Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/YkidH6sE3tRgHSlRt2QRmialq9c.roa
File: YkidH6sE3tRgHSlRt2QRmialq9c.roa (raw, json)
Hash identifier: TWLbPz8aDWiLPtwzi31RXTkVciRJH4X9TzeFPuiyJHc=
Subject key identifier: 62:48:9D:1F:AB:04:DE:D4:60:1D:29:51:B7:64:11:9A:26:A5:AB:D7
Certificate issuer: /CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Certificate serial: 01856E2FAEFD28284FFAF1B60A6557E800F9
Authority key identifier: DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/YkidH6sE3tRgHSlRt2QRmialq9c.roa
Signing time: Sun 01 Jan 2023 16:34:56 +0000
ROA not before: Sun 01 Jan 2023 16:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5588
IP address blocks: 91.245.16.0/23 maxlen: 24
2a01:5f7::/32 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:ae:fd:28:28:4f:fa:f1:b6:0a:65:57:e8:00:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Validity
Not Before: Jan 1 16:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62489d1fab04ded4601d2951b764119a26a5abd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d0:52:49:e0:51:fc:6c:c4:00:75:20:03:e1:
93:4f:3a:90:45:69:71:19:17:35:1c:43:dc:d3:46:
30:d9:1b:e3:c5:de:e5:91:2e:8d:d8:63:52:9c:4e:
fd:51:f2:dd:80:2e:9b:4c:76:cf:28:bf:70:b1:56:
63:4a:3f:41:74:68:70:16:7f:e5:a9:01:cb:d9:f7:
fc:4a:46:6d:1a:9e:bb:f6:fc:12:2f:3d:4d:c3:6e:
0b:c6:7a:a3:a6:5f:04:79:6e:06:3e:18:ae:b3:04:
3b:f0:f0:7a:4a:44:ce:30:43:d9:5b:e8:83:55:e1:
78:fe:f9:42:78:4f:0e:93:3b:c2:c5:12:0b:f3:e0:
25:25:04:26:e7:ab:4f:a7:4f:d8:08:b6:cf:3a:16:
6e:0e:f7:14:61:fc:ed:7b:5d:23:bb:3f:94:5e:2e:
ab:e1:b2:d7:da:e4:85:86:f4:c9:dc:31:66:de:1b:
71:57:b2:a5:c8:aa:e4:91:a3:54:46:88:17:01:88:
95:31:23:2b:fa:b1:73:ef:25:8e:37:40:ed:62:5f:
23:30:1f:8e:f0:56:bf:1b:ed:3d:8d:1b:52:b6:7b:
4d:a0:ec:df:1f:57:17:7a:7f:d7:4e:17:c7:a3:ab:
09:f0:19:f5:70:be:3c:f1:be:d1:8d:99:82:ab:eb:
2f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:48:9D:1F:AB:04:DE:D4:60:1D:29:51:B7:64:11:9A:26:A5:AB:D7
X509v3 Authority Key Identifier:
keyid:DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/YkidH6sE3tRgHSlRt2QRmialq9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.16.0/23
IPv6:
2a01:5f7::/32
Signature Algorithm: sha256WithRSAEncryption
1f:34:52:b4:59:7f:09:66:bf:18:cc:25:f0:85:79:89:57:84:
b3:86:60:83:cb:64:9e:90:21:7a:b6:4d:b0:c8:c7:78:1b:a3:
12:43:81:62:cb:d3:0b:0a:91:3e:0f:d8:7a:9c:d1:f8:b7:36:
66:02:a5:4a:d4:8d:1f:51:f7:74:f1:1f:5f:fa:e7:84:e9:0e:
44:3b:8f:ea:a9:a1:3d:20:68:2d:bd:c0:36:d5:12:31:06:1b:
d0:f4:9e:31:a0:a7:af:b4:39:cf:dd:05:28:ed:41:4c:25:eb:
d3:41:a1:e6:f3:3c:55:2e:34:05:91:f9:93:b8:5a:ac:f1:06:
b5:b0:1d:d1:ba:09:cb:17:01:72:34:6a:47:84:b9:a9:e7:26:
b8:bd:6d:85:a2:7e:ab:b7:dc:eb:b2:f3:5f:73:ad:0c:ec:71:
ad:1d:8d:c8:e4:c8:6c:06:f2:c2:85:bb:bb:a6:d5:1b:93:6c:
fa:41:f2:5a:1f:69:cd:20:c1:f3:4c:ee:37:cb:76:a0:f4:d3:
6b:a2:9c:76:0d:15:57:ac:06:14:7e:a1:39:cf:18:39:b7:5f:
45:08:ed:98:b0:4f:cc:cd:95:6b:a3:b3:dc:dd:89:da:c2:af:
75:f3:9f:38:16:b0:46:5a:14:a7:e2:b1:b9:ad:bf:8a:1a:f5:
5a:22:ed:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuL679KChP+vG2CmVX6AD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjY2IyZDVmYjI1Mzg1MmYxODIzYzY1NDM0ZThmMjc2ZDA0
ZTRlMGMwHhcNMjMwMTAxMTYzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjQ4OWQxZmFiMDRkZWQ0NjAxZDI5NTFiNzY0MTE5YTI2YTVhYmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNBSSeBR/GzEAHUgA+GTTzqQRWlx
GRc1HEPc00Yw2Rvjxd7lkS6N2GNSnE79UfLdgC6bTHbPKL9wsVZjSj9BdGhwFn/l
qQHL2ff8SkZtGp679vwSLz1Nw24Lxnqjpl8EeW4GPhiuswQ78PB6SkTOMEPZW+iD
VeF4/vlCeE8OkzvCxRIL8+AlJQQm56tPp0/YCLbPOhZuDvcUYfzte10juz+UXi6r
4bLX2uSFhvTJ3DFm3htxV7KlyKrkkaNURogXAYiVMSMr+rFz7yWON0DtYl8jMB+O
8Fa/G+09jRtStntNoOzfH1cXen/XThfHo6sJ8Bn1cL488b7RjZmCq+sv9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGJInR+rBN7UYB0pUbdkEZompavXMB8GA1UdIwQY
MBaAFNzLLV+yU4UvGCPGVDTo8nbQTk4MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQt
ZTFhOGE2ZjFkNTlhLzEvWWtpZEg2c0UzdFJnSFNsUnQyUVJtaWFscTljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQtZTFhOGE2ZjFkNTlh
LzEvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW/UQMA0E
AgACMAcDBQAqAQX3MA0GCSqGSIb3DQEBCwUAA4IBAQAfNFK0WX8JZr8YzCXwhXmJ
V4SzhmCDy2SekCF6tk2wyMd4G6MSQ4Fiy9MLCpE+D9h6nNH4tzZmAqVK1I0fUfd0
8R9f+ueE6Q5EO4/qqaE9IGgtvcA21RIxBhvQ9J4xoKevtDnP3QUo7UFMJevTQaHm
8zxVLjQFkfmTuFqs8Qa1sB3RugnLFwFyNGpHhLmp5ya4vW2Fon6rt9zrsvNfc60M
7HGtHY3I5MhsBvLChbu7ptUbk2z6QfJaH2nNIMHzTO43y3ag9NNropx2DRVXrAYU
fqE5zxg5t19FCO2YsE/MzZVro7Pc3Ynawq918584FrBGWhSn4rG5rb+KGvVaIu3L
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:59 2023 by rpki-client on console-ams.rpki-client.org