Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/f6b60b-5808-48a2-8203-1ca3fbbfba3f/1/b4_il3sabJT9Pvb3r10DWql2CgA.roa
File: b4_il3sabJT9Pvb3r10DWql2CgA.roa (raw, json)
Hash identifier: j48ANufTOsuyHUjzkgnOGX2+D0REZ9cABhLn1JAqPLI=
Subject key identifier: 6F:8F:E2:97:7B:1A:6C:94:FD:3E:F6:F7:AF:5D:03:5A:A9:76:0A:00
Certificate issuer: /CN=96271b62d18e4ac77c6109690eaae4cc34d0e9b6
Certificate serial: 01856F14CF1AC396AAF2677D52EAACD26BD3
Authority key identifier: 96:27:1B:62:D1:8E:4A:C7:7C:61:09:69:0E:AA:E4:CC:34:D0:E9:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/licbYtGOSsd8YQlpDqrkzDTQ6bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/f6b60b-5808-48a2-8203-1ca3fbbfba3f/1/b4_il3sabJT9Pvb3r10DWql2CgA.roa
Signing time: Sun 01 Jan 2023 20:45:12 +0000
ROA not before: Sun 01 Jan 2023 20:45:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213222
IP address blocks: 91.220.113.0/24 maxlen: 24
176.126.120.0/24 maxlen: 24
2a06:ef00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:cf:1a:c3:96:aa:f2:67:7d:52:ea:ac:d2:6b:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96271b62d18e4ac77c6109690eaae4cc34d0e9b6
Validity
Not Before: Jan 1 20:45:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f8fe2977b1a6c94fd3ef6f7af5d035aa9760a00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fe:b2:de:10:37:f8:af:cf:68:d2:e5:7a:ee:
de:7c:39:2c:f0:81:3a:b0:aa:e1:da:80:d5:f8:f5:
19:5f:d1:7b:87:d6:cc:ea:ce:a0:6c:2b:70:22:b1:
d7:71:66:64:ca:65:52:44:ed:0e:86:18:f2:3e:68:
30:04:6c:89:c5:2e:59:ff:20:e7:f7:39:d8:ed:cc:
9c:c4:fb:05:33:ed:d7:1c:96:97:08:bd:47:0d:d7:
90:ee:47:39:70:af:08:c6:fc:0d:70:2a:9f:80:26:
27:8b:52:34:fc:7b:ed:2d:e7:fa:3d:9b:d3:8e:ca:
ba:8e:6d:d8:30:6b:86:ec:90:09:6d:ee:99:62:fa:
a0:eb:32:a9:4b:c5:05:98:a2:53:b1:9a:ee:42:2f:
5c:7c:9f:e5:b2:36:04:33:be:db:a1:c9:2b:ec:46:
03:52:69:93:0a:55:6d:8b:e3:6d:1f:44:1a:47:06:
14:84:07:ea:d1:20:fc:b1:7f:df:fb:cd:a6:df:56:
67:8b:df:43:b4:53:b1:62:fd:e4:b1:0c:3b:43:31:
13:91:e1:ab:5d:db:ee:c2:b8:d9:0f:31:4a:0e:27:
c2:33:42:ba:3e:81:a9:af:17:27:bd:c8:72:1f:61:
7b:3a:02:d0:3b:06:0d:da:23:bd:3d:8e:56:5a:49:
a7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:8F:E2:97:7B:1A:6C:94:FD:3E:F6:F7:AF:5D:03:5A:A9:76:0A:00
X509v3 Authority Key Identifier:
keyid:96:27:1B:62:D1:8E:4A:C7:7C:61:09:69:0E:AA:E4:CC:34:D0:E9:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/licbYtGOSsd8YQlpDqrkzDTQ6bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f6b60b-5808-48a2-8203-1ca3fbbfba3f/1/b4_il3sabJT9Pvb3r10DWql2CgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f6b60b-5808-48a2-8203-1ca3fbbfba3f/1/licbYtGOSsd8YQlpDqrkzDTQ6bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.113.0/24
176.126.120.0/24
IPv6:
2a06:ef00::/29
Signature Algorithm: sha256WithRSAEncryption
53:c2:b7:4e:b6:da:ad:d0:8f:82:88:5b:fd:97:dc:9a:ed:15:
29:92:0a:31:18:71:cd:22:be:f1:f1:0d:8c:66:38:b0:3f:bd:
bd:a5:81:18:0f:50:63:41:88:d4:78:39:a5:e2:e5:3f:d8:38:
59:39:6e:42:1f:0b:ce:29:19:d2:fb:06:a7:61:58:7f:d4:61:
c4:a4:c4:10:05:ea:29:3f:b5:bf:14:cf:8c:51:13:fb:ab:d1:
e8:ba:3d:56:e7:70:12:6c:7a:03:8b:12:d9:65:91:4b:35:95:
52:7a:ba:f6:4a:7f:47:d6:ba:7a:82:19:2e:0b:ab:58:29:57:
40:fd:bf:02:4d:82:fb:af:5a:f6:db:5c:f3:80:fa:92:54:21:
37:09:14:09:ad:6b:bb:ec:cd:62:ca:4b:ec:29:99:2f:d5:9f:
97:00:6e:0e:fd:18:e3:d3:13:5c:d5:0d:32:78:2a:33:15:0f:
31:b2:d7:82:15:80:a2:fe:2b:65:87:ab:68:74:8b:b8:f5:eb:
a1:9a:7f:ae:e5:67:18:b2:1c:07:2e:6c:44:2f:8d:82:1f:fa:
31:00:3e:0c:34:72:2c:c0:18:d2:4c:d0:07:73:a3:aa:c6:49:
63:24:ad:5c:6b:7e:2b:f6:79:02:7a:0e:8e:5f:fb:6b:b2:4d:
98:57:20:11
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvFM8aw5aq8md9Uuqs0mvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MjcxYjYyZDE4ZTRhYzc3YzYxMDk2OTBlYWFlNGNjMzRk
MGU5YjYwHhcNMjMwMTAxMjA0NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjhmZTI5NzdiMWE2Yzk0ZmQzZWY2ZjdhZjVkMDM1YWE5NzYwYTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvv6y3hA3+K/PaNLleu7efDks8IE6
sKrh2oDV+PUZX9F7h9bM6s6gbCtwIrHXcWZkymVSRO0OhhjyPmgwBGyJxS5Z/yDn
9znY7cycxPsFM+3XHJaXCL1HDdeQ7kc5cK8IxvwNcCqfgCYni1I0/HvtLef6PZvT
jsq6jm3YMGuG7JAJbe6ZYvqg6zKpS8UFmKJTsZruQi9cfJ/lsjYEM77bockr7EYD
UmmTClVti+NtH0QaRwYUhAfq0SD8sX/f+82m31Zni99DtFOxYv3ksQw7QzETkeGr
XdvuwrjZDzFKDifCM0K6PoGprxcnvchyH2F7OgLQOwYN2iO9PY5WWkmnxwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG+P4pd7GmyU/T72969dA1qpdgoAMB8GA1UdIwQY
MBaAFJYnG2LRjkrHfGEJaQ6q5Mw00Om2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGljYll0R09Tc2Q4WVFscERxcmt6RFRRNmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mNmI2MGItNTgwOC00OGEyLTgyMDMt
MWNhM2ZiYmZiYTNmLzEvYjRfaWwzc2FiSlQ5UHZiM3IxMERXcWwyQ2dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9mNmI2MGItNTgwOC00OGEyLTgyMDMtMWNhM2ZiYmZiYTNm
LzEvbGljYll0R09Tc2Q4WVFscERxcmt6RFRRNmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9xxAwQA
sH54MA0EAgACMAcDBQMqBu8AMA0GCSqGSIb3DQEBCwUAA4IBAQBTwrdOttqt0I+C
iFv9l9ya7RUpkgoxGHHNIr7x8Q2MZjiwP729pYEYD1BjQYjUeDml4uU/2DhZOW5C
HwvOKRnS+wanYVh/1GHEpMQQBeopP7W/FM+MURP7q9Houj1W53ASbHoDixLZZZFL
NZVSerr2Sn9H1rp6ghkuC6tYKVdA/b8CTYL7r1r221zzgPqSVCE3CRQJrWu77M1i
ykvsKZkv1Z+XAG4O/Rjj0xNc1Q0yeCozFQ8xsteCFYCi/itlh6todIu49euhmn+u
5WcYshwHLmxEL42CH/oxAD4MNHIswBjSTNAHc6OqxkljJK1ca34r9nkCeg6OX/tr
sk2YVyAR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:16 2024 by rpki-client on console-fra.rpki-client.org