Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/0acf2d-5d62-43f3-8d14-4e0cc58163b0/1/a51J1WIrj5cxFZJJXKtlaeQ2H8Q.roa
File: a51J1WIrj5cxFZJJXKtlaeQ2H8Q.roa (raw, json)
Hash identifier: vqnwt5jCEaOg2nbMLwXkIy4bToAhLXto6Ji0JBG53Vg=
Subject key identifier: 6B:9D:49:D5:62:2B:8F:97:31:15:92:49:5C:AB:65:69:E4:36:1F:C4
Certificate issuer: /CN=776fae43f73da35fe1a2e429662ae0b91751e3fb
Certificate serial: 018573439F602AEFBFEBCFBD28ED9E97D5AD
Authority key identifier: 77:6F:AE:43:F7:3D:A3:5F:E1:A2:E4:29:66:2A:E0:B9:17:51:E3:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d2-uQ_c9o1_houQpZirguRdR4_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/0acf2d-5d62-43f3-8d14-4e0cc58163b0/1/a51J1WIrj5cxFZJJXKtlaeQ2H8Q.roa
Signing time: Mon 02 Jan 2023 16:14:49 +0000
ROA not before: Mon 02 Jan 2023 16:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30860
IP address blocks: 91.230.121.0/24 maxlen: 24
91.235.142.0/24 maxlen: 24
91.235.142.0/23 maxlen: 23
91.235.143.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:9f:60:2a:ef:bf:eb:cf:bd:28:ed:9e:97:d5:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=776fae43f73da35fe1a2e429662ae0b91751e3fb
Validity
Not Before: Jan 2 16:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b9d49d5622b8f97311592495cab6569e4361fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:dd:2c:b3:c4:6d:33:4a:d8:09:e0:91:7c:8f:
8a:87:ab:e3:c7:71:e5:52:4b:d5:93:02:20:a7:32:
51:42:43:4b:62:c9:f2:b3:e0:44:88:0f:02:8e:d5:
a5:e0:82:2e:6e:59:c4:bc:38:14:cd:10:b5:56:8d:
b0:25:11:c5:44:cc:ab:ef:3a:06:04:df:7a:85:42:
67:38:b2:c8:35:bd:0d:24:f2:7b:9f:ff:55:a6:f5:
ac:4b:cd:b0:55:0f:07:4c:cf:f5:81:d4:a7:3b:bf:
94:8d:b5:8e:95:e8:57:21:af:83:ec:c6:aa:e9:16:
be:00:f8:9a:ce:83:d8:3c:ab:61:b8:80:02:35:17:
51:f5:43:a7:6e:4c:04:eb:3a:3c:fb:2c:6d:2e:bf:
73:a6:63:cb:74:0a:a0:3e:c6:2d:73:50:c7:e7:1c:
92:3f:7a:5f:da:4b:95:a0:a5:e1:e2:97:d0:70:23:
78:eb:28:ae:12:bb:aa:87:7e:18:3c:ee:2f:84:a9:
92:0a:c6:9c:be:91:4b:d8:82:50:bf:ea:c2:48:a0:
c9:98:c6:21:c7:03:4b:57:f1:2e:63:44:e8:1b:00:
64:9a:75:68:df:54:17:08:e2:66:2f:8d:df:4a:e5:
77:9a:b5:0b:0f:e9:10:cb:5c:c5:6b:3b:92:ca:7e:
e8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:9D:49:D5:62:2B:8F:97:31:15:92:49:5C:AB:65:69:E4:36:1F:C4
X509v3 Authority Key Identifier:
keyid:77:6F:AE:43:F7:3D:A3:5F:E1:A2:E4:29:66:2A:E0:B9:17:51:E3:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2-uQ_c9o1_houQpZirguRdR4_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0acf2d-5d62-43f3-8d14-4e0cc58163b0/1/a51J1WIrj5cxFZJJXKtlaeQ2H8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0acf2d-5d62-43f3-8d14-4e0cc58163b0/1/d2-uQ_c9o1_houQpZirguRdR4_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.121.0/24
91.235.142.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:07:ea:82:fe:7a:61:f8:61:2f:67:72:46:48:78:f6:47:05:
4d:c4:c4:e6:14:4d:04:0d:63:cf:5b:af:f6:e9:15:48:2a:f0:
b4:dd:f2:dc:fa:81:0b:e0:91:58:f5:c5:44:78:02:7d:0d:e1:
fa:14:a3:9d:52:42:ad:98:94:d0:ff:07:68:57:8a:f8:86:0d:
0b:1f:f7:50:e6:98:a7:c8:3a:88:90:73:8a:4c:8f:26:ad:8c:
52:b0:c9:b3:60:83:8b:e5:7c:1b:4f:c2:72:94:e2:57:38:8d:
70:f3:c7:fa:be:13:0d:29:f1:58:f7:e2:a9:c2:6e:d8:88:a2:
99:39:e3:34:54:ca:a0:36:1e:20:62:fb:04:52:ba:6b:28:98:
7a:fa:fa:61:c0:86:ea:81:69:d8:72:6b:20:2f:5c:71:a0:05:
76:0a:8e:9a:3c:1f:6a:dd:da:6c:7d:a4:39:1d:1b:d6:1f:99:
47:8b:3c:f7:3d:18:8e:a2:d0:23:9d:7c:75:64:2d:f7:e4:b8:
50:e4:33:26:e3:5e:e3:aa:9a:4c:9f:aa:f2:10:4e:2f:22:60:
c0:07:a7:70:61:98:be:2a:d0:6b:9f:87:6c:2b:d6:94:15:71:
88:a9:2f:8b:1c:09:46:bc:02:57:69:31:ae:3c:f1:b2:25:8a:
5e:d9:4b:f7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzQ59gKu+/68+9KO2el9WtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NmZhZTQzZjczZGEzNWZlMWEyZTQyOTY2MmFlMGI5MTc1
MWUzZmIwHhcNMjMwMTAyMTYxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjlkNDlkNTYyMmI4Zjk3MzExNTkyNDk1Y2FiNjU2OWU0MzYxZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmt0ss8RtM0rYCeCRfI+Kh6vjx3Hl
UkvVkwIgpzJRQkNLYsnys+BEiA8CjtWl4IIublnEvDgUzRC1Vo2wJRHFRMyr7zoG
BN96hUJnOLLINb0NJPJ7n/9VpvWsS82wVQ8HTM/1gdSnO7+UjbWOlehXIa+D7Maq
6Ra+APiazoPYPKthuIACNRdR9UOnbkwE6zo8+yxtLr9zpmPLdAqgPsYtc1DH5xyS
P3pf2kuVoKXh4pfQcCN46yiuEruqh34YPO4vhKmSCsacvpFL2IJQv+rCSKDJmMYh
xwNLV/EuY0ToGwBkmnVo31QXCOJmL43fSuV3mrULD+kQy1zFazuSyn7ofQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGudSdViK4+XMRWSSVyrZWnkNh/EMB8GA1UdIwQY
MBaAFHdvrkP3PaNf4aLkKWYq4LkXUeP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDItdVFfYzlvMV9ob3VRcFppcmd1UmRSNF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wYWNmMmQtNWQ2Mi00M2YzLThkMTQt
NGUwY2M1ODE2M2IwLzEvYTUxSjFXSXJqNWN4RlpKSlhLdGxhZVEySDhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wYWNmMmQtNWQ2Mi00M2YzLThkMTQtNGUwY2M1ODE2M2Iw
LzEvZDItdVFfYzlvMV9ob3VRcFppcmd1UmRSNF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+Z5AwQB
W+uOMA0GCSqGSIb3DQEBCwUAA4IBAQA6B+qC/nph+GEvZ3JGSHj2RwVNxMTmFE0E
DWPPW6/26RVIKvC03fLc+oEL4JFY9cVEeAJ9DeH6FKOdUkKtmJTQ/wdoV4r4hg0L
H/dQ5pinyDqIkHOKTI8mrYxSsMmzYIOL5XwbT8JylOJXOI1w88f6vhMNKfFY9+Kp
wm7YiKKZOeM0VMqgNh4gYvsEUrprKJh6+vphwIbqgWnYcmsgL1xxoAV2Co6aPB9q
3dpsfaQ5HRvWH5lHizz3PRiOotAjnXx1ZC335LhQ5DMm417jqppMn6ryEE4vImDA
B6dwYZi+KtBrn4dsK9aUFXGIqS+LHAlGvAJXaTGuPPGyJYpe2Uv3
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:12 2024 by rpki-client on console-ams.rpki-client.org