Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/gU4AikqDosdlDI5dcSrLrQyBiBM.roa
File: gU4AikqDosdlDI5dcSrLrQyBiBM.roa (raw, json)
Hash identifier: EzhKAg9PrmyOvgiRVrvvN6m1ce4GgYYLTN92F419Vxs=
Subject key identifier: 81:4E:00:8A:4A:83:A2:C7:65:0C:8E:5D:71:2A:CB:AD:0C:81:88:13
Certificate issuer: /CN=96199360259fa5b35b82953c5ed97999228341ac
Certificate serial: 01856BE58D775CF9D6074B737A9308B16570
Authority key identifier: 96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/gU4AikqDosdlDI5dcSrLrQyBiBM.roa
Signing time: Sun 01 Jan 2023 05:54:43 +0000
ROA not before: Sun 01 Jan 2023 05:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212986
IP address blocks: 91.212.96.0/24 maxlen: 24
2a12:7cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 17 Feb 2023 21:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:8d:77:5c:f9:d6:07:4b:73:7a:93:08:b1:65:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96199360259fa5b35b82953c5ed97999228341ac
Validity
Not Before: Jan 1 05:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=814e008a4a83a2c7650c8e5d712acbad0c818813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c4:81:00:e3:e5:02:df:03:f9:66:de:f0:91:
fd:8d:93:cc:99:a5:df:58:2f:cd:56:9e:59:aa:38:
78:e7:78:16:f7:c0:3c:31:ae:d9:a9:84:4c:13:c0:
91:85:5b:af:45:bc:aa:eb:a8:94:53:9d:b8:06:47:
19:86:bb:ca:9e:40:db:f5:4d:7c:21:50:e3:dd:75:
be:88:8f:8e:57:11:19:8b:dd:45:59:27:0a:4e:a9:
f9:27:ef:3e:a2:72:63:34:d5:8c:98:d4:9b:5f:54:
c8:f0:81:7b:86:13:3a:86:cb:c0:87:99:75:3c:24:
9b:15:26:60:27:b5:e2:ca:ae:3e:19:f8:44:1f:fb:
91:bb:ab:95:05:63:e5:0a:93:25:67:24:5c:c0:eb:
94:50:10:ca:20:ba:3f:45:63:ca:fe:7b:7d:67:27:
c0:a7:cb:e4:11:41:90:c2:d9:56:88:bd:8d:3e:1f:
64:17:bb:c9:17:3b:a3:34:1f:da:ed:c5:39:71:b5:
f1:7e:12:2d:fc:81:f6:5d:95:08:4c:a1:d3:82:7c:
81:7d:0e:de:87:9f:2f:bf:bd:21:b1:8b:d1:d7:97:
ed:39:9f:62:68:80:97:d3:df:1b:3b:65:f4:aa:09:
c7:48:a7:ee:77:eb:da:83:73:13:7c:63:d7:a6:0b:
56:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:4E:00:8A:4A:83:A2:C7:65:0C:8E:5D:71:2A:CB:AD:0C:81:88:13
X509v3 Authority Key Identifier:
keyid:96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/gU4AikqDosdlDI5dcSrLrQyBiBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.96.0/24
IPv6:
2a12:7cc0::/29
Signature Algorithm: sha256WithRSAEncryption
3c:a9:54:ed:44:c2:b1:08:8b:bb:13:fb:6f:4b:77:db:46:31:
5a:62:77:1c:fd:84:f9:cd:89:74:8e:c9:99:bf:90:c7:d2:3e:
36:21:ab:d7:cf:40:98:a4:58:61:3f:5b:b4:3f:b2:79:27:38:
bf:ff:01:59:3f:55:98:ca:06:cd:2b:92:07:fc:8e:24:41:c1:
61:4f:d4:30:79:06:cf:cd:65:a8:23:01:c6:95:61:15:07:51:
f8:d7:a7:81:97:33:bb:a4:7d:ca:ed:71:3b:1c:50:60:3e:2e:
74:5e:27:41:90:bd:44:8a:53:be:55:80:03:ec:4d:4e:1b:1f:
09:8c:1e:4c:5e:6f:ca:ec:e0:c6:55:62:f7:f6:f1:d0:e0:88:
cf:12:46:f9:73:de:21:69:8e:4f:d4:69:c1:ac:b7:92:3d:30:
51:da:e3:3a:9b:a3:18:1f:b9:c1:b7:76:e9:4c:ca:6d:6e:4f:
ae:c4:df:e0:23:fc:39:20:79:b1:92:ed:5c:41:46:47:bc:f2:
6a:5d:4f:4c:f4:8f:b4:4f:88:05:4d:09:88:73:86:44:48:2a:
57:a3:a3:93:4b:32:8e:e5:9b:f7:19:f6:21:45:96:41:2a:c9:
a1:5f:50:68:46:96:13:04:b9:11:ac:4e:84:ff:e4:95:a8:7a:
4a:58:1f:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVr5Y13XPnWB0tzepMIsWVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MTk5MzYwMjU5ZmE1YjM1YjgyOTUzYzVlZDk3OTk5MjI4
MzQxYWMwHhcNMjMwMTAxMDU1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTRlMDA4YTRhODNhMmM3NjUwYzhlNWQ3MTJhY2JhZDBjODE4ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8SBAOPlAt8D+Wbe8JH9jZPMmaXf
WC/NVp5Zqjh453gW98A8Ma7ZqYRME8CRhVuvRbyq66iUU524BkcZhrvKnkDb9U18
IVDj3XW+iI+OVxEZi91FWScKTqn5J+8+onJjNNWMmNSbX1TI8IF7hhM6hsvAh5l1
PCSbFSZgJ7Xiyq4+GfhEH/uRu6uVBWPlCpMlZyRcwOuUUBDKILo/RWPK/nt9ZyfA
p8vkEUGQwtlWiL2NPh9kF7vJFzujNB/a7cU5cbXxfhIt/IH2XZUITKHTgnyBfQ7e
h58vv70hsYvR15ftOZ9iaICX098bO2X0qgnHSKfud+vag3MTfGPXpgtWlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIFOAIpKg6LHZQyOXXEqy60MgYgTMB8GA1UdIwQY
MBaAFJYZk2Aln6WzW4KVPF7ZeZkig0GsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYt
MmE1OTFjMTQ5ZDdhLzEvZ1U0QWlrcURvc2RsREk1ZGNTckxyUXlCaUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYtMmE1OTFjMTQ5ZDdh
LzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9RgMA0E
AgACMAcDBQMqEnzAMA0GCSqGSIb3DQEBCwUAA4IBAQA8qVTtRMKxCIu7E/tvS3fb
RjFaYncc/YT5zYl0jsmZv5DH0j42IavXz0CYpFhhP1u0P7J5Jzi//wFZP1WYygbN
K5IH/I4kQcFhT9QweQbPzWWoIwHGlWEVB1H416eBlzO7pH3K7XE7HFBgPi50XidB
kL1EilO+VYAD7E1OGx8JjB5MXm/K7ODGVWL39vHQ4IjPEkb5c94haY5P1GnBrLeS
PTBR2uM6m6MYH7nBt3bpTMptbk+uxN/gI/w5IHmxku1cQUZHvPJqXU9M9I+0T4gF
TQmIc4ZESCpXo6OTSzKO5Zv3GfYhRZZBKsmhX1BoRpYTBLkRrE6E/+SVqHpKWB8B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:13 2024 by rpki-client on console-fra.rpki-client.org