Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/gANJhNjsS6hBJ4Lm7JB8PJxJAtA.roa
File: gANJhNjsS6hBJ4Lm7JB8PJxJAtA.roa (raw, json)
Hash identifier: tCrXnpSQgmIzJ7qhQtoKuUXV2DvFsiarUw0hn7OWjrI=
Subject key identifier: 80:03:49:84:D8:EC:4B:A8:41:27:82:E6:EC:90:7C:3C:9C:49:02:D0
Certificate issuer: /CN=9a7edeac0c6c20ea49d492990e4858541d190ff1
Certificate serial: 018CC6B902FE775E324478D24BB41A7F3DA2
Authority key identifier: 9A:7E:DE:AC:0C:6C:20:EA:49:D4:92:99:0E:48:58:54:1D:19:0F:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mn7erAxsIOpJ1JKZDkhYVB0ZD_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/gANJhNjsS6hBJ4Lm7JB8PJxJAtA.roa
Signing time: Mon 01 Jan 2024 20:31:02 +0000
ROA not before: Mon 01 Jan 2024 20:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56623
IP address blocks: 91.231.55.0/24 maxlen: 24
91.231.54.0/24 maxlen: 24
193.111.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Jun 2024 08:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:02:fe:77:5e:32:44:78:d2:4b:b4:1a:7f:3d:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a7edeac0c6c20ea49d492990e4858541d190ff1
Validity
Not Before: Jan 1 20:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80034984d8ec4ba8412782e6ec907c3c9c4902d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:38:e9:9b:ff:a0:4d:1e:fd:66:bb:e1:00:87:
43:55:d0:22:d7:a6:26:14:a7:52:88:ba:97:d2:9d:
fc:c3:ed:22:02:2e:36:a7:cf:f1:f9:2e:db:ff:84:
b3:05:69:3e:f4:ef:15:44:33:e0:57:5e:8c:63:be:
7d:14:ce:cd:e3:bb:d6:bb:0c:36:cc:74:ef:ee:26:
1c:ec:14:0f:b6:3a:75:44:4f:c3:80:38:4e:a2:4e:
9a:c4:0a:de:5a:72:09:11:68:65:ed:59:f8:f0:7c:
42:33:80:4f:b7:ee:45:c8:30:56:f6:88:63:17:a0:
7e:fe:6f:47:94:3f:c4:ef:b1:c9:a6:8a:21:c7:9c:
68:91:c8:11:8e:ec:9f:fd:7a:61:b5:3f:fa:c5:2f:
bd:4f:32:df:f0:ed:a3:dc:3c:ba:dd:94:d7:df:11:
c0:fb:b0:b0:52:58:f2:99:04:72:a3:76:b2:d5:cc:
ac:3e:f9:2f:b2:75:50:6b:db:cc:fd:9a:97:5e:1d:
14:56:e5:58:9c:dd:15:57:e2:38:e0:57:71:e1:19:
c3:d4:45:95:99:88:c8:de:31:d9:a1:19:bb:71:d2:
67:51:bf:fb:00:33:3d:93:56:01:da:cd:5c:6a:d7:
c4:55:a5:dc:e8:23:03:09:20:d9:a5:b5:c3:b5:f9:
88:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:03:49:84:D8:EC:4B:A8:41:27:82:E6:EC:90:7C:3C:9C:49:02:D0
X509v3 Authority Key Identifier:
keyid:9A:7E:DE:AC:0C:6C:20:EA:49:D4:92:99:0E:48:58:54:1D:19:0F:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mn7erAxsIOpJ1JKZDkhYVB0ZD_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/gANJhNjsS6hBJ4Lm7JB8PJxJAtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/mn7erAxsIOpJ1JKZDkhYVB0ZD_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.54.0/23
193.111.83.0/24
Signature Algorithm: sha256WithRSAEncryption
22:52:39:4d:4d:6b:18:94:72:3f:be:95:24:99:a8:99:92:5d:
e0:9a:cf:bd:d6:fc:ae:63:8f:3e:1b:b5:78:3d:d0:19:cc:50:
05:f5:33:ac:7e:88:39:b5:c7:8f:68:6d:74:98:78:3c:9c:8f:
3c:61:a7:77:6c:5e:d5:a7:0c:f8:aa:a9:e5:20:f9:81:91:6c:
d5:9b:ca:e5:c6:92:3e:91:ee:a9:cc:41:85:44:27:bc:63:4b:
30:81:e4:97:23:5b:7e:b7:46:d2:eb:79:e7:fc:ba:7d:7d:0f:
bf:d1:d9:3d:21:07:71:94:aa:6f:d2:84:e6:8b:56:1f:c6:8f:
1c:14:7c:4d:fa:8c:c6:ae:3f:44:cc:63:60:07:8d:81:da:9f:
06:19:e5:d1:cd:e1:6a:6a:6d:ec:0f:ee:c4:12:d2:c4:c2:40:
1f:2e:b6:fa:35:29:4d:de:a8:1b:50:e7:e2:e0:66:e8:db:72:
95:b9:5a:46:0f:c0:1e:20:88:c5:c0:3a:f3:d7:b8:b2:50:01:
4c:97:d4:53:93:6f:09:aa:51:8f:36:b1:0b:63:79:14:37:58:
88:ec:de:e6:bf:7e:aa:6e:9c:47:70:65:9c:02:70:d7:6f:42:
8a:e8:ab:97:10:7d:9d:a1:df:54:a8:58:ca:23:0a:60:07:45:
a5:c2:d5:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuQL+d14yRHjSS7Qafz2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhN2VkZWFjMGM2YzIwZWE0OWQ0OTI5OTBlNDg1ODU0MWQx
OTBmZjEwHhcNMjQwMTAxMjAzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDAzNDk4NGQ4ZWM0YmE4NDEyNzgyZTZlYzkwN2MzYzljNDkwMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTjpm/+gTR79ZrvhAIdDVdAi16Ym
FKdSiLqX0p38w+0iAi42p8/x+S7b/4SzBWk+9O8VRDPgV16MY759FM7N47vWuww2
zHTv7iYc7BQPtjp1RE/DgDhOok6axAreWnIJEWhl7Vn48HxCM4BPt+5FyDBW9ohj
F6B+/m9HlD/E77HJpoohx5xokcgRjuyf/XphtT/6xS+9TzLf8O2j3Dy63ZTX3xHA
+7CwUljymQRyo3ay1cysPvkvsnVQa9vM/ZqXXh0UVuVYnN0VV+I44Fdx4RnD1EWV
mYjI3jHZoRm7cdJnUb/7ADM9k1YB2s1catfEVaXc6CMDCSDZpbXDtfmI2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIADSYTY7EuoQSeC5uyQfDycSQLQMB8GA1UdIwQY
MBaAFJp+3qwMbCDqSdSSmQ5IWFQdGQ/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW43ZXJBeHNJT3BKMUpLWkRraFlWQjBaRF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81YThlMDQtZGQwNy00MzVhLWIxYmYt
YWRlZGNhYTNkMjZlLzEvZ0FOSmhOanNTNmhCSjRMbTdKQjhQSnhKQXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81YThlMDQtZGQwNy00MzVhLWIxYmYtYWRlZGNhYTNkMjZl
LzEvbW43ZXJBeHNJT3BKMUpLWkRraFlWQjBaRF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+c2AwQA
wW9TMA0GCSqGSIb3DQEBCwUAA4IBAQAiUjlNTWsYlHI/vpUkmaiZkl3gms+91vyu
Y48+G7V4PdAZzFAF9TOsfog5tcePaG10mHg8nI88Yad3bF7Vpwz4qqnlIPmBkWzV
m8rlxpI+ke6pzEGFRCe8Y0swgeSXI1t+t0bS63nn/Lp9fQ+/0dk9IQdxlKpv0oTm
i1Yfxo8cFHxN+ozGrj9EzGNgB42B2p8GGeXRzeFqam3sD+7EEtLEwkAfLrb6NSlN
3qgbUOfi4Gbo23KVuVpGD8AeIIjFwDrz17iyUAFMl9RTk28JqlGPNrELY3kUN1iI
7N7mv36qbpxHcGWcAnDXb0KK6KuXEH2dod9UqFjKIwpgB0WlwtXo
-----END CERTIFICATE-----
Generated at Thu Jun 20 12:35:49 2024 by rpki-client on console-fra.rpki-client.org