Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/77f4f0-b833-47b7-a3c7-ef710ec7b2fe/1/aOtlKRdS7wYQc7Bm_fLYNofljwg.roa
File: aOtlKRdS7wYQc7Bm_fLYNofljwg.roa (raw, json)
Hash identifier: sTHM9BJWkIVUkhb7+LREjv3OZIdHGUQtr+cDmm7wOJA=
Subject key identifier: 68:EB:65:29:17:52:EF:06:10:73:B0:66:FD:F2:D8:36:87:E5:8F:08
Certificate issuer: /CN=f4f7ab4587e69022e5e2bc24107b501d031c3720
Certificate serial: 018BA5A1A588C46F82C0B9535760053960DC
Authority key identifier: F4:F7:AB:45:87:E6:90:22:E5:E2:BC:24:10:7B:50:1D:03:1C:37:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9PerRYfmkCLl4rwkEHtQHQMcNyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/77f4f0-b833-47b7-a3c7-ef710ec7b2fe/1/aOtlKRdS7wYQc7Bm_fLYNofljwg.roa
Signing time: Mon 06 Nov 2023 17:15:16 +0000
ROA not before: Mon 06 Nov 2023 17:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203397
IP address blocks: 91.226.85.0/24 maxlen: 24
91.226.84.0/24 maxlen: 24
91.226.84.0/22 maxlen: 24
91.226.87.0/24 maxlen: 24
91.226.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a5:a1:a5:88:c4:6f:82:c0:b9:53:57:60:05:39:60:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4f7ab4587e69022e5e2bc24107b501d031c3720
Validity
Not Before: Nov 6 17:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68eb65291752ef061073b066fdf2d83687e58f08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a5:24:4d:43:fa:95:7c:4e:f2:c8:ff:37:b5:
f8:cb:8c:ef:7d:6f:c3:9c:42:d5:29:24:4e:2e:89:
18:3a:2d:e2:2b:aa:8c:93:4d:67:57:49:8a:bd:2b:
55:f0:52:64:af:31:81:02:17:77:21:71:65:47:c8:
d8:60:a1:d3:6a:23:b3:69:03:f0:0e:53:25:1f:42:
90:96:a5:5e:70:dd:84:00:0d:b2:22:14:4d:bc:2a:
a7:45:3c:10:c7:e8:ef:9a:4d:5e:df:b9:c7:46:ea:
b3:2f:9e:57:ce:8a:69:cf:c6:7e:75:27:98:dd:1b:
4e:c9:5e:af:b0:81:08:da:d2:9d:50:d7:0c:e4:32:
36:02:83:ef:16:cb:5c:1d:15:65:e0:6f:f8:49:bc:
39:95:72:f4:f3:32:c3:75:ef:af:a0:76:c2:54:11:
56:48:cc:12:79:5e:4f:e5:5a:15:5c:c0:91:70:99:
b4:d9:26:18:36:a4:3c:22:88:e9:08:94:45:98:ef:
c6:9f:5b:13:7a:06:63:65:dd:08:cb:60:72:91:f2:
24:ae:ae:31:8b:28:52:90:4c:e4:f4:fc:4f:8a:1e:
65:f1:83:e7:bd:c9:1c:29:f1:ef:c9:18:af:de:37:
46:59:df:28:2c:e2:bc:9a:7a:b2:5e:06:05:b2:67:
e1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EB:65:29:17:52:EF:06:10:73:B0:66:FD:F2:D8:36:87:E5:8F:08
X509v3 Authority Key Identifier:
keyid:F4:F7:AB:45:87:E6:90:22:E5:E2:BC:24:10:7B:50:1D:03:1C:37:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9PerRYfmkCLl4rwkEHtQHQMcNyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/77f4f0-b833-47b7-a3c7-ef710ec7b2fe/1/aOtlKRdS7wYQc7Bm_fLYNofljwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/77f4f0-b833-47b7-a3c7-ef710ec7b2fe/1/9PerRYfmkCLl4rwkEHtQHQMcNyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.84.0/22
Signature Algorithm: sha256WithRSAEncryption
88:d6:5e:61:d7:15:34:8c:a0:c3:7d:45:52:3f:b9:74:8c:db:
35:81:1a:80:89:3e:15:e9:0b:f5:ae:cc:d3:c2:8d:4a:6b:f7:
3e:c6:70:fc:d5:6b:4f:f9:b4:98:67:9a:72:48:a8:7d:93:d6:
c6:50:00:1f:f3:0a:38:e1:e9:3a:98:90:3d:61:07:2f:3c:38:
08:7b:20:be:21:f0:fc:f3:3b:e0:27:f4:64:99:05:69:52:4a:
af:b5:ac:5c:94:9e:93:d8:c7:3f:db:34:08:3b:a5:d3:77:8e:
b2:33:a6:13:79:6e:5a:cf:36:8e:be:dc:6e:c3:59:84:31:67:
c0:63:83:a2:fe:5b:54:2f:4a:94:ee:d7:32:6a:55:16:33:3f:
a3:6c:de:28:1e:76:3e:d2:bc:07:68:c4:f1:6e:72:ec:b3:b4:
b4:d2:b6:bb:9f:1b:32:3d:e5:2f:a6:cc:f2:a9:73:9c:6a:a5:
4f:3b:24:3a:a7:e8:e9:ce:66:97:fc:df:40:c7:69:23:1e:9a:
fc:f0:fa:ae:f4:82:7b:03:d0:be:77:80:9a:82:65:ca:e1:63:
e8:fd:4f:c9:b7:58:4f:a4:83:93:41:5f:93:f5:80:01:c6:b4:
61:92:74:7c:4f:51:2a:9e:7a:c2:30:c6:b6:f3:10:57:25:1d:
70:d8:d4:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuloaWIxG+CwLlTV2AFOWDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZjdhYjQ1ODdlNjkwMjJlNWUyYmMyNDEwN2I1MDFkMDMx
YzM3MjAwHhcNMjMxMTA2MTcxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGViNjUyOTE3NTJlZjA2MTA3M2IwNjZmZGYyZDgzNjg3ZTU4ZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKUkTUP6lXxO8sj/N7X4y4zvfW/D
nELVKSROLokYOi3iK6qMk01nV0mKvStV8FJkrzGBAhd3IXFlR8jYYKHTaiOzaQPw
DlMlH0KQlqVecN2EAA2yIhRNvCqnRTwQx+jvmk1e37nHRuqzL55Xzoppz8Z+dSeY
3RtOyV6vsIEI2tKdUNcM5DI2AoPvFstcHRVl4G/4Sbw5lXL08zLDde+voHbCVBFW
SMwSeV5P5VoVXMCRcJm02SYYNqQ8IojpCJRFmO/Gn1sTegZjZd0Iy2BykfIkrq4x
iyhSkEzk9PxPih5l8YPnvckcKfHvyRiv3jdGWd8oLOK8mnqyXgYFsmfhSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjrZSkXUu8GEHOwZv3y2DaH5Y8IMB8GA1UdIwQY
MBaAFPT3q0WH5pAi5eK8JBB7UB0DHDcgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBlclJZZm1rQ0xsNHJ3a0VIdFFIUU1jTnlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83N2Y0ZjAtYjgzMy00N2I3LWEzYzct
ZWY3MTBlYzdiMmZlLzEvYU90bEtSZFM3d1lRYzdCbV9mTFlOb2ZsandnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83N2Y0ZjAtYjgzMy00N2I3LWEzYzctZWY3MTBlYzdiMmZl
LzEvOVBlclJZZm1rQ0xsNHJ3a0VIdFFIUU1jTnlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+JUMA0G
CSqGSIb3DQEBCwUAA4IBAQCI1l5h1xU0jKDDfUVSP7l0jNs1gRqAiT4V6Qv1rszT
wo1Ka/c+xnD81WtP+bSYZ5pySKh9k9bGUAAf8wo44ek6mJA9YQcvPDgIeyC+IfD8
8zvgJ/RkmQVpUkqvtaxclJ6T2Mc/2zQIO6XTd46yM6YTeW5azzaOvtxuw1mEMWfA
Y4Oi/ltUL0qU7tcyalUWMz+jbN4oHnY+0rwHaMTxbnLss7S00ra7nxsyPeUvpszy
qXOcaqVPOyQ6p+jpzmaX/N9Ax2kjHpr88Pqu9IJ7A9C+d4CagmXK4WPo/U/Jt1hP
pIOTQV+T9YABxrRhknR8T1EqnnrCMMa28xBXJR1w2NRL
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:26 2024 by rpki-client on console-ams.rpki-client.org