Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f76a83-ae09-411f-ae9f-5386a79ade80/1/x5yfgyV4wTzz9rqxdw19t1-1UC4.roa
File: x5yfgyV4wTzz9rqxdw19t1-1UC4.roa (raw, json)
Hash identifier: Qbi8byuAYAU3GWln1/eXBJbTYxQ853/VS9aXgl/ll+Y=
Subject key identifier: C7:9C:9F:83:25:78:C1:3C:F3:F6:BA:B1:77:0D:7D:B7:5F:B5:50:2E
Certificate issuer: /CN=a1dca44b4ab54533f8b5196cf92d68deb8fcc5e2
Certificate serial: 018853D8A321EAB24F0BE3C5DDECC827AEB0
Authority key identifier: A1:DC:A4:4B:4A:B5:45:33:F8:B5:19:6C:F9:2D:68:DE:B8:FC:C5:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/odykS0q1RTP4tRls-S1o3rj8xeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f76a83-ae09-411f-ae9f-5386a79ade80/1/x5yfgyV4wTzz9rqxdw19t1-1UC4.roa
Signing time: Thu 25 May 2023 16:58:06 +0000
ROA not before: Thu 25 May 2023 16:58:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57643
IP address blocks: 91.235.20.0/22 maxlen: 22
91.235.24.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:53:d8:a3:21:ea:b2:4f:0b:e3:c5:dd:ec:c8:27:ae:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1dca44b4ab54533f8b5196cf92d68deb8fcc5e2
Validity
Not Before: May 25 16:58:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c79c9f832578c13cf3f6bab1770d7db75fb5502e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d2:68:a7:dc:51:f7:4f:02:0b:5d:c1:e6:06:
cc:c7:b6:92:53:7c:df:7d:eb:f9:a5:da:15:f7:c9:
70:8e:1c:2f:d6:b5:2b:7a:ea:f3:ac:51:d5:a0:aa:
4e:6c:f0:ec:44:dc:8a:12:09:b4:55:cb:10:a7:c2:
b7:78:06:8e:c7:a9:25:97:04:c2:af:56:b0:28:1a:
a7:68:4a:3c:28:43:e1:08:62:56:0c:1e:fe:d8:25:
70:72:f1:bc:0e:73:27:52:dc:8f:53:e8:d9:d4:26:
56:da:66:f4:5c:88:bb:e9:84:7a:d8:42:02:eb:19:
0d:f6:1e:fb:4a:46:9b:5d:86:59:a5:eb:c2:86:03:
98:4e:ee:8a:f0:0f:14:51:5f:72:33:38:ae:8b:e1:
79:43:4b:52:56:94:e4:f1:ad:c7:cb:17:0d:29:b1:
03:28:a0:fb:6e:af:20:c6:a6:ae:0c:b9:8d:a7:4d:
b1:2e:5f:2d:97:fb:0d:96:e8:fb:9d:32:76:82:53:
37:5c:d9:ec:10:e3:d3:01:af:5c:85:41:b9:31:1c:
a4:9c:84:95:49:2e:93:c5:ee:2f:82:8e:d2:32:05:
d9:e3:03:86:c4:84:1d:b8:70:06:a2:0f:1f:70:b3:
73:01:bc:e1:df:3a:d3:19:95:60:d4:98:62:57:85:
5d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:9C:9F:83:25:78:C1:3C:F3:F6:BA:B1:77:0D:7D:B7:5F:B5:50:2E
X509v3 Authority Key Identifier:
keyid:A1:DC:A4:4B:4A:B5:45:33:F8:B5:19:6C:F9:2D:68:DE:B8:FC:C5:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/odykS0q1RTP4tRls-S1o3rj8xeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f76a83-ae09-411f-ae9f-5386a79ade80/1/x5yfgyV4wTzz9rqxdw19t1-1UC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f76a83-ae09-411f-ae9f-5386a79ade80/1/odykS0q1RTP4tRls-S1o3rj8xeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.20.0-91.235.25.255
Signature Algorithm: sha256WithRSAEncryption
02:d5:15:d7:4a:3b:8a:37:c5:eb:47:70:e4:06:ee:1f:60:4b:
59:8a:bf:07:46:15:56:a2:21:b8:ad:e8:78:0b:10:b7:28:81:
b3:87:8c:3b:3b:4c:ef:65:72:bf:23:c0:b1:b3:b1:49:c3:64:
d5:59:47:82:69:83:f9:39:13:18:1c:25:d5:e4:d8:53:89:2c:
61:4f:47:de:f5:67:52:76:b4:a2:41:9a:f3:69:d6:38:61:72:
31:8d:e7:9d:b4:d1:e5:24:a1:f6:41:4c:bc:b3:76:58:00:5a:
43:25:41:cb:a7:a9:7f:b5:c9:60:5d:5a:e0:dd:04:f3:bd:4b:
d6:5a:8b:31:f7:c8:fe:31:cf:2a:99:3f:c2:05:2f:c0:c8:7a:
3c:7f:ef:b8:db:68:53:d6:61:57:0c:aa:02:3a:5c:75:ca:ed:
63:d2:bc:6c:d0:d1:d9:78:95:50:fd:3c:d8:e9:bb:71:64:b1:
58:da:31:f4:95:31:4c:95:bf:d8:32:a5:28:cc:21:7d:f9:3e:
fc:5d:48:cd:48:d7:e6:a9:6c:15:6b:8c:ff:81:16:cc:ac:bf:
ee:20:3e:26:66:d2:15:72:fe:f5:cb:ac:a8:f9:a9:24:56:d4:
bc:78:8c:c3:fe:c4:db:67:29:58:60:40:65:e7:a7:19:f6:03:
2d:6e:5b:9d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYhT2KMh6rJPC+PF3ezIJ66wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZGNhNDRiNGFiNTQ1MzNmOGI1MTk2Y2Y5MmQ2OGRlYjhm
Y2M1ZTIwHhcNMjMwNTI1MTY1ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzljOWY4MzI1NzhjMTNjZjNmNmJhYjE3NzBkN2RiNzVmYjU1MDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tJop9xR908CC13B5gbMx7aSU3zf
fev5pdoV98lwjhwv1rUreurzrFHVoKpObPDsRNyKEgm0VcsQp8K3eAaOx6kllwTC
r1awKBqnaEo8KEPhCGJWDB7+2CVwcvG8DnMnUtyPU+jZ1CZW2mb0XIi76YR62EIC
6xkN9h77SkabXYZZpevChgOYTu6K8A8UUV9yMziui+F5Q0tSVpTk8a3HyxcNKbED
KKD7bq8gxqauDLmNp02xLl8tl/sNluj7nTJ2glM3XNnsEOPTAa9chUG5MRyknISV
SS6Txe4vgo7SMgXZ4wOGxIQduHAGog8fcLNzAbzh3zrTGZVg1JhiV4Vd9wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMecn4MleME88/a6sXcNfbdftVAuMB8GA1UdIwQY
MBaAFKHcpEtKtUUz+LUZbPktaN64/MXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2R5a1MwcTFSVFA0dFJscy1TMW8zcmo4eGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mNzZhODMtYWUwOS00MTFmLWFlOWYt
NTM4NmE3OWFkZTgwLzEveDV5Zmd5VjR3VHp6OXJxeGR3MTl0MS0xVUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mNzZhODMtYWUwOS00MTFmLWFlOWYtNTM4NmE3OWFkZTgw
LzEvb2R5a1MwcTFSVFA0dFJscy1TMW8zcmo4eGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJb6xQD
BAFb6xgwDQYJKoZIhvcNAQELBQADggEBAALVFddKO4o3xetHcOQG7h9gS1mKvwdG
FVaiIbit6HgLELcogbOHjDs7TO9lcr8jwLGzsUnDZNVZR4Jpg/k5ExgcJdXk2FOJ
LGFPR971Z1J2tKJBmvNp1jhhcjGN55200eUkofZBTLyzdlgAWkMlQcunqX+1yWBd
WuDdBPO9S9ZaizH3yP4xzyqZP8IFL8DIejx/77jbaFPWYVcMqgI6XHXK7WPSvGzQ
0dl4lVD9PNjpu3FksVjaMfSVMUyVv9gypSjMIX35PvxdSM1I1+apbBVrjP+BFsys
v+4gPiZm0hVy/vXLrKj5qSRW1Lx4jMP+xNtnKVhgQGXnpxn2Ay1uW50=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:22 2024 by rpki-client on console-fra.rpki-client.org