Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/G2FiLRpbNzgdU8gF97mPG7m1MZM.roa
File: G2FiLRpbNzgdU8gF97mPG7m1MZM.roa (raw, json)
Hash identifier: KOWntmnQ2XAwJbrl1+hYgOdytObrhpa5tst7A6AXnJs=
Subject key identifier: 1B:61:62:2D:1A:5B:37:38:1D:53:C8:05:F7:B9:8F:1B:B9:B5:31:93
Certificate issuer: /CN=9a48c1d8008cdc059db0b27aa9514799c06d5443
Certificate serial: 018CC425225867A744C677E3DC901ECD838E
Authority key identifier: 9A:48:C1:D8:00:8C:DC:05:9D:B0:B2:7A:A9:51:47:99:C0:6D:54:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/G2FiLRpbNzgdU8gF97mPG7m1MZM.roa
Signing time: Mon 01 Jan 2024 08:30:17 +0000
ROA not before: Mon 01 Jan 2024 08:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56694
IP address blocks: 91.219.148.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 12:23:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:22:58:67:a7:44:c6:77:e3:dc:90:1e:cd:83:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a48c1d8008cdc059db0b27aa9514799c06d5443
Validity
Not Before: Jan 1 08:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b61622d1a5b37381d53c805f7b98f1bb9b53193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ea:a7:1f:e3:f9:8e:32:10:26:db:a6:8d:db:
c8:35:ef:eb:1d:8e:3d:d0:60:66:d5:9b:c6:e5:d7:
05:64:cc:88:a4:dc:53:6e:50:0b:b6:de:ea:0d:fa:
3d:aa:45:43:2d:b4:1e:a3:6e:aa:fb:8f:7c:fd:50:
ef:d6:df:44:54:28:eb:88:b8:4f:6f:68:ef:e2:e8:
2c:1c:c1:95:bd:d0:df:85:64:3b:97:e7:c1:ce:24:
43:0a:76:f0:1a:b4:b5:63:71:ab:78:d6:ce:45:dc:
6e:44:4f:bd:e3:6e:1f:8a:c4:8c:32:17:a3:85:2b:
2a:b2:15:11:d9:60:22:c4:07:b2:25:83:1c:ad:d9:
e3:84:fd:13:66:94:48:cd:41:07:bd:d3:0e:62:9d:
f2:0c:7e:af:70:46:d6:c9:a9:69:94:11:6c:7a:1a:
2a:ae:49:05:2f:b0:77:02:a8:2e:ef:20:1e:76:ef:
6d:34:72:da:39:e7:ae:cc:85:a5:dd:46:5c:e9:83:
c0:76:36:dd:a8:31:dd:ee:34:13:73:bb:26:63:40:
e9:65:49:64:14:e8:6b:e3:68:83:66:f9:50:fb:1e:
06:79:ab:af:34:a7:ec:74:d6:1f:a9:e3:3e:bf:86:
ed:63:98:a1:86:79:79:23:80:a6:c2:57:48:19:29:
9e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:61:62:2D:1A:5B:37:38:1D:53:C8:05:F7:B9:8F:1B:B9:B5:31:93
X509v3 Authority Key Identifier:
keyid:9A:48:C1:D8:00:8C:DC:05:9D:B0:B2:7A:A9:51:47:99:C0:6D:54:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/G2FiLRpbNzgdU8gF97mPG7m1MZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.148.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:b9:fd:0a:91:ea:0f:aa:7d:4e:bc:06:e7:c7:79:5d:33:7c:
d5:44:66:b8:b6:33:cb:a9:77:82:6b:71:21:17:77:23:1d:c4:
01:50:10:a9:0f:c7:73:9d:d7:39:93:94:4c:a9:3c:c6:8a:e1:
66:c1:59:ca:45:ad:b5:af:d2:87:b3:01:1e:a6:c3:45:24:52:
df:ac:98:0f:8c:bb:2a:28:fb:9f:ad:84:4e:06:69:d9:f1:fc:
f8:a6:80:e6:0b:a9:91:fd:02:01:5f:87:83:d9:e4:15:55:de:
34:63:96:fe:48:35:74:07:87:3f:56:c1:db:70:62:65:6d:9f:
06:76:e5:3b:b6:d2:be:b8:b4:30:da:3d:81:72:e7:e7:98:e0:
37:89:08:1f:56:e5:7c:26:96:3e:1c:d0:32:a4:b9:99:40:8e:
bc:ed:e8:a9:ea:e6:e9:d8:06:22:9f:ef:76:0b:e6:eb:31:e8:
84:c2:88:ec:8a:08:bf:3b:72:bc:0b:52:19:97:0b:9f:b1:15:
58:03:32:90:9e:10:01:43:87:7d:9f:fc:2c:4e:ea:6f:fe:4a:
12:e4:b5:09:7d:11:4d:45:4a:24:ab:fb:c8:0e:0f:09:9b:a6:
1e:e3:3f:81:73:3d:02:60:90:7c:69:f0:74:59:63:8e:92:b5:
33:fe:72:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJSJYZ6dExnfj3JAezYOOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNDhjMWQ4MDA4Y2RjMDU5ZGIwYjI3YWE5NTE0Nzk5YzA2
ZDU0NDMwHhcNMjQwMTAxMDgzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjYxNjIyZDFhNWIzNzM4MWQ1M2M4MDVmN2I5OGYxYmI5YjUzMTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueqnH+P5jjIQJtumjdvINe/rHY49
0GBm1ZvG5dcFZMyIpNxTblALtt7qDfo9qkVDLbQeo26q+498/VDv1t9EVCjriLhP
b2jv4ugsHMGVvdDfhWQ7l+fBziRDCnbwGrS1Y3GreNbORdxuRE+9424fisSMMhej
hSsqshUR2WAixAeyJYMcrdnjhP0TZpRIzUEHvdMOYp3yDH6vcEbWyalplBFsehoq
rkkFL7B3Aqgu7yAedu9tNHLaOeeuzIWl3UZc6YPAdjbdqDHd7jQTc7smY0DpZUlk
FOhr42iDZvlQ+x4GeauvNKfsdNYfqeM+v4btY5ihhnl5I4CmwldIGSmeAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBthYi0aWzc4HVPIBfe5jxu5tTGTMB8GA1UdIwQY
MBaAFJpIwdgAjNwFnbCyeqlRR5nAbVRDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWtqQjJBQ00zQVdkc0xKNnFWRkhtY0J0VkVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9jYjYxNGMtNDk1ZS00MTBlLTg3MzAt
NWEzNjYzMTVjMTY2LzEvRzJGaUxScGJOemdkVThnRjk3bVBHN20xTVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9jYjYxNGMtNDk1ZS00MTBlLTg3MzAtNWEzNjYzMTVjMTY2
LzEvbWtqQjJBQ00zQVdkc0xKNnFWRkhtY0J0VkVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9uUMA0G
CSqGSIb3DQEBCwUAA4IBAQBauf0KkeoPqn1OvAbnx3ldM3zVRGa4tjPLqXeCa3Eh
F3cjHcQBUBCpD8dzndc5k5RMqTzGiuFmwVnKRa21r9KHswEepsNFJFLfrJgPjLsq
KPufrYROBmnZ8fz4poDmC6mR/QIBX4eD2eQVVd40Y5b+SDV0B4c/VsHbcGJlbZ8G
duU7ttK+uLQw2j2BcufnmOA3iQgfVuV8JpY+HNAypLmZQI687eip6ubp2AYin+92
C+brMeiEwojsigi/O3K8C1IZlwufsRVYAzKQnhABQ4d9n/wsTupv/koS5LUJfRFN
RUokq/vIDg8Jm6Ye4z+Bcz0CYJB8afB0WWOOkrUz/nIc
-----END CERTIFICATE-----
Generated at Tue Apr 9 17:28:23 2024 by rpki-client on console-fra.rpki-client.org