Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/ef7bd3-24b2-4284-97fe-c71db718970e/1/Odqkj0Dui-X7PxZb6BmZFATzUEg.roa
File: Odqkj0Dui-X7PxZb6BmZFATzUEg.roa (raw, json)
Hash identifier: 4AwTV8hW+QctF1bniggNBQMqg/OHe91cuJxqhLPW3ZA=
Subject key identifier: 39:DA:A4:8F:40:EE:8B:E5:FB:3F:16:5B:E8:19:99:14:04:F3:50:48
Certificate issuer: /CN=14dc11ed1a9d9ed56bf19da7f217830a8099c429
Certificate serial: 01856F42977225DEB49D8ED5D27FFC84C115
Authority key identifier: 14:DC:11:ED:1A:9D:9E:D5:6B:F1:9D:A7:F2:17:83:0A:80:99:C4:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FNwR7RqdntVr8Z2n8heDCoCZxCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/ef7bd3-24b2-4284-97fe-c71db718970e/1/Odqkj0Dui-X7PxZb6BmZFATzUEg.roa
Signing time: Sun 01 Jan 2023 21:35:13 +0000
ROA not before: Sun 01 Jan 2023 21:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213202
IP address blocks: 91.196.191.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:97:72:25:de:b4:9d:8e:d5:d2:7f:fc:84:c1:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14dc11ed1a9d9ed56bf19da7f217830a8099c429
Validity
Not Before: Jan 1 21:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39daa48f40ee8be5fb3f165be819991404f35048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:9b:f8:74:f0:9e:0c:f8:e1:4f:0a:97:9e:de:
4f:49:30:60:c2:d4:c4:06:ff:13:2e:5b:fb:bd:73:
20:b6:3f:d2:81:4d:a5:81:32:28:8e:03:a8:f7:f2:
62:dc:27:c6:2d:89:32:e9:36:90:22:7c:d4:9d:0e:
dd:ad:ac:34:02:94:3d:43:27:f5:34:7b:4e:da:55:
71:fe:4f:36:4f:71:c2:e8:2a:51:39:74:7f:61:47:
45:54:38:08:e6:b9:82:56:f4:dd:fa:8c:d6:9f:65:
3b:6c:2c:0f:9d:f3:ea:8b:45:8e:d5:18:9d:20:f4:
6e:d9:b8:eb:75:31:80:5c:62:76:9d:ff:9d:83:20:
80:11:30:ae:56:9c:df:f9:4f:03:de:b2:de:3d:8c:
c4:91:6e:74:88:84:40:16:0b:31:1f:c3:73:7d:da:
8e:27:7d:c7:4f:c5:e6:b4:9e:95:00:1d:21:7d:d8:
e7:e1:5a:d6:e2:61:12:97:3c:1d:35:dd:08:be:d8:
0e:58:ad:b8:a2:bc:fc:e2:41:92:09:80:86:8f:fc:
6e:43:c4:f4:08:bd:f8:39:b0:ec:39:cb:80:34:b8:
8b:59:46:1c:f1:2c:ee:76:f3:88:06:8f:87:93:39:
bf:c1:a6:96:6d:af:20:54:a1:8c:2f:14:bc:66:fb:
54:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:DA:A4:8F:40:EE:8B:E5:FB:3F:16:5B:E8:19:99:14:04:F3:50:48
X509v3 Authority Key Identifier:
keyid:14:DC:11:ED:1A:9D:9E:D5:6B:F1:9D:A7:F2:17:83:0A:80:99:C4:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FNwR7RqdntVr8Z2n8heDCoCZxCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/ef7bd3-24b2-4284-97fe-c71db718970e/1/Odqkj0Dui-X7PxZb6BmZFATzUEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/ef7bd3-24b2-4284-97fe-c71db718970e/1/FNwR7RqdntVr8Z2n8heDCoCZxCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.191.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:42:4a:05:5c:2a:c6:73:fc:68:e0:c0:bc:77:61:52:ff:f7:
a0:04:c7:e3:62:6c:79:5c:72:ae:ca:71:15:ff:6d:b0:db:f1:
d7:71:96:27:76:7f:06:4a:89:a7:3d:7f:7b:6c:2c:37:5b:0b:
bf:bd:44:ad:87:43:8d:e8:f0:f7:00:1e:42:aa:74:b7:50:a6:
13:f5:2b:62:5b:d6:97:26:46:70:ea:32:98:a8:ca:85:60:16:
e0:5b:ee:bd:08:67:bf:db:8e:f4:f3:6c:2c:18:6c:cf:8f:36:
39:8a:59:ed:9a:05:d7:fe:0b:22:52:02:ad:c1:af:34:2e:07:
de:17:f5:e9:a2:bf:95:11:85:03:69:3a:62:d5:e5:50:a0:1a:
aa:2e:96:6c:40:38:d4:18:da:24:b6:83:bf:a5:28:ab:01:94:
bb:e2:a0:a6:f0:ea:03:06:4c:fb:76:99:a7:9d:d5:91:11:6b:
e4:79:91:5f:57:a1:13:1a:f4:82:32:63:75:c6:33:f8:23:d8:
eb:94:1b:95:fc:dc:55:87:12:8f:fa:f0:82:95:e3:4c:31:4a:
ff:07:41:79:c1:c9:dc:84:4a:fe:a6:44:3b:aa:b7:5d:78:c3:
90:28:6d:08:fa:5b:d7:b7:cb:cf:2d:da:9b:09:71:37:04:0e:
fc:f8:c4:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQpdyJd60nY7V0n/8hMEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZGMxMWVkMWE5ZDllZDU2YmYxOWRhN2YyMTc4MzBhODA5
OWM0MjkwHhcNMjMwMTAxMjEzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWRhYTQ4ZjQwZWU4YmU1ZmIzZjE2NWJlODE5OTkxNDA0ZjM1MDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Zv4dPCeDPjhTwqXnt5PSTBgwtTE
Bv8TLlv7vXMgtj/SgU2lgTIojgOo9/Ji3CfGLYky6TaQInzUnQ7draw0ApQ9Qyf1
NHtO2lVx/k82T3HC6CpROXR/YUdFVDgI5rmCVvTd+ozWn2U7bCwPnfPqi0WO1Rid
IPRu2bjrdTGAXGJ2nf+dgyCAETCuVpzf+U8D3rLePYzEkW50iIRAFgsxH8NzfdqO
J33HT8XmtJ6VAB0hfdjn4VrW4mESlzwdNd0IvtgOWK24orz84kGSCYCGj/xuQ8T0
CL34ObDsOcuANLiLWUYc8SzudvOIBo+Hkzm/waaWba8gVKGMLxS8ZvtUyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDnapI9A7ovl+z8WW+gZmRQE81BIMB8GA1UdIwQY
MBaAFBTcEe0anZ7Va/Gdp/IXgwqAmcQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk53UjdScWRudFZyOFoybjhoZURDb0NaeENrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9lZjdiZDMtMjRiMi00Mjg0LTk3ZmUt
YzcxZGI3MTg5NzBlLzEvT2Rxa2owRHVpLVg3UHhaYjZCbVpGQVR6VUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9lZjdiZDMtMjRiMi00Mjg0LTk3ZmUtYzcxZGI3MTg5NzBl
LzEvRk53UjdScWRudFZyOFoybjhoZURDb0NaeENrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8S/MA0G
CSqGSIb3DQEBCwUAA4IBAQBcQkoFXCrGc/xo4MC8d2FS//egBMfjYmx5XHKuynEV
/22w2/HXcZYndn8GSomnPX97bCw3Wwu/vUSth0ON6PD3AB5CqnS3UKYT9StiW9aX
JkZw6jKYqMqFYBbgW+69CGe/247082wsGGzPjzY5ilntmgXX/gsiUgKtwa80Lgfe
F/Xpor+VEYUDaTpi1eVQoBqqLpZsQDjUGNoktoO/pSirAZS74qCm8OoDBkz7dpmn
ndWREWvkeZFfV6ETGvSCMmN1xjP4I9jrlBuV/NxVhxKP+vCCleNMMUr/B0F5wcnc
hEr+pkQ7qrddeMOQKG0I+lvXt8vPLdqbCXE3BA78+MQk
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:22 2024 by rpki-client on console-ams.rpki-client.org