Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/DfkVt626iGXQv5y7sEZ8hRrRTE0.roa
File: DfkVt626iGXQv5y7sEZ8hRrRTE0.roa (raw, json)
Hash identifier: /RDxXTPpGHq1j0LkgsH1cvkooQ2QIrlFTO1Mbugdsgw=
Subject key identifier: 0D:F9:15:B7:AD:BA:88:65:D0:BF:9C:BB:B0:46:7C:85:1A:D1:4C:4D
Certificate issuer: /CN=e43f23d68937494288dfcc7a0efe1fe74a2036e1
Certificate serial: 018587079F6E446903E5513CB5665CD538EE
Authority key identifier: E4:3F:23:D6:89:37:49:42:88:DF:CC:7A:0E:FE:1F:E7:4A:20:36:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5D8j1ok3SUKI38x6Dv4f50ogNuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/DfkVt626iGXQv5y7sEZ8hRrRTE0.roa
Signing time: Fri 06 Jan 2023 12:21:41 +0000
ROA not before: Fri 06 Jan 2023 12:21:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207186
IP address blocks: 91.207.154.0/24 maxlen: 24
91.207.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:87:07:9f:6e:44:69:03:e5:51:3c:b5:66:5c:d5:38:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43f23d68937494288dfcc7a0efe1fe74a2036e1
Validity
Not Before: Jan 6 12:21:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0df915b7adba8865d0bf9cbbb0467c851ad14c4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:91:04:d0:02:29:60:9d:63:09:0e:e7:99:45:
9b:80:4e:af:a2:59:b3:64:a7:c3:d3:7e:af:8c:62:
95:29:cd:a7:07:ba:88:7f:cd:51:0c:c8:49:c4:d4:
be:44:8f:72:4f:33:0e:1d:6a:fe:80:f2:98:3b:d4:
48:27:62:ac:3b:da:ea:02:9b:c4:c8:79:0a:fe:a6:
c9:48:6a:99:f6:3f:31:3c:bd:45:e9:cf:58:07:1e:
b6:38:96:be:26:4b:79:35:9e:b6:e4:98:32:82:2a:
46:30:0c:fd:39:08:cb:c8:a7:c8:16:c3:70:e2:6e:
12:94:86:2c:59:12:e7:89:28:11:e3:3b:7b:9f:af:
ee:39:4e:73:4e:a1:ba:c4:0e:7d:94:52:39:ac:8c:
b1:89:85:ad:db:6b:4d:da:16:c1:e2:17:ef:a9:33:
e4:ae:60:a4:af:a7:8d:9e:14:cb:a4:bc:6a:72:75:
7e:db:17:43:ec:1a:36:46:7e:17:4d:dd:7a:74:c5:
90:da:42:78:f3:25:c0:06:a7:d9:43:5a:e1:0d:a8:
80:e0:a4:c3:a9:0d:f1:d3:8b:8e:75:d8:8d:de:39:
7b:3f:34:1b:35:c3:39:28:42:72:0f:89:bc:06:8c:
2f:33:a6:f4:6b:db:92:dd:b7:e6:5f:da:ca:47:36:
e1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F9:15:B7:AD:BA:88:65:D0:BF:9C:BB:B0:46:7C:85:1A:D1:4C:4D
X509v3 Authority Key Identifier:
keyid:E4:3F:23:D6:89:37:49:42:88:DF:CC:7A:0E:FE:1F:E7:4A:20:36:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D8j1ok3SUKI38x6Dv4f50ogNuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/DfkVt626iGXQv5y7sEZ8hRrRTE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/5D8j1ok3SUKI38x6Dv4f50ogNuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.154.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:c7:3d:de:a4:3a:2e:da:29:9c:7c:51:90:cd:03:44:c9:5f:
b2:19:a4:a5:bf:f2:bc:32:62:12:ce:c8:7d:a5:4d:b3:43:43:
0e:61:dd:21:5f:b6:19:bf:8a:ef:f2:ca:96:9f:24:a8:64:5a:
b0:5f:f5:36:60:ef:a6:76:19:58:d8:b9:02:b2:22:66:d9:93:
0e:93:5a:ab:f0:af:f6:af:68:36:78:d8:ab:67:2f:6b:2d:71:
2f:e8:79:3b:6e:14:c3:9a:15:9f:9b:16:ea:8f:b8:07:35:d1:
ce:7d:3b:58:49:ed:2b:41:45:de:df:d9:d0:ef:1f:98:bb:91:
6d:9a:ed:87:80:e8:69:b2:31:e7:37:cf:9b:e5:ec:20:af:af:
87:2b:fe:50:68:a4:88:9b:1f:e7:ec:1a:44:2a:35:d8:8e:1d:
a8:46:28:b0:0e:9c:b4:91:85:df:cc:73:66:b1:10:71:42:c9:
9c:4d:b1:07:ea:2d:83:22:a2:20:9e:59:4a:00:cd:65:d2:26:
43:db:2d:6c:d8:1c:1d:ea:34:07:3d:11:72:c8:3c:db:1e:88:
98:a2:92:67:27:a5:b9:0c:a0:3a:fa:63:57:14:24:bd:a5:ee:
2a:98:f2:9e:17:01:08:7c:c4:8c:b1:16:a2:b3:df:aa:d7:d5:
26:81:a8:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWHB59uRGkD5VE8tWZc1TjuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2YyM2Q2ODkzNzQ5NDI4OGRmY2M3YTBlZmUxZmU3NGEy
MDM2ZTEwHhcNMjMwMTA2MTIyMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGY5MTViN2FkYmE4ODY1ZDBiZjljYmJiMDQ2N2M4NTFhZDE0YzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJEE0AIpYJ1jCQ7nmUWbgE6volmz
ZKfD036vjGKVKc2nB7qIf81RDMhJxNS+RI9yTzMOHWr+gPKYO9RIJ2KsO9rqApvE
yHkK/qbJSGqZ9j8xPL1F6c9YBx62OJa+Jkt5NZ625JgygipGMAz9OQjLyKfIFsNw
4m4SlIYsWRLniSgR4zt7n6/uOU5zTqG6xA59lFI5rIyxiYWt22tN2hbB4hfvqTPk
rmCkr6eNnhTLpLxqcnV+2xdD7Bo2Rn4XTd16dMWQ2kJ48yXABqfZQ1rhDaiA4KTD
qQ3x04uOddiN3jl7PzQbNcM5KEJyD4m8BowvM6b0a9uS3bfmX9rKRzbhzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA35Fbetuohl0L+cu7BGfIUa0UxNMB8GA1UdIwQY
MBaAFOQ/I9aJN0lCiN/Meg7+H+dKIDbhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ4ajFvazNTVUtJMzh4NkR2NGY1MG9nTnVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hYjVmZGMtOWQ2Yi00Njc1LTlhMTMt
OWQxODVmNzM4MjExLzEvRGZrVnQ2MjZpR1hRdjV5N3NFWjhoUnJSVEUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hYjVmZGMtOWQ2Yi00Njc1LTlhMTMtOWQxODVmNzM4MjEx
LzEvNUQ4ajFvazNTVUtJMzh4NkR2NGY1MG9nTnVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8+aMA0G
CSqGSIb3DQEBCwUAA4IBAQAaxz3epDou2imcfFGQzQNEyV+yGaSlv/K8MmISzsh9
pU2zQ0MOYd0hX7YZv4rv8sqWnySoZFqwX/U2YO+mdhlY2LkCsiJm2ZMOk1qr8K/2
r2g2eNirZy9rLXEv6Hk7bhTDmhWfmxbqj7gHNdHOfTtYSe0rQUXe39nQ7x+Yu5Ft
mu2HgOhpsjHnN8+b5ewgr6+HK/5QaKSImx/n7BpEKjXYjh2oRiiwDpy0kYXfzHNm
sRBxQsmcTbEH6i2DIqIgnllKAM1l0iZD2y1s2Bwd6jQHPRFyyDzbHoiYopJnJ6W5
DKA6+mNXFCS9pe4qmPKeFwEIfMSMsRais9+q19UmgagA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:24 2024 by rpki-client on console-ams.rpki-client.org