Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/OT5iX-lpqmnZ1gp6RXcckhBtRq8.roa
File: OT5iX-lpqmnZ1gp6RXcckhBtRq8.roa (raw, json)
Hash identifier: 9E85ManMeNOy1TOQ4kI/6jE2EqZ4LNPirRx3t0DDPUI=
Subject key identifier: 39:3E:62:5F:E9:69:AA:69:D9:D6:0A:7A:45:77:1C:92:10:6D:46:AF
Certificate issuer: /CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Certificate serial: 018ACD3241312D4197D7E34EB1F286C5A9AB
Authority key identifier: 1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/OT5iX-lpqmnZ1gp6RXcckhBtRq8.roa
Signing time: Mon 25 Sep 2023 16:35:37 +0000
ROA not before: Mon 25 Sep 2023 16:35:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 91.211.115.0/24 maxlen: 24
2a13:a502::/32 maxlen: 32
2a11:1940::/29 maxlen: 29
2a13:a501::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cd:32:41:31:2d:41:97:d7:e3:4e:b1:f2:86:c5:a9:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Validity
Not Before: Sep 25 16:35:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=393e625fe969aa69d9d60a7a45771c92106d46af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d6:af:b9:04:0e:61:6f:28:f8:37:7d:6d:cb:
ba:6a:c1:d2:be:e0:ba:64:c6:26:4f:7f:be:a7:b1:
f4:a8:4b:76:2b:83:c5:67:68:a9:6d:c5:db:7a:6b:
32:4a:0e:37:f7:94:37:04:0c:2f:c5:94:c5:8a:5d:
01:42:37:c0:b5:d1:00:a4:37:16:23:af:8b:fc:21:
b6:0c:c6:35:1c:d1:6c:b7:95:8d:2a:2e:82:6e:04:
35:2f:b4:0c:c8:42:2c:6a:59:ba:81:cd:54:c4:ba:
d1:ba:93:e5:36:98:0a:09:19:59:4c:14:e4:7f:81:
bd:ff:d9:16:1d:6c:80:fd:a4:70:3d:61:92:8d:07:
ca:5a:60:98:67:d7:16:03:13:09:00:03:c6:fa:f2:
4c:88:46:df:8c:78:a0:6a:c7:45:a2:56:f2:c3:6e:
52:2b:c7:70:a0:22:9c:1a:ce:68:cf:63:ee:7d:e0:
eb:b6:bb:45:ed:f3:a2:a8:bd:b2:7d:28:2f:51:15:
48:10:cf:48:b5:d1:4d:db:57:24:22:ba:34:73:7d:
8b:99:e2:71:b9:df:a9:bb:e4:bf:08:09:33:31:93:
6b:60:1a:8f:ea:0f:05:d0:48:c8:fa:24:00:54:cc:
b3:7e:9f:2f:17:ac:34:f8:af:d9:6b:80:5b:29:cb:
1b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:3E:62:5F:E9:69:AA:69:D9:D6:0A:7A:45:77:1C:92:10:6D:46:AF
X509v3 Authority Key Identifier:
keyid:1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/OT5iX-lpqmnZ1gp6RXcckhBtRq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.115.0/24
IPv6:
2a11:1940::/29
2a13:a501::-2a13:a502:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4a:8a:f3:80:9d:38:2d:59:a1:d6:10:4b:4e:c7:b7:d4:b7:74:
7e:fa:ce:b7:dc:ad:23:c2:10:cb:77:c6:a5:11:bf:65:3a:0d:
1a:80:1a:49:f0:58:36:a7:d2:da:9e:13:d8:1f:ed:36:de:26:
59:57:8e:71:3e:e8:31:0a:3f:0a:bd:f3:d6:92:dd:5f:39:c0:
ff:58:b6:b8:e9:c1:0e:2f:40:06:c8:f6:8d:81:b8:46:ee:78:
3b:d6:91:f3:5f:54:a2:1b:0e:c7:4b:aa:73:63:95:0f:9b:f0:
64:04:f5:25:a5:23:23:18:5f:52:8e:ad:9e:5a:25:5e:0a:c6:
54:93:2f:93:e7:24:45:ae:c2:9f:2b:d5:37:56:ea:6a:b9:ad:
dc:06:e9:13:9e:6f:c8:27:2b:cb:94:36:ab:38:c2:4c:e3:02:
f4:db:2d:0f:9a:36:7d:98:d0:a5:e6:02:53:9a:43:70:65:77:
18:4d:09:52:84:b8:3c:67:f3:3c:40:1b:fe:8c:5e:77:03:dc:
a8:54:1c:43:62:7f:d8:92:0b:de:76:e6:f3:67:a6:a6:ba:2a:
6d:b4:77:fb:11:c0:75:76:00:de:57:b6:ee:a8:e6:ff:92:94:
d8:7e:a8:c9:67:e6:24:08:37:26:ac:c6:06:3b:98:7e:d9:ab:
46:76:13:b8
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYrNMkExLUGX1+NOsfKGxamrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjI2ODE3NWM1YTA5YTdhZmQwZDg3ODUxODI0ZTFkYjcz
ZjdlN2IwHhcNMjMwOTI1MTYzNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTNlNjI1ZmU5NjlhYTY5ZDlkNjBhN2E0NTc3MWM5MjEwNmQ0NmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdavuQQOYW8o+Dd9bcu6asHSvuC6
ZMYmT3++p7H0qEt2K4PFZ2ipbcXbemsySg4395Q3BAwvxZTFil0BQjfAtdEApDcW
I6+L/CG2DMY1HNFst5WNKi6CbgQ1L7QMyEIsalm6gc1UxLrRupPlNpgKCRlZTBTk
f4G9/9kWHWyA/aRwPWGSjQfKWmCYZ9cWAxMJAAPG+vJMiEbfjHigasdFolbyw25S
K8dwoCKcGs5oz2PufeDrtrtF7fOiqL2yfSgvURVIEM9ItdFN21ckIro0c32LmeJx
ud+pu+S/CAkzMZNrYBqP6g8F0EjI+iQAVMyzfp8vF6w0+K/Za4BbKcsbPQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFDk+Yl/paapp2dYKekV3HJIQbUavMB8GA1UdIwQY
MBaAFBvyaBdcWgmnr9DYeFGCTh23P357MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYt
NTM0YjhjZDY1MmU5LzEvT1Q1aVgtbHBxbW5aMWdwNlJYY2NraEJ0UnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYtNTM0YjhjZDY1MmU5
LzEvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQAW9NzMB0E
AgACMBcDBQMqERlAMA4DBQAqE6UBAwUAKhOlAjANBgkqhkiG9w0BAQsFAAOCAQEA
SorzgJ04LVmh1hBLTse31Ld0fvrOt9ytI8IQy3fGpRG/ZToNGoAaSfBYNqfS2p4T
2B/tNt4mWVeOcT7oMQo/Cr3z1pLdXznA/1i2uOnBDi9ABsj2jYG4Ru54O9aR819U
ohsOx0uqc2OVD5vwZAT1JaUjIxhfUo6tnlolXgrGVJMvk+ckRa7CnyvVN1bqarmt
3AbpE55vyCcry5Q2qzjCTOMC9NstD5o2fZjQpeYCU5pDcGV3GE0JUoS4PGfzPEAb
/oxedwPcqFQcQ2J/2JIL3nbm82emproqbbR3+xHAdXYA3le27qjm/5KU2H6oyWfm
JAg3JqzGBjuYftmrRnYTuA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:35 2024 by rpki-client on console-ams.rpki-client.org