Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/gzi55ilWbQmlJmj0rabGQ_BOE9E.roa
File: gzi55ilWbQmlJmj0rabGQ_BOE9E.roa (raw, json)
Hash identifier: 4OEQKNPO/8WAD0xc5PAXHgVh1uS7ZZv5TMN5LtshPDs=
Subject key identifier: 83:38:B9:E6:29:56:6D:09:A5:26:68:F4:AD:A6:C6:43:F0:4E:13:D1
Certificate issuer: /CN=d9ff87f52e37b766ecbf4b3f9cb26558dd308820
Certificate serial: 01856CAF2575ECAC5B4CDC4E2664BB8D9637
Authority key identifier: D9:FF:87:F5:2E:37:B7:66:EC:BF:4B:3F:9C:B2:65:58:DD:30:88:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/gzi55ilWbQmlJmj0rabGQ_BOE9E.roa
Signing time: Sun 01 Jan 2023 09:34:55 +0000
ROA not before: Sun 01 Jan 2023 09:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57535
IP address blocks: 91.232.210.0/24 maxlen: 24
91.232.211.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:25:75:ec:ac:5b:4c:dc:4e:26:64:bb:8d:96:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ff87f52e37b766ecbf4b3f9cb26558dd308820
Validity
Not Before: Jan 1 09:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8338b9e629566d09a52668f4ada6c643f04e13d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:72:15:1f:7f:43:37:e2:a0:97:ed:b2:9b:d4:
33:e8:ef:1e:79:9f:a7:42:09:47:87:96:a2:00:ed:
6e:54:27:24:61:dc:5f:8c:fb:3d:80:2b:5f:14:04:
35:2e:08:b7:a6:66:e2:43:97:7c:3e:5d:ac:e1:85:
f7:a0:78:01:b5:e9:8f:23:c5:fa:64:c7:11:71:ac:
64:7c:0d:6f:29:0c:77:5a:13:3b:c3:3e:a7:59:32:
9b:15:b6:7d:2d:cd:aa:b9:1b:3b:b0:e9:f5:26:18:
8a:09:5c:3a:d7:e6:78:39:db:36:8f:e6:35:75:89:
26:99:97:d8:dc:0d:14:46:88:26:60:c6:93:5b:20:
1a:ef:7d:1c:bd:87:64:1b:ef:64:2b:c6:76:26:d4:
74:08:46:20:b4:2e:32:73:d8:64:b6:44:97:44:2a:
90:eb:2f:9f:0a:de:b7:87:de:dc:68:ef:95:75:ae:
bd:90:3e:41:90:92:45:23:34:2a:a2:87:c2:80:3c:
f6:9a:e9:18:b8:9e:29:ad:b1:40:ac:35:75:ce:50:
e8:91:84:72:26:ad:b4:8e:61:ca:db:73:4b:b3:fb:
f2:90:36:55:f4:40:9b:44:02:6a:1e:d3:3d:f0:13:
f3:b6:88:64:4e:3f:e4:88:d6:a6:9d:c6:4a:c7:2a:
3d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:38:B9:E6:29:56:6D:09:A5:26:68:F4:AD:A6:C6:43:F0:4E:13:D1
X509v3 Authority Key Identifier:
keyid:D9:FF:87:F5:2E:37:B7:66:EC:BF:4B:3F:9C:B2:65:58:DD:30:88:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/gzi55ilWbQmlJmj0rabGQ_BOE9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.210.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:bd:f0:19:32:2c:9e:db:91:dd:8a:b8:72:bf:f9:74:6d:7d:
4b:13:7b:0a:de:4c:cc:a3:2a:74:5a:1d:40:48:20:55:d3:eb:
24:ed:8f:d6:32:ca:c5:69:39:e0:d2:8e:3b:1c:b7:35:52:18:
f8:39:7f:23:de:3d:d8:be:71:09:f9:c4:80:a1:74:40:40:83:
4d:23:ab:3d:82:64:06:0d:9a:4e:aa:57:80:e7:34:95:5b:70:
b6:c9:83:9c:82:0d:60:e3:bc:f8:bd:4f:a7:f2:bf:1f:ad:d8:
e3:e8:d5:2f:53:c4:0b:2c:52:b3:ed:91:7a:2f:cc:a3:36:97:
eb:cd:17:a5:f5:36:8c:e4:fa:38:db:2b:07:51:89:04:e7:93:
ea:b1:8e:d8:0d:d9:8f:6e:84:ff:a2:37:d2:12:61:47:b7:00:
ea:bd:3e:01:fb:e1:63:85:ed:76:87:c0:93:41:71:35:e1:cb:
5e:55:f4:7b:04:20:be:2f:02:60:10:34:e8:d3:3a:d8:5a:28:
c3:65:0c:7c:9e:67:52:45:b9:bd:b4:b0:ef:18:78:90:49:5d:
ed:23:18:ae:fa:ea:2a:1b:de:ce:b0:f0:2d:54:7b:bc:d4:77:
ad:a3:2f:06:19:0e:4b:b3:c2:5e:9d:46:bc:5f:fd:e3:ca:cb:
13:61:ff:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsryV17KxbTNxOJmS7jZY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmY4N2Y1MmUzN2I3NjZlY2JmNGIzZjljYjI2NTU4ZGQz
MDg4MjAwHhcNMjMwMTAxMDkzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzM4YjllNjI5NTY2ZDA5YTUyNjY4ZjRhZGE2YzY0M2YwNGUxM2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3IVH39DN+Kgl+2ym9Qz6O8eeZ+n
QglHh5aiAO1uVCckYdxfjPs9gCtfFAQ1Lgi3pmbiQ5d8Pl2s4YX3oHgBtemPI8X6
ZMcRcaxkfA1vKQx3WhM7wz6nWTKbFbZ9Lc2quRs7sOn1JhiKCVw61+Z4Ods2j+Y1
dYkmmZfY3A0URogmYMaTWyAa730cvYdkG+9kK8Z2JtR0CEYgtC4yc9hktkSXRCqQ
6y+fCt63h97caO+Vda69kD5BkJJFIzQqoofCgDz2mukYuJ4prbFArDV1zlDokYRy
Jq20jmHK23NLs/vykDZV9ECbRAJqHtM98BPztohkTj/kiNamncZKxyo9/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIM4ueYpVm0JpSZo9K2mxkPwThPRMB8GA1UdIwQY
MBaAFNn/h/UuN7dm7L9LP5yyZVjdMIggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9lMmFhZDgtZTIxMi00ODI4LWE1ZmMt
MWU3MzAwY2NkYTM2LzEvZ3ppNTVpbFdiUW1sSm1qMHJhYkdRX0JPRTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9lMmFhZDgtZTIxMi00ODI4LWE1ZmMtMWU3MzAwY2NkYTM2
LzEvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+jSMA0G
CSqGSIb3DQEBCwUAA4IBAQCxvfAZMiye25Hdirhyv/l0bX1LE3sK3kzMoyp0Wh1A
SCBV0+sk7Y/WMsrFaTng0o47HLc1Uhj4OX8j3j3YvnEJ+cSAoXRAQINNI6s9gmQG
DZpOqleA5zSVW3C2yYOcgg1g47z4vU+n8r8frdjj6NUvU8QLLFKz7ZF6L8yjNpfr
zRel9TaM5Po42ysHUYkE55PqsY7YDdmPboT/ojfSEmFHtwDqvT4B++Fjhe12h8CT
QXE14cteVfR7BCC+LwJgEDTo0zrYWijDZQx8nmdSRbm9tLDvGHiQSV3tIxiu+uoq
G97OsPAtVHu81Hetoy8GGQ5Ls8JenUa8X/3jyssTYf90
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:34 2024 by rpki-client on console-fra.rpki-client.org