Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/sg4NsUL46W4BSgIbnC8Nx5VyI6I.roa
File: sg4NsUL46W4BSgIbnC8Nx5VyI6I.roa (raw, json)
Hash identifier: /x+P0Ewg7cnAEBmUHr9hn/oVXBsrbr+ASTkvvyDn15E=
Subject key identifier: B2:0E:0D:B1:42:F8:E9:6E:01:4A:02:1B:9C:2F:0D:C7:95:72:23:A2
Certificate issuer: /CN=07f231365985828d5a9663ed1b440624b24fec13
Certificate serial: 018A2268ADFA01F0CB0765DF77B05111F690
Authority key identifier: 07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/sg4NsUL46W4BSgIbnC8Nx5VyI6I.roa
Signing time: Wed 23 Aug 2023 12:40:00 +0000
ROA not before: Wed 23 Aug 2023 12:40:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.199.44.0/24 maxlen: 24
91.199.47.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:22:68:ad:fa:01:f0:cb:07:65:df:77:b0:51:11:f6:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07f231365985828d5a9663ed1b440624b24fec13
Validity
Not Before: Aug 23 12:40:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b20e0db142f8e96e014a021b9c2f0dc7957223a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5c:1e:aa:5b:01:8a:57:2b:1c:a3:9e:43:88:
80:38:1e:22:e1:04:44:c2:5b:f5:c3:02:6d:56:27:
9a:0c:a1:d6:78:be:28:38:24:5f:89:42:f5:bb:fc:
12:88:da:91:76:21:05:4e:19:8e:31:e5:30:12:dc:
6f:e7:fd:ff:87:d5:4e:e0:e0:f6:92:56:4c:98:2d:
a7:31:de:24:e5:fb:b7:40:0a:e7:7b:e4:1b:c9:0c:
5d:4f:8f:61:1c:3d:55:85:6e:d9:95:2a:ee:2b:e1:
9c:0e:3a:cc:bb:fd:c8:84:b2:72:f4:0c:fe:3b:17:
3c:1f:75:04:e5:fb:da:42:cc:55:8c:cd:ea:81:47:
66:85:9f:50:95:33:2b:d9:1f:c1:9b:22:47:5a:2d:
fb:a2:f3:89:1d:79:be:fb:0e:04:f2:6c:e4:cb:46:
b1:6e:db:1d:df:91:ef:dc:54:65:00:d9:62:90:c7:
21:a2:70:ac:8c:e8:a7:de:e2:7c:fe:a2:83:b5:43:
d9:e6:0b:fa:34:8f:6e:7e:98:95:de:79:14:00:9e:
29:21:9c:b5:8a:b5:8e:ea:41:c3:dd:f4:ac:7d:3d:
f0:46:95:92:d5:5e:fa:0f:1a:13:81:c2:b3:92:33:
a1:4e:10:5a:5f:07:2b:e7:7d:43:80:5d:ab:ee:b8:
51:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0E:0D:B1:42:F8:E9:6E:01:4A:02:1B:9C:2F:0D:C7:95:72:23:A2
X509v3 Authority Key Identifier:
keyid:07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/sg4NsUL46W4BSgIbnC8Nx5VyI6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/B_IxNlmFgo1almPtG0QGJLJP7BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.44.0/24
91.199.47.0/24
Signature Algorithm: sha256WithRSAEncryption
28:3b:6a:7e:ef:1c:d6:a9:f1:bf:79:41:1e:81:a8:1f:41:35:
58:94:68:ed:d3:99:9a:43:6e:3a:06:23:08:20:8b:13:6a:82:
d4:97:e6:e3:97:e6:6d:56:b5:58:b1:f2:7f:63:c2:91:95:0f:
45:3d:f1:79:33:36:97:93:70:ae:3d:0f:2b:33:91:e4:82:07:
03:33:70:f9:f1:d9:74:c8:43:aa:89:08:87:05:df:86:0a:ba:
f2:b2:9b:15:8d:12:a5:52:e1:49:4e:05:72:06:8e:f8:04:42:
34:8f:3a:fd:44:70:09:10:42:b2:e9:9b:8e:dd:79:95:8b:de:
28:1d:ab:fb:53:6b:09:ce:58:f2:32:c3:74:8b:a9:7f:ef:77:
12:2e:1e:69:db:4f:79:27:5f:ee:2c:be:d1:4f:75:70:ac:e4:
36:8d:de:c1:45:1a:ce:da:fd:e4:af:04:0b:d1:d5:f4:df:5f:
d6:bb:d0:93:d3:df:5e:e5:0b:22:eb:76:c5:88:98:4e:6e:e8:
1f:4f:0d:ed:ed:9a:c7:41:5b:01:21:40:ca:c8:29:e1:bf:41:
f8:78:98:7b:fa:a7:a9:45:34:fc:9d:2c:c4:dc:8b:7b:bc:61:
74:1a:be:65:4b:c5:52:a8:9e:29:c6:03:27:2c:88:fd:b8:e6:
bb:c1:bd:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoiaK36AfDLB2Xfd7BREfaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjIzMTM2NTk4NTgyOGQ1YTk2NjNlZDFiNDQwNjI0YjI0
ZmVjMTMwHhcNMjMwODIzMTI0MDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjBlMGRiMTQyZjhlOTZlMDE0YTAyMWI5YzJmMGRjNzk1NzIyM2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVweqlsBilcrHKOeQ4iAOB4i4QRE
wlv1wwJtVieaDKHWeL4oOCRfiUL1u/wSiNqRdiEFThmOMeUwEtxv5/3/h9VO4OD2
klZMmC2nMd4k5fu3QArne+QbyQxdT49hHD1VhW7ZlSruK+GcDjrMu/3IhLJy9Az+
Oxc8H3UE5fvaQsxVjM3qgUdmhZ9QlTMr2R/BmyJHWi37ovOJHXm++w4E8mzky0ax
btsd35Hv3FRlANlikMchonCsjOin3uJ8/qKDtUPZ5gv6NI9ufpiV3nkUAJ4pIZy1
irWO6kHD3fSsfT3wRpWS1V76DxoTgcKzkjOhThBaXwcr531DgF2r7rhR+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLIODbFC+OluAUoCG5wvDceVciOiMB8GA1UdIwQY
MBaAFAfyMTZZhYKNWpZj7RtEBiSyT+wTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzct
MDg1ZmEwYTU2MDUyLzEvc2c0TnNVTDQ2VzRCU2dJYm5DOE54NVZ5STZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzctMDg1ZmEwYTU2MDUy
LzEvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8csAwQA
W8cvMA0GCSqGSIb3DQEBCwUAA4IBAQAoO2p+7xzWqfG/eUEegagfQTVYlGjt05ma
Q246BiMIIIsTaoLUl+bjl+ZtVrVYsfJ/Y8KRlQ9FPfF5MzaXk3CuPQ8rM5HkggcD
M3D58dl0yEOqiQiHBd+GCrryspsVjRKlUuFJTgVyBo74BEI0jzr9RHAJEEKy6ZuO
3XmVi94oHav7U2sJzljyMsN0i6l/73cSLh5p2095J1/uLL7RT3VwrOQ2jd7BRRrO
2v3krwQL0dX031/Wu9CT099e5Qsi63bFiJhObugfTw3t7ZrHQVsBIUDKyCnhv0H4
eJh7+qepRTT8nSzE3It7vGF0Gr5lS8VSqJ4pxgMnLIj9uOa7wb2n
-----END CERTIFICATE-----
Generated at Wed Nov 22 12:23:05 2023 by rpki-client on console-ams.rpki-client.org