC
sHGkMA0GCSqGSIb3DQEBCwUAA4IBAQCGuyPOIYwbzvft34xfmrAqi67xKEh/2vLP
mG76f/iR1w0eF+nQu1WChRC3WoUochgF6a+t4drXllah/WFL1NTeZpAklyApOEPZ
3SllLPwewYN8D9ddi83604vQ5J3dgAoBDduliQKCKkMk1MPEy2bbDrVdF2T/xGPZ
no8fWMTx1266XXphMTMYRtevJN4JOnoOyoSflIkF45KAJvdiP7J1k7UsjdURO4ln
PYgwgmTjajui0WpcLm3vVubk9yhweMHkON7dQswgteVA+3K/US6r6n4OV0313Qzf
uCeGoPMP58phzNTYUSkBLjHF4YTMe48mDp1v3sWFCqebF7Su/iBb
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:23:48 2024 by rpki-client on console-fra.rpki-client.org