Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/119951-0959-4c13-9a0e-98128eea3a65/1/1R6DOscxqXnijm75KjyF8HWKVmI.roa
File: 1R6DOscxqXnijm75KjyF8HWKVmI.roa (raw, json)
Hash identifier: UmqQyhD4Q0d1Zhh2ee+rDCsFiP8WJqidifX9RRwI66w=
Subject key identifier: D5:1E:83:3A:C7:31:A9:79:E2:8E:6E:F9:2A:3C:85:F0:75:8A:56:62
Certificate issuer: /CN=6fde440c14d9766503cb5c91b950b81062d11029
Certificate serial: 01856D13D4F86F7F4D18974C2948E9709E4D
Authority key identifier: 6F:DE:44:0C:14:D9:76:65:03:CB:5C:91:B9:50:B8:10:62:D1:10:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b95EDBTZdmUDy1yRuVC4EGLRECk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/119951-0959-4c13-9a0e-98128eea3a65/1/1R6DOscxqXnijm75KjyF8HWKVmI.roa
Signing time: Sun 01 Jan 2023 11:24:54 +0000
ROA not before: Sun 01 Jan 2023 11:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48868
IP address blocks: 91.209.243.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:d4:f8:6f:7f:4d:18:97:4c:29:48:e9:70:9e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fde440c14d9766503cb5c91b950b81062d11029
Validity
Not Before: Jan 1 11:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d51e833ac731a979e28e6ef92a3c85f0758a5662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b0:40:61:f1:31:07:fd:3c:19:d1:47:ec:e0:
f9:b7:48:fa:d4:d9:4d:a2:48:95:13:5f:8e:32:eb:
5f:41:9e:b2:4b:ad:19:f9:8f:35:64:33:55:49:8d:
c6:82:bf:b4:5f:81:e6:97:1b:1d:b1:fa:28:4b:04:
3b:a9:dc:70:11:b6:72:89:42:22:fc:e9:a5:c3:2c:
fc:83:fe:7d:c3:b6:6e:f7:15:59:d4:65:8a:97:d4:
9b:dc:01:0b:5e:c3:b0:1f:56:77:f5:21:97:43:60:
be:14:21:15:9a:4c:0e:dc:67:42:33:2a:32:5e:be:
34:f2:05:67:9a:58:a2:39:16:ad:d5:78:75:01:1f:
c7:a2:47:b4:ec:b7:13:20:e1:c3:e3:af:4b:fe:e7:
59:7f:ad:79:aa:c5:0c:43:4b:41:07:7d:38:b4:58:
75:7d:1a:a0:cf:aa:13:f4:ca:31:7e:8c:6f:22:10:
e3:ed:b4:7c:28:e6:29:f7:bd:a5:d7:f7:05:48:37:
e1:5c:9b:bc:91:b5:0e:00:1b:01:47:f6:84:49:8a:
8b:5e:4b:87:d9:33:c7:6e:8d:da:41:60:a2:89:04:
87:d9:e7:db:a7:59:d2:ff:b8:9b:8f:39:61:e7:bf:
8e:86:19:bb:1c:9a:a4:0b:e8:91:26:13:c5:a7:e7:
44:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:1E:83:3A:C7:31:A9:79:E2:8E:6E:F9:2A:3C:85:F0:75:8A:56:62
X509v3 Authority Key Identifier:
keyid:6F:DE:44:0C:14:D9:76:65:03:CB:5C:91:B9:50:B8:10:62:D1:10:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b95EDBTZdmUDy1yRuVC4EGLRECk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/119951-0959-4c13-9a0e-98128eea3a65/1/1R6DOscxqXnijm75KjyF8HWKVmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/119951-0959-4c13-9a0e-98128eea3a65/1/b95EDBTZdmUDy1yRuVC4EGLRECk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.243.0/24
Signature Algorithm: sha256WithRSAEncryption
14:31:1e:8f:2d:80:5d:e0:a9:8e:b8:e4:f7:1d:f3:c5:c2:c7:
3a:f6:19:de:c6:9c:fa:26:b1:61:41:28:e5:3b:3b:7a:94:34:
e0:38:4d:52:00:36:f8:35:a8:1b:5f:6d:a8:7e:db:a4:8a:93:
42:1c:f4:14:cb:78:83:82:e3:cf:1d:9d:0e:46:7e:8f:8c:18:
71:80:39:17:c5:58:3b:ae:4d:31:45:81:44:7d:47:14:2e:26:
9e:5a:13:1d:ac:32:c4:fc:61:10:fe:43:67:18:67:14:f9:1a:
52:41:81:82:e5:0c:a1:1c:49:e9:ff:15:e2:4f:08:5b:05:25:
69:4c:5c:da:03:cd:5b:93:89:0b:6e:65:1a:86:eb:44:b0:a4:
de:17:9b:d2:2f:5a:93:aa:73:de:7a:f8:70:5d:be:9d:50:86:
35:83:ba:e1:8d:d0:f4:88:07:7f:c7:56:a3:52:d2:c1:bb:4d:
40:b9:b3:28:79:32:9c:e5:cb:fc:3f:44:df:87:46:f1:f5:b8:
94:ab:99:c1:06:84:e1:7c:bd:63:0f:e2:e1:a9:38:e1:3e:78:
20:6c:21:5e:f6:a8:6d:e5:e4:be:e3:b1:17:35:d3:ba:60:94:
fb:bf:ac:05:1d:72:30:a7:ad:01:3e:c2:c8:1f:7d:aa:fa:4e:
0a:81:cb:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtE9T4b39NGJdMKUjpcJ5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZGU0NDBjMTRkOTc2NjUwM2NiNWM5MWI5NTBiODEwNjJk
MTEwMjkwHhcNMjMwMTAxMTEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTFlODMzYWM3MzFhOTc5ZTI4ZTZlZjkyYTNjODVmMDc1OGE1NjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirBAYfExB/08GdFH7OD5t0j61NlN
okiVE1+OMutfQZ6yS60Z+Y81ZDNVSY3Ggr+0X4HmlxsdsfooSwQ7qdxwEbZyiUIi
/Omlwyz8g/59w7Zu9xVZ1GWKl9Sb3AELXsOwH1Z39SGXQ2C+FCEVmkwO3GdCMyoy
Xr408gVnmliiORat1Xh1AR/Hoke07LcTIOHD469L/udZf615qsUMQ0tBB304tFh1
fRqgz6oT9MoxfoxvIhDj7bR8KOYp972l1/cFSDfhXJu8kbUOABsBR/aESYqLXkuH
2TPHbo3aQWCiiQSH2efbp1nS/7ibjzlh57+Ohhm7HJqkC+iRJhPFp+dElQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNUegzrHMal54o5u+So8hfB1ilZiMB8GA1UdIwQY
MBaAFG/eRAwU2XZlA8tckblQuBBi0RApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjk1RURCVFpkbVVEeTF5UnVWQzRFR0xSRUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xMTk5NTEtMDk1OS00YzEzLTlhMGUt
OTgxMjhlZWEzYTY1LzEvMVI2RE9zY3hxWG5pam03NUtqeUY4SFdLVm1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xMTk5NTEtMDk1OS00YzEzLTlhMGUtOTgxMjhlZWEzYTY1
LzEvYjk1RURCVFpkbVVEeTF5UnVWQzRFR0xSRUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9HzMA0G
CSqGSIb3DQEBCwUAA4IBAQAUMR6PLYBd4KmOuOT3HfPFwsc69hnexpz6JrFhQSjl
Ozt6lDTgOE1SADb4NagbX22oftukipNCHPQUy3iDguPPHZ0ORn6PjBhxgDkXxVg7
rk0xRYFEfUcULiaeWhMdrDLE/GEQ/kNnGGcU+RpSQYGC5QyhHEnp/xXiTwhbBSVp
TFzaA81bk4kLbmUahutEsKTeF5vSL1qTqnPeevhwXb6dUIY1g7rhjdD0iAd/x1aj
UtLBu01AubMoeTKc5cv8P0Tfh0bx9biUq5nBBoThfL1jD+LhqTjhPnggbCFe9qht
5eS+47EXNdO6YJT7v6wFHXIwp60BPsLIH32q+k4Kgcu8
-----END CERTIFICATE-----
Generated at Tue Jan 2 18:21:37 2024 by rpki-client on console-ams.rpki-client.org