Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/z1IikqZnU5l1eN-JeCv316Sr2Ow.roa
File: z1IikqZnU5l1eN-JeCv316Sr2Ow.roa (raw, json)
Hash identifier: lgKSn4qX5iUz3HSE52i7O2HPXWGEjalqfLwhKBgRx6w=
Subject key identifier: CF:52:22:92:A6:67:53:99:75:78:DF:89:78:2B:F7:D7:A4:AB:D8:EC
Certificate issuer: /CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Certificate serial: 018ACD3240A0CD5C26F6B4243B16D7953352
Authority key identifier: 1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/z1IikqZnU5l1eN-JeCv316Sr2Ow.roa
Signing time: Mon 25 Sep 2023 16:35:37 +0000
ROA not before: Mon 25 Sep 2023 16:35:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43581
IP address blocks: 91.211.115.0/24 maxlen: 24
193.17.92.0/24 maxlen: 24
2a13:a500::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 26 Sep 2023 08:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cd:32:40:a0:cd:5c:26:f6:b4:24:3b:16:d7:95:33:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Validity
Not Before: Sep 25 16:35:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf522292a66753997578df89782bf7d7a4abd8ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:cd:56:fa:dc:a0:ea:56:4e:c7:0c:d7:a7:6b:
22:1a:07:69:60:25:06:29:0f:d1:2a:6d:85:09:8c:
c4:0e:ed:14:86:75:bc:f3:b3:8f:80:1c:7a:8f:5a:
e2:77:74:89:8d:63:db:58:c7:f2:e3:60:52:33:cc:
f2:c0:9d:4a:b7:4c:33:b1:93:32:1d:4f:9f:de:b1:
3d:5e:b7:2c:d8:b5:26:fa:d9:a7:aa:cb:01:f0:05:
f9:7b:c8:63:de:94:a7:d9:b8:8a:15:28:e2:9e:ff:
e7:65:5b:91:f5:2a:b2:f6:fa:8a:b8:78:58:af:df:
85:19:71:dd:14:a1:b1:ed:21:20:26:75:c5:f5:25:
87:96:f0:95:fb:56:08:20:fc:06:4f:af:38:8c:bc:
fd:cb:92:72:0c:d6:a3:cf:dd:6a:dd:d9:78:60:44:
df:a8:6f:6d:0e:18:f0:00:6a:6e:b9:79:23:30:18:
95:21:4d:c1:4d:5a:0e:c3:a9:ca:9f:9d:61:6f:64:
c0:30:12:fd:75:46:31:c2:e8:25:ff:79:cd:ef:a6:
47:d2:c1:b0:12:06:5e:b3:74:ac:75:ac:5e:8d:eb:
a8:eb:66:d7:98:ef:d2:9f:5e:40:7f:52:e3:d2:1a:
8a:db:f5:59:3a:67:9b:54:0f:df:d2:78:e3:02:ce:
57:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:52:22:92:A6:67:53:99:75:78:DF:89:78:2B:F7:D7:A4:AB:D8:EC
X509v3 Authority Key Identifier:
keyid:1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/z1IikqZnU5l1eN-JeCv316Sr2Ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.115.0/24
193.17.92.0/24
IPv6:
2a13:a500::/32
Signature Algorithm: sha256WithRSAEncryption
66:9b:c1:90:54:0b:16:fc:6e:5b:e9:0c:b5:69:dc:92:89:54:
85:b3:79:ea:bc:92:01:5c:98:04:c4:6c:ad:86:95:a5:04:3c:
49:a9:ec:66:04:6c:e6:ce:0a:49:0f:06:2b:49:84:fc:43:11:
ce:ca:17:e0:d6:00:64:8d:b0:25:06:6b:fc:12:80:a1:18:c7:
34:78:e0:2a:1e:0e:43:b2:35:63:2f:c5:2a:a1:51:d1:6a:31:
8e:e6:f5:1e:1b:20:b4:8a:76:d2:c6:5c:ec:2b:ef:5f:16:c5:
c2:9d:2e:3b:cd:9b:7b:67:10:88:12:f0:58:de:9a:2f:b1:23:
82:8c:d7:2d:0e:39:18:d3:34:0d:69:9d:71:be:ed:b8:a3:e0:
28:a8:4e:2b:a5:0b:71:ab:97:4e:bd:8d:65:44:33:49:ef:b9:
36:48:46:8d:2b:93:8b:09:b3:69:4f:01:c4:cd:f4:55:13:f1:
b6:90:ab:8f:37:f8:cd:60:bb:a2:08:d7:d9:68:dc:49:0a:93:
e2:1b:4a:2e:0f:ef:37:f9:a7:f6:6a:66:1c:6d:6c:16:fb:72:
b8:2e:fe:ad:58:a1:19:46:e9:61:07:c2:94:de:82:2e:b0:27:
ce:fc:04:46:95:64:6e:47:2c:8a:c4:38:6b:51:6c:36:cd:b2:
f4:66:ba:55
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYrNMkCgzVwm9rQkOxbXlTNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjI2ODE3NWM1YTA5YTdhZmQwZDg3ODUxODI0ZTFkYjcz
ZjdlN2IwHhcNMjMwOTI1MTYzNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjUyMjI5MmE2Njc1Mzk5NzU3OGRmODk3ODJiZjdkN2E0YWJkOGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAos1W+tyg6lZOxwzXp2siGgdpYCUG
KQ/RKm2FCYzEDu0UhnW887OPgBx6j1rid3SJjWPbWMfy42BSM8zywJ1Kt0wzsZMy
HU+f3rE9Xrcs2LUm+tmnqssB8AX5e8hj3pSn2biKFSjinv/nZVuR9Sqy9vqKuHhY
r9+FGXHdFKGx7SEgJnXF9SWHlvCV+1YIIPwGT684jLz9y5JyDNajz91q3dl4YETf
qG9tDhjwAGpuuXkjMBiVIU3BTVoOw6nKn51hb2TAMBL9dUYxwugl/3nN76ZH0sGw
EgZes3Ssdaxejeuo62bXmO/Sn15Af1Lj0hqK2/VZOmebVA/f0njjAs5XBQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM9SIpKmZ1OZdXjfiXgr99ekq9jsMB8GA1UdIwQY
MBaAFBvyaBdcWgmnr9DYeFGCTh23P357MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYt
NTM0YjhjZDY1MmU5LzEvejFJaWtxWm5VNWwxZU4tSmVDdjMxNlNyMk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYtNTM0YjhjZDY1MmU5
LzEvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9NzAwQA
wRFcMA0EAgACMAcDBQAqE6UAMA0GCSqGSIb3DQEBCwUAA4IBAQBmm8GQVAsW/G5b
6Qy1adySiVSFs3nqvJIBXJgExGythpWlBDxJqexmBGzmzgpJDwYrSYT8QxHOyhfg
1gBkjbAlBmv8EoChGMc0eOAqHg5DsjVjL8UqoVHRajGO5vUeGyC0inbSxlzsK+9f
FsXCnS47zZt7ZxCIEvBY3povsSOCjNctDjkY0zQNaZ1xvu24o+AoqE4rpQtxq5dO
vY1lRDNJ77k2SEaNK5OLCbNpTwHEzfRVE/G2kKuPN/jNYLuiCNfZaNxJCpPiG0ou
D+83+af2amYcbWwW+3K4Lv6tWKEZRulhB8KU3oIusCfO/ARGlWRuRyyKxDhrUWw2
zbL0ZrpV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:28 2024 by rpki-client on console-ams.rpki-client.org