Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/5JUpVgPi3spDQyyQbryH7GiJzXQ.roa
File: 5JUpVgPi3spDQyyQbryH7GiJzXQ.roa (raw, json)
Hash identifier: rEpGWMBxW1MhRNCEhv6edaS1rH1T8+D9csreSKMY5zg=
Subject key identifier: E4:95:29:56:03:E2:DE:CA:43:43:2C:90:6E:BC:87:EC:68:89:CD:74
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018A21C03C7433BD864C21BC9A4D7812E29E
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/5JUpVgPi3spDQyyQbryH7GiJzXQ.roa
Signing time: Wed 23 Aug 2023 09:36:01 +0000
ROA not before: Wed 23 Aug 2023 09:36:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21743
IP address blocks: 91.234.156.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:c0:3c:74:33:bd:86:4c:21:bc:9a:4d:78:12:e2:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Aug 23 09:36:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e495295603e2deca43432c906ebc87ec6889cd74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2d:27:29:8b:8c:00:51:0f:34:83:bf:f0:58:
32:8d:84:ff:c6:6e:ee:c7:82:4a:b5:ae:c6:69:81:
46:87:46:ce:95:6e:c0:80:fc:49:43:3d:1d:12:05:
b2:ad:f5:3b:80:01:fd:f0:94:9d:b4:32:2c:49:74:
1c:fb:0b:67:8c:b3:4d:71:0d:b3:e7:8b:bb:61:e8:
81:b0:b4:fb:fb:b1:3a:0e:ab:a1:8a:63:bd:79:09:
53:e9:d6:58:02:84:32:cb:8d:5a:b4:0b:13:99:0d:
37:c9:ec:ea:8b:06:fe:69:32:5a:23:aa:bd:0b:02:
0d:8e:de:ef:ac:89:a1:20:e9:19:77:19:d1:ed:e9:
1e:0a:3e:ec:33:cf:77:c7:97:47:06:70:8d:f3:d0:
b3:b7:44:08:59:81:19:7c:13:1d:84:f4:cb:e7:d3:
a2:2c:db:36:cf:9f:b2:1a:ee:91:2c:05:c7:23:55:
a5:fb:e3:ab:44:de:76:b5:81:13:65:23:be:16:76:
2a:d0:d4:c3:5e:59:a7:04:bf:f6:da:55:0e:42:90:
0e:60:86:a1:61:6a:bc:d5:e0:0f:cc:9a:dd:a4:6d:
36:3c:12:33:c3:de:40:31:e5:e8:52:e4:f7:db:a3:
16:ca:b2:04:50:25:35:15:f0:d5:44:e9:76:2c:1d:
5f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:95:29:56:03:E2:DE:CA:43:43:2C:90:6E:BC:87:EC:68:89:CD:74
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/5JUpVgPi3spDQyyQbryH7GiJzXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.156.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:7d:d5:df:0b:62:f9:3b:66:16:88:ce:ea:a9:84:07:27:76:
9a:d7:35:64:c4:bb:c2:53:45:07:49:2d:10:83:8f:07:cb:cb:
38:4f:68:41:06:94:dd:ee:83:d8:fa:27:bd:5b:da:5c:d6:af:
df:31:3b:c9:0d:aa:ad:e6:c1:9a:79:ee:6c:e9:9e:65:a6:23:
e7:f8:47:79:e2:31:20:59:16:21:ab:fc:8d:f5:13:86:0f:fa:
9c:9f:9e:7d:c7:28:36:81:d9:82:34:39:14:0b:6d:92:c6:3e:
62:ff:71:4c:1c:ee:3a:d4:69:42:c4:73:61:33:6f:b5:8e:f5:
ff:78:fa:85:14:76:d5:4b:84:2c:3f:89:38:eb:f1:ff:1a:9a:
3c:75:97:32:3b:6f:ea:d8:ff:c5:91:e1:54:d1:9a:c7:20:25:
bb:6f:59:b6:14:fa:ea:0d:06:53:d9:d7:76:d6:62:69:d9:71:
75:6a:7e:47:cd:43:32:c1:44:d6:cb:70:1b:fd:b2:b6:18:b1:
b7:01:70:e6:2a:a1:77:70:44:11:ae:a7:db:28:dc:37:2d:cb:
3d:6a:d5:40:59:ab:9b:89:54:fa:7e:d7:0b:a0:03:32:ea:63:
a2:e5:f6:d9:f9:a6:74:5f:2b:7f:80:22:77:74:8f:40:06:95:
45:e0:2c:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYohwDx0M72GTCG8mk14EuKeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwODIzMDkzNjAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDk1Mjk1NjAzZTJkZWNhNDM0MzJjOTA2ZWJjODdlYzY4ODljZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS0nKYuMAFEPNIO/8FgyjYT/xm7u
x4JKta7GaYFGh0bOlW7AgPxJQz0dEgWyrfU7gAH98JSdtDIsSXQc+wtnjLNNcQ2z
54u7YeiBsLT7+7E6DquhimO9eQlT6dZYAoQyy41atAsTmQ03yezqiwb+aTJaI6q9
CwINjt7vrImhIOkZdxnR7ekeCj7sM893x5dHBnCN89Czt0QIWYEZfBMdhPTL59Oi
LNs2z5+yGu6RLAXHI1Wl++OrRN52tYETZSO+FnYq0NTDXlmnBL/22lUOQpAOYIah
YWq81eAPzJrdpG02PBIzw95AMeXoUuT326MWyrIEUCU1FfDVROl2LB1fQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOSVKVYD4t7KQ0MskG68h+xoic10MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvNUpVcFZnUGkzc3BEUXl5UWJyeUg3R2lKelhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+qcMA0G
CSqGSIb3DQEBCwUAA4IBAQChfdXfC2L5O2YWiM7qqYQHJ3aa1zVkxLvCU0UHSS0Q
g48Hy8s4T2hBBpTd7oPY+ie9W9pc1q/fMTvJDaqt5sGaee5s6Z5lpiPn+Ed54jEg
WRYhq/yN9ROGD/qcn559xyg2gdmCNDkUC22Sxj5i/3FMHO461GlCxHNhM2+1jvX/
ePqFFHbVS4QsP4k46/H/Gpo8dZcyO2/q2P/FkeFU0ZrHICW7b1m2FPrqDQZT2dd2
1mJp2XF1an5HzUMywUTWy3Ab/bK2GLG3AXDmKqF3cEQRrqfbKNw3Lcs9atVAWaub
iVT6ftcLoAMy6mOi5fbZ+aZ0Xyt/gCJ3dI9ABpVF4Cyj
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:56 2024 by rpki-client on console-ams.rpki-client.org