Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/qLxrfBn-iKARiAAMh3Xr161iW5k.roa
File: qLxrfBn-iKARiAAMh3Xr161iW5k.roa (raw, json)
Hash identifier: Z0JfOc23IMAJ6oiGHzqvXX1vV3h91ZW2uraA8458Kxg=
Subject key identifier: A8:BC:6B:7C:19:FE:88:A0:11:88:00:0C:87:75:EB:D7:AD:62:5B:99
Certificate issuer: /CN=a7d78de0234e6f99701592f536e45f5f5594eec3
Certificate serial: 018890667243446395B057B6E32373603999
Authority key identifier: A7:D7:8D:E0:23:4E:6F:99:70:15:92:F5:36:E4:5F:5F:55:94:EE:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/qLxrfBn-iKARiAAMh3Xr161iW5k.roa
Signing time: Tue 06 Jun 2023 11:10:12 +0000
ROA not before: Tue 06 Jun 2023 11:10:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205774
IP address blocks: 91.233.36.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:90:66:72:43:44:63:95:b0:57:b6:e3:23:73:60:39:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7d78de0234e6f99701592f536e45f5f5594eec3
Validity
Not Before: Jun 6 11:10:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8bc6b7c19fe88a01188000c8775ebd7ad625b99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e9:b0:ff:40:fd:a0:2e:07:ce:bf:69:83:4b:
28:35:0e:8c:c8:85:50:dd:73:e9:2e:86:1b:69:53:
24:d6:75:81:02:a3:58:65:82:84:6e:e2:34:4a:c2:
22:b9:b4:72:79:d5:7c:18:5c:75:71:8b:0a:bc:3e:
e4:78:b0:75:11:64:a4:b1:24:e0:fd:97:15:70:7e:
7a:56:21:5d:e0:52:d6:90:29:9b:1e:ac:22:fb:47:
50:00:6d:2e:1e:8a:73:65:de:a1:83:11:17:d6:4a:
44:6b:24:8f:ab:ce:48:4e:49:37:0a:de:0d:ea:3c:
87:a0:f7:d4:3a:0e:fa:a8:53:67:b3:22:67:a0:b4:
b6:08:60:dd:68:03:63:8e:8e:dc:88:ba:5e:ea:0a:
91:de:40:c5:6e:28:c3:21:d9:f8:2d:2b:a2:53:06:
d4:b7:46:59:f9:b5:ad:9b:f5:dc:a3:26:b3:87:e0:
da:b7:3c:b8:3e:3d:24:cb:94:68:dd:49:13:08:e8:
79:02:ef:08:18:28:40:e7:8b:49:41:76:82:ed:26:
3a:c0:b8:65:61:1e:ae:7d:ec:bc:dc:49:fc:ea:a9:
63:53:d0:eb:99:d1:1f:71:ee:5d:44:ec:91:3f:4a:
5f:c4:85:5f:e8:ef:be:42:a5:ea:8a:6e:9c:a7:b9:
1f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:BC:6B:7C:19:FE:88:A0:11:88:00:0C:87:75:EB:D7:AD:62:5B:99
X509v3 Authority Key Identifier:
keyid:A7:D7:8D:E0:23:4E:6F:99:70:15:92:F5:36:E4:5F:5F:55:94:EE:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/qLxrfBn-iKARiAAMh3Xr161iW5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/p9eN4CNOb5lwFZL1NuRfX1WU7sM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.36.0/23
Signature Algorithm: sha256WithRSAEncryption
83:34:13:42:a7:e9:e1:7e:cd:21:89:60:22:5a:a0:67:46:3e:
70:10:28:ea:02:22:b8:53:41:78:d0:0b:02:83:6f:99:a6:be:
9d:5d:54:91:ac:ff:7c:66:8e:1e:9c:be:3e:5b:db:7a:f6:13:
de:da:d9:7f:1f:bb:21:bf:60:9a:4e:7e:2d:53:6f:d7:12:19:
53:a1:3c:5c:af:70:b5:36:d1:7c:b7:ad:97:29:01:dc:dd:83:
ea:1f:a6:0f:03:3f:3a:25:51:f5:d1:86:0f:42:3b:62:99:e5:
38:c9:4e:c1:f2:c7:d2:e1:60:de:aa:85:94:0f:a6:2f:67:29:
22:7e:f2:be:18:e0:7e:c6:81:67:b8:a9:26:e3:08:52:18:b1:
90:19:ec:df:98:26:7c:bd:97:97:ce:23:5f:02:cb:36:36:13:
e3:0d:10:a7:e4:c7:07:fc:9e:ea:a6:d8:34:14:4d:3a:19:db:
e2:a6:88:b4:94:8b:d2:6c:74:80:49:ee:1a:71:af:08:95:45:
5e:a2:b3:f4:19:ce:6a:56:18:b8:20:83:dd:14:60:87:f1:c8:
4d:53:48:af:1c:c5:15:e1:c0:6b:cd:d3:9c:f6:1a:88:39:98:
8b:d7:e8:9b:57:a2:e6:b5:7e:22:1f:bd:28:d9:cb:2e:63:24:
9f:2f:94:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiQZnJDRGOVsFe24yNzYDmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZDc4ZGUwMjM0ZTZmOTk3MDE1OTJmNTM2ZTQ1ZjVmNTU5
NGVlYzMwHhcNMjMwNjA2MTExMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGJjNmI3YzE5ZmU4OGEwMTE4ODAwMGM4Nzc1ZWJkN2FkNjI1Yjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2umw/0D9oC4Hzr9pg0soNQ6MyIVQ
3XPpLoYbaVMk1nWBAqNYZYKEbuI0SsIiubRyedV8GFx1cYsKvD7keLB1EWSksSTg
/ZcVcH56ViFd4FLWkCmbHqwi+0dQAG0uHopzZd6hgxEX1kpEaySPq85ITkk3Ct4N
6jyHoPfUOg76qFNnsyJnoLS2CGDdaANjjo7ciLpe6gqR3kDFbijDIdn4LSuiUwbU
t0ZZ+bWtm/Xcoyazh+Datzy4Pj0ky5Ro3UkTCOh5Au8IGChA54tJQXaC7SY6wLhl
YR6ufey83En86qljU9DrmdEfce5dROyRP0pfxIVf6O++QqXqim6cp7kf6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKi8a3wZ/oigEYgADId169etYluZMB8GA1UdIwQY
MBaAFKfXjeAjTm+ZcBWS9TbkX19VlO7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDllTjRDTk9iNWx3RlpMMU51UmZYMVdVN3NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zMWFhYmEtYWM3ZS00ODlmLTg3N2Mt
MjhkNWI2MDdhNDdmLzEvcUx4cmZCbi1pS0FSaUFBTWgzWHIxNjFpVzVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zMWFhYmEtYWM3ZS00ODlmLTg3N2MtMjhkNWI2MDdhNDdm
LzEvcDllTjRDTk9iNWx3RlpMMU51UmZYMVdVN3NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+kkMA0G
CSqGSIb3DQEBCwUAA4IBAQCDNBNCp+nhfs0hiWAiWqBnRj5wECjqAiK4U0F40AsC
g2+Zpr6dXVSRrP98Zo4enL4+W9t69hPe2tl/H7shv2CaTn4tU2/XEhlToTxcr3C1
NtF8t62XKQHc3YPqH6YPAz86JVH10YYPQjtimeU4yU7B8sfS4WDeqoWUD6YvZyki
fvK+GOB+xoFnuKkm4whSGLGQGezfmCZ8vZeXziNfAss2NhPjDRCn5McH/J7qptg0
FE06Gdvipoi0lIvSbHSASe4aca8IlUVeorP0Gc5qVhi4IIPdFGCH8chNU0ivHMUV
4cBrzdOc9hqIOZiL1+ibV6LmtX4iH70o2csuYySfL5Rt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:33 2024 by rpki-client on console-ams.rpki-client.org