Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/yWclVgZIcpRx3vEF_q2hMM-iqHE.roa
File: yWclVgZIcpRx3vEF_q2hMM-iqHE.roa (raw, json)
Hash identifier: vhvxir/h+G26iOO9H3nPJthDM8FGCdZDQXFCMXwDg8k=
Subject key identifier: C9:67:25:56:06:48:72:94:71:DE:F1:05:FE:AD:A1:30:CF:A2:A8:71
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0186CAF313CD5C6C7B8E5CB912DAA8E9D334
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/yWclVgZIcpRx3vEF_q2hMM-iqHE.roa
Signing time: Fri 10 Mar 2023 09:56:13 +0000
ROA not before: Fri 10 Mar 2023 09:56:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57916
IP address blocks: 91.242.97.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.100.0/23 maxlen: 24
91.242.64.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ca:f3:13:cd:5c:6c:7b:8e:5c:b9:12:da:a8:e9:d3:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Mar 10 09:56:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c96725560648729471def105feada130cfa2a871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1c:21:91:12:90:66:f3:71:db:1c:69:30:52:
57:3f:4c:e9:5b:7e:b6:42:e6:9b:6c:f5:5f:02:01:
f7:26:19:ce:23:fa:ce:3c:7c:5b:d8:7f:9a:b4:56:
20:99:94:9c:ac:09:18:d0:d9:00:fb:63:6a:42:0d:
da:4c:c1:96:44:81:bc:ea:ef:14:df:6a:e8:9c:e4:
31:e2:76:3d:53:70:19:66:d9:97:37:ac:59:c9:c5:
b1:2c:3f:fb:2e:d9:0c:47:58:16:e2:49:a3:25:45:
8e:a6:48:a9:5e:32:f9:e8:f3:b3:0a:58:de:ab:db:
3a:27:05:be:39:d4:52:09:13:b9:bc:46:a9:49:47:
62:b6:46:1a:23:3f:06:a5:81:28:00:4a:64:c9:cd:
eb:b2:87:7a:5a:18:e8:4b:4a:85:db:36:73:d3:33:
7f:61:21:5e:2e:94:c4:f6:3c:dd:a8:ae:5e:5f:15:
1f:20:02:77:18:19:fe:fe:cb:53:12:bb:9b:90:36:
d3:52:3a:ed:86:90:28:e7:8e:02:98:f6:6e:a5:19:
c3:eb:59:0c:2c:fe:cf:e9:ef:bd:91:b0:24:26:49:
cb:48:b0:18:ef:3d:7d:78:2d:e0:a7:41:58:2e:86:
ad:eb:96:47:07:ee:e5:f5:93:b5:2b:b3:9e:d4:0c:
00:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:67:25:56:06:48:72:94:71:DE:F1:05:FE:AD:A1:30:CF:A2:A8:71
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/yWclVgZIcpRx3vEF_q2hMM-iqHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.64.0/22
91.242.97.0/24
91.242.100.0/23
91.242.105.0/24
Signature Algorithm: sha256WithRSAEncryption
86:3e:54:4d:98:f0:8c:38:20:f1:59:2f:96:f5:a1:2e:ef:e1:
6b:c2:50:7b:18:35:73:d8:0d:df:a3:76:00:84:61:2a:b7:c0:
6c:a5:b6:30:b6:8a:89:11:1d:a1:77:bc:25:34:ce:98:3c:f7:
2c:63:5b:b3:00:82:d1:3e:5f:70:d4:a3:70:5b:47:94:6e:2c:
9f:ae:c4:f3:95:c2:f2:c5:30:58:c9:23:8b:19:97:56:97:54:
08:1e:be:ad:34:39:86:4c:84:d7:14:ef:f1:c9:03:ce:01:0b:
bd:75:c9:8e:09:31:7e:f4:f7:c3:c5:33:1f:7b:7f:a5:40:5d:
f3:1d:20:5a:7c:2b:52:a4:93:11:49:e0:37:45:c0:7d:a0:b0:
85:09:b5:c0:23:95:44:5d:83:c0:da:3d:a8:f7:ac:9d:17:41:
91:28:00:10:eb:93:c6:f5:c4:a9:84:4b:2e:e9:d0:b6:ee:e0:
3e:3d:08:f5:a9:42:2d:6a:42:ea:f2:55:d5:a5:b6:1e:78:af:
eb:a8:bf:9a:34:f6:21:58:32:18:63:12:9e:ad:17:f1:a8:8e:
46:8d:94:fb:2f:52:39:2c:83:5d:03:c9:1f:1c:62:dc:cc:f3:
d2:89:98:e1:61:67:f7:21:df:dc:75:6d:e5:d0:f8:a8:11:fe:
3b:5d:ac:1a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYbK8xPNXGx7jly5Etqo6dM0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMzEwMDk1NjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTY3MjU1NjA2NDg3Mjk0NzFkZWYxMDVmZWFkYTEzMGNmYTJhODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxwhkRKQZvNx2xxpMFJXP0zpW362
QuabbPVfAgH3JhnOI/rOPHxb2H+atFYgmZScrAkY0NkA+2NqQg3aTMGWRIG86u8U
32ronOQx4nY9U3AZZtmXN6xZycWxLD/7LtkMR1gW4kmjJUWOpkipXjL56POzClje
q9s6JwW+OdRSCRO5vEapSUditkYaIz8GpYEoAEpkyc3rsod6WhjoS0qF2zZz0zN/
YSFeLpTE9jzdqK5eXxUfIAJ3GBn+/stTErubkDbTUjrthpAo544CmPZupRnD61kM
LP7P6e+9kbAkJknLSLAY7z19eC3gp0FYLoat65ZHB+7l9ZO1K7Oe1AwAEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMlnJVYGSHKUcd7xBf6toTDPoqhxMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEveVdjbFZnWkljcFJ4M3ZFRl9xMmhNTS1pcUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW/JAAwQA
W/JhAwQBW/JkAwQAW/JpMA0GCSqGSIb3DQEBCwUAA4IBAQCGPlRNmPCMOCDxWS+W
9aEu7+FrwlB7GDVz2A3fo3YAhGEqt8BspbYwtoqJER2hd7wlNM6YPPcsY1uzAILR
Pl9w1KNwW0eUbiyfrsTzlcLyxTBYySOLGZdWl1QIHr6tNDmGTITXFO/xyQPOAQu9
dcmOCTF+9PfDxTMfe3+lQF3zHSBafCtSpJMRSeA3RcB9oLCFCbXAI5VEXYPA2j2o
96ydF0GRKAAQ65PG9cSphEsu6dC27uA+PQj1qUItakLq8lXVpbYeeK/rqL+aNPYh
WDIYYxKerRfxqI5GjZT7L1I5LINdA8kfHGLczPPSiZjhYWf3Id/cdW3l0PioEf47
Xawa
-----END CERTIFICATE-----
Generated at Wed Aug 2 20:41:35 2023 by rpki-client on console-fra.rpki-client.org