Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/ac25b4-194e-49c4-aab1-0fe4d7f7db3d/1/RBbQ4QKb849WbJDWmZ9pvjQ4Qkw.roa
File: RBbQ4QKb849WbJDWmZ9pvjQ4Qkw.roa (raw, json)
Hash identifier: PkgSU7wq7cIhFoDfSu3pMeEoe20TSIqHT/aymxWOZZg=
Subject key identifier: 44:16:D0:E1:02:9B:F3:8F:56:6C:90:D6:99:9F:69:BE:34:38:42:4C
Certificate issuer: /CN=22c152606125eb66d522263fa03109bbf0bba3da
Certificate serial: 018571553FE8B7DB5559202292E202EF4D7A
Authority key identifier: 22:C1:52:60:61:25:EB:66:D5:22:26:3F:A0:31:09:BB:F0:BB:A3:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsFSYGEl62bVIiY_oDEJu_C7o9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/ac25b4-194e-49c4-aab1-0fe4d7f7db3d/1/RBbQ4QKb849WbJDWmZ9pvjQ4Qkw.roa
Signing time: Mon 02 Jan 2023 07:14:50 +0000
ROA not before: Mon 02 Jan 2023 07:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198874
IP address blocks: 91.234.228.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:3f:e8:b7:db:55:59:20:22:92:e2:02:ef:4d:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c152606125eb66d522263fa03109bbf0bba3da
Validity
Not Before: Jan 2 07:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4416d0e1029bf38f566c90d6999f69be3438424c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a2:2a:d9:9e:ad:50:d9:25:24:53:69:c9:bf:
ef:d9:b9:53:c2:dd:3e:77:e0:fb:45:b5:b0:21:a2:
50:e4:47:da:da:d4:a9:1c:f8:8c:56:05:9a:80:b4:
d0:eb:bb:36:0d:d5:9e:4c:7f:b8:10:e9:d0:1b:07:
bb:c3:a4:e6:4c:ef:b0:9a:a6:73:69:81:aa:52:ea:
51:cb:74:0f:3f:93:e4:48:f5:3f:13:d4:fc:cd:af:
77:13:2a:9c:c8:c2:eb:5d:3b:20:85:a4:41:87:dc:
94:85:ea:9d:71:c8:70:97:0a:29:72:b6:b6:55:f1:
86:74:ac:0e:41:1e:9f:4c:4b:36:38:82:20:95:d6:
26:25:42:4d:39:cc:98:e4:74:98:5e:b3:78:4a:b8:
bb:25:80:fd:06:67:e3:66:31:7c:e9:a5:10:8c:9e:
23:61:44:b5:76:2b:62:2e:cd:46:a3:b9:13:a0:57:
cc:c9:94:b5:1e:b9:e5:f1:f7:90:5f:69:65:c1:27:
e8:a2:da:3c:34:0d:ca:e9:ff:c6:4c:b2:54:41:16:
9e:ff:90:ca:79:26:3a:8d:a9:62:25:d1:72:ad:5d:
81:35:e6:d5:db:2e:15:54:f3:e3:42:3a:42:73:af:
91:a9:e1:6c:c8:da:24:42:31:74:a5:8d:5c:1b:0b:
da:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:16:D0:E1:02:9B:F3:8F:56:6C:90:D6:99:9F:69:BE:34:38:42:4C
X509v3 Authority Key Identifier:
keyid:22:C1:52:60:61:25:EB:66:D5:22:26:3F:A0:31:09:BB:F0:BB:A3:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsFSYGEl62bVIiY_oDEJu_C7o9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/ac25b4-194e-49c4-aab1-0fe4d7f7db3d/1/RBbQ4QKb849WbJDWmZ9pvjQ4Qkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/ac25b4-194e-49c4-aab1-0fe4d7f7db3d/1/IsFSYGEl62bVIiY_oDEJu_C7o9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.228.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:9d:5d:31:5d:53:94:ae:47:5f:65:6f:9d:9c:16:23:5f:2a:
fa:9d:12:40:54:41:1a:2f:38:d4:c6:b1:d7:87:6f:c3:f5:87:
32:aa:29:05:89:03:54:3f:28:f4:eb:37:08:48:30:19:5c:9a:
f0:c9:e8:18:b7:cc:22:55:8f:f8:37:fb:d5:7a:8c:98:f9:57:
41:1f:56:be:4b:69:9e:72:d4:41:8f:e6:c2:03:23:9a:92:83:
21:74:f6:8a:69:9b:33:77:14:60:48:dc:9d:53:70:10:be:f3:
03:09:ca:6c:ab:0b:a4:54:c1:c5:c4:f7:7f:d7:93:a5:ea:6e:
8b:0e:de:ed:4f:19:96:9c:d8:f0:25:11:64:06:5f:12:e4:75:
f6:71:ff:0e:41:d1:a0:0d:1d:d2:af:34:7f:82:6f:f8:51:ac:
6f:e2:9f:7e:69:36:99:f1:71:0d:f4:ce:5b:be:fa:35:ea:1e:
de:46:de:a5:d3:0c:30:fb:6b:05:28:d5:46:08:7b:57:ab:e5:
44:84:4a:5b:36:4d:2b:2b:c1:ae:df:c8:aa:8c:3b:38:de:bc:
6c:0a:33:08:ab:b6:30:f2:5d:80:f4:b7:d3:bf:20:38:97:4a:
88:38:25:1b:4f:5e:3f:55:08:0a:42:8b:58:a1:9b:a6:04:b3:
d3:de:3d:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVT/ot9tVWSAikuIC7016MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzE1MjYwNjEyNWViNjZkNTIyMjYzZmEwMzEwOWJiZjBi
YmEzZGEwHhcNMjMwMTAyMDcxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDE2ZDBlMTAyOWJmMzhmNTY2YzkwZDY5OTlmNjliZTM0Mzg0MjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6Iq2Z6tUNklJFNpyb/v2blTwt0+
d+D7RbWwIaJQ5Efa2tSpHPiMVgWagLTQ67s2DdWeTH+4EOnQGwe7w6TmTO+wmqZz
aYGqUupRy3QPP5PkSPU/E9T8za93EyqcyMLrXTsghaRBh9yUheqdcchwlwopcra2
VfGGdKwOQR6fTEs2OIIgldYmJUJNOcyY5HSYXrN4Sri7JYD9BmfjZjF86aUQjJ4j
YUS1ditiLs1Go7kToFfMyZS1Hrnl8feQX2llwSfooto8NA3K6f/GTLJUQRae/5DK
eSY6jaliJdFyrV2BNebV2y4VVPPjQjpCc6+RqeFsyNokQjF0pY1cGwvaiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEQW0OECm/OPVmyQ1pmfab40OEJMMB8GA1UdIwQY
MBaAFCLBUmBhJetm1SImP6AxCbvwu6PaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNGU1lHRWw2MmJWSWlZX29ERUp1X0M3bzlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hYzI1YjQtMTk0ZS00OWM0LWFhYjEt
MGZlNGQ3ZjdkYjNkLzEvUkJiUTRRS2I4NDlXYkpEV21aOXB2alE0UWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hYzI1YjQtMTk0ZS00OWM0LWFhYjEtMGZlNGQ3ZjdkYjNk
LzEvSXNGU1lHRWw2MmJWSWlZX29ERUp1X0M3bzlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+rkMA0G
CSqGSIb3DQEBCwUAA4IBAQB+nV0xXVOUrkdfZW+dnBYjXyr6nRJAVEEaLzjUxrHX
h2/D9YcyqikFiQNUPyj06zcISDAZXJrwyegYt8wiVY/4N/vVeoyY+VdBH1a+S2me
ctRBj+bCAyOakoMhdPaKaZszdxRgSNydU3AQvvMDCcpsqwukVMHFxPd/15Ol6m6L
Dt7tTxmWnNjwJRFkBl8S5HX2cf8OQdGgDR3SrzR/gm/4Uaxv4p9+aTaZ8XEN9M5b
vvo16h7eRt6l0www+2sFKNVGCHtXq+VEhEpbNk0rK8Gu38iqjDs43rxsCjMIq7Yw
8l2A9LfTvyA4l0qIOCUbT14/VQgKQotYoZumBLPT3j0I
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:22 2024 by rpki-client on console-fra.rpki-client.org