Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/R70k66Njo8hhUVqeCi9lhvawS1Q.roa
File: R70k66Njo8hhUVqeCi9lhvawS1Q.roa (raw, json)
Hash identifier: GB5pT/7P0CEszHVFkCX6xgHtCUd89Fe8GvGTNXxEz8E=
Subject key identifier: 47:BD:24:EB:A3:63:A3:C8:61:51:5A:9E:0A:2F:65:86:F6:B0:4B:54
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 018A99C44124E7B3F4A7A13FCC1DC42D15CA
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/R70k66Njo8hhUVqeCi9lhvawS1Q.roa
Signing time: Fri 15 Sep 2023 16:54:50 +0000
ROA not before: Fri 15 Sep 2023 16:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 212.116.244.0/24 maxlen: 24
212.116.246.0/24 maxlen: 24
91.147.117.0/24 maxlen: 24
91.147.116.0/24 maxlen: 24
91.147.118.0/24 maxlen: 24
91.147.123.0/24 maxlen: 24
91.147.119.0/24 maxlen: 24
91.147.122.0/24 maxlen: 24
91.147.126.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:99:c4:41:24:e7:b3:f4:a7:a1:3f:cc:1d:c4:2d:15:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Sep 15 16:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47bd24eba363a3c861515a9e0a2f6586f6b04b54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:98:65:d5:4c:da:21:5c:00:d7:e9:e9:81:4f:
16:c4:25:aa:7c:63:85:15:e0:8d:e1:79:9d:55:da:
06:88:f8:6b:43:b1:e4:3f:6e:cf:f2:7d:db:95:30:
d6:54:7f:82:9f:8a:94:e8:ab:6a:d9:dc:be:b3:15:
24:e0:f3:2d:53:d4:bc:91:a4:51:41:19:39:9e:b3:
7b:ee:b8:d4:28:29:5c:80:6f:5f:56:ce:d7:b4:3e:
7a:ea:f2:ce:23:54:70:06:9f:4d:75:d0:04:13:d1:
42:45:06:b8:5b:f2:10:77:8a:c1:e3:4c:11:a0:9a:
3b:d2:11:d9:7a:0f:9a:9c:45:bc:3c:80:e1:ce:48:
c9:6e:c4:39:12:7d:1d:bb:d0:a4:5b:1b:1f:dd:a6:
3b:b5:77:b9:92:18:63:07:b7:b4:ec:b6:44:be:02:
9c:28:7b:60:2c:6a:e4:5b:e4:f4:a5:2e:06:14:05:
0d:d1:5e:22:c4:c3:3c:83:d9:07:00:25:78:ba:25:
aa:21:58:d4:23:cf:c3:67:a7:27:92:ed:46:9d:35:
30:65:5d:92:73:71:03:c7:3d:29:b5:f2:46:94:e6:
a9:12:c7:5a:86:ef:e7:58:80:33:57:97:e8:88:10:
9c:1a:05:00:81:41:64:bb:81:0d:3c:76:73:88:d2:
84:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:BD:24:EB:A3:63:A3:C8:61:51:5A:9E:0A:2F:65:86:F6:B0:4B:54
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/R70k66Njo8hhUVqeCi9lhvawS1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.116.0/22
91.147.122.0/23
91.147.126.0/23
212.116.244.0/24
212.116.246.0/24
Signature Algorithm: sha256WithRSAEncryption
32:01:29:97:92:fa:a3:59:29:5b:d1:43:c0:f3:57:87:c8:4f:
d7:d0:d3:d7:5a:94:c6:76:e0:a0:17:d7:61:da:a4:70:a3:b2:
6d:db:67:14:d9:b0:a2:28:c9:c7:7e:f9:d7:d2:75:ee:5f:89:
f9:fc:7b:41:76:ba:81:35:2a:63:5e:91:11:99:81:6d:b0:55:
df:33:ca:1b:4b:ff:2e:a8:4e:43:ca:83:89:6a:3f:31:ef:26:
19:df:3a:d5:2e:c1:bd:44:09:bf:70:96:58:6c:b1:2e:aa:8d:
22:3f:0c:18:46:34:66:79:3c:6e:e5:7d:7f:95:55:11:c3:7a:
6f:e9:83:09:30:5c:5e:6f:86:9a:16:50:d8:29:69:aa:ce:b1:
d0:1a:71:19:61:67:d1:c5:46:c1:3c:10:25:e0:eb:94:f1:40:
ca:8c:4e:d4:11:f3:a4:3c:36:ec:80:04:a5:3e:73:e3:82:e9:
23:e2:a0:dd:6d:f8:2e:03:85:21:62:6d:25:d9:35:af:40:20:
30:9c:98:0d:c9:24:85:c1:1f:b6:68:54:26:fe:06:6e:46:f4:
7e:c8:74:38:71:a8:ce:19:aa:42:6c:27:24:96:e8:04:a5:42:
8f:c6:9c:a4:39:08:29:2d:07:bf:d0:28:a5:06:5f:76:2f:cc:
e7:f3:6e:3d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYqZxEEk57P0p6E/zB3ELRXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjMwOTE1MTY1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2JkMjRlYmEzNjNhM2M4NjE1MTVhOWUwYTJmNjU4NmY2YjA0YjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5hl1UzaIVwA1+npgU8WxCWqfGOF
FeCN4XmdVdoGiPhrQ7HkP27P8n3blTDWVH+Cn4qU6Ktq2dy+sxUk4PMtU9S8kaRR
QRk5nrN77rjUKClcgG9fVs7XtD566vLOI1RwBp9NddAEE9FCRQa4W/IQd4rB40wR
oJo70hHZeg+anEW8PIDhzkjJbsQ5En0du9CkWxsf3aY7tXe5khhjB7e07LZEvgKc
KHtgLGrkW+T0pS4GFAUN0V4ixMM8g9kHACV4uiWqIVjUI8/DZ6cnku1GnTUwZV2S
c3EDxz0ptfJGlOapEsdahu/nWIAzV5foiBCcGgUAgUFku4ENPHZziNKE2QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEe9JOujY6PIYVFangovZYb2sEtUMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvUjcwazY2TmpvOGhoVVZxZUNpOWxodmF3UzFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW5N0AwQB
W5N6AwQBW5N+AwQA1HT0AwQA1HT2MA0GCSqGSIb3DQEBCwUAA4IBAQAyASmXkvqj
WSlb0UPA81eHyE/X0NPXWpTGduCgF9dh2qRwo7Jt22cU2bCiKMnHfvnX0nXuX4n5
/HtBdrqBNSpjXpERmYFtsFXfM8obS/8uqE5DyoOJaj8x7yYZ3zrVLsG9RAm/cJZY
bLEuqo0iPwwYRjRmeTxu5X1/lVURw3pv6YMJMFxeb4aaFlDYKWmqzrHQGnEZYWfR
xUbBPBAl4OuU8UDKjE7UEfOkPDbsgASlPnPjgukj4qDdbfguA4UhYm0l2TWvQCAw
nJgNySSFwR+2aFQm/gZuRvR+yHQ4cajOGapCbCcklugEpUKPxpykOQgpLQe/0Cil
Bl92L8zn8249
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:22 2024 by rpki-client on console-ams.rpki-client.org