Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/77f4f0-b833-47b7-a3c7-ef710ec7b2fe/1/bDxP96EL2W1XPrvIYxt-JBf4pxQ.roa
File: bDxP96EL2W1XPrvIYxt-JBf4pxQ.roa (raw, json)
Hash identifier: clnYXaZXmyuRm+nTfhgUqAhrWDpvNI+cU6pbsMOMPvU=
Subject key identifier: 6C:3C:4F:F7:A1:0B:D9:6D:57:3E:BB:C8:63:1B:7E:24:17:F8:A7:14
Certificate issuer: /CN=f4f7ab4587e69022e5e2bc24107b501d031c3720
Certificate serial: 01856DDD71624B054A6485AC8504E9276315
Authority key identifier: F4:F7:AB:45:87:E6:90:22:E5:E2:BC:24:10:7B:50:1D:03:1C:37:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9PerRYfmkCLl4rwkEHtQHQMcNyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/77f4f0-b833-47b7-a3c7-ef710ec7b2fe/1/bDxP96EL2W1XPrvIYxt-JBf4pxQ.roa
Signing time: Sun 01 Jan 2023 15:05:07 +0000
ROA not before: Sun 01 Jan 2023 15:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209738
IP address blocks: 91.226.86.0/23 maxlen: 23
91.226.86.0/24 maxlen: 24
91.226.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Nov 2023 17:15:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:71:62:4b:05:4a:64:85:ac:85:04:e9:27:63:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4f7ab4587e69022e5e2bc24107b501d031c3720
Validity
Not Before: Jan 1 15:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c3c4ff7a10bd96d573ebbc8631b7e2417f8a714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:23:36:6f:73:6d:cf:70:07:a5:7e:15:d9:3d:
ee:5b:2d:cc:b4:e8:d2:1c:83:8a:b8:4a:e1:60:44:
89:30:31:2b:90:f6:5e:21:6a:8b:09:d5:96:e1:20:
1b:9a:8c:29:96:4f:15:7a:b5:88:43:35:9e:7b:ef:
0f:c9:f6:9a:41:d3:4b:21:09:2b:f4:60:6e:11:6e:
d8:0c:12:6d:c7:e5:94:fc:7d:bf:83:f9:21:fd:61:
cc:65:59:11:b6:d1:94:67:29:88:fb:0a:a9:57:4c:
5e:41:a3:c7:33:27:20:94:15:5c:01:df:98:73:68:
2d:68:25:ef:63:d4:54:4e:21:dc:ee:9b:b0:c8:12:
b9:c4:68:8e:06:f3:93:0d:68:60:ee:3e:36:c0:73:
ad:99:02:c5:27:d5:27:43:10:2e:da:30:a0:36:bd:
c0:7f:64:12:a4:11:22:df:1d:84:66:89:10:15:10:
76:41:9e:25:97:aa:48:ff:3d:f0:d0:0e:b6:98:66:
17:e6:15:a7:01:32:b2:59:3e:3b:eb:42:b4:18:bd:
7c:f6:1e:2f:20:c1:0c:31:1f:5a:c2:5b:67:bb:fe:
25:ca:f3:3f:b2:28:2f:72:56:3b:ff:4e:6f:9d:95:
96:13:c6:23:71:30:45:e6:5f:19:5d:a2:bf:df:59:
94:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:3C:4F:F7:A1:0B:D9:6D:57:3E:BB:C8:63:1B:7E:24:17:F8:A7:14
X509v3 Authority Key Identifier:
keyid:F4:F7:AB:45:87:E6:90:22:E5:E2:BC:24:10:7B:50:1D:03:1C:37:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9PerRYfmkCLl4rwkEHtQHQMcNyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/77f4f0-b833-47b7-a3c7-ef710ec7b2fe/1/bDxP96EL2W1XPrvIYxt-JBf4pxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/77f4f0-b833-47b7-a3c7-ef710ec7b2fe/1/9PerRYfmkCLl4rwkEHtQHQMcNyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.86.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:d1:76:e0:bb:3f:28:61:54:7d:75:c1:25:68:8d:81:ab:15:
c1:6d:13:46:ca:e7:59:23:4e:c5:2a:2a:ab:2f:fa:a5:a0:ff:
8a:8a:b8:ac:78:3f:58:b4:15:11:c7:73:ae:6f:b1:2c:42:08:
e7:d7:29:2b:a6:41:0f:b2:23:a5:c9:1a:ef:71:ff:17:fa:b7:
a5:64:e2:03:4f:b4:ac:72:3e:f1:20:37:4b:80:ab:3b:ca:6c:
50:c5:a6:9e:af:36:7f:1e:d6:f3:ad:04:6e:b7:9a:1d:26:11:
9f:33:81:e4:56:1c:67:1a:87:4c:08:3d:9f:29:84:37:71:9c:
8f:cb:87:7c:a5:b0:97:f9:44:23:5b:d3:ec:3d:99:43:a9:19:
ef:66:78:84:48:42:f2:c5:56:4a:27:58:17:fa:e0:60:80:39:
aa:f3:23:46:31:d7:e2:72:d6:db:b3:f7:4b:99:78:85:bd:62:
8f:ff:6e:5e:bd:b5:e3:86:6a:90:1d:87:5f:b3:2b:ee:70:a0:
b8:ec:b1:08:a2:ad:4a:3e:b4:9b:d0:4c:1d:bc:63:e0:58:75:
9e:7c:25:ef:0d:24:d4:a8:78:8e:71:5f:99:3d:59:2b:c6:3d:
0a:8e:63:b4:6e:52:79:5d:d8:57:27:77:96:3e:66:e4:c9:94:
6a:fd:e7:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt3XFiSwVKZIWshQTpJ2MVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZjdhYjQ1ODdlNjkwMjJlNWUyYmMyNDEwN2I1MDFkMDMx
YzM3MjAwHhcNMjMwMTAxMTUwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzNjNGZmN2ExMGJkOTZkNTczZWJiYzg2MzFiN2UyNDE3ZjhhNzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCM2b3Ntz3AHpX4V2T3uWy3MtOjS
HIOKuErhYESJMDErkPZeIWqLCdWW4SAbmowplk8VerWIQzWee+8PyfaaQdNLIQkr
9GBuEW7YDBJtx+WU/H2/g/kh/WHMZVkRttGUZymI+wqpV0xeQaPHMycglBVcAd+Y
c2gtaCXvY9RUTiHc7puwyBK5xGiOBvOTDWhg7j42wHOtmQLFJ9UnQxAu2jCgNr3A
f2QSpBEi3x2EZokQFRB2QZ4ll6pI/z3w0A62mGYX5hWnATKyWT4760K0GL189h4v
IMEMMR9awltnu/4lyvM/sigvclY7/05vnZWWE8YjcTBF5l8ZXaK/31mUJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGw8T/ehC9ltVz67yGMbfiQX+KcUMB8GA1UdIwQY
MBaAFPT3q0WH5pAi5eK8JBB7UB0DHDcgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBlclJZZm1rQ0xsNHJ3a0VIdFFIUU1jTnlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83N2Y0ZjAtYjgzMy00N2I3LWEzYzct
ZWY3MTBlYzdiMmZlLzEvYkR4UDk2RUwyVzFYUHJ2SVl4dC1KQmY0cHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83N2Y0ZjAtYjgzMy00N2I3LWEzYzctZWY3MTBlYzdiMmZl
LzEvOVBlclJZZm1rQ0xsNHJ3a0VIdFFIUU1jTnlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+JWMA0G
CSqGSIb3DQEBCwUAA4IBAQAs0Xbguz8oYVR9dcElaI2BqxXBbRNGyudZI07FKiqr
L/qloP+KiriseD9YtBURx3Oub7EsQgjn1ykrpkEPsiOlyRrvcf8X+relZOIDT7Ss
cj7xIDdLgKs7ymxQxaaerzZ/HtbzrQRut5odJhGfM4HkVhxnGodMCD2fKYQ3cZyP
y4d8pbCX+UQjW9PsPZlDqRnvZniESELyxVZKJ1gX+uBggDmq8yNGMdfictbbs/dL
mXiFvWKP/25evbXjhmqQHYdfsyvucKC47LEIoq1KPrSb0EwdvGPgWHWefCXvDSTU
qHiOcV+ZPVkrxj0KjmO0blJ5XdhXJ3eWPmbkyZRq/ed+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:54 2024 by rpki-client on console-ams.rpki-client.org