Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/CK-TBZg8Nvw24j1-5DTaN3s4RsA.roa
File: CK-TBZg8Nvw24j1-5DTaN3s4RsA.roa (raw, json)
Hash identifier: 6z6/MMknV7LKEJl9n7/IR1Ug4l3JnKk95eBjsUD3b3k=
Subject key identifier: 08:AF:93:05:98:3C:36:FC:36:E2:3D:7E:E4:34:DA:37:7B:38:46:C0
Certificate issuer: /CN=d275d7a8bac0477f5509dff11b9195ca60df87da
Certificate serial: 01856CC15299F0F522FCB11C6C9BA3EE3D78
Authority key identifier: D2:75:D7:A8:BA:C0:47:7F:55:09:DF:F1:1B:91:95:CA:60:DF:87:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nXXqLrAR39VCd_xG5GVymDfh9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/CK-TBZg8Nvw24j1-5DTaN3s4RsA.roa
Signing time: Sun 01 Jan 2023 09:54:46 +0000
ROA not before: Sun 01 Jan 2023 09:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208468
IP address blocks: 91.135.177.0/24 maxlen: 24
91.135.176.0/23 maxlen: 23
91.135.176.0/24 maxlen: 24
91.135.188.0/24 maxlen: 24
91.135.188.0/23 maxlen: 23
91.135.189.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:52:99:f0:f5:22:fc:b1:1c:6c:9b:a3:ee:3d:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d275d7a8bac0477f5509dff11b9195ca60df87da
Validity
Not Before: Jan 1 09:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08af9305983c36fc36e23d7ee434da377b3846c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8c:0f:06:dd:4a:01:b5:98:b9:79:52:43:55:
d1:3c:42:46:26:2a:d1:70:0a:9d:33:1e:be:c6:de:
c7:94:10:ac:22:6c:3e:47:15:32:45:6c:ce:b6:29:
82:f8:7e:31:e7:87:0d:a4:b8:4e:61:3f:0e:bb:d2:
e9:30:c6:1a:cb:0a:69:0a:10:11:67:6a:96:8c:79:
a2:82:44:03:3c:84:c9:5e:90:63:42:a8:f3:ed:fc:
0b:9e:6f:51:a4:bd:4d:c7:21:db:82:92:ae:7f:ca:
20:67:d0:5f:9e:c2:05:47:e3:63:69:15:94:b7:c3:
f2:76:72:47:a6:82:ba:23:8f:90:3a:2d:5f:4a:9a:
9f:ae:70:21:6a:ac:2b:0d:34:55:88:ca:36:84:04:
dd:d3:02:2b:84:91:72:53:e8:3d:e0:67:c5:f9:79:
25:89:5c:f8:0d:77:a3:69:f9:f6:4a:b1:07:01:da:
d4:9f:da:60:85:71:24:35:d9:97:8b:82:21:20:32:
94:e4:af:99:b7:a5:7c:74:82:28:7e:e6:2d:d8:e8:
89:d9:19:63:a1:bd:70:7c:80:0f:16:2c:50:fe:fb:
cb:0f:e1:2c:01:bf:27:38:19:53:5c:e7:40:2a:20:
e8:a8:4e:85:d1:8d:45:4c:d4:f2:41:48:0a:c7:b4:
22:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:AF:93:05:98:3C:36:FC:36:E2:3D:7E:E4:34:DA:37:7B:38:46:C0
X509v3 Authority Key Identifier:
keyid:D2:75:D7:A8:BA:C0:47:7F:55:09:DF:F1:1B:91:95:CA:60:DF:87:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nXXqLrAR39VCd_xG5GVymDfh9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/CK-TBZg8Nvw24j1-5DTaN3s4RsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/0nXXqLrAR39VCd_xG5GVymDfh9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.135.176.0/23
91.135.188.0/23
Signature Algorithm: sha256WithRSAEncryption
02:f6:4f:0e:bc:d0:7f:3f:12:80:ed:e5:74:e2:11:c2:90:52:
ea:4f:59:71:94:5b:c1:0e:da:35:a8:97:99:f6:64:ba:c1:a2:
8c:75:f1:a0:2c:77:b4:cc:ea:e8:a2:29:0e:23:5d:33:6c:16:
97:17:36:73:4e:e3:ba:9d:fe:f5:2f:8e:17:40:bf:7b:72:08:
93:4b:f1:0b:43:c4:95:f1:cd:9b:2a:49:04:01:68:41:2c:5c:
7e:ac:19:9f:ac:5e:47:92:5e:5e:e9:26:16:09:71:a8:04:ab:
fa:2d:39:7c:24:c0:e9:cd:d2:37:d9:d0:80:bf:d4:59:cd:fd:
f3:ec:e9:af:f5:88:ef:ac:dc:f3:a1:62:2f:0f:0c:53:15:23:
a8:e3:e2:38:49:55:c5:8b:ae:90:4b:79:1a:6b:e5:cb:bc:32:
35:73:ad:fb:89:54:17:6b:ab:ac:b5:c6:97:09:da:6d:ef:58:
47:fe:c8:0d:de:ad:20:08:73:75:85:41:a3:2c:d1:9f:f7:bf:
1b:b6:9b:ea:8b:89:ef:12:8f:19:31:eb:53:da:70:ba:17:48:
84:2f:dc:98:b8:16:3e:c1:fa:3c:da:43:d8:d1:77:aa:d8:e0:
e2:ca:9b:a3:00:48:dc:10:15:7c:d2:6c:14:76:c8:17:26:3e:
c4:27:0b:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVswVKZ8PUi/LEcbJuj7j14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzVkN2E4YmFjMDQ3N2Y1NTA5ZGZmMTFiOTE5NWNhNjBk
Zjg3ZGEwHhcNMjMwMTAxMDk1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGFmOTMwNTk4M2MzNmZjMzZlMjNkN2VlNDM0ZGEzNzdiMzg0NmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1owPBt1KAbWYuXlSQ1XRPEJGJirR
cAqdMx6+xt7HlBCsImw+RxUyRWzOtimC+H4x54cNpLhOYT8Ou9LpMMYaywppChAR
Z2qWjHmigkQDPITJXpBjQqjz7fwLnm9RpL1NxyHbgpKuf8ogZ9BfnsIFR+NjaRWU
t8PydnJHpoK6I4+QOi1fSpqfrnAhaqwrDTRViMo2hATd0wIrhJFyU+g94GfF+Xkl
iVz4DXejafn2SrEHAdrUn9pghXEkNdmXi4IhIDKU5K+Zt6V8dIIofuYt2OiJ2Rlj
ob1wfIAPFixQ/vvLD+EsAb8nOBlTXOdAKiDoqE6F0Y1FTNTyQUgKx7QiEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAivkwWYPDb8NuI9fuQ02jd7OEbAMB8GA1UdIwQY
MBaAFNJ116i6wEd/VQnf8RuRlcpg34faMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5YWHFMckFSMzlWQ2RfeEc1R1Z5bURmaDlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS83YmViMDQtMzE3Yi00NDhhLTgyZWQt
NTY1YjE0NDcwMzdiLzEvQ0stVEJaZzhOdncyNGoxLTVEVGFOM3M0UnNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS83YmViMDQtMzE3Yi00NDhhLTgyZWQtNTY1YjE0NDcwMzdi
LzEvMG5YWHFMckFSMzlWQ2RfeEc1R1Z5bURmaDlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW4ewAwQB
W4e8MA0GCSqGSIb3DQEBCwUAA4IBAQAC9k8OvNB/PxKA7eV04hHCkFLqT1lxlFvB
Dto1qJeZ9mS6waKMdfGgLHe0zOrooikOI10zbBaXFzZzTuO6nf71L44XQL97cgiT
S/ELQ8SV8c2bKkkEAWhBLFx+rBmfrF5Hkl5e6SYWCXGoBKv6LTl8JMDpzdI32dCA
v9RZzf3z7Omv9YjvrNzzoWIvDwxTFSOo4+I4SVXFi66QS3kaa+XLvDI1c637iVQX
a6ustcaXCdpt71hH/sgN3q0gCHN1hUGjLNGf978btpvqi4nvEo8ZMetT2nC6F0iE
L9yYuBY+wfo82kPY0Xeq2ODiypujAEjcEBV80mwUdsgXJj7EJwse
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:40 2024 by rpki-client on console-fra.rpki-client.org