Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/07e4b2-6b38-4bc0-a680-a60bc7d07878/1/XRgsZ4YPIWuKfmY-11HI2qvtngg.roa
File: XRgsZ4YPIWuKfmY-11HI2qvtngg.roa (raw, json)
Hash identifier: FskqgtCHT1agmzLIFSxnezGjP1G3EjHhdpUkuF4vLh8=
Subject key identifier: 5D:18:2C:67:86:0F:21:6B:8A:7E:66:3E:D7:51:C8:DA:AB:ED:9E:08
Certificate issuer: /CN=f11a9a44557d46ff2d8088a228885aff000dc2a2
Certificate serial: 01856DD41901A7C35B5C545B4E852008EF66
Authority key identifier: F1:1A:9A:44:55:7D:46:FF:2D:80:88:A2:28:88:5A:FF:00:0D:C2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8RqaRFV9Rv8tgIiiKIha_wANwqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/07e4b2-6b38-4bc0-a680-a60bc7d07878/1/XRgsZ4YPIWuKfmY-11HI2qvtngg.roa
Signing time: Sun 01 Jan 2023 14:54:54 +0000
ROA not before: Sun 01 Jan 2023 14:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48398
IP address blocks: 91.209.145.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:19:01:a7:c3:5b:5c:54:5b:4e:85:20:08:ef:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f11a9a44557d46ff2d8088a228885aff000dc2a2
Validity
Not Before: Jan 1 14:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d182c67860f216b8a7e663ed751c8daabed9e08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:51:c3:99:61:d1:2a:17:70:09:14:62:43:47:
13:bb:8f:c5:75:bb:8d:92:9c:6c:5c:a1:0a:3f:6d:
0a:ac:42:58:b6:b5:5e:a3:a9:b6:c3:b3:13:2c:20:
af:b4:6e:f4:b1:df:50:01:48:b8:f6:79:1a:d9:19:
4c:52:2a:f7:fd:7e:24:5a:3a:6a:4a:72:32:fe:27:
eb:d2:96:8b:ff:4d:4f:be:89:c9:c0:06:24:ea:ac:
86:c4:dc:71:5b:d4:88:2a:e7:8d:84:13:e7:52:a3:
eb:59:a0:3e:60:dd:2e:49:19:49:82:43:ed:14:a2:
cf:ae:ac:3c:c2:4b:33:7d:ff:4f:8d:8f:87:20:b9:
4c:51:27:ed:cb:e2:4c:ba:42:c5:e8:bf:b3:88:82:
f2:04:dc:2b:f7:21:e9:01:ed:49:c8:aa:da:d1:98:
42:88:8f:05:05:9a:2f:30:b9:14:f8:64:58:56:c9:
cb:65:ed:85:92:d9:0b:22:0c:11:ab:52:12:85:55:
fd:a2:52:1d:95:17:2e:88:79:fb:7f:d1:7c:fa:c6:
cc:3c:42:1a:24:e3:d6:29:98:5f:d0:70:3b:42:c6:
8f:64:05:29:a5:25:f3:75:87:9d:93:99:1a:67:5a:
f8:4b:bc:42:a0:42:a2:ca:8c:ab:19:67:4d:f2:b5:
02:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:18:2C:67:86:0F:21:6B:8A:7E:66:3E:D7:51:C8:DA:AB:ED:9E:08
X509v3 Authority Key Identifier:
keyid:F1:1A:9A:44:55:7D:46:FF:2D:80:88:A2:28:88:5A:FF:00:0D:C2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8RqaRFV9Rv8tgIiiKIha_wANwqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/07e4b2-6b38-4bc0-a680-a60bc7d07878/1/XRgsZ4YPIWuKfmY-11HI2qvtngg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/07e4b2-6b38-4bc0-a680-a60bc7d07878/1/8RqaRFV9Rv8tgIiiKIha_wANwqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.145.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:09:cf:b2:88:e5:53:c2:3a:fd:c3:97:d4:79:60:28:b9:e7:
53:f0:8c:3a:76:89:ac:b6:27:16:d1:a2:cd:3b:0f:c8:81:f8:
b5:0e:6b:e1:4d:a9:93:80:b7:4f:72:f3:61:e2:ba:db:d9:be:
a7:11:14:af:61:d6:68:68:ef:b4:5c:d2:85:14:66:2c:3d:3c:
97:6f:a6:1d:4b:39:7f:f1:ae:31:8e:b6:15:ee:13:5c:a5:c2:
c3:61:9d:e5:e0:e9:fa:50:1f:ac:9e:ad:3f:dd:f4:9d:8b:31:
d7:73:c0:74:14:e8:ce:34:4d:bd:c3:9c:d5:12:f6:31:bf:32:
32:32:f2:e1:61:c0:ed:8f:47:87:d9:72:e9:55:9c:84:26:25:
14:18:3c:3c:3b:f2:34:7f:b5:ae:76:13:94:fe:83:31:4f:f3:
e4:b7:cf:92:df:a7:7e:f1:a4:b0:72:2b:1e:8a:ae:1b:c6:4a:
fc:18:05:67:a7:10:fa:1f:0b:ea:a6:da:33:4b:a9:93:ca:46:
b9:06:42:0b:24:51:1f:53:89:01:d9:6b:53:13:86:ed:4e:e1:
e1:bb:a6:02:e7:3e:f1:81:b0:8c:5f:7c:0d:95:19:a9:46:b7:
df:25:13:25:b0:9c:a3:d1:17:0b:30:4f:29:bd:10:25:d3:59:
55:59:69:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1BkBp8NbXFRbToUgCO9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMWE5YTQ0NTU3ZDQ2ZmYyZDgwODhhMjI4ODg1YWZmMDAw
ZGMyYTIwHhcNMjMwMTAxMTQ1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDE4MmM2Nzg2MGYyMTZiOGE3ZTY2M2VkNzUxYzhkYWFiZWQ5ZTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1HDmWHRKhdwCRRiQ0cTu4/FdbuN
kpxsXKEKP20KrEJYtrVeo6m2w7MTLCCvtG70sd9QAUi49nka2RlMUir3/X4kWjpq
SnIy/ifr0paL/01PvonJwAYk6qyGxNxxW9SIKueNhBPnUqPrWaA+YN0uSRlJgkPt
FKLPrqw8wkszff9PjY+HILlMUSfty+JMukLF6L+ziILyBNwr9yHpAe1JyKra0ZhC
iI8FBZovMLkU+GRYVsnLZe2FktkLIgwRq1IShVX9olIdlRcuiHn7f9F8+sbMPEIa
JOPWKZhf0HA7QsaPZAUppSXzdYedk5kaZ1r4S7xCoEKiyoyrGWdN8rUCbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF0YLGeGDyFrin5mPtdRyNqr7Z4IMB8GA1UdIwQY
MBaAFPEamkRVfUb/LYCIoiiIWv8ADcKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFJxYVJGVjlSdjh0Z0lpaUtJaGFfd0FOd3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8wN2U0YjItNmIzOC00YmMwLWE2ODAt
YTYwYmM3ZDA3ODc4LzEvWFJnc1o0WVBJV3VLZm1ZLTExSEkycXZ0bmdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8wN2U0YjItNmIzOC00YmMwLWE2ODAtYTYwYmM3ZDA3ODc4
LzEvOFJxYVJGVjlSdjh0Z0lpaUtJaGFfd0FOd3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9GRMA0G
CSqGSIb3DQEBCwUAA4IBAQBPCc+yiOVTwjr9w5fUeWAouedT8Iw6domsticW0aLN
Ow/Igfi1DmvhTamTgLdPcvNh4rrb2b6nERSvYdZoaO+0XNKFFGYsPTyXb6YdSzl/
8a4xjrYV7hNcpcLDYZ3l4On6UB+snq0/3fSdizHXc8B0FOjONE29w5zVEvYxvzIy
MvLhYcDtj0eH2XLpVZyEJiUUGDw8O/I0f7WudhOU/oMxT/Pkt8+S36d+8aSwcise
iq4bxkr8GAVnpxD6HwvqptozS6mTyka5BkILJFEfU4kB2WtTE4btTuHhu6YC5z7x
gbCMX3wNlRmpRrffJRMlsJyj0RcLME8pvRAl01lVWWlT
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:12 2024 by rpki-client on console-ams.rpki-client.org