Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/99f5c3-6b75-48bc-a8aa-3fdba9769302/1/JaeDhPwveEWk6Rt3epbHkw0cDmw.roa
File: JaeDhPwveEWk6Rt3epbHkw0cDmw.roa (raw, json)
Hash identifier: f9AKLOXC5FNSTh6WCnnUqdUP24Z/EmI76l64fWUXIpw=
Subject key identifier: 25:A7:83:84:FC:2F:78:45:A4:E9:1B:77:7A:96:C7:93:0D:1C:0E:6C
Certificate issuer: /CN=107312a5016a3cdcc0b7e61dc79f55d3d5ecb37e
Certificate serial: 018571D7D74229A3AF0F7B019EA514FC1189
Authority key identifier: 10:73:12:A5:01:6A:3C:DC:C0:B7:E6:1D:C7:9F:55:D3:D5:EC:B3:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHMSpQFqPNzAt-Ydx59V09Xss34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/99f5c3-6b75-48bc-a8aa-3fdba9769302/1/JaeDhPwveEWk6Rt3epbHkw0cDmw.roa
Signing time: Mon 02 Jan 2023 09:37:28 +0000
ROA not before: Mon 02 Jan 2023 09:37:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50010
IP address blocks: 91.132.64.0/24 maxlen: 24
91.132.65.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:d7:42:29:a3:af:0f:7b:01:9e:a5:14:fc:11:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=107312a5016a3cdcc0b7e61dc79f55d3d5ecb37e
Validity
Not Before: Jan 2 09:37:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25a78384fc2f7845a4e91b777a96c7930d1c0e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:18:3a:fd:5f:e3:b9:7d:c6:9a:9d:6e:bd:a0:
20:e1:10:46:f8:02:5f:91:7d:89:10:59:d0:26:61:
b1:a5:32:18:8e:b0:ae:e0:7e:e8:9e:36:86:9d:c6:
6c:4f:c4:a2:d6:bd:d5:4f:bf:4a:da:aa:24:7b:1d:
ff:28:52:8b:56:10:e4:73:59:9e:8f:92:50:e8:cf:
f1:7a:80:09:87:0c:0a:46:ec:dc:6c:3e:5e:38:59:
9b:19:6f:fe:4a:de:86:a5:91:47:5c:d4:b9:f4:d1:
c5:23:eb:14:03:37:7c:f2:2d:97:78:dc:1d:17:96:
85:ab:7e:17:e1:54:02:6e:c4:3b:db:1d:8e:ab:1d:
2f:d7:96:94:38:07:5b:a1:a7:7d:2c:fd:87:39:29:
d2:ba:6f:78:97:cc:d9:a7:ce:7e:4d:ee:58:7d:59:
d7:eb:2f:05:4f:8d:f0:d4:9f:04:88:86:4b:b1:4e:
6b:54:1f:08:6a:34:01:a8:b7:cd:0f:b3:7b:98:f8:
d7:0e:03:0a:22:d9:b7:84:86:2f:29:2d:58:a0:71:
0a:36:07:4c:a0:1b:b3:81:96:3d:08:e3:fa:8c:9c:
ab:97:e1:fe:f5:62:bf:09:cb:c2:3a:c8:67:8c:6c:
97:ca:17:bc:14:0e:4c:2b:5e:56:fb:02:07:31:7c:
d8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:A7:83:84:FC:2F:78:45:A4:E9:1B:77:7A:96:C7:93:0D:1C:0E:6C
X509v3 Authority Key Identifier:
keyid:10:73:12:A5:01:6A:3C:DC:C0:B7:E6:1D:C7:9F:55:D3:D5:EC:B3:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHMSpQFqPNzAt-Ydx59V09Xss34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/99f5c3-6b75-48bc-a8aa-3fdba9769302/1/JaeDhPwveEWk6Rt3epbHkw0cDmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/99f5c3-6b75-48bc-a8aa-3fdba9769302/1/EHMSpQFqPNzAt-Ydx59V09Xss34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.64.0/23
Signature Algorithm: sha256WithRSAEncryption
64:17:6b:b3:37:2f:12:11:ab:a6:84:ca:74:1d:64:f5:35:05:
34:eb:0d:70:90:0a:98:63:39:de:45:2f:81:86:6b:ab:d7:df:
14:18:29:a3:bd:6e:43:7b:4c:67:c3:a6:43:ed:e6:10:8d:2b:
86:88:6d:4f:3c:dc:85:ce:7f:2f:f1:66:f2:02:6c:de:fc:bd:
5b:72:21:44:33:4a:27:3d:be:3f:3e:c5:5b:4f:9c:81:95:ac:
11:d9:a3:55:38:50:1c:4a:2f:b1:ce:92:3f:75:6e:fc:f0:27:
54:9d:b3:3e:43:76:85:7e:81:be:be:cc:2d:fb:ec:1d:3b:d1:
51:3b:08:c7:05:d8:11:08:e1:80:6c:69:27:38:ac:f6:d8:ca:
e7:5d:ee:02:06:cf:64:53:c2:43:91:31:cb:3e:eb:74:56:fe:
88:70:2a:04:16:e1:a5:8e:a8:b5:22:ff:b0:bd:c9:5b:11:f7:
22:7c:1f:d7:02:92:80:b4:59:75:54:51:cf:a2:6b:75:f0:52:
6b:68:04:04:2a:92:c7:67:b1:3a:67:4f:98:c0:54:f6:09:61:
a1:33:17:da:d3:e7:c6:43:3e:8a:9b:93:30:4d:61:c9:4a:27:
8a:5f:a6:82:c5:85:3f:85:77:73:a5:1a:2f:15:f7:61:1f:ff:
5d:1d:40:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx19dCKaOvD3sBnqUU/BGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzMxMmE1MDE2YTNjZGNjMGI3ZTYxZGM3OWY1NWQzZDVl
Y2IzN2UwHhcNMjMwMTAyMDkzNzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWE3ODM4NGZjMmY3ODQ1YTRlOTFiNzc3YTk2Yzc5MzBkMWMwZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRg6/V/juX3Gmp1uvaAg4RBG+AJf
kX2JEFnQJmGxpTIYjrCu4H7onjaGncZsT8Si1r3VT79K2qokex3/KFKLVhDkc1me
j5JQ6M/xeoAJhwwKRuzcbD5eOFmbGW/+St6GpZFHXNS59NHFI+sUAzd88i2XeNwd
F5aFq34X4VQCbsQ72x2Oqx0v15aUOAdboad9LP2HOSnSum94l8zZp85+Te5YfVnX
6y8FT43w1J8EiIZLsU5rVB8IajQBqLfND7N7mPjXDgMKItm3hIYvKS1YoHEKNgdM
oBuzgZY9COP6jJyrl+H+9WK/CcvCOshnjGyXyhe8FA5MK15W+wIHMXzYAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCWng4T8L3hFpOkbd3qWx5MNHA5sMB8GA1UdIwQY
MBaAFBBzEqUBajzcwLfmHcefVdPV7LN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhNU3BRRnFQTnpBdC1ZZHg1OVYwOVhzczM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC85OWY1YzMtNmI3NS00OGJjLWE4YWEt
M2ZkYmE5NzY5MzAyLzEvSmFlRGhQd3ZlRVdrNlJ0M2VwYkhrdzBjRG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC85OWY1YzMtNmI3NS00OGJjLWE4YWEtM2ZkYmE5NzY5MzAy
LzEvRUhNU3BRRnFQTnpBdC1ZZHg1OVYwOVhzczM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW4RAMA0G
CSqGSIb3DQEBCwUAA4IBAQBkF2uzNy8SEaumhMp0HWT1NQU06w1wkAqYYzneRS+B
hmur198UGCmjvW5De0xnw6ZD7eYQjSuGiG1PPNyFzn8v8WbyAmze/L1bciFEM0on
Pb4/PsVbT5yBlawR2aNVOFAcSi+xzpI/dW788CdUnbM+Q3aFfoG+vswt++wdO9FR
OwjHBdgRCOGAbGknOKz22MrnXe4CBs9kU8JDkTHLPut0Vv6IcCoEFuGljqi1Iv+w
vclbEfcifB/XApKAtFl1VFHPomt18FJraAQEKpLHZ7E6Z0+YwFT2CWGhMxfa0+fG
Qz6Km5MwTWHJSieKX6aCxYU/hXdzpRovFfdhH/9dHUBK
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:10 2024 by rpki-client on console-fra.rpki-client.org