Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/1-Vpd9svmIrGyfNPlUSyab22estQ.roa
File: 1-Vpd9svmIrGyfNPlUSyab22estQ.roa (raw, json)
Hash identifier: Ddgtu5gLNqeFQyFmU9QjazPkP7KNLmlpAyMThURimLg=
Subject key identifier: F9:5A:5D:F6:CB:E6:22:B1:B2:7C:D3:E5:51:2C:9A:6F:6D:9E:B2:D4
Certificate issuer: /CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Certificate serial: 0185E84F14A25A83319454F24873F7625112
Authority key identifier: DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/1-Vpd9svmIrGyfNPlUSyab22estQ.roa
Signing time: Wed 25 Jan 2023 09:42:54 +0000
ROA not before: Wed 25 Jan 2023 09:42:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212224
IP address blocks: 91.245.20.0/22 maxlen: 24
2a01:5f6::/32 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e8:4f:14:a2:5a:83:31:94:54:f2:48:73:f7:62:51:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Validity
Not Before: Jan 25 09:42:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f95a5df6cbe622b1b27cd3e5512c9a6f6d9eb2d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:61:12:f2:9b:fe:45:bc:2d:73:d1:f4:8b:1c:
9d:2e:d0:c0:e1:0e:41:16:34:52:7a:93:e2:94:b5:
34:24:5a:12:b7:1f:e5:8e:d1:2c:f2:59:78:b5:51:
e7:5b:84:11:d4:6a:91:22:73:4a:5d:90:12:4f:2a:
83:f0:f9:46:de:e8:e9:2c:d2:fb:d6:94:09:da:07:
b1:9f:9e:2d:02:dd:cc:e1:4d:b0:38:df:f9:b6:5b:
97:6f:09:f3:d0:71:e0:c5:64:1b:9c:4b:5f:2d:bd:
17:0c:5a:9e:e0:9f:82:47:bb:ef:eb:fb:60:4d:a2:
49:af:50:bc:8f:b5:0e:f0:3f:65:09:65:88:44:1e:
05:04:c3:7a:d5:d3:d0:8f:ac:ef:5a:d0:d3:e6:02:
b9:04:19:e4:11:08:56:f6:c9:93:b4:49:f6:82:0e:
c9:df:42:9b:ee:ad:e3:14:14:3e:91:d0:db:bd:76:
03:e0:b4:6e:cc:c6:92:45:3b:51:e9:ed:fb:ea:d7:
b2:cc:0d:9c:ae:87:94:6f:a1:28:13:ee:73:68:fc:
59:05:7a:f8:a5:a3:1d:51:81:24:e6:e5:f8:04:8e:
04:6f:31:c8:42:49:15:44:aa:14:45:07:0f:ec:40:
9b:d3:c9:a3:fd:11:47:87:c4:c3:38:2e:d5:5f:45:
5b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:5A:5D:F6:CB:E6:22:B1:B2:7C:D3:E5:51:2C:9A:6F:6D:9E:B2:D4
X509v3 Authority Key Identifier:
keyid:DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/1-Vpd9svmIrGyfNPlUSyab22estQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.20.0/22
IPv6:
2a01:5f6::/32
Signature Algorithm: sha256WithRSAEncryption
59:84:44:ea:05:a1:97:2f:c1:87:26:6f:49:0e:70:4e:cf:17:
ad:95:fa:1b:ea:d5:54:8b:29:31:f2:3f:0a:e3:e9:bf:7a:30:
76:60:84:15:0d:70:67:9c:a4:4a:2b:11:2c:63:6d:27:7a:8f:
5a:71:3d:8b:97:a5:c6:74:29:76:7f:9e:60:2a:0e:93:66:90:
e2:85:92:83:d3:c8:a1:9d:7f:05:ce:56:be:ad:dd:eb:2d:37:
0a:5a:49:71:9e:fd:a0:cc:5c:a9:a7:89:7d:fb:4a:da:6c:0f:
5a:58:42:75:cc:6e:f7:fd:a5:7e:19:cf:02:7f:f4:33:63:f6:
7f:6b:36:4b:03:eb:b1:af:04:7f:23:38:3e:5c:0c:22:4c:c6:
46:9c:45:4b:5d:31:ff:7b:bf:ef:28:bf:37:cd:91:07:44:95:
0c:fc:39:f4:e0:4a:26:c4:01:83:b8:14:cc:a4:e2:4d:ee:34:
6e:8f:d2:28:2a:ff:be:47:95:59:21:dc:07:bb:03:ae:33:ad:
35:6b:2c:e3:43:92:31:5d:94:11:e1:3d:a6:22:33:8c:4f:a4:
b8:63:18:1d:71:67:94:2f:d3:05:24:90:26:bb:98:d5:1e:b4:
b0:14:47:14:7a:0d:54:78:4f:1e:c0:f7:ae:7a:ff:59:93:07:
42:3a:d1:27
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYXoTxSiWoMxlFTySHP3YlESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjY2IyZDVmYjI1Mzg1MmYxODIzYzY1NDM0ZThmMjc2ZDA0
ZTRlMGMwHhcNMjMwMTI1MDk0MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTVhNWRmNmNiZTYyMmIxYjI3Y2QzZTU1MTJjOWE2ZjZkOWViMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WES8pv+Rbwtc9H0ixydLtDA4Q5B
FjRSepPilLU0JFoStx/ljtEs8ll4tVHnW4QR1GqRInNKXZASTyqD8PlG3ujpLNL7
1pQJ2gexn54tAt3M4U2wON/5tluXbwnz0HHgxWQbnEtfLb0XDFqe4J+CR7vv6/tg
TaJJr1C8j7UO8D9lCWWIRB4FBMN61dPQj6zvWtDT5gK5BBnkEQhW9smTtEn2gg7J
30Kb7q3jFBQ+kdDbvXYD4LRuzMaSRTtR6e376teyzA2croeUb6EoE+5zaPxZBXr4
paMdUYEk5uX4BI4EbzHIQkkVRKoURQcP7ECb08mj/RFHh8TDOC7VX0VbxQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPlaXfbL5iKxsnzT5VEsmm9tnrLUMB8GA1UdIwQY
MBaAFNzLLV+yU4UvGCPGVDTo8nbQTk4MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQt
ZTFhOGE2ZjFkNTlhLzEvMS1WcGQ5c3ZtSXJHeWZOUGxVU3lhYjIyZXN0US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjEvN2MxYzI5LWNhMDItNDkwYi1hYTg0LWUxYThhNmYxZDU5
YS8xLzNNc3RYN0pUaFM4WUk4WlVOT2p5ZHRCT1Rndy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAlv1FDAN
BAIAAjAHAwUAKgEF9jANBgkqhkiG9w0BAQsFAAOCAQEAWYRE6gWhly/BhyZvSQ5w
Ts8XrZX6G+rVVIspMfI/CuPpv3owdmCEFQ1wZ5ykSisRLGNtJ3qPWnE9i5elxnQp
dn+eYCoOk2aQ4oWSg9PIoZ1/Bc5Wvq3d6y03ClpJcZ79oMxcqaeJfftK2mwPWlhC
dcxu9/2lfhnPAn/0M2P2f2s2SwPrsa8EfyM4PlwMIkzGRpxFS10x/3u/7yi/N82R
B0SVDPw59OBKJsQBg7gUzKTiTe40bo/SKCr/vkeVWSHcB7sDrjOtNWss40OSMV2U
EeE9piIzjE+kuGMYHXFnlC/TBSSQJruY1R60sBRHFHoNVHhPHsD3rnr/WZMHQjrR
Jw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:04 2024 by rpki-client on console-ams.rpki-client.org