Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/0LtqMP0Efb9-r2MCmyxW1JwdOVw.roa
File: 0LtqMP0Efb9-r2MCmyxW1JwdOVw.roa (raw, json)
Hash identifier: cNQYs+eH1L4HEFU4tLRctlh1+BrD0rhn44WADbWcbCs=
Subject key identifier: D0:BB:6A:30:FD:04:7D:BF:7E:AF:63:02:9B:2C:56:D4:9C:1D:39:5C
Certificate issuer: /CN=9a48c1d8008cdc059db0b27aa9514799c06d5443
Certificate serial: 01856C2ED098272BDA1EBC8D59B0EF1E6D84
Authority key identifier: 9A:48:C1:D8:00:8C:DC:05:9D:B0:B2:7A:A9:51:47:99:C0:6D:54:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/0LtqMP0Efb9-r2MCmyxW1JwdOVw.roa
Signing time: Sun 01 Jan 2023 07:14:45 +0000
ROA not before: Sun 01 Jan 2023 07:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56694
IP address blocks: 91.219.148.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:2e:d0:98:27:2b:da:1e:bc:8d:59:b0:ef:1e:6d:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a48c1d8008cdc059db0b27aa9514799c06d5443
Validity
Not Before: Jan 1 07:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0bb6a30fd047dbf7eaf63029b2c56d49c1d395c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:60:bf:78:2b:32:bd:10:9a:6b:f0:94:9e:7d:
fc:7c:66:30:a5:02:b6:b1:0e:d5:6f:95:22:e4:83:
77:6a:14:82:9b:d9:66:7d:d3:22:1d:8d:4d:f8:15:
c8:30:22:3d:46:1e:ee:39:52:ff:d9:26:b4:07:1f:
79:07:58:ed:88:1f:87:19:46:01:90:d6:6c:5d:fa:
4f:2a:4c:c9:4f:9c:7e:5c:a4:e5:29:bf:ae:51:0b:
4d:39:d2:c9:91:50:6f:49:44:b5:77:d1:fc:cd:4c:
ee:d4:fe:d2:2c:5c:bf:36:90:a8:c9:2a:19:58:6f:
9b:47:54:6c:72:15:ee:4b:0a:2b:15:33:b2:99:69:
a2:c7:42:87:e3:68:e1:1e:cc:d0:21:b8:dc:4a:1a:
eb:db:25:76:94:bf:52:98:dd:61:0f:51:49:bf:0c:
a4:02:31:f0:5a:04:df:c5:1b:5b:09:3a:de:f2:2f:
e5:f5:3a:36:c5:af:1a:b2:ab:2c:09:60:0a:d7:0d:
5d:6f:66:76:f2:7b:a0:1e:5d:4c:7c:53:8a:e7:8c:
49:f3:8e:b5:b3:bf:4c:b4:40:5c:99:78:ac:64:58:
7e:7c:ac:97:68:3e:39:45:68:7d:0b:f3:26:07:87:
e7:68:e5:c3:95:aa:4f:d6:c5:e0:c5:51:a6:ce:74:
84:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:BB:6A:30:FD:04:7D:BF:7E:AF:63:02:9B:2C:56:D4:9C:1D:39:5C
X509v3 Authority Key Identifier:
keyid:9A:48:C1:D8:00:8C:DC:05:9D:B0:B2:7A:A9:51:47:99:C0:6D:54:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/0LtqMP0Efb9-r2MCmyxW1JwdOVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.148.0/22
Signature Algorithm: sha256WithRSAEncryption
57:7a:a2:1b:5e:f8:66:b2:01:fa:42:58:a0:dc:ca:1b:f6:85:
cf:93:45:86:bb:f7:dd:82:bc:fb:ae:72:a2:55:f2:45:9f:ca:
45:18:4b:8d:38:41:8d:b6:4d:b7:b7:f5:f3:8f:ea:7f:8e:5b:
43:09:90:d8:d6:de:05:11:d9:79:aa:36:b5:e5:a7:a1:6b:ef:
9c:27:28:4a:64:60:e6:db:7e:97:a3:cf:d1:35:a8:51:ea:ea:
1b:91:d0:ea:9c:41:49:08:24:79:89:e9:6f:08:c5:b7:51:8c:
0f:8d:b0:e3:c2:2f:96:2d:57:b6:a3:66:3c:1f:06:94:a3:a9:
99:d8:51:5d:23:0e:34:a7:41:40:e4:a8:dd:2c:f1:cb:16:c0:
d8:bd:63:0b:77:dd:22:59:4b:dd:f8:c0:16:c1:b8:7f:1b:41:
52:11:2e:c7:a9:ff:e2:0e:ec:c1:87:18:3f:be:a0:43:ea:25:
2d:64:34:a4:a7:44:bf:87:99:82:40:e4:bb:c9:7d:b8:2f:f6:
b9:5a:13:a6:04:c4:43:d1:11:3d:09:e2:d7:c5:1d:7d:ec:67:
8a:6a:f1:4d:c8:5a:ee:61:83:6c:67:79:05:19:d2:7f:a3:c8:
5a:c6:91:37:c8:93:06:f7:bb:32:da:13:52:67:a9:3a:e7:e3:
8a:47:b1:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsLtCYJyvaHryNWbDvHm2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNDhjMWQ4MDA4Y2RjMDU5ZGIwYjI3YWE5NTE0Nzk5YzA2
ZDU0NDMwHhcNMjMwMTAxMDcxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGJiNmEzMGZkMDQ3ZGJmN2VhZjYzMDI5YjJjNTZkNDljMWQzOTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2C/eCsyvRCaa/CUnn38fGYwpQK2
sQ7Vb5Ui5IN3ahSCm9lmfdMiHY1N+BXIMCI9Rh7uOVL/2Sa0Bx95B1jtiB+HGUYB
kNZsXfpPKkzJT5x+XKTlKb+uUQtNOdLJkVBvSUS1d9H8zUzu1P7SLFy/NpCoySoZ
WG+bR1RschXuSworFTOymWmix0KH42jhHszQIbjcShrr2yV2lL9SmN1hD1FJvwyk
AjHwWgTfxRtbCTre8i/l9To2xa8asqssCWAK1w1db2Z28nugHl1MfFOK54xJ8461
s79MtEBcmXisZFh+fKyXaD45RWh9C/MmB4fnaOXDlapP1sXgxVGmznSEfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNC7ajD9BH2/fq9jApssVtScHTlcMB8GA1UdIwQY
MBaAFJpIwdgAjNwFnbCyeqlRR5nAbVRDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWtqQjJBQ00zQVdkc0xKNnFWRkhtY0J0VkVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9jYjYxNGMtNDk1ZS00MTBlLTg3MzAt
NWEzNjYzMTVjMTY2LzEvMEx0cU1QMEVmYjktcjJNQ215eFcxSndkT1Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9jYjYxNGMtNDk1ZS00MTBlLTg3MzAtNWEzNjYzMTVjMTY2
LzEvbWtqQjJBQ00zQVdkc0xKNnFWRkhtY0J0VkVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9uUMA0G
CSqGSIb3DQEBCwUAA4IBAQBXeqIbXvhmsgH6Qlig3Mob9oXPk0WGu/fdgrz7rnKi
VfJFn8pFGEuNOEGNtk23t/Xzj+p/jltDCZDY1t4FEdl5qja15aeha++cJyhKZGDm
236Xo8/RNahR6uobkdDqnEFJCCR5ielvCMW3UYwPjbDjwi+WLVe2o2Y8HwaUo6mZ
2FFdIw40p0FA5KjdLPHLFsDYvWMLd90iWUvd+MAWwbh/G0FSES7Hqf/iDuzBhxg/
vqBD6iUtZDSkp0S/h5mCQOS7yX24L/a5WhOmBMRD0RE9CeLXxR197GeKavFNyFru
YYNsZ3kFGdJ/o8haxpE3yJMG97sy2hNSZ6k65+OKR7Gg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:11 2024 by rpki-client on console-ams.rpki-client.org