Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/77f4f0-b833-47b7-a3c7-ef710ec7b2fe/1/tqmqX1gM-vXdMGvqIJgHHgb6Bk4.roa
File: tqmqX1gM-vXdMGvqIJgHHgb6Bk4.roa (raw, json)
Hash identifier: uXTzDstSIQ+Sy09/MOg5E5ClTcz4ITfdLLrXH0ileJg=
Subject key identifier: B6:A9:AA:5F:58:0C:FA:F5:DD:30:6B:EA:20:98:07:1E:06:FA:06:4E
Certificate issuer: /CN=f4f7ab4587e69022e5e2bc24107b501d031c3720
Certificate serial: 018BA5A1A608F20036071299E79B01615851
Authority key identifier: F4:F7:AB:45:87:E6:90:22:E5:E2:BC:24:10:7B:50:1D:03:1C:37:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9PerRYfmkCLl4rwkEHtQHQMcNyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/77f4f0-b833-47b7-a3c7-ef710ec7b2fe/1/tqmqX1gM-vXdMGvqIJgHHgb6Bk4.roa
Signing time: Mon 06 Nov 2023 17:15:16 +0000
ROA not before: Mon 06 Nov 2023 17:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209738
IP address blocks: 91.226.85.0/24 maxlen: 24
91.226.84.0/24 maxlen: 24
91.226.84.0/22 maxlen: 24
91.226.86.0/24 maxlen: 24
91.226.87.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a5:a1:a6:08:f2:00:36:07:12:99:e7:9b:01:61:58:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4f7ab4587e69022e5e2bc24107b501d031c3720
Validity
Not Before: Nov 6 17:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6a9aa5f580cfaf5dd306bea2098071e06fa064e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:bd:b2:f1:af:9a:87:33:a4:04:dc:3f:69:74:
86:7d:57:cd:3c:bd:b1:f1:42:c9:e2:58:67:c9:e5:
8a:d5:1b:e7:6f:de:51:76:da:ab:e6:1c:42:dd:81:
0c:5d:4b:d7:04:55:b5:35:da:c7:a2:23:f7:30:87:
72:17:90:24:fb:b6:0e:9f:5b:7a:3b:79:e8:31:e4:
d2:17:0b:20:54:04:80:2c:cb:d5:85:6c:91:30:10:
c2:4a:c2:cc:8b:f2:b1:c4:63:e2:67:8d:10:c0:36:
80:5f:d7:45:ef:6a:25:6b:f2:e5:f8:1f:34:58:0c:
fe:f2:85:71:70:cd:2d:bb:c6:c5:4d:73:3d:f6:0a:
0f:a3:65:0d:e1:70:07:bb:d1:5f:1c:c0:58:5b:08:
ca:96:fd:3b:12:3f:18:b3:0e:d3:52:08:0f:67:72:
f2:73:65:cd:26:4a:f5:17:16:5c:47:43:b7:02:33:
64:46:92:88:69:df:ea:c9:9f:f4:ea:50:22:b0:55:
32:e2:bf:f3:5a:30:2b:a8:21:96:1b:44:fa:48:a0:
1a:a5:99:f9:d8:99:72:2e:11:2f:77:5d:c6:0b:9d:
d7:d0:e8:fe:ee:6e:57:f2:31:c2:26:0e:61:30:69:
10:fe:1b:47:53:a8:60:de:32:04:fc:c2:4e:11:fa:
10:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:A9:AA:5F:58:0C:FA:F5:DD:30:6B:EA:20:98:07:1E:06:FA:06:4E
X509v3 Authority Key Identifier:
keyid:F4:F7:AB:45:87:E6:90:22:E5:E2:BC:24:10:7B:50:1D:03:1C:37:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9PerRYfmkCLl4rwkEHtQHQMcNyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/77f4f0-b833-47b7-a3c7-ef710ec7b2fe/1/tqmqX1gM-vXdMGvqIJgHHgb6Bk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/77f4f0-b833-47b7-a3c7-ef710ec7b2fe/1/9PerRYfmkCLl4rwkEHtQHQMcNyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.84.0/22
Signature Algorithm: sha256WithRSAEncryption
71:c7:d4:53:4a:56:7d:43:18:c5:ff:20:a3:35:6f:a3:3e:06:
a4:74:0f:c4:36:96:53:4c:af:6a:e7:dd:52:0c:da:70:d8:f5:
44:d3:0a:02:7b:43:d4:a6:c3:a2:f6:a8:93:73:24:4d:72:db:
ed:ba:02:c8:a2:59:f4:27:c4:6e:87:40:1c:43:d1:3e:62:5c:
91:e8:28:b9:c4:48:1f:70:12:95:96:7e:76:d4:d6:49:c6:b7:
4f:db:28:43:8a:3a:bd:92:cb:70:3d:d0:e0:ba:62:b5:df:9a:
3f:9d:85:19:ba:65:2f:76:41:bd:18:9b:4c:26:0c:38:bb:e2:
90:84:3a:30:60:45:c5:a2:c5:cd:f2:93:fe:5f:40:34:e1:ea:
d3:6e:8f:29:cb:12:0d:0d:cd:a5:7c:0c:96:a3:7d:f3:f6:c3:
d2:fa:c7:2f:b3:75:62:f8:28:d3:f7:11:84:8b:7c:a6:1a:ea:
18:77:13:2b:e8:5e:97:05:18:ca:d8:ee:d7:47:47:dd:fb:05:
0c:cd:d5:20:6d:fe:51:f0:5c:ae:8e:6a:1c:7b:e0:c6:d9:25:
55:e0:61:e1:cf:6b:6f:29:2a:51:d1:3d:6b:e0:3c:b4:66:8b:
10:61:4e:6d:dc:43:7b:bb:e2:39:da:4b:1e:db:07:f9:93:4d:
9a:63:29:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuloaYI8gA2BxKZ55sBYVhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZjdhYjQ1ODdlNjkwMjJlNWUyYmMyNDEwN2I1MDFkMDMx
YzM3MjAwHhcNMjMxMTA2MTcxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmE5YWE1ZjU4MGNmYWY1ZGQzMDZiZWEyMDk4MDcxZTA2ZmEwNjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkr2y8a+ahzOkBNw/aXSGfVfNPL2x
8ULJ4lhnyeWK1Rvnb95Rdtqr5hxC3YEMXUvXBFW1NdrHoiP3MIdyF5Ak+7YOn1t6
O3noMeTSFwsgVASALMvVhWyRMBDCSsLMi/KxxGPiZ40QwDaAX9dF72ola/Ll+B80
WAz+8oVxcM0tu8bFTXM99goPo2UN4XAHu9FfHMBYWwjKlv07Ej8Ysw7TUggPZ3Ly
c2XNJkr1FxZcR0O3AjNkRpKIad/qyZ/06lAisFUy4r/zWjArqCGWG0T6SKAapZn5
2JlyLhEvd13GC53X0Oj+7m5X8jHCJg5hMGkQ/htHU6hg3jIE/MJOEfoQswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLapql9YDPr13TBr6iCYBx4G+gZOMB8GA1UdIwQY
MBaAFPT3q0WH5pAi5eK8JBB7UB0DHDcgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBlclJZZm1rQ0xsNHJ3a0VIdFFIUU1jTnlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83N2Y0ZjAtYjgzMy00N2I3LWEzYzct
ZWY3MTBlYzdiMmZlLzEvdHFtcVgxZ00tdlhkTUd2cUlKZ0hIZ2I2Qms0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83N2Y0ZjAtYjgzMy00N2I3LWEzYzctZWY3MTBlYzdiMmZl
LzEvOVBlclJZZm1rQ0xsNHJ3a0VIdFFIUU1jTnlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+JUMA0G
CSqGSIb3DQEBCwUAA4IBAQBxx9RTSlZ9QxjF/yCjNW+jPgakdA/ENpZTTK9q591S
DNpw2PVE0woCe0PUpsOi9qiTcyRNctvtugLIoln0J8Ruh0AcQ9E+YlyR6Ci5xEgf
cBKVln521NZJxrdP2yhDijq9kstwPdDgumK135o/nYUZumUvdkG9GJtMJgw4u+KQ
hDowYEXFosXN8pP+X0A04erTbo8pyxINDc2lfAyWo33z9sPS+scvs3Vi+CjT9xGE
i3ymGuoYdxMr6F6XBRjK2O7XR0fd+wUMzdUgbf5R8Fyujmoce+DG2SVV4GHhz2tv
KSpR0T1r4Dy0ZosQYU5t3EN7u+I52kse2wf5k02aYylk
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:26 2024 by rpki-client on console-ams.rpki-client.org