Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ed0918-b251-403c-8360-20ca2c0f6e54/1/t9LK5OVeEJ_nPN4tzv3pLBDrAJY.roa
File: t9LK5OVeEJ_nPN4tzv3pLBDrAJY.roa (raw, json)
Hash identifier: lD0TByYyZ9kxaqFfDyVv0buO4S1KBUJ3ykForOw8PDM=
Subject key identifier: B7:D2:CA:E4:E5:5E:10:9F:E7:3C:DE:2D:CE:FD:E9:2C:10:EB:00:96
Certificate issuer: /CN=5e254ec3265851428fff33721a85c80b2f1e8fbc
Certificate serial: 0185715538D087D7A83122ED404ECB93D947
Authority key identifier: 5E:25:4E:C3:26:58:51:42:8F:FF:33:72:1A:85:C8:0B:2F:1E:8F:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XiVOwyZYUUKP_zNyGoXICy8ej7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ed0918-b251-403c-8360-20ca2c0f6e54/1/t9LK5OVeEJ_nPN4tzv3pLBDrAJY.roa
Signing time: Mon 02 Jan 2023 07:14:48 +0000
ROA not before: Mon 02 Jan 2023 07:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59577
IP address blocks: 91.201.232.0/22 maxlen: 24
195.72.144.0/24 maxlen: 24
195.72.145.0/24 maxlen: 24
195.72.146.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:38:d0:87:d7:a8:31:22:ed:40:4e:cb:93:d9:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e254ec3265851428fff33721a85c80b2f1e8fbc
Validity
Not Before: Jan 2 07:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7d2cae4e55e109fe73cde2dcefde92c10eb0096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:49:30:cb:4d:e0:06:af:3f:66:50:4d:8e:48:
6a:0e:07:7e:85:cd:7b:6c:9d:f4:0e:43:ca:7a:5f:
f0:f9:c0:be:91:cd:8f:13:24:9b:48:e2:46:6c:67:
56:90:1f:62:03:22:7a:6a:b0:11:25:18:78:d1:04:
30:cc:07:71:90:57:5e:10:b2:4c:11:78:ff:2f:a9:
2e:96:bc:17:64:ef:de:95:77:b0:89:75:b3:2d:44:
2c:3a:c7:44:f1:ea:56:af:e0:cb:3e:e9:88:ce:73:
13:14:f7:86:dd:59:ac:31:c3:76:cb:8b:52:0d:25:
28:c9:07:65:40:5c:ef:c4:4d:6f:bf:6b:a9:ce:2c:
63:bb:43:d9:e4:fb:76:a7:9b:a9:c2:68:5d:97:57:
eb:b3:ec:90:f4:77:5b:04:4d:ca:01:2e:95:4c:ba:
8c:5e:f1:86:e4:63:46:f8:02:5a:63:fd:eb:e8:f0:
31:e8:cb:40:34:42:b2:a3:eb:c8:b9:81:43:cf:02:
c4:78:f7:f5:38:07:92:52:35:b5:e9:34:a3:d1:35:
e0:da:0f:df:78:f3:54:b0:bf:26:dc:7b:ce:01:eb:
49:e0:00:19:a0:0a:99:3b:b4:db:a5:e4:a1:24:30:
18:b2:56:44:df:e4:5b:96:d8:35:6b:78:2d:a9:68:
82:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D2:CA:E4:E5:5E:10:9F:E7:3C:DE:2D:CE:FD:E9:2C:10:EB:00:96
X509v3 Authority Key Identifier:
keyid:5E:25:4E:C3:26:58:51:42:8F:FF:33:72:1A:85:C8:0B:2F:1E:8F:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiVOwyZYUUKP_zNyGoXICy8ej7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ed0918-b251-403c-8360-20ca2c0f6e54/1/t9LK5OVeEJ_nPN4tzv3pLBDrAJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ed0918-b251-403c-8360-20ca2c0f6e54/1/XiVOwyZYUUKP_zNyGoXICy8ej7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.232.0/22
195.72.144.0-195.72.146.255
Signature Algorithm: sha256WithRSAEncryption
42:ac:dc:ff:be:b3:a0:86:f2:76:c7:7c:60:cc:5e:d5:53:d1:
17:f9:c9:4c:6c:a8:84:20:71:4c:8c:33:bc:48:ca:29:f1:af:
48:ba:af:c1:8f:71:34:e1:9d:b1:10:b1:e2:19:19:81:d8:84:
f9:8a:7e:20:b2:d0:1d:27:0c:15:2d:c4:7f:e8:7e:a1:0e:68:
e2:57:f6:27:53:a4:df:c9:71:69:20:89:f4:c9:c7:ce:80:ba:
29:0f:f4:0a:0d:30:d4:1e:dc:21:05:dc:fe:73:f9:b3:14:3a:
04:a1:ec:41:ae:ab:03:f0:4f:10:3a:f8:a4:e5:da:36:f9:c0:
ad:84:c7:ab:56:da:cd:60:1d:be:f3:f7:53:72:cb:c4:53:ae:
21:02:91:b0:da:4a:6f:d7:0d:b9:b7:b9:f3:ac:6d:ff:1a:44:
2d:2d:39:fa:c7:50:06:a1:fb:6d:e3:ee:34:27:d9:58:eb:f6:
5f:27:73:cf:fe:22:e4:20:3b:b6:d9:c2:9e:1d:6f:d7:37:d6:
6a:07:76:27:c1:03:0b:c4:aa:68:68:5e:b3:68:37:60:a4:a3:
bf:ae:86:59:9d:85:ff:b4:41:7d:f9:c9:d7:95:fa:cf:95:92:
be:af:4d:ce:f1:15:66:7a:c2:0b:16:8f:56:7c:be:07:c1:0c:
82:a7:c7:44
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVxVTjQh9eoMSLtQE7Lk9lHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjU0ZWMzMjY1ODUxNDI4ZmZmMzM3MjFhODVjODBiMmYx
ZThmYmMwHhcNMjMwMTAyMDcxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2QyY2FlNGU1NWUxMDlmZTczY2RlMmRjZWZkZTkyYzEwZWIwMDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEkwy03gBq8/ZlBNjkhqDgd+hc17
bJ30DkPKel/w+cC+kc2PEySbSOJGbGdWkB9iAyJ6arARJRh40QQwzAdxkFdeELJM
EXj/L6kulrwXZO/elXewiXWzLUQsOsdE8epWr+DLPumIznMTFPeG3VmsMcN2y4tS
DSUoyQdlQFzvxE1vv2upzixju0PZ5Pt2p5upwmhdl1frs+yQ9HdbBE3KAS6VTLqM
XvGG5GNG+AJaY/3r6PAx6MtANEKyo+vIuYFDzwLEePf1OAeSUjW16TSj0TXg2g/f
ePNUsL8m3HvOAetJ4AAZoAqZO7TbpeShJDAYslZE3+Rbltg1a3gtqWiCiwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLfSyuTlXhCf5zzeLc796SwQ6wCWMB8GA1UdIwQY
MBaAFF4lTsMmWFFCj/8zchqFyAsvHo+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGlWT3d5WllVVUtQX3pOeUdvWElDeThlajd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lZDA5MTgtYjI1MS00MDNjLTgzNjAt
MjBjYTJjMGY2ZTU0LzEvdDlMSzVPVmVFSl9uUE40dHp2M3BMQkRyQUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lZDA5MTgtYjI1MS00MDNjLTgzNjAtMjBjYTJjMGY2ZTU0
LzEvWGlWT3d5WllVVUtQX3pOeUdvWElDeThlajd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCW8noMAwD
BATDSJADBADDSJIwDQYJKoZIhvcNAQELBQADggEBAEKs3P++s6CG8nbHfGDMXtVT
0Rf5yUxsqIQgcUyMM7xIyinxr0i6r8GPcTThnbEQseIZGYHYhPmKfiCy0B0nDBUt
xH/ofqEOaOJX9idTpN/JcWkgifTJx86AuikP9AoNMNQe3CEF3P5z+bMUOgSh7EGu
qwPwTxA6+KTl2jb5wK2Ex6tW2s1gHb7z91Nyy8RTriECkbDaSm/XDbm3ufOsbf8a
RC0tOfrHUAah+23j7jQn2Vjr9l8nc8/+IuQgO7bZwp4db9c31moHdifBAwvEqmho
XrNoN2Cko7+uhlmdhf+0QX35ydeV+s+Vkr6vTc7xFWZ6wgsWj1Z8vgfBDIKnx0Q=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:46 2024 by rpki-client on console-ams.rpki-client.org