Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bdc335-0acb-4f71-bdb7-54ee6c513ff9/1/vZU3Y_mgEn5hfkg3wH-UrG_vIrU.roa
File: vZU3Y_mgEn5hfkg3wH-UrG_vIrU.roa (raw, json)
Hash identifier: f+43EpvznOiITbGCN09FOTMtC//s/19I+rN05+7IBf8=
Subject key identifier: BD:95:37:63:F9:A0:12:7E:61:7E:48:37:C0:7F:94:AC:6F:EF:22:B5
Certificate issuer: /CN=14af12bc28a060b59a2b30af2743c9dcbd748e3a
Certificate serial: 01856F42D76B35F28A980B1E290101321CDA
Authority key identifier: 14:AF:12:BC:28:A0:60:B5:9A:2B:30:AF:27:43:C9:DC:BD:74:8E:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FK8SvCigYLWaKzCvJ0PJ3L10jjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bdc335-0acb-4f71-bdb7-54ee6c513ff9/1/vZU3Y_mgEn5hfkg3wH-UrG_vIrU.roa
Signing time: Sun 01 Jan 2023 21:35:29 +0000
ROA not before: Sun 01 Jan 2023 21:35:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34881
IP address blocks: 91.237.147.0/24 maxlen: 24
91.237.146.0/23 maxlen: 23
91.237.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:d7:6b:35:f2:8a:98:0b:1e:29:01:01:32:1c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14af12bc28a060b59a2b30af2743c9dcbd748e3a
Validity
Not Before: Jan 1 21:35:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd953763f9a0127e617e4837c07f94ac6fef22b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c4:15:32:58:75:1d:00:2f:a8:95:19:cb:78:
b9:50:ac:d3:32:8e:9c:6d:7f:c0:3f:fa:98:8b:f7:
fd:88:53:25:c1:87:90:41:14:6d:53:84:15:9b:da:
e7:c3:4f:af:ae:b3:77:10:ea:88:02:7e:73:aa:3a:
ea:3f:c1:d1:9c:a2:15:e3:ad:5b:3c:93:ed:06:ef:
28:d6:44:4e:76:78:7c:f9:d0:df:a9:e4:83:dc:9e:
a2:25:49:bc:54:dc:1c:8d:d4:d1:0e:5c:1b:9e:9e:
11:42:ba:9b:37:48:fc:7e:60:5a:2c:0e:7f:b1:2f:
a3:0c:e2:8e:bd:77:42:bd:1c:f8:62:7a:3c:31:d4:
6c:78:b3:26:0b:b0:6b:39:be:5d:71:a3:3c:4b:57:
b7:1c:33:e9:1e:9b:da:e9:11:7d:1c:2a:ec:05:d1:
75:c4:55:3d:93:d2:31:18:4f:39:85:47:aa:72:77:
09:93:5a:80:fb:5b:63:79:5e:9b:df:bd:10:ad:a2:
63:17:b7:86:f5:3a:f2:29:5f:8f:88:f7:bc:ce:3c:
24:a3:89:73:1e:61:ff:61:43:bf:3a:8f:72:bd:b3:
eb:db:f6:8e:be:9a:9c:94:d7:ec:1c:38:13:7c:94:
de:f2:7c:dd:57:fb:97:c3:63:38:d0:f2:91:ea:82:
9e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:95:37:63:F9:A0:12:7E:61:7E:48:37:C0:7F:94:AC:6F:EF:22:B5
X509v3 Authority Key Identifier:
keyid:14:AF:12:BC:28:A0:60:B5:9A:2B:30:AF:27:43:C9:DC:BD:74:8E:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FK8SvCigYLWaKzCvJ0PJ3L10jjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bdc335-0acb-4f71-bdb7-54ee6c513ff9/1/vZU3Y_mgEn5hfkg3wH-UrG_vIrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bdc335-0acb-4f71-bdb7-54ee6c513ff9/1/FK8SvCigYLWaKzCvJ0PJ3L10jjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.146.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:8d:dd:0a:46:19:58:90:eb:4c:aa:53:1b:ed:9e:ac:79:53:
c6:8b:3c:16:4e:a0:a0:75:d7:c6:79:28:f3:dd:db:eb:14:13:
14:38:f2:8b:b4:e8:e3:1c:6b:5f:cd:3f:9b:10:35:65:4d:7c:
f7:4c:aa:b0:88:29:c2:e6:14:a9:74:86:6b:5a:9f:f0:de:31:
25:62:3b:88:c7:d1:62:e7:8e:0a:f6:02:84:d7:ca:d1:c6:50:
5f:6a:49:20:ab:e9:a3:64:11:d3:09:b9:1e:ea:6e:6a:34:2a:
8f:57:98:97:88:a8:a0:0a:ba:e4:f8:be:47:c0:3d:56:10:f9:
44:78:94:61:96:4c:f1:3d:05:0d:3d:c8:ca:f5:b6:bd:48:4b:
2d:37:c3:52:93:2d:a6:85:82:0f:a0:5a:e8:ff:9f:52:74:74:
ee:0e:70:ed:3a:40:cb:53:cf:5f:7e:45:a2:c5:65:5f:21:7e:
6c:d6:bc:3c:35:fd:df:6a:72:ce:45:06:82:6c:45:c4:f7:09:
23:3c:60:aa:18:98:5c:91:11:c0:34:59:6c:9b:3f:83:4e:cf:
98:64:7c:a1:32:4b:9b:47:8f:7d:f2:b8:55:14:a6:53:ef:23:
ed:64:63:64:48:57:67:09:5e:50:cf:4d:05:c2:0c:55:e0:b7:
7d:53:c4:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQtdrNfKKmAseKQEBMhzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YWYxMmJjMjhhMDYwYjU5YTJiMzBhZjI3NDNjOWRjYmQ3
NDhlM2EwHhcNMjMwMTAxMjEzNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDk1Mzc2M2Y5YTAxMjdlNjE3ZTQ4MzdjMDdmOTRhYzZmZWYyMmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcQVMlh1HQAvqJUZy3i5UKzTMo6c
bX/AP/qYi/f9iFMlwYeQQRRtU4QVm9rnw0+vrrN3EOqIAn5zqjrqP8HRnKIV461b
PJPtBu8o1kROdnh8+dDfqeSD3J6iJUm8VNwcjdTRDlwbnp4RQrqbN0j8fmBaLA5/
sS+jDOKOvXdCvRz4Yno8MdRseLMmC7BrOb5dcaM8S1e3HDPpHpva6RF9HCrsBdF1
xFU9k9IxGE85hUeqcncJk1qA+1tjeV6b370QraJjF7eG9TryKV+PiPe8zjwko4lz
HmH/YUO/Oo9yvbPr2/aOvpqclNfsHDgTfJTe8nzdV/uXw2M40PKR6oKe0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL2VN2P5oBJ+YX5IN8B/lKxv7yK1MB8GA1UdIwQY
MBaAFBSvErwooGC1miswrydDydy9dI46MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRks4U3ZDaWdZTFdhS3pDdkowUEozTDEwampvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iZGMzMzUtMGFjYi00ZjcxLWJkYjct
NTRlZTZjNTEzZmY5LzEvdlpVM1lfbWdFbjVoZmtnM3dILVVyR192SXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iZGMzMzUtMGFjYi00ZjcxLWJkYjctNTRlZTZjNTEzZmY5
LzEvRks4U3ZDaWdZTFdhS3pDdkowUEozTDEwampvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+2SMA0G
CSqGSIb3DQEBCwUAA4IBAQC9jd0KRhlYkOtMqlMb7Z6seVPGizwWTqCgddfGeSjz
3dvrFBMUOPKLtOjjHGtfzT+bEDVlTXz3TKqwiCnC5hSpdIZrWp/w3jElYjuIx9Fi
544K9gKE18rRxlBfakkgq+mjZBHTCbke6m5qNCqPV5iXiKigCrrk+L5HwD1WEPlE
eJRhlkzxPQUNPcjK9ba9SEstN8NSky2mhYIPoFro/59SdHTuDnDtOkDLU89ffkWi
xWVfIX5s1rw8Nf3fanLORQaCbEXE9wkjPGCqGJhckRHANFlsmz+DTs+YZHyhMkub
R4998rhVFKZT7yPtZGNkSFdnCV5Qz00FwgxV4Ld9U8TX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:12 2024 by rpki-client on console-ams.rpki-client.org