Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/e1ee5b-023b-430a-9c6f-0ee2ea7d4884/1/ilzjplM0aoUxNG59IFZpfmigFKE.roa
File: ilzjplM0aoUxNG59IFZpfmigFKE.roa (raw, json)
Hash identifier: MPfUoDf2sT9Sq5gH4TMSsL1kwwJR5LeVERh6nHBEq5U=
Subject key identifier: 8A:5C:E3:A6:53:34:6A:85:31:34:6E:7D:20:56:69:7E:68:A0:14:A1
Certificate issuer: /CN=0462b9b58ee08e83f1a9ad4e9643e80d3b40cb3e
Certificate serial: 01878E63E8AA8D46AFD003A84622B01A66B8
Authority key identifier: 04:62:B9:B5:8E:E0:8E:83:F1:A9:AD:4E:96:43:E8:0D:3B:40:CB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BGK5tY7gjoPxqa1OlkPoDTtAyz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/e1ee5b-023b-430a-9c6f-0ee2ea7d4884/1/ilzjplM0aoUxNG59IFZpfmigFKE.roa
Signing time: Mon 17 Apr 2023 08:45:24 +0000
ROA not before: Mon 17 Apr 2023 08:45:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211580
IP address blocks: 91.197.121.0/24 maxlen: 24
91.197.122.0/24 maxlen: 24
91.197.123.0/24 maxlen: 24
91.197.120.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:63:e8:aa:8d:46:af:d0:03:a8:46:22:b0:1a:66:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0462b9b58ee08e83f1a9ad4e9643e80d3b40cb3e
Validity
Not Before: Apr 17 08:45:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a5ce3a653346a8531346e7d2056697e68a014a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:57:17:21:ad:f0:88:3f:cb:eb:e5:42:6b:3e:
ed:c8:52:8f:1d:1c:5f:4a:cb:a5:f4:f0:e7:40:f5:
8b:96:ec:dd:a5:25:e8:be:31:6d:1c:b6:8c:95:98:
1a:0a:71:7e:8b:62:5b:c7:48:e3:ac:42:08:3b:9f:
d6:dd:17:b7:81:8f:68:e7:89:89:11:8c:55:38:61:
fa:b6:18:5d:df:98:b0:aa:e7:7b:02:36:4d:61:f5:
b2:da:7e:f7:d9:9d:85:0a:ad:dc:56:af:68:5c:3a:
2c:7c:b3:a4:d7:3b:03:e1:7b:a4:e7:6a:9e:e0:b2:
af:62:b8:9a:8f:68:09:78:3f:1c:21:34:4c:53:2e:
ed:f4:aa:76:10:ca:41:88:2c:54:c1:ca:0f:f6:d0:
9a:43:17:49:c0:22:04:d4:05:4b:a6:82:aa:97:d0:
df:9a:75:c4:61:c6:c7:c6:db:75:f8:b6:c5:8b:cc:
f1:52:6d:2a:2a:f0:e1:b3:ee:25:3d:23:03:d9:b3:
14:a7:ae:ef:fb:31:a5:4f:54:bd:b7:cc:70:82:c5:
bb:6c:c0:cb:7d:83:c9:cd:e5:cb:c4:9f:ee:1c:8e:
8c:01:e9:3c:5f:36:16:24:27:a8:55:16:2f:8d:a5:
f8:cb:fd:c2:39:64:de:4d:59:51:af:26:12:31:8a:
32:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:5C:E3:A6:53:34:6A:85:31:34:6E:7D:20:56:69:7E:68:A0:14:A1
X509v3 Authority Key Identifier:
keyid:04:62:B9:B5:8E:E0:8E:83:F1:A9:AD:4E:96:43:E8:0D:3B:40:CB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGK5tY7gjoPxqa1OlkPoDTtAyz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/e1ee5b-023b-430a-9c6f-0ee2ea7d4884/1/ilzjplM0aoUxNG59IFZpfmigFKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/e1ee5b-023b-430a-9c6f-0ee2ea7d4884/1/BGK5tY7gjoPxqa1OlkPoDTtAyz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.120.0/22
Signature Algorithm: sha256WithRSAEncryption
d3:35:35:8b:55:da:2f:9a:eb:a4:59:75:38:d7:78:16:6e:f7:
c3:ce:22:e0:25:08:75:c9:c4:ca:c7:15:80:89:86:d8:21:18:
c8:17:42:12:2c:39:bd:1f:a6:37:95:44:2a:c0:bb:0b:19:a6:
3a:ed:96:9a:54:95:03:94:7a:95:85:97:7a:e2:08:98:56:e4:
7f:a6:91:76:f1:a9:11:d4:4b:b7:60:63:ed:ea:12:7e:1e:68:
02:b0:14:14:f2:19:90:62:d1:bd:6f:fe:53:eb:61:ca:2b:46:
0b:cf:cb:04:43:39:e9:f5:63:37:c4:59:d9:ff:92:d1:d7:41:
a6:aa:75:16:32:9e:33:51:7a:df:2b:48:72:08:60:a1:58:59:
d9:91:0e:ba:80:9f:fb:3d:10:e3:f3:52:95:bc:96:df:f4:dd:
b1:4c:e0:80:5d:ca:ee:39:46:50:77:63:a6:f3:2d:30:37:6b:
ab:33:98:a7:fd:35:89:9a:9d:ae:47:32:2b:72:31:9b:c4:92:
d3:2d:2e:0e:63:a8:21:86:5a:b2:ea:b7:43:b3:97:7f:a1:f8:
81:20:62:92:28:35:e0:8c:f9:1d:fb:be:bd:92:22:4d:99:c3:
06:6f:5d:82:3b:66:71:28:ba:32:2c:b0:9c:ab:67:94:fd:c0:
34:93:bc:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeOY+iqjUav0AOoRiKwGma4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NjJiOWI1OGVlMDhlODNmMWE5YWQ0ZTk2NDNlODBkM2I0
MGNiM2UwHhcNMjMwNDE3MDg0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTVjZTNhNjUzMzQ2YTg1MzEzNDZlN2QyMDU2Njk3ZTY4YTAxNGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVcXIa3wiD/L6+VCaz7tyFKPHRxf
Ssul9PDnQPWLluzdpSXovjFtHLaMlZgaCnF+i2Jbx0jjrEIIO5/W3Re3gY9o54mJ
EYxVOGH6thhd35iwqud7AjZNYfWy2n732Z2FCq3cVq9oXDosfLOk1zsD4Xuk52qe
4LKvYriaj2gJeD8cITRMUy7t9Kp2EMpBiCxUwcoP9tCaQxdJwCIE1AVLpoKql9Df
mnXEYcbHxtt1+LbFi8zxUm0qKvDhs+4lPSMD2bMUp67v+zGlT1S9t8xwgsW7bMDL
fYPJzeXLxJ/uHI6MAek8XzYWJCeoVRYvjaX4y/3COWTeTVlRryYSMYoy1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIpc46ZTNGqFMTRufSBWaX5ooBShMB8GA1UdIwQY
MBaAFARiubWO4I6D8amtTpZD6A07QMs+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkdLNXRZN2dqb1B4cWExT2xrUG9EVHRBeXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9lMWVlNWItMDIzYi00MzBhLTljNmYt
MGVlMmVhN2Q0ODg0LzEvaWx6anBsTTBhb1V4Tkc1OUlGWnBmbWlnRktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9lMWVlNWItMDIzYi00MzBhLTljNmYtMGVlMmVhN2Q0ODg0
LzEvQkdLNXRZN2dqb1B4cWExT2xrUG9EVHRBeXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8V4MA0G
CSqGSIb3DQEBCwUAA4IBAQDTNTWLVdovmuukWXU413gWbvfDziLgJQh1ycTKxxWA
iYbYIRjIF0ISLDm9H6Y3lUQqwLsLGaY67ZaaVJUDlHqVhZd64giYVuR/ppF28akR
1Eu3YGPt6hJ+HmgCsBQU8hmQYtG9b/5T62HKK0YLz8sEQznp9WM3xFnZ/5LR10Gm
qnUWMp4zUXrfK0hyCGChWFnZkQ66gJ/7PRDj81KVvJbf9N2xTOCAXcruOUZQd2Om
8y0wN2urM5in/TWJmp2uRzIrcjGbxJLTLS4OY6ghhlqy6rdDs5d/ofiBIGKSKDXg
jPkd+769kiJNmcMGb12CO2ZxKLoyLLCcq2eU/cA0k7xf
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:37 2024 by rpki-client on console-ams.rpki-client.org