Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/9ad508-bfc1-4b8a-bafc-cd024788ed3c/1/v0ymQ1xKw30lNy2wahEpfc0MA90.roa
File: v0ymQ1xKw30lNy2wahEpfc0MA90.roa (raw, json)
Hash identifier: Z+DoaYqlivWkmGk4fqnkqsXpeJyx5IkSs/Qk7jp9DyE=
Subject key identifier: BF:4C:A6:43:5C:4A:C3:7D:25:37:2D:B0:6A:11:29:7D:CD:0C:03:DD
Certificate issuer: /CN=de0b59fb68151e21dc99d62faf03589be41fbea2
Certificate serial: 0185726A8B45BD95889AF22455E03F5BFC0F
Authority key identifier: DE:0B:59:FB:68:15:1E:21:DC:99:D6:2F:AF:03:58:9B:E4:1F:BE:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/9ad508-bfc1-4b8a-bafc-cd024788ed3c/1/v0ymQ1xKw30lNy2wahEpfc0MA90.roa
Signing time: Mon 02 Jan 2023 12:17:43 +0000
ROA not before: Mon 02 Jan 2023 12:17:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 91.212.245.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:6a:8b:45:bd:95:88:9a:f2:24:55:e0:3f:5b:fc:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de0b59fb68151e21dc99d62faf03589be41fbea2
Validity
Not Before: Jan 2 12:17:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf4ca6435c4ac37d25372db06a11297dcd0c03dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ce:67:8a:64:9f:69:dc:ca:ba:86:11:f7:89:
9c:5d:e6:cf:ea:b7:15:c7:27:42:81:5d:11:9c:55:
b3:ed:c2:90:85:e9:1e:55:14:ff:e3:c4:6c:8c:30:
d2:83:bd:ab:d7:f9:e7:d8:01:31:98:1f:a8:74:ae:
63:d2:fd:5e:2d:e9:d7:45:8c:fc:33:9e:16:97:3f:
ca:d3:47:33:7b:6d:11:af:db:19:fd:65:71:fc:d1:
77:dd:d4:1a:84:3d:7f:20:9b:f9:90:4b:f0:96:9f:
43:c3:f8:31:d6:de:7e:b1:a9:f1:32:c7:cf:e2:9e:
b1:5f:bb:46:4d:50:e4:9f:c1:5c:98:60:b5:65:55:
b1:03:c5:65:c4:79:55:64:98:c2:d1:16:88:bb:9d:
e5:76:d2:1c:95:b0:8e:75:fd:83:59:6f:03:f3:58:
e0:78:e8:60:96:09:b2:32:d1:75:a4:36:40:12:20:
72:ff:6e:03:c9:ee:9c:a3:00:f9:5c:d8:4a:29:68:
e4:c6:06:ab:4f:4b:db:6a:f4:8c:0a:11:bc:da:8d:
70:b3:94:16:99:43:59:b7:89:5e:0c:de:99:2a:4b:
3a:20:2a:38:28:52:1f:dd:9e:ab:bd:23:1b:ba:0f:
f0:2a:5c:4c:dc:5a:f4:73:f7:db:39:77:c4:d1:dc:
ad:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:4C:A6:43:5C:4A:C3:7D:25:37:2D:B0:6A:11:29:7D:CD:0C:03:DD
X509v3 Authority Key Identifier:
keyid:DE:0B:59:FB:68:15:1E:21:DC:99:D6:2F:AF:03:58:9B:E4:1F:BE:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9ad508-bfc1-4b8a-bafc-cd024788ed3c/1/v0ymQ1xKw30lNy2wahEpfc0MA90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9ad508-bfc1-4b8a-bafc-cd024788ed3c/1/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.245.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:e3:55:7c:0c:cf:2f:d1:58:88:02:8f:df:9e:c9:d6:e7:a3:
6e:3d:ea:1d:e4:5c:2d:43:77:19:04:b4:9c:7d:88:c3:02:ec:
36:c5:f2:61:91:38:92:68:ee:25:1d:b8:28:d5:24:06:b9:28:
a7:dd:b8:c6:cf:0a:c8:07:22:26:51:21:da:17:f9:d5:e6:25:
66:ac:33:bc:e3:59:0f:ee:13:3e:33:a1:b1:d2:1d:fe:7a:75:
84:da:f4:76:05:c5:53:c9:5d:33:a7:a4:38:42:76:69:aa:be:
ab:b9:44:7b:56:15:63:ae:8e:f8:79:1d:8e:c5:c9:6a:c8:db:
8a:42:13:bd:13:5a:9d:e1:0a:1d:9c:ce:88:13:de:95:b8:b0:
95:ed:77:76:76:94:a5:6d:54:64:71:42:33:e4:f9:b0:b5:95:
a2:0a:b3:33:1b:87:26:41:ea:63:1e:f4:cc:70:ce:2d:1b:35:
31:64:a2:28:4b:70:37:c2:6e:39:2c:02:0f:97:10:bc:f5:77:
fc:df:13:b0:63:a6:50:2f:c9:cd:13:e4:2c:be:3a:a6:74:7f:
fb:d6:b1:f0:17:2a:b5:77:d1:f4:fb:82:b7:60:48:ff:f2:37:
7c:6b:a3:86:79:7a:19:72:f0:e3:f4:47:90:69:50:14:aa:3e:
e8:66:f0:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyaotFvZWImvIkVeA/W/wPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMGI1OWZiNjgxNTFlMjFkYzk5ZDYyZmFmMDM1ODliZTQx
ZmJlYTIwHhcNMjMwMTAyMTIxNzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjRjYTY0MzVjNGFjMzdkMjUzNzJkYjA2YTExMjk3ZGNkMGMwM2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp85nimSfadzKuoYR94mcXebP6rcV
xydCgV0RnFWz7cKQhekeVRT/48RsjDDSg72r1/nn2AExmB+odK5j0v1eLenXRYz8
M54Wlz/K00cze20Rr9sZ/WVx/NF33dQahD1/IJv5kEvwlp9Dw/gx1t5+sanxMsfP
4p6xX7tGTVDkn8FcmGC1ZVWxA8VlxHlVZJjC0RaIu53ldtIclbCOdf2DWW8D81jg
eOhglgmyMtF1pDZAEiBy/24Dye6cowD5XNhKKWjkxgarT0vbavSMChG82o1ws5QW
mUNZt4leDN6ZKks6ICo4KFIf3Z6rvSMbug/wKlxM3Fr0c/fbOXfE0dytBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL9MpkNcSsN9JTctsGoRKX3NDAPdMB8GA1UdIwQY
MBaAFN4LWftoFR4h3JnWL68DWJvkH76iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2d0Wi0yZ1ZIaUhjbWRZdnJ3TlltLVFmdnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi85YWQ1MDgtYmZjMS00YjhhLWJhZmMt
Y2QwMjQ3ODhlZDNjLzEvdjB5bVExeEt3MzBsTnkyd2FoRXBmYzBNQTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi85YWQ1MDgtYmZjMS00YjhhLWJhZmMtY2QwMjQ3ODhlZDNj
LzEvM2d0Wi0yZ1ZIaUhjbWRZdnJ3TlltLVFmdnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9T1MA0G
CSqGSIb3DQEBCwUAA4IBAQB+41V8DM8v0ViIAo/fnsnW56NuPeod5FwtQ3cZBLSc
fYjDAuw2xfJhkTiSaO4lHbgo1SQGuSin3bjGzwrIByImUSHaF/nV5iVmrDO841kP
7hM+M6Gx0h3+enWE2vR2BcVTyV0zp6Q4QnZpqr6ruUR7VhVjro74eR2OxclqyNuK
QhO9E1qd4QodnM6IE96VuLCV7Xd2dpSlbVRkcUIz5PmwtZWiCrMzG4cmQepjHvTM
cM4tGzUxZKIoS3A3wm45LAIPlxC89Xf83xOwY6ZQL8nNE+QsvjqmdH/71rHwFyq1
d9H0+4K3YEj/8jd8a6OGeXoZcvDj9EeQaVAUqj7oZvBd
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:31 2024 by rpki-client on console-fra.rpki-client.org