Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/KbbE5tpHDrypgCORVyw2KL6Z-oE.roa
File: KbbE5tpHDrypgCORVyw2KL6Z-oE.roa (raw, json)
Hash identifier: xFfUPqEjr0UetQ1ahKdl/65bxSpIpYa68xAhtjcbmnE=
Subject key identifier: 29:B6:C4:E6:DA:47:0E:BC:A9:80:23:91:57:2C:36:28:BE:99:FA:81
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 01856F1DB956BAA8D0076BE0911053D9EFB2
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/KbbE5tpHDrypgCORVyw2KL6Z-oE.roa
Signing time: Sun 01 Jan 2023 20:54:56 +0000
ROA not before: Sun 01 Jan 2023 20:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204804
IP address blocks: 91.231.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:b9:56:ba:a8:d0:07:6b:e0:91:10:53:d9:ef:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Jan 1 20:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29b6c4e6da470ebca9802391572c3628be99fa81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:41:16:57:6a:d7:ae:34:56:12:ec:89:13:2a:
b6:5b:8f:4f:8b:3e:3f:97:8c:90:3a:1c:76:af:bc:
04:48:41:6e:aa:c5:d1:7c:2d:93:0a:64:e1:14:af:
7d:b5:03:7e:70:89:57:9f:28:65:f7:24:29:f8:4f:
6b:ae:c5:11:11:fd:2a:fa:18:53:40:d6:c3:00:5a:
f4:bb:1b:c2:fa:1c:c2:d7:07:3f:5f:85:b6:36:9a:
8d:66:82:a8:8c:83:42:c5:d6:90:ec:fe:b2:aa:79:
1f:0f:72:10:0c:01:48:45:14:4e:c0:49:11:66:8a:
80:4c:21:82:90:6e:84:7a:f2:54:96:a4:ea:cf:c0:
d1:ed:ea:5a:75:4f:88:ac:2f:ee:7e:f2:46:e0:fa:
84:6e:e8:24:a9:8c:8c:ed:bc:9f:af:06:18:df:03:
78:c7:c0:6e:54:00:80:32:04:c8:10:77:c2:6d:67:
b5:a8:bd:a5:80:ab:cc:f6:20:51:b9:d5:c7:5f:bf:
6f:27:d1:75:85:6e:c3:26:02:f0:ff:06:48:52:6a:
7d:d1:49:ba:63:96:9b:c0:03:b9:eb:0c:a6:02:86:
c8:b9:e5:3d:f2:99:54:da:f9:9b:9a:31:51:68:16:
ee:55:a0:4d:27:62:c9:f8:7b:e9:aa:55:bb:7f:e9:
22:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B6:C4:E6:DA:47:0E:BC:A9:80:23:91:57:2C:36:28:BE:99:FA:81
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/KbbE5tpHDrypgCORVyw2KL6Z-oE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.66.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:07:97:57:e6:b9:26:74:1b:4a:1c:cf:63:e0:68:21:be:06:
bc:b0:ec:ed:4e:69:4f:ad:73:80:10:70:65:4b:3b:2b:4b:37:
11:6e:43:ab:2b:34:2c:81:a4:d8:93:41:ad:af:f7:66:57:3f:
ab:6f:96:e0:02:a3:f8:ac:1c:aa:62:b6:14:56:94:12:38:8f:
9f:2d:16:98:1c:fb:1a:6d:90:dc:4f:79:78:d5:d7:76:e1:4d:
1d:8e:b3:d1:ef:e7:69:c6:2d:63:c4:c5:38:c9:70:ea:6f:fa:
bc:59:22:fe:98:b3:79:67:0e:62:d5:63:e3:6f:b9:74:60:6b:
01:a2:55:b5:df:8a:78:2f:2e:3d:32:ef:ff:3d:c2:d9:37:e1:
3a:df:01:21:5a:10:1b:11:a3:e8:57:cd:2b:4e:0a:37:ac:4a:
a0:26:c4:81:e3:70:dc:b6:cf:d0:6d:eb:eb:fc:6f:28:18:ce:
5f:79:c2:c0:17:fc:d0:0a:e1:26:64:ac:9d:76:a6:da:e1:e1:
fa:62:c6:a2:6b:c8:bb:b2:fd:14:e6:5e:9b:fe:1f:0a:eb:a7:
e8:cb:34:53:ed:85:7f:cb:44:e4:e2:b7:35:ec:5e:fe:71:6f:
6d:f6:24:6b:80:03:3f:43:80:4b:5c:95:65:61:0b:8a:4d:ad:
a0:f8:6c:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHblWuqjQB2vgkRBT2e+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjMwMTAxMjA1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWI2YzRlNmRhNDcwZWJjYTk4MDIzOTE1NzJjMzYyOGJlOTlmYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUEWV2rXrjRWEuyJEyq2W49Piz4/
l4yQOhx2r7wESEFuqsXRfC2TCmThFK99tQN+cIlXnyhl9yQp+E9rrsUREf0q+hhT
QNbDAFr0uxvC+hzC1wc/X4W2NpqNZoKojINCxdaQ7P6yqnkfD3IQDAFIRRROwEkR
ZoqATCGCkG6EevJUlqTqz8DR7epadU+IrC/ufvJG4PqEbugkqYyM7byfrwYY3wN4
x8BuVACAMgTIEHfCbWe1qL2lgKvM9iBRudXHX79vJ9F1hW7DJgLw/wZIUmp90Um6
Y5abwAO56wymAobIueU98plU2vmbmjFRaBbuVaBNJ2LJ+HvpqlW7f+kibQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCm2xObaRw68qYAjkVcsNii+mfqBMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvS2JiRTV0cEhEcnlwZ0NPUlZ5dzJLTDZaLW9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+dCMA0G
CSqGSIb3DQEBCwUAA4IBAQBqB5dX5rkmdBtKHM9j4Gghvga8sOztTmlPrXOAEHBl
SzsrSzcRbkOrKzQsgaTYk0Gtr/dmVz+rb5bgAqP4rByqYrYUVpQSOI+fLRaYHPsa
bZDcT3l41dd24U0djrPR7+dpxi1jxMU4yXDqb/q8WSL+mLN5Zw5i1WPjb7l0YGsB
olW134p4Ly49Mu//PcLZN+E63wEhWhAbEaPoV80rTgo3rEqgJsSB43Dcts/Qbevr
/G8oGM5fecLAF/zQCuEmZKyddqba4eH6Ysaia8i7sv0U5l6b/h8K66foyzRT7YV/
y0Tk4rc17F7+cW9t9iRrgAM/Q4BLXJVlYQuKTa2g+Gyj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:06 2024 by rpki-client on console-ams.rpki-client.org