Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/edb208-6fed-44e4-b1ab-df0ca4d41955/1/XIW9b4HuXf-EbOFg9BiSelVRbHo.roa
File: XIW9b4HuXf-EbOFg9BiSelVRbHo.roa (raw, json)
Hash identifier: GLi+Qy1CezCuBmqC2tof8TofcUr4llUzK42pTzz7Zi4=
Subject key identifier: 5C:85:BD:6F:81:EE:5D:FF:84:6C:E1:60:F4:18:92:7A:55:51:6C:7A
Certificate issuer: /CN=6611a57d2a03b7065fa8c17b313735bdcda390e9
Certificate serial: 018570DE2CCD72D2537580B94A87D08CBE8B
Authority key identifier: 66:11:A5:7D:2A:03:B7:06:5F:A8:C1:7B:31:37:35:BD:CD:A3:90:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZhGlfSoDtwZfqMF7MTc1vc2jkOk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/edb208-6fed-44e4-b1ab-df0ca4d41955/1/XIW9b4HuXf-EbOFg9BiSelVRbHo.roa
Signing time: Mon 02 Jan 2023 05:04:46 +0000
ROA not before: Mon 02 Jan 2023 05:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31027
IP address blocks: 91.238.206.0/24 maxlen: 24
2001:67c:2a78::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:2c:cd:72:d2:53:75:80:b9:4a:87:d0:8c:be:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6611a57d2a03b7065fa8c17b313735bdcda390e9
Validity
Not Before: Jan 2 05:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c85bd6f81ee5dff846ce160f418927a55516c7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:45:9a:35:f0:c9:74:0d:5d:d5:a9:d0:95:c7:
de:7b:c9:f1:14:e2:9d:59:24:50:2c:fb:98:1d:af:
e8:c1:05:d0:c7:15:d5:9a:5d:8f:68:a0:18:45:5f:
94:61:21:15:e2:9f:16:5b:1f:13:65:39:28:e3:2d:
3f:68:4f:96:de:73:b7:55:6d:18:ef:a4:95:94:8f:
3e:69:ff:08:2e:82:f1:e8:6c:3e:75:49:56:97:c6:
98:94:86:a5:5a:3b:b5:0e:54:5d:06:93:56:a9:be:
20:10:e4:ca:a2:b0:86:b5:0c:be:c8:4e:f1:21:a1:
e5:90:df:53:04:8d:79:87:b1:5c:72:7e:1a:3d:12:
2d:40:34:d6:86:7d:d7:89:a1:9e:c9:d2:9b:ee:db:
16:cd:18:39:44:45:ca:86:a0:d8:6d:a7:27:8f:62:
a5:e3:a7:b2:04:d4:95:b2:80:35:18:1d:c1:5f:e5:
f4:96:ec:b7:f8:fe:c3:6a:f6:30:06:ba:ba:59:2f:
e0:42:01:d9:21:0c:52:5f:e0:24:1b:cd:c8:a1:48:
50:5a:5c:7f:fa:b8:0d:81:8f:8d:01:51:fb:ee:fb:
5f:15:eb:af:89:05:2b:5a:1e:f1:2d:48:19:67:2e:
68:b1:64:b6:37:2e:1b:6c:72:1a:69:33:ef:24:7e:
d6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:85:BD:6F:81:EE:5D:FF:84:6C:E1:60:F4:18:92:7A:55:51:6C:7A
X509v3 Authority Key Identifier:
keyid:66:11:A5:7D:2A:03:B7:06:5F:A8:C1:7B:31:37:35:BD:CD:A3:90:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZhGlfSoDtwZfqMF7MTc1vc2jkOk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/edb208-6fed-44e4-b1ab-df0ca4d41955/1/XIW9b4HuXf-EbOFg9BiSelVRbHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/edb208-6fed-44e4-b1ab-df0ca4d41955/1/ZhGlfSoDtwZfqMF7MTc1vc2jkOk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.206.0/24
IPv6:
2001:67c:2a78::/48
Signature Algorithm: sha256WithRSAEncryption
76:7e:e5:3c:97:82:3e:e3:df:7c:7e:5c:87:b6:0d:4d:17:65:
6f:1d:f9:69:de:29:33:7f:b1:cf:2d:2a:59:60:12:4c:08:c5:
7e:b1:9a:ff:e9:1d:93:58:93:72:0c:5d:da:b9:21:81:3f:8d:
62:f3:e1:fc:12:25:63:66:56:08:2c:b1:60:a3:81:9c:89:50:
9f:f7:7f:11:88:29:0f:34:c0:a5:0a:bc:d0:00:bf:6f:36:fe:
86:37:31:97:14:80:22:0a:7a:ae:10:8e:1f:c4:9e:5d:f2:ff:
7d:6f:2a:1c:19:75:04:9a:54:68:03:f0:32:40:53:99:f2:df:
b2:7c:a3:e7:ab:f6:35:37:98:72:90:24:82:e9:9d:8e:f6:55:
16:22:d4:d9:88:6c:2b:ef:6f:5d:f4:ec:07:d3:47:9b:c8:c7:
eb:63:22:44:40:97:1c:b6:12:7d:39:bc:9a:f5:0b:37:cf:d2:
d2:71:d8:39:6e:5b:46:a3:5e:3c:13:95:54:cf:6d:07:9e:fe:
bf:b9:da:ff:a2:ab:20:ed:de:12:f8:91:0e:c4:0c:10:d9:ad:
18:e5:70:18:1f:27:ec:7c:73:2a:16:a6:ef:ad:88:84:ee:6d:
1d:4a:f2:32:6b:63:ea:a4:e8:d0:43:b3:65:ce:51:f7:61:e1:
5a:ec:d6:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVw3izNctJTdYC5SofQjL6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MTFhNTdkMmEwM2I3MDY1ZmE4YzE3YjMxMzczNWJkY2Rh
MzkwZTkwHhcNMjMwMTAyMDUwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzg1YmQ2ZjgxZWU1ZGZmODQ2Y2UxNjBmNDE4OTI3YTU1NTE2YzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEWaNfDJdA1d1anQlcfee8nxFOKd
WSRQLPuYHa/owQXQxxXVml2PaKAYRV+UYSEV4p8WWx8TZTko4y0/aE+W3nO3VW0Y
76SVlI8+af8ILoLx6Gw+dUlWl8aYlIalWju1DlRdBpNWqb4gEOTKorCGtQy+yE7x
IaHlkN9TBI15h7Fccn4aPRItQDTWhn3XiaGeydKb7tsWzRg5REXKhqDYbacnj2Kl
46eyBNSVsoA1GB3BX+X0luy3+P7DavYwBrq6WS/gQgHZIQxSX+AkG83IoUhQWlx/
+rgNgY+NAVH77vtfFeuviQUrWh7xLUgZZy5osWS2Ny4bbHIaaTPvJH7WvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFyFvW+B7l3/hGzhYPQYknpVUWx6MB8GA1UdIwQY
MBaAFGYRpX0qA7cGX6jBezE3Nb3No5DpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmhHbGZTb0R0d1pmcU1GN01UYzF2YzJqa09rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9lZGIyMDgtNmZlZC00NGU0LWIxYWIt
ZGYwY2E0ZDQxOTU1LzEvWElXOWI0SHVYZi1FYk9GZzlCaVNlbFZSYkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9lZGIyMDgtNmZlZC00NGU0LWIxYWItZGYwY2E0ZDQxOTU1
LzEvWmhHbGZTb0R0d1pmcU1GN01UYzF2YzJqa09rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+7OMA8E
AgACMAkDBwAgAQZ8KngwDQYJKoZIhvcNAQELBQADggEBAHZ+5TyXgj7j33x+XIe2
DU0XZW8d+WneKTN/sc8tKllgEkwIxX6xmv/pHZNYk3IMXdq5IYE/jWLz4fwSJWNm
VggssWCjgZyJUJ/3fxGIKQ80wKUKvNAAv282/oY3MZcUgCIKeq4Qjh/Enl3y/31v
KhwZdQSaVGgD8DJAU5ny37J8o+er9jU3mHKQJILpnY72VRYi1NmIbCvvb1307AfT
R5vIx+tjIkRAlxy2En05vJr1CzfP0tJx2DluW0ajXjwTlVTPbQee/r+52v+iqyDt
3hL4kQ7EDBDZrRjlcBgfJ+x8cyoWpu+tiITubR1K8jJrY+qk6NBDs2XOUfdh4Vrs
1iw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:33 2024 by rpki-client on console-fra.rpki-client.org