Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/6cddca-fad7-4494-bc14-00abc471f9c1/1/RuaPqL6HPt4T9tu94hBzc_WCJlo.roa
File: RuaPqL6HPt4T9tu94hBzc_WCJlo.roa (raw, json)
Hash identifier: DB85+X4Q/MQzLY8zDYgbOUPiwzSvhCeR5EdBcmT2xTM=
Subject key identifier: 46:E6:8F:A8:BE:87:3E:DE:13:F6:DB:BD:E2:10:73:73:F5:82:26:5A
Certificate issuer: /CN=1143dd85fa01ebec01ee331a13179e8a33d9022f
Certificate serial: 01856D662C95792298098F1FE95398FAFE15
Authority key identifier: 11:43:DD:85:FA:01:EB:EC:01:EE:33:1A:13:17:9E:8A:33:D9:02:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EUPdhfoB6-wB7jMaExeeijPZAi8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/6cddca-fad7-4494-bc14-00abc471f9c1/1/RuaPqL6HPt4T9tu94hBzc_WCJlo.roa
Signing time: Sun 01 Jan 2023 12:54:50 +0000
ROA not before: Sun 01 Jan 2023 12:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51914
IP address blocks: 91.221.129.0/24 maxlen: 24
91.221.128.0/24 maxlen: 24
91.221.128.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:2c:95:79:22:98:09:8f:1f:e9:53:98:fa:fe:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1143dd85fa01ebec01ee331a13179e8a33d9022f
Validity
Not Before: Jan 1 12:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46e68fa8be873ede13f6dbbde2107373f582265a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ec:29:1d:f4:f7:bc:91:38:57:ba:b6:e2:f5:
be:78:22:5b:0a:3a:10:34:21:26:aa:e0:29:3d:83:
74:da:0a:c8:c2:46:aa:7d:00:8d:80:17:49:9a:29:
54:73:2d:af:2c:7c:a1:e6:75:24:27:c4:6e:2d:6a:
7e:b2:2d:9b:92:5d:b5:a8:6c:fa:e4:9e:3b:c3:a2:
02:0a:be:1c:3b:94:d1:d1:ed:37:f7:3c:f8:13:09:
e3:e0:b8:3a:3e:8e:c1:e3:33:d7:72:32:54:c6:c6:
cf:97:0a:88:dc:38:0d:87:ba:31:b7:02:03:e2:c5:
0f:e8:3c:e4:9c:b2:13:fb:34:a6:89:8a:ac:bb:04:
71:48:2c:6a:00:65:1c:b4:dc:c0:75:3f:67:e6:50:
cc:43:e5:5e:8a:49:2a:6f:7b:80:83:5c:a6:31:31:
60:a8:c3:cf:07:7f:f2:da:a8:36:c2:db:0b:e2:e5:
e1:d3:21:2a:96:86:bd:af:e8:8e:8b:21:6e:a9:0b:
11:86:a4:18:28:38:6f:6f:e5:0f:7c:27:35:88:11:
6b:48:5d:bd:c8:58:a7:65:cd:28:43:a5:a7:aa:c0:
cb:f0:b6:f7:04:ce:79:c6:f1:73:b5:c2:dc:74:b1:
30:72:a8:e8:d2:b6:eb:9b:d6:b8:d5:7a:09:46:16:
02:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:E6:8F:A8:BE:87:3E:DE:13:F6:DB:BD:E2:10:73:73:F5:82:26:5A
X509v3 Authority Key Identifier:
keyid:11:43:DD:85:FA:01:EB:EC:01:EE:33:1A:13:17:9E:8A:33:D9:02:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EUPdhfoB6-wB7jMaExeeijPZAi8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6cddca-fad7-4494-bc14-00abc471f9c1/1/RuaPqL6HPt4T9tu94hBzc_WCJlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6cddca-fad7-4494-bc14-00abc471f9c1/1/EUPdhfoB6-wB7jMaExeeijPZAi8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.128.0/23
Signature Algorithm: sha256WithRSAEncryption
28:ec:32:0b:bf:70:48:72:aa:06:86:63:10:e9:ee:45:16:d6:
fb:73:4a:d6:db:c3:95:53:28:e1:ce:7c:a6:4b:ef:32:89:e6:
bc:52:7f:4c:5e:39:2f:6f:5e:1f:62:dd:39:75:b5:c5:bb:9f:
60:5b:d9:16:81:a5:bc:24:c8:69:68:22:d0:bb:c4:7b:21:f7:
8a:e9:b9:01:d4:a9:53:a3:c5:2c:7d:28:1f:4e:e0:e5:ac:6f:
99:52:4b:d9:b7:14:5a:04:5e:ff:d0:aa:ae:69:f5:15:44:dc:
63:6c:79:72:64:0e:0a:b2:d1:df:b0:31:aa:87:69:6d:8b:4b:
5d:5d:6c:32:1d:4f:52:c8:ee:27:37:28:b2:ea:07:d0:a0:98:
69:99:8b:f6:d8:99:48:68:15:15:a4:81:cd:5a:36:03:7a:82:
01:4a:e6:d5:01:fd:f5:ba:24:88:3c:77:ab:0b:1f:ec:48:50:
d1:81:7e:33:66:64:b4:63:05:8b:f0:60:6b:d7:2c:2d:40:a5:
a0:3d:af:82:26:24:28:86:c2:38:cb:97:f3:f6:47:8d:68:bd:
be:e8:1b:25:ea:b6:f7:54:99:c9:d6:40:74:95:2d:03:43:31:
7f:99:38:6f:26:f6:c7:ee:3e:f0:a5:a7:0b:8d:a8:db:2a:1e:
31:f5:6d:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtZiyVeSKYCY8f6VOY+v4VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNDNkZDg1ZmEwMWViZWMwMWVlMzMxYTEzMTc5ZThhMzNk
OTAyMmYwHhcNMjMwMTAxMTI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmU2OGZhOGJlODczZWRlMTNmNmRiYmRlMjEwNzM3M2Y1ODIyNjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOwpHfT3vJE4V7q24vW+eCJbCjoQ
NCEmquApPYN02grIwkaqfQCNgBdJmilUcy2vLHyh5nUkJ8RuLWp+si2bkl21qGz6
5J47w6ICCr4cO5TR0e039zz4Ewnj4Lg6Po7B4zPXcjJUxsbPlwqI3DgNh7oxtwID
4sUP6DzknLIT+zSmiYqsuwRxSCxqAGUctNzAdT9n5lDMQ+Veikkqb3uAg1ymMTFg
qMPPB3/y2qg2wtsL4uXh0yEqloa9r+iOiyFuqQsRhqQYKDhvb+UPfCc1iBFrSF29
yFinZc0oQ6WnqsDL8Lb3BM55xvFztcLcdLEwcqjo0rbrm9a41XoJRhYCSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEbmj6i+hz7eE/bbveIQc3P1giZaMB8GA1UdIwQY
MBaAFBFD3YX6AevsAe4zGhMXnooz2QIvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVVQZGhmb0I2LXdCN2pNYUV4ZWVpalBaQWk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82Y2RkY2EtZmFkNy00NDk0LWJjMTQt
MDBhYmM0NzFmOWMxLzEvUnVhUHFMNkhQdDRUOXR1OTRoQnpjX1dDSmxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82Y2RkY2EtZmFkNy00NDk0LWJjMTQtMDBhYmM0NzFmOWMx
LzEvRVVQZGhmb0I2LXdCN2pNYUV4ZWVpalBaQWk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW92AMA0G
CSqGSIb3DQEBCwUAA4IBAQAo7DILv3BIcqoGhmMQ6e5FFtb7c0rW28OVUyjhznym
S+8yiea8Un9MXjkvb14fYt05dbXFu59gW9kWgaW8JMhpaCLQu8R7IfeK6bkB1KlT
o8UsfSgfTuDlrG+ZUkvZtxRaBF7/0KquafUVRNxjbHlyZA4KstHfsDGqh2lti0td
XWwyHU9SyO4nNyiy6gfQoJhpmYv22JlIaBUVpIHNWjYDeoIBSubVAf31uiSIPHer
Cx/sSFDRgX4zZmS0YwWL8GBr1ywtQKWgPa+CJiQohsI4y5fz9keNaL2+6Bsl6rb3
VJnJ1kB0lS0DQzF/mThvJvbH7j7wpacLjajbKh4x9W1f
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:52 2024 by rpki-client on console-ams.rpki-client.org