Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/UXU3dyY0uBlQGqzIRhDpWyIh4EY.roa
File: UXU3dyY0uBlQGqzIRhDpWyIh4EY.roa (raw, json)
Hash identifier: spYAgJjXiNEFAeYNEM0WZ3HudwWTPcPLyr0nadsC6sI=
Subject key identifier: 51:75:37:77:26:34:B8:19:50:1A:AC:C8:46:10:E9:5B:22:21:E0:46
Certificate issuer: /CN=1a88f429edc86aa87bb3a17717cea71c70873af2
Certificate serial: 01857070543502873B70AD1C2B8FF4B8A98A
Authority key identifier: 1A:88:F4:29:ED:C8:6A:A8:7B:B3:A1:77:17:CE:A7:1C:70:87:3A:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/UXU3dyY0uBlQGqzIRhDpWyIh4EY.roa
Signing time: Mon 02 Jan 2023 03:04:47 +0000
ROA not before: Mon 02 Jan 2023 03:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51732
IP address blocks: 91.220.79.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:54:35:02:87:3b:70:ad:1c:2b:8f:f4:b8:a9:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a88f429edc86aa87bb3a17717cea71c70873af2
Validity
Not Before: Jan 2 03:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=517537772634b819501aacc84610e95b2221e046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b9:5d:50:c1:29:2b:76:88:d6:81:f3:d4:7b:
1b:7e:73:dc:3d:0e:0b:41:54:44:8e:1a:5b:3f:bd:
12:bf:28:aa:01:52:57:a0:c5:d4:42:bc:20:36:63:
6a:a6:5d:99:44:35:bd:41:7e:b5:cf:49:5e:84:d5:
6b:c1:a5:2b:40:97:ad:44:72:b9:ea:c7:e0:df:c0:
6f:eb:b9:93:9d:36:50:e6:20:a4:84:96:1d:5c:36:
b0:a1:b3:8f:81:60:eb:d8:26:6c:d8:3b:67:66:ee:
12:ca:d6:c9:e1:27:e1:bf:b8:d7:a5:28:8c:1c:ad:
40:c3:87:cc:1c:bd:ac:ff:07:95:9d:6b:1a:f4:6a:
ea:b7:63:96:91:5b:63:5e:09:08:de:76:66:e0:71:
99:94:26:a0:c8:18:70:89:20:ec:88:34:b6:ac:77:
64:f6:e3:bc:e2:12:ca:56:bb:45:ef:4b:4d:4c:53:
8c:09:d2:d7:40:27:12:3e:ac:70:5d:1d:d0:77:22:
78:45:b3:e7:90:09:fe:ce:fe:b1:8b:54:c6:ce:cc:
42:19:bd:61:99:e4:57:54:70:ad:85:87:b7:eb:bd:
3c:b7:55:fc:0c:96:f3:ef:00:e6:e3:17:d5:8b:4e:
8a:56:0e:ff:ee:c9:b4:90:01:92:24:d9:7e:c8:46:
55:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:75:37:77:26:34:B8:19:50:1A:AC:C8:46:10:E9:5B:22:21:E0:46
X509v3 Authority Key Identifier:
keyid:1A:88:F4:29:ED:C8:6A:A8:7B:B3:A1:77:17:CE:A7:1C:70:87:3A:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/UXU3dyY0uBlQGqzIRhDpWyIh4EY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.79.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:ad:d0:cc:5b:23:01:74:66:f9:f4:65:77:08:0b:87:9e:10:
90:7f:b8:59:62:f1:22:5e:c2:2d:45:72:dd:f0:87:97:e4:33:
4b:c5:f8:81:16:bd:25:7c:c4:ab:d1:16:be:b3:5c:47:5a:2f:
7a:09:c5:ad:82:d9:e9:07:b7:05:79:e4:d8:b1:16:93:1b:db:
46:64:4a:24:90:1d:f7:8a:a6:b8:ed:b9:63:82:f8:af:a1:28:
db:ab:0f:e6:cb:95:7a:78:c4:37:0d:b3:d4:05:bb:9d:b5:de:
a1:6c:9b:ee:b3:7d:a7:68:62:c0:32:a1:42:04:3e:11:33:f6:
70:33:55:db:07:31:2e:28:29:d6:36:e3:5d:ff:60:e4:73:fc:
e8:16:5d:42:ac:7d:f6:d2:18:e6:ec:87:be:92:7c:7a:f7:0c:
36:e7:c3:e8:4a:4f:bc:08:4a:92:35:9d:b3:2b:d2:c5:c3:d3:
ac:3a:7b:ed:39:af:94:4c:e5:9c:c5:33:0a:e4:54:8f:10:66:
2b:e8:7c:e2:60:45:4f:78:2e:b1:b2:ac:02:cd:18:39:cb:3f:
2b:39:32:4c:d9:2b:99:1e:fd:28:49:c8:de:41:f3:94:cf:9d:
42:fe:43:77:aa:de:ec:65:f8:11:21:80:d5:a9:cc:2f:0a:4f:
89:33:06:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcFQ1Aoc7cK0cK4/0uKmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhODhmNDI5ZWRjODZhYTg3YmIzYTE3NzE3Y2VhNzFjNzA4
NzNhZjIwHhcNMjMwMTAyMDMwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTc1Mzc3NzI2MzRiODE5NTAxYWFjYzg0NjEwZTk1YjIyMjFlMDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbldUMEpK3aI1oHz1HsbfnPcPQ4L
QVREjhpbP70SvyiqAVJXoMXUQrwgNmNqpl2ZRDW9QX61z0lehNVrwaUrQJetRHK5
6sfg38Bv67mTnTZQ5iCkhJYdXDawobOPgWDr2CZs2DtnZu4SytbJ4Sfhv7jXpSiM
HK1Aw4fMHL2s/weVnWsa9Grqt2OWkVtjXgkI3nZm4HGZlCagyBhwiSDsiDS2rHdk
9uO84hLKVrtF70tNTFOMCdLXQCcSPqxwXR3QdyJ4RbPnkAn+zv6xi1TGzsxCGb1h
meRXVHCthYe36708t1X8DJbz7wDm4xfVi06KVg7/7sm0kAGSJNl+yEZVvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFF1N3cmNLgZUBqsyEYQ6VsiIeBGMB8GA1UdIwQY
MBaAFBqI9CntyGqoe7OhdxfOpxxwhzryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR29qMEtlM0lhcWg3czZGM0Y4Nm5ISENIT3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83MGRiOWItZTA3YS00ZmJmLTllYmEt
MDZkNDk4ZjYyMGEzLzEvVVhVM2R5WTB1QmxRR3F6SVJoRHBXeUloNEVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83MGRiOWItZTA3YS00ZmJmLTllYmEtMDZkNDk4ZjYyMGEz
LzEvR29qMEtlM0lhcWg3czZGM0Y4Nm5ISENIT3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9xPMA0G
CSqGSIb3DQEBCwUAA4IBAQCkrdDMWyMBdGb59GV3CAuHnhCQf7hZYvEiXsItRXLd
8IeX5DNLxfiBFr0lfMSr0Ra+s1xHWi96CcWtgtnpB7cFeeTYsRaTG9tGZEokkB33
iqa47bljgvivoSjbqw/my5V6eMQ3DbPUBbudtd6hbJvus32naGLAMqFCBD4RM/Zw
M1XbBzEuKCnWNuNd/2Dkc/zoFl1CrH320hjm7Ie+knx69ww258PoSk+8CEqSNZ2z
K9LFw9OsOnvtOa+UTOWcxTMK5FSPEGYr6HziYEVPeC6xsqwCzRg5yz8rOTJM2SuZ
Hv0oScjeQfOUz51C/kN3qt7sZfgRIYDVqcwvCk+JMwYQ
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:22 2024 by rpki-client on console-ams.rpki-client.org