Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/021022-0b27-4b4e-ab32-c990003b24ca/1/Wo3ZD9lLoLe3nTQWEkFHQRH-XNg.roa
File: Wo3ZD9lLoLe3nTQWEkFHQRH-XNg.roa (raw, json)
Hash identifier: xifbKL62ZNI+bCCdxuXHT59LY4LyhZGzUMFm25i+SCo=
Subject key identifier: 5A:8D:D9:0F:D9:4B:A0:B7:B7:9D:34:16:12:41:47:41:11:FE:5C:D8
Certificate issuer: /CN=226a87216d7e3c59315f778b2c8f4a9ef478b93e
Certificate serial: 0187044D99A6CCA6749DC51F11021C914CDA
Authority key identifier: 22:6A:87:21:6D:7E:3C:59:31:5F:77:8B:2C:8F:4A:9E:F4:78:B9:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ImqHIW1-PFkxX3eLLI9KnvR4uT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/021022-0b27-4b4e-ab32-c990003b24ca/1/Wo3ZD9lLoLe3nTQWEkFHQRH-XNg.roa
Signing time: Tue 21 Mar 2023 13:13:27 +0000
ROA not before: Tue 21 Mar 2023 13:13:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47613
IP address blocks: 91.206.88.0/23 maxlen: 23
2a07:82c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:04:4d:99:a6:cc:a6:74:9d:c5:1f:11:02:1c:91:4c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=226a87216d7e3c59315f778b2c8f4a9ef478b93e
Validity
Not Before: Mar 21 13:13:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a8dd90fd94ba0b7b79d34161241474111fe5cd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a0:34:3e:dc:f2:c9:b1:bd:a4:40:3f:07:2a:
08:17:ce:cc:09:71:2c:a5:7d:23:66:53:91:e2:b8:
96:3d:a2:c8:62:cb:43:63:07:1b:2e:e5:50:5d:88:
c0:a7:71:d7:52:28:7b:02:34:4c:a5:8a:f0:00:64:
48:5e:5b:e6:35:f6:b2:60:37:26:e6:a5:cf:d3:07:
cc:48:59:c4:bb:8d:f5:df:f4:e3:10:f5:1f:04:b8:
35:dd:bf:7e:18:cf:37:80:c7:db:04:8b:0d:17:0c:
b5:97:38:c5:e6:d4:de:9f:0c:d3:ec:aa:54:d7:ab:
48:b1:90:64:95:5b:1e:03:55:b1:85:83:2b:a1:95:
ce:4f:ad:5e:d9:a8:f9:65:21:48:fd:e1:c0:f6:8c:
ac:98:b2:36:0a:48:e0:e9:71:8b:5e:d3:6b:a3:86:
ca:5f:07:d9:9b:c3:df:4d:ba:03:65:61:7d:fa:ac:
2e:de:38:0a:cf:9c:d9:3e:ee:29:9f:39:55:3d:17:
7c:5d:43:d5:3f:e8:45:2f:b2:85:ef:74:02:12:77:
df:b4:a7:63:02:4d:be:29:83:dc:27:36:44:5e:5e:
e1:35:b0:d5:39:08:d3:ba:53:dd:fb:7f:3d:29:71:
57:e1:c4:c0:c0:ad:8a:1f:1f:d0:1d:f5:ac:f8:cc:
0d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:8D:D9:0F:D9:4B:A0:B7:B7:9D:34:16:12:41:47:41:11:FE:5C:D8
X509v3 Authority Key Identifier:
keyid:22:6A:87:21:6D:7E:3C:59:31:5F:77:8B:2C:8F:4A:9E:F4:78:B9:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ImqHIW1-PFkxX3eLLI9KnvR4uT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/021022-0b27-4b4e-ab32-c990003b24ca/1/Wo3ZD9lLoLe3nTQWEkFHQRH-XNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/021022-0b27-4b4e-ab32-c990003b24ca/1/ImqHIW1-PFkxX3eLLI9KnvR4uT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.88.0/23
IPv6:
2a07:82c0::/48
Signature Algorithm: sha256WithRSAEncryption
28:40:e7:a6:a9:5a:7f:15:94:fc:8f:e7:44:a8:b4:a4:9b:b0:
54:2a:df:9e:12:c2:7e:c7:92:32:8f:6b:56:2d:00:80:cd:a8:
f9:42:10:3c:fe:f3:48:0d:7b:40:a0:f3:30:47:a3:8d:ed:a3:
b5:fd:05:d4:d3:a4:2c:e7:94:bb:56:30:cc:cc:75:d2:c5:84:
ab:0c:1c:f9:93:8d:ff:37:b0:e2:1c:7e:0c:61:17:6e:26:99:
cd:25:e1:e1:4b:64:27:a3:38:a7:d7:ac:e1:b0:23:19:5e:40:
88:c6:69:f1:ed:63:68:6d:8f:a1:fc:92:8f:ac:ad:7d:5f:4f:
38:b3:0a:c9:0d:64:7f:aa:b6:55:23:91:ab:df:ed:a8:60:ab:
aa:48:ec:e9:8c:39:6c:f0:a8:94:c9:22:61:ab:06:1d:e5:ee:
76:a9:6d:c6:ea:dd:3c:ff:75:f0:ab:89:27:ad:68:e3:52:0a:
49:d2:85:23:90:33:8d:53:f6:c2:41:2b:66:ba:fb:ea:78:69:
98:f6:5d:c2:54:2b:ca:8e:c8:3f:12:ed:dd:5e:ee:a3:13:72:
e7:5c:e7:4e:8c:39:eb:ff:a6:4e:7e:77:d3:91:d7:3b:d9:4b:
3a:f1:aa:84:cc:22:c5:a5:12:d7:de:69:a4:8f:de:84:f5:6e:
c6:30:be:b1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcETZmmzKZ0ncUfEQIckUzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNmE4NzIxNmQ3ZTNjNTkzMTVmNzc4YjJjOGY0YTllZjQ3
OGI5M2UwHhcNMjMwMzIxMTMxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YThkZDkwZmQ5NGJhMGI3Yjc5ZDM0MTYxMjQxNDc0MTExZmU1Y2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqA0PtzyybG9pEA/ByoIF87MCXEs
pX0jZlOR4riWPaLIYstDYwcbLuVQXYjAp3HXUih7AjRMpYrwAGRIXlvmNfayYDcm
5qXP0wfMSFnEu4313/TjEPUfBLg13b9+GM83gMfbBIsNFwy1lzjF5tTenwzT7KpU
16tIsZBklVseA1WxhYMroZXOT61e2aj5ZSFI/eHA9oysmLI2Ckjg6XGLXtNro4bK
XwfZm8PfTboDZWF9+qwu3jgKz5zZPu4pnzlVPRd8XUPVP+hFL7KF73QCEnfftKdj
Ak2+KYPcJzZEXl7hNbDVOQjTulPd+389KXFX4cTAwK2KHx/QHfWs+MwNNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFqN2Q/ZS6C3t500FhJBR0ER/lzYMB8GA1UdIwQY
MBaAFCJqhyFtfjxZMV93iyyPSp70eLk+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW1xSElXMS1QRmt4WDNlTExJOUtudlI0dVQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wMjEwMjItMGIyNy00YjRlLWFiMzIt
Yzk5MDAwM2IyNGNhLzEvV28zWkQ5bExvTGUzblRRV0VrRkhRUkgtWE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wMjEwMjItMGIyNy00YjRlLWFiMzItYzk5MDAwM2IyNGNh
LzEvSW1xSElXMS1QRmt4WDNlTExJOUtudlI0dVQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW85YMA8E
AgACMAkDBwAqB4LAAAAwDQYJKoZIhvcNAQELBQADggEBAChA56apWn8VlPyP50So
tKSbsFQq354Swn7HkjKPa1YtAIDNqPlCEDz+80gNe0Cg8zBHo43to7X9BdTTpCzn
lLtWMMzMddLFhKsMHPmTjf83sOIcfgxhF24mmc0l4eFLZCejOKfXrOGwIxleQIjG
afHtY2htj6H8ko+srX1fTzizCskNZH+qtlUjkavf7ahgq6pI7OmMOWzwqJTJImGr
Bh3l7napbcbq3Tz/dfCriSetaONSCknShSOQM41T9sJBK2a6++p4aZj2XcJUK8qO
yD8S7d1e7qMTcudc506MOev/pk5+d9OR1zvZSzrxqoTMIsWlEtfeaaSP3oT1bsYw
vrE=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:06 2024 by rpki-client on console-fra.rpki-client.org