Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/RdRZwOT7CiZw2TgIysG1GypCbA0.roa
File: RdRZwOT7CiZw2TgIysG1GypCbA0.roa (raw, json)
Hash identifier: tpkxjCi4Cjckbj1IkXH9yXskkUL8BQPJPECZKqbjbyU=
Subject key identifier: 45:D4:59:C0:E4:FB:0A:26:70:D9:38:08:CA:C1:B5:1B:2A:42:6C:0D
Certificate issuer: /CN=f5450c6376655eec1dd2da4bd21d5f104a96d904
Certificate serial: 018DC1A573B20DF7B854A65EB0F07B097CF3
Authority key identifier: F5:45:0C:63:76:65:5E:EC:1D:D2:DA:4B:D2:1D:5F:10:4A:96:D9:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/RdRZwOT7CiZw2TgIysG1GypCbA0.roa
Signing time: Mon 19 Feb 2024 13:54:22 +0000
ROA not before: Mon 19 Feb 2024 13:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57511
IP address blocks: 91.132.164.0/23 maxlen: 32
91.132.165.0/24 maxlen: 32
Validation: Failed, certificate revoked on Wed 17 Jul 2024 09:53:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:a5:73:b2:0d:f7:b8:54:a6:5e:b0:f0:7b:09:7c:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5450c6376655eec1dd2da4bd21d5f104a96d904
Validity
Not Before: Feb 19 13:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45d459c0e4fb0a2670d93808cac1b51b2a426c0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:66:19:2e:20:e5:58:82:97:21:10:cf:24:e8:
03:a0:2a:c6:31:4b:be:b5:82:9b:01:bc:5a:14:8b:
94:e3:c2:3e:89:c1:45:e5:48:c0:2a:24:9a:b2:6a:
d9:10:1e:f4:b7:34:c4:b8:41:17:d4:63:86:64:b1:
f6:14:2f:aa:a5:23:be:7d:b8:ab:45:d3:29:4d:1e:
f9:2e:e7:d2:a5:7c:20:c5:af:8c:d0:b3:29:02:e4:
54:d8:52:94:66:a3:a5:21:ef:be:e0:26:58:14:97:
ce:70:d6:67:f8:be:7c:aa:ac:6f:1c:1b:b7:8c:e7:
56:c3:21:43:3d:8b:43:c6:d1:38:22:f6:0c:9a:18:
ac:60:cd:3e:fd:4e:c6:15:b0:55:ef:e1:91:0e:8f:
f3:0f:79:ff:c8:71:77:92:0d:f3:b5:14:de:73:a7:
48:8d:49:ee:08:9a:9f:1c:73:68:52:36:8b:25:78:
34:4e:ba:81:16:b8:e8:5d:8a:99:b8:f2:c6:2a:48:
e5:34:56:ab:96:b4:76:07:cd:fe:0a:b0:5d:b1:82:
f5:f1:03:86:30:f7:28:e6:d8:00:35:4a:c4:43:22:
d2:8d:12:ce:af:e4:cb:20:50:bf:ac:28:53:4d:ab:
54:db:fc:99:01:9d:6b:d9:38:f4:20:98:04:71:82:
ce:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:D4:59:C0:E4:FB:0A:26:70:D9:38:08:CA:C1:B5:1B:2A:42:6C:0D
X509v3 Authority Key Identifier:
keyid:F5:45:0C:63:76:65:5E:EC:1D:D2:DA:4B:D2:1D:5F:10:4A:96:D9:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/RdRZwOT7CiZw2TgIysG1GypCbA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.164.0/23
Signature Algorithm: sha256WithRSAEncryption
48:7d:79:5d:21:06:e7:1f:b7:85:b0:a6:57:7e:4f:81:62:e4:
00:45:75:7e:fe:ec:af:cd:8b:b7:31:81:5f:29:79:c5:e7:3b:
42:2c:76:bb:19:88:b6:9c:76:e2:d3:49:9a:fa:d5:4d:25:90:
01:54:63:1c:1c:b8:af:c6:c8:2c:2e:18:c3:8a:17:2a:bd:a9:
a6:7e:77:74:09:71:e8:4a:aa:6d:29:06:7e:64:e7:c1:0f:00:
53:1e:21:82:25:3b:8e:e3:7d:6e:c9:49:04:b1:55:d1:08:bd:
b2:63:34:94:74:b3:8a:0a:b4:fa:80:05:66:27:42:c5:26:4b:
13:93:e4:f2:e2:d1:e3:4a:d3:80:89:09:d4:1a:6d:ef:9e:e0:
a4:48:ae:39:40:0d:11:93:4d:37:8a:36:be:57:85:b0:2f:62:
a2:eb:92:00:ac:a2:4a:db:f2:35:24:6a:fb:90:b3:e5:51:b9:
84:51:32:4b:42:1f:b6:17:cc:1e:ef:c5:80:e4:ae:39:49:23:
8a:84:91:aa:df:df:71:fd:73:ac:39:38:7e:a1:b0:a9:1f:33:
03:2b:2f:a6:8a:d7:12:75:b8:76:35:9f:cc:cf:50:b3:71:32:
63:a8:56:ac:bd:a4:df:d6:1e:41:5b:a6:2b:9d:b0:03:c6:e6:
c5:dd:16:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3BpXOyDfe4VKZesPB7CXzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NDUwYzYzNzY2NTVlZWMxZGQyZGE0YmQyMWQ1ZjEwNGE5
NmQ5MDQwHhcNMjQwMjE5MTM1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWQ0NTljMGU0ZmIwYTI2NzBkOTM4MDhjYWMxYjUxYjJhNDI2YzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWYZLiDlWIKXIRDPJOgDoCrGMUu+
tYKbAbxaFIuU48I+icFF5UjAKiSasmrZEB70tzTEuEEX1GOGZLH2FC+qpSO+fbir
RdMpTR75LufSpXwgxa+M0LMpAuRU2FKUZqOlIe++4CZYFJfOcNZn+L58qqxvHBu3
jOdWwyFDPYtDxtE4IvYMmhisYM0+/U7GFbBV7+GRDo/zD3n/yHF3kg3ztRTec6dI
jUnuCJqfHHNoUjaLJXg0TrqBFrjoXYqZuPLGKkjlNFarlrR2B83+CrBdsYL18QOG
MPco5tgANUrEQyLSjRLOr+TLIFC/rChTTatU2/yZAZ1r2Tj0IJgEcYLOCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEXUWcDk+womcNk4CMrBtRsqQmwNMB8GA1UdIwQY
MBaAFPVFDGN2ZV7sHdLaS9IdXxBKltkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVVVTVkzWmxYdXdkMHRwTDBoMWZFRXFXMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9iMTIyYjAtZDQ2MS00MDlkLWJiZDgt
NmQxZjYwNTQzZTljLzEvUmRSWndPVDdDaVp3MlRnSXlzRzFHeXBDYkEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9iMTIyYjAtZDQ2MS00MDlkLWJiZDgtNmQxZjYwNTQzZTlj
LzEvOVVVTVkzWmxYdXdkMHRwTDBoMWZFRXFXMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW4SkMA0G
CSqGSIb3DQEBCwUAA4IBAQBIfXldIQbnH7eFsKZXfk+BYuQARXV+/uyvzYu3MYFf
KXnF5ztCLHa7GYi2nHbi00ma+tVNJZABVGMcHLivxsgsLhjDihcqvammfnd0CXHo
SqptKQZ+ZOfBDwBTHiGCJTuO431uyUkEsVXRCL2yYzSUdLOKCrT6gAVmJ0LFJksT
k+Ty4tHjStOAiQnUGm3vnuCkSK45QA0Rk003ija+V4WwL2Ki65IArKJK2/I1JGr7
kLPlUbmEUTJLQh+2F8we78WA5K45SSOKhJGq399x/XOsOTh+obCpHzMDKy+mitcS
dbh2NZ/Mz1CzcTJjqFasvaTf1h5BW6YrnbADxubF3RZV
-----END CERTIFICATE-----
Generated at Wed Jul 17 12:24:41 2024 by rpki-client on console-fra.rpki-client.org