Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/1-i3rLznkBLONh5CX6YHIEt3yF5I.roa
File: 1-i3rLznkBLONh5CX6YHIEt3yF5I.roa (raw, json)
Hash identifier: aFx1t1Cis7Lu9gUnRqpU3dYhEvoZrG4AOzsnWNjA6YM=
Subject key identifier: FA:2D:EB:2F:39:E4:04:B3:8D:87:90:97:E9:81:C8:12:DD:F2:17:92
Certificate issuer: /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial: 018572CC94EF12F1ADED3B84DD04641C0C11
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/1-i3rLznkBLONh5CX6YHIEt3yF5I.roa
Signing time: Mon 02 Jan 2023 14:04:48 +0000
ROA not before: Mon 02 Jan 2023 14:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 193.28.159.0/24 maxlen: 24
91.223.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:94:ef:12:f1:ad:ed:3b:84:dd:04:64:1c:0c:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Validity
Not Before: Jan 2 14:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa2deb2f39e404b38d879097e981c812ddf21792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e6:4b:13:7e:d5:7c:c6:b0:21:c5:0b:08:44:
5e:31:76:a1:ed:3c:ff:ec:45:ca:bf:eb:1d:cf:da:
da:31:b5:2c:aa:09:0e:cb:5c:c0:de:58:83:14:6b:
be:4f:90:67:3d:b8:9e:02:23:d6:1f:a0:c3:a7:25:
ea:e0:0f:58:b8:47:74:91:04:d8:c1:30:c8:36:ad:
a9:34:30:11:6b:20:dc:03:79:e1:51:31:85:21:f2:
ab:4b:db:a0:73:82:37:95:1d:e3:35:c9:32:bd:c2:
64:58:5a:83:92:7e:d8:32:e8:e0:b1:ab:60:2a:e1:
89:e4:03:bc:4d:aa:58:12:d5:ed:72:00:83:55:e9:
26:ee:da:a6:98:6e:bf:26:7a:5e:ef:37:77:75:f8:
19:3e:69:ff:c8:49:1e:9b:49:84:8f:de:7f:3b:11:
0b:16:06:7c:7d:f8:1c:81:7f:bd:23:56:fb:37:b1:
5e:08:03:00:05:ee:16:99:ee:f0:ec:f7:0e:31:a8:
3f:8a:39:f1:f7:d9:f0:ec:16:8b:d9:56:0b:d5:3c:
82:4e:13:f1:be:7e:6d:01:25:93:4b:cb:29:02:c8:
4f:af:84:c5:a8:91:f8:74:1b:d3:e2:96:a3:ae:b7:
55:8a:ba:e9:f3:de:d5:02:1f:41:01:7a:30:a5:d8:
03:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2D:EB:2F:39:E4:04:B3:8D:87:90:97:E9:81:C8:12:DD:F2:17:92
X509v3 Authority Key Identifier:
keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/1-i3rLznkBLONh5CX6YHIEt3yF5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.161.0/24
193.28.159.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:2e:51:97:01:20:b7:13:d0:4a:9a:8d:c2:91:0e:92:f1:2b:
50:6c:87:bf:ca:22:f1:85:2f:0d:eb:5b:ca:69:53:17:28:f3:
fa:f2:31:e3:f9:2e:51:e6:d2:cb:59:7c:27:78:d5:cb:99:c8:
d9:9e:b7:73:af:be:ba:c4:bd:6e:20:b7:e1:bb:2d:a1:d6:97:
2a:86:c1:b3:e9:98:de:32:7a:66:05:3a:f4:d4:d7:89:74:fb:
66:b1:13:78:a9:47:eb:28:87:b7:58:0e:5d:b6:e6:51:44:c8:
28:a9:8d:36:f4:3b:77:e0:db:fd:c5:f4:cf:a6:fd:c8:6d:5e:
e3:27:93:07:bf:e2:d0:40:8f:4c:0e:a0:b7:18:48:f8:a1:35:
ab:da:5c:c9:f0:2d:f7:f5:08:89:aa:53:e8:6b:b8:ac:ac:71:
84:ed:09:6c:03:71:49:c5:5b:0b:06:f5:45:c5:61:10:d4:b1:
6f:3e:87:c4:b7:e6:8e:b9:06:5a:97:d8:a6:1e:c0:e3:b9:29:
8f:27:e7:54:76:9a:d1:ea:c0:16:e3:c0:ac:94:93:f6:b5:dd:
14:5e:aa:94:13:dc:ec:94:0c:19:5f:ef:5f:05:93:6c:cc:4c:
35:57:99:67:0a:a3:8f:e0:9b:01:fb:45:2f:55:26:e4:1d:df:
2d:db:c6:49
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVyzJTvEvGt7TuE3QRkHAwRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjBhODY2NTllYzMxNGYxM2EwNGUzYTAzZGJkYjEyNDRh
MGUwYTkwHhcNMjMwMTAyMTQwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTJkZWIyZjM5ZTQwNGIzOGQ4NzkwOTdlOTgxYzgxMmRkZjIxNzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+ZLE37VfMawIcULCEReMXah7Tz/
7EXKv+sdz9raMbUsqgkOy1zA3liDFGu+T5BnPbieAiPWH6DDpyXq4A9YuEd0kQTY
wTDINq2pNDARayDcA3nhUTGFIfKrS9ugc4I3lR3jNckyvcJkWFqDkn7YMujgsatg
KuGJ5AO8TapYEtXtcgCDVekm7tqmmG6/Jnpe7zd3dfgZPmn/yEkem0mEj95/OxEL
FgZ8ffgcgX+9I1b7N7FeCAMABe4Wme7w7PcOMag/ijnx99nw7BaL2VYL1TyCThPx
vn5tASWTS8spAshPr4TFqJH4dBvT4pajrrdVirrp897VAh9BAXowpdgD1QIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPot6y855ASzjYeQl+mByBLd8heSMB8GA1UdIwQY
MBaAFLWwqGZZ7DFPE6BOOgPb2xJEoOCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTIt
N2ZiZjVlZTI5MGFjLzEvMS1pM3JMem5rQkxPTmg1Q1g2WUhJRXQzeUY1SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvMDQ0NDAyLWM0ZDQtNDI1OS05M2UyLTdmYmY1ZWUyOTBh
Yy8xL3RiQ29abG5zTVU4VG9FNDZBOXZiRWtTZzRLay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvfoQME
AMEcnzANBgkqhkiG9w0BAQsFAAOCAQEATy5RlwEgtxPQSpqNwpEOkvErUGyHv8oi
8YUvDetbymlTFyjz+vIx4/kuUebSy1l8J3jVy5nI2Z63c6++usS9biC34bstodaX
KobBs+mY3jJ6ZgU69NTXiXT7ZrETeKlH6yiHt1gOXbbmUUTIKKmNNvQ7d+Db/cX0
z6b9yG1e4yeTB7/i0ECPTA6gtxhI+KE1q9pcyfAt9/UIiapT6Gu4rKxxhO0JbANx
ScVbCwb1RcVhENSxbz6HxLfmjrkGWpfYph7A47kpjyfnVHaa0erAFuPArJST9rXd
FF6qlBPc7JQMGV/vXwWTbMxMNVeZZwqjj+CbAftFL1Um5B3fLdvGSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:09 2024 by rpki-client on console-ams.rpki-client.org