Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/rtfHzbRs_S_38NW3iNIM5HFztXs.roa
File: rtfHzbRs_S_38NW3iNIM5HFztXs.roa (raw, json)
Hash identifier: eVCQ2nol1i1bjOF7Zr+BugkbkDAcjF1PmC/KYR8f98s=
Subject key identifier: AE:D7:C7:CD:B4:6C:FD:2F:F7:F0:D5:B7:88:D2:0C:E4:71:73:B5:7B
Certificate issuer: /CN=07f231365985828d5a9663ed1b440624b24fec13
Certificate serial: 018C410067DD0CA96EEC38E1B953DA08C5E2
Authority key identifier: 07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/rtfHzbRs_S_38NW3iNIM5HFztXs.roa
Signing time: Wed 06 Dec 2023 21:19:54 +0000
ROA not before: Wed 06 Dec 2023 21:19:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.199.44.0/24 maxlen: 24
91.199.47.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:41:00:67:dd:0c:a9:6e:ec:38:e1:b9:53:da:08:c5:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07f231365985828d5a9663ed1b440624b24fec13
Validity
Not Before: Dec 6 21:19:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aed7c7cdb46cfd2ff7f0d5b788d20ce47173b57b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c0:58:f7:d8:73:a8:51:ba:35:17:ff:d3:fd:
22:6e:85:a7:cb:06:4e:e7:52:9d:34:78:5c:f0:3b:
76:fd:22:2e:e1:39:8c:ea:83:f3:83:7c:8c:24:1e:
2d:65:ee:cf:dd:fa:11:e5:91:1b:ad:fa:5f:5d:38:
cb:99:a9:29:8a:7b:d2:a9:fb:08:9b:c5:0f:61:ef:
af:cf:05:ee:66:d9:e1:39:bb:55:03:49:54:be:e6:
e7:e2:bc:e0:8d:34:ba:30:a1:f5:3e:8a:29:9e:a3:
21:5e:36:70:23:86:ec:4d:8a:7b:e0:13:1b:4f:83:
24:43:18:06:00:1e:bd:f4:85:19:62:3b:ec:32:6b:
64:2c:c1:b8:e6:6e:45:d1:a5:ff:b2:db:ac:40:fd:
af:69:9f:78:39:fc:d8:a1:f1:b3:a7:23:fd:e6:39:
5d:65:6a:d4:de:ee:1f:70:8b:20:22:6e:4a:20:30:
fe:24:be:04:02:49:60:75:4e:bd:91:2e:73:13:61:
69:7b:d4:63:d6:91:2a:90:58:27:e0:2c:dc:dc:ba:
e9:38:3f:28:30:6e:06:47:38:68:90:10:fd:9d:54:
48:68:6f:83:74:9a:89:21:62:32:bb:7d:ce:ce:19:
2d:4e:a1:06:bb:5c:97:59:db:db:ea:82:b3:41:25:
46:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D7:C7:CD:B4:6C:FD:2F:F7:F0:D5:B7:88:D2:0C:E4:71:73:B5:7B
X509v3 Authority Key Identifier:
keyid:07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/rtfHzbRs_S_38NW3iNIM5HFztXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/B_IxNlmFgo1almPtG0QGJLJP7BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.44.0/24
91.199.47.0/24
Signature Algorithm: sha256WithRSAEncryption
67:67:b1:4b:78:da:a8:f6:1d:91:d0:25:76:2f:9c:4a:19:17:
42:c1:0d:b2:29:f6:13:f4:7d:cf:e9:83:a9:93:61:54:c2:90:
57:c1:b2:eb:ef:fa:6b:4f:5e:00:fa:26:77:26:1b:c9:d0:a2:
de:e6:f7:5f:59:c1:b6:b1:c2:25:53:26:07:a4:27:be:9e:4a:
72:6e:96:3f:1f:24:31:85:f8:14:54:10:90:a1:49:c4:a6:56:
74:de:2a:d1:68:03:79:e9:74:53:49:17:d1:56:8c:b8:40:b3:
8b:d5:28:19:7f:e4:94:32:e4:3f:10:5c:ad:ef:c1:03:04:d7:
59:6a:f6:71:10:23:39:45:aa:9f:30:d9:a8:47:c2:a2:20:2c:
55:f2:4a:2d:7c:5f:d0:8c:48:5b:6f:77:d7:20:88:70:61:3c:
08:c9:6a:6a:0b:da:23:f2:dc:7e:0e:96:68:45:29:77:e0:f3:
d8:d1:f0:14:30:65:81:26:29:78:58:b8:d2:5c:35:40:57:0e:
8b:5f:ab:62:b9:bf:cd:07:a7:b4:e6:5b:0a:91:eb:5e:d2:10:
25:22:9e:d1:9a:04:1b:61:7f:88:41:8d:b9:64:30:16:97:49:
e4:8c:51:2e:5e:a1:41:f8:12:43:d2:52:c7:d0:18:86:73:c3:
94:f0:bb:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxBAGfdDKlu7DjhuVPaCMXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjIzMTM2NTk4NTgyOGQ1YTk2NjNlZDFiNDQwNjI0YjI0
ZmVjMTMwHhcNMjMxMjA2MjExOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWQ3YzdjZGI0NmNmZDJmZjdmMGQ1Yjc4OGQyMGNlNDcxNzNiNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8BY99hzqFG6NRf/0/0iboWnywZO
51KdNHhc8Dt2/SIu4TmM6oPzg3yMJB4tZe7P3foR5ZEbrfpfXTjLmakpinvSqfsI
m8UPYe+vzwXuZtnhObtVA0lUvubn4rzgjTS6MKH1PoopnqMhXjZwI4bsTYp74BMb
T4MkQxgGAB699IUZYjvsMmtkLMG45m5F0aX/stusQP2vaZ94OfzYofGzpyP95jld
ZWrU3u4fcIsgIm5KIDD+JL4EAklgdU69kS5zE2Fpe9Rj1pEqkFgn4Czc3LrpOD8o
MG4GRzhokBD9nVRIaG+DdJqJIWIyu33OzhktTqEGu1yXWdvb6oKzQSVGVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK7Xx820bP0v9/DVt4jSDORxc7V7MB8GA1UdIwQY
MBaAFAfyMTZZhYKNWpZj7RtEBiSyT+wTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzct
MDg1ZmEwYTU2MDUyLzEvcnRmSHpiUnNfU18zOE5XM2lOSU01SEZ6dFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzctMDg1ZmEwYTU2MDUy
LzEvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8csAwQA
W8cvMA0GCSqGSIb3DQEBCwUAA4IBAQBnZ7FLeNqo9h2R0CV2L5xKGRdCwQ2yKfYT
9H3P6YOpk2FUwpBXwbLr7/prT14A+iZ3JhvJ0KLe5vdfWcG2scIlUyYHpCe+nkpy
bpY/HyQxhfgUVBCQoUnEplZ03irRaAN56XRTSRfRVoy4QLOL1SgZf+SUMuQ/EFyt
78EDBNdZavZxECM5RaqfMNmoR8KiICxV8kotfF/QjEhbb3fXIIhwYTwIyWpqC9oj
8tx+DpZoRSl34PPY0fAUMGWBJil4WLjSXDVAVw6LX6tiub/NB6e05lsKkete0hAl
Ip7RmgQbYX+IQY25ZDAWl0nkjFEuXqFB+BJD0lLH0BiGc8OU8LuA
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:40 2024 by rpki-client on console-fra.rpki-client.org