Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/bi8KyKS2RSgEdvVCsA3wXURpBsY.roa
File: bi8KyKS2RSgEdvVCsA3wXURpBsY.roa (raw, json)
Hash identifier: 437UOyj7zkndPvQ+456RTMSDtK3lrGk1zn494J0vHrw=
Subject key identifier: 6E:2F:0A:C8:A4:B6:45:28:04:76:F5:42:B0:0D:F0:5D:44:69:06:C6
Certificate issuer: /CN=53e3aedd91be82451342dcd1c9828345db661a5f
Certificate serial: 018832B1424C22F7E8A21CEA57E864079AC0
Authority key identifier: 53:E3:AE:DD:91:BE:82:45:13:42:DC:D1:C9:82:83:45:DB:66:1A:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/bi8KyKS2RSgEdvVCsA3wXURpBsY.roa
Signing time: Fri 19 May 2023 06:27:37 +0000
ROA not before: Fri 19 May 2023 06:27:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43668
IP address blocks: 91.197.184.0/22 maxlen: 22
185.225.196.0/24 maxlen: 24
2001:67c:15d8::/48 maxlen: 48
2a0d:5d00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:32:b1:42:4c:22:f7:e8:a2:1c:ea:57:e8:64:07:9a:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53e3aedd91be82451342dcd1c9828345db661a5f
Validity
Not Before: May 19 06:27:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e2f0ac8a4b645280476f542b00df05d446906c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c0:4f:b9:6a:f8:3c:cb:95:0f:06:64:fc:92:
b9:1f:7a:08:f8:64:bf:26:ce:14:6d:ab:82:72:cb:
7c:59:fc:a0:bf:5d:ef:05:bf:dd:5c:d5:b3:9a:78:
68:d9:2e:43:de:2b:ea:ee:dd:cf:bd:d9:a7:e3:68:
63:63:3e:f7:7a:9f:cb:a2:21:c8:19:b7:5a:00:83:
2e:41:b8:4e:0b:ad:33:86:0d:6c:b8:c1:aa:7c:53:
df:92:02:c8:3c:20:af:0f:9a:9d:06:1a:fd:ac:40:
3c:6c:8d:b2:51:82:47:36:99:bc:5d:d1:56:65:2d:
ea:33:54:96:f1:de:fe:2a:8f:52:00:79:8a:cb:ae:
85:a0:86:59:91:58:a2:a6:49:16:9a:53:f0:c5:04:
ac:af:a8:f2:80:3e:39:db:88:53:6d:fa:8c:ad:08:
75:80:ea:fa:f4:c5:e8:ca:29:51:39:9d:6a:8e:e7:
ba:46:56:76:f5:0f:c1:27:4d:71:32:7c:c8:57:95:
7d:88:a0:ed:3e:01:f2:2b:51:f2:d9:bb:77:ff:25:
12:07:ed:e7:ad:45:7b:6a:ea:88:9d:6e:fe:61:57:
a8:01:db:2b:7a:17:66:26:f0:69:ce:27:4b:dd:33:
8d:5d:5b:c7:43:ff:5b:6b:5f:1a:ff:16:70:ba:11:
34:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:2F:0A:C8:A4:B6:45:28:04:76:F5:42:B0:0D:F0:5D:44:69:06:C6
X509v3 Authority Key Identifier:
keyid:53:E3:AE:DD:91:BE:82:45:13:42:DC:D1:C9:82:83:45:DB:66:1A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/bi8KyKS2RSgEdvVCsA3wXURpBsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.184.0/22
185.225.196.0/24
IPv6:
2001:67c:15d8::/48
2a0d:5d00::/29
Signature Algorithm: sha256WithRSAEncryption
bb:0a:71:1a:36:90:7e:a6:e0:76:4f:83:33:0f:b9:51:0e:d9:
a3:23:6a:6b:91:53:4a:4a:98:e0:08:f4:96:26:14:53:c2:e4:
8c:5e:6e:b0:c1:99:96:dc:62:c5:87:1d:35:12:7f:9f:ee:d1:
fd:72:eb:7d:93:5a:85:29:10:ef:a4:03:63:3f:9a:0b:da:12:
17:01:69:35:b1:14:5a:fe:f6:12:e2:c0:46:22:97:10:c4:37:
a0:fb:1c:36:c5:50:5c:7c:46:90:bd:84:3e:42:2f:65:8a:d4:
bf:0c:5d:d6:1c:3e:e5:6d:d9:36:68:60:13:aa:35:8b:50:d0:
8e:26:29:b2:d7:96:b6:9c:78:79:60:ba:56:9c:07:92:06:ea:
8d:d8:62:ba:ce:0d:0c:64:19:03:6b:3f:33:0e:c9:29:4b:b1:
76:e7:58:4c:22:67:6f:d6:87:5a:aa:5e:cf:3e:5f:82:b7:1e:
2f:66:62:3d:33:86:14:74:71:2a:8f:9b:68:3a:6a:2c:5d:70:
51:ad:6f:51:d6:34:e1:bc:e5:0a:da:28:15:70:ec:96:9d:2c:
3c:6c:4f:29:ec:e5:81:2c:e1:26:72:43:47:29:2e:6b:25:08:
58:32:22:08:55:22:80:62:d9:b1:52:8f:56:6b:3e:65:27:9f:
3e:e7:f7:42
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYgysUJMIvfoohzqV+hkB5rAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZTNhZWRkOTFiZTgyNDUxMzQyZGNkMWM5ODI4MzQ1ZGI2
NjFhNWYwHhcNMjMwNTE5MDYyNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTJmMGFjOGE0YjY0NTI4MDQ3NmY1NDJiMDBkZjA1ZDQ0NjkwNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicBPuWr4PMuVDwZk/JK5H3oI+GS/
Js4UbauCcst8Wfygv13vBb/dXNWzmnho2S5D3ivq7t3Pvdmn42hjYz73ep/LoiHI
GbdaAIMuQbhOC60zhg1suMGqfFPfkgLIPCCvD5qdBhr9rEA8bI2yUYJHNpm8XdFW
ZS3qM1SW8d7+Ko9SAHmKy66FoIZZkViipkkWmlPwxQSsr6jygD4524hTbfqMrQh1
gOr69MXoyilROZ1qjue6RlZ29Q/BJ01xMnzIV5V9iKDtPgHyK1Hy2bt3/yUSB+3n
rUV7auqInW7+YVeoAdsrehdmJvBpzidL3TONXVvHQ/9ba18a/xZwuhE0WwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG4vCsiktkUoBHb1QrAN8F1EaQbGMB8GA1UdIwQY
MBaAFFPjrt2RvoJFE0Lc0cmCg0XbZhpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wNGU4YjItYzc2Zi00NjI5LTk1YWQt
YTdkOTQ1YWYxNGU1LzEvYmk4S3lLUzJSU2dFZHZWQ3NBM3dYVVJwQnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wNGU4YjItYzc2Zi00NjI5LTk1YWQtYTdkOTQ1YWYxNGU1
LzEvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCW8W4AwQA
ueHEMBYEAgACMBADBwAgAQZ8FdgDBQMqDV0AMA0GCSqGSIb3DQEBCwUAA4IBAQC7
CnEaNpB+puB2T4MzD7lRDtmjI2prkVNKSpjgCPSWJhRTwuSMXm6wwZmW3GLFhx01
En+f7tH9cut9k1qFKRDvpANjP5oL2hIXAWk1sRRa/vYS4sBGIpcQxDeg+xw2xVBc
fEaQvYQ+Qi9litS/DF3WHD7lbdk2aGATqjWLUNCOJimy15a2nHh5YLpWnAeSBuqN
2GK6zg0MZBkDaz8zDskpS7F251hMImdv1odaql7PPl+Ctx4vZmI9M4YUdHEqj5to
OmosXXBRrW9R1jThvOUK2igVcOyWnSw8bE8p7OWBLOEmckNHKS5rJQhYMiIIVSKA
YtmxUo9Waz5lJ58+5/dC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:28 2024 by rpki-client on console-ams.rpki-client.org