Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/e5edb3-0ea8-4422-b175-f75345848e3f/1/G36Z_Bo5PV-rWRsmSd8IybgukcU.roa
File: G36Z_Bo5PV-rWRsmSd8IybgukcU.roa (raw, json)
Hash identifier: 3/VWGpVxtOMSCqq02jNn0qFqm0Eagowxr9kruTCC95E=
Subject key identifier: 1B:7E:99:FC:1A:39:3D:5F:AB:59:1B:26:49:DF:08:C9:B8:2E:91:C5
Certificate issuer: /CN=a8aa7a7576b1b229590c090fd356c382dff315b7
Certificate serial: 018572DEF037ABC87D8211FE61D39F4285FF
Authority key identifier: A8:AA:7A:75:76:B1:B2:29:59:0C:09:0F:D3:56:C3:82:DF:F3:15:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qKp6dXaxsilZDAkP01bDgt_zFbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/e5edb3-0ea8-4422-b175-f75345848e3f/1/G36Z_Bo5PV-rWRsmSd8IybgukcU.roa
Signing time: Mon 02 Jan 2023 14:24:51 +0000
ROA not before: Mon 02 Jan 2023 14:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208072
IP address blocks: 91.221.240.0/24 maxlen: 24
91.221.240.0/23 maxlen: 23
91.221.241.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:de:f0:37:ab:c8:7d:82:11:fe:61:d3:9f:42:85:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8aa7a7576b1b229590c090fd356c382dff315b7
Validity
Not Before: Jan 2 14:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b7e99fc1a393d5fab591b2649df08c9b82e91c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:94:e2:62:e6:7b:db:0e:72:3b:87:24:bd:c1:
14:3b:6e:97:ca:91:9d:85:90:81:42:2a:da:08:d4:
11:39:9a:05:61:3d:38:dc:cc:97:7f:d8:83:84:aa:
90:50:1b:4e:9d:f3:61:44:a1:a1:0b:a9:9f:8d:9a:
67:b6:d8:36:f4:cb:66:0c:7f:e6:f3:85:81:ce:8f:
a1:c9:ba:ff:53:45:1f:36:c2:f2:7f:6a:c9:cb:4c:
d1:a8:15:e6:0e:79:80:fe:5c:c8:38:d4:34:dc:9e:
ec:76:9c:ba:67:cf:59:6f:7f:9c:87:10:cc:2c:19:
a9:95:67:01:dd:50:8f:30:3c:fe:3c:5a:f7:e0:f8:
0c:46:05:1c:5e:98:7e:4f:fd:8d:ec:82:17:47:d9:
47:e0:91:87:ef:f6:8b:10:e6:7e:00:b8:91:30:d9:
db:d7:60:eb:02:da:dd:07:2b:2a:04:44:02:56:60:
d5:03:10:62:f1:c6:bb:77:58:d6:37:c9:ce:fb:1c:
19:3c:a6:13:2c:b9:c4:65:40:43:16:97:1d:00:a0:
22:e0:ad:21:5e:97:42:97:c7:6d:53:29:9e:98:cd:
0f:8c:f0:4b:46:3c:f5:84:58:f3:fd:03:69:19:a5:
59:48:59:6a:08:9a:0a:fa:56:21:94:20:82:c5:8b:
a1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:7E:99:FC:1A:39:3D:5F:AB:59:1B:26:49:DF:08:C9:B8:2E:91:C5
X509v3 Authority Key Identifier:
keyid:A8:AA:7A:75:76:B1:B2:29:59:0C:09:0F:D3:56:C3:82:DF:F3:15:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qKp6dXaxsilZDAkP01bDgt_zFbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/e5edb3-0ea8-4422-b175-f75345848e3f/1/G36Z_Bo5PV-rWRsmSd8IybgukcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/e5edb3-0ea8-4422-b175-f75345848e3f/1/qKp6dXaxsilZDAkP01bDgt_zFbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.240.0/23
Signature Algorithm: sha256WithRSAEncryption
95:37:21:5f:1e:bb:45:73:1d:1d:41:e5:3b:80:4f:45:dc:73:
de:81:22:a4:31:88:d2:59:f4:17:b9:71:af:8b:01:1e:48:a5:
32:6d:7e:8e:13:46:a4:8c:5b:f3:8f:69:55:78:00:25:c4:74:
7d:a4:b8:b8:3a:6e:47:e0:d8:df:47:61:8e:a0:5b:74:47:2f:
91:46:21:3a:e4:da:11:49:7a:18:4b:d0:73:d0:79:18:38:97:
5e:56:c5:4b:6a:e1:3f:f8:94:f6:01:68:98:1f:7f:50:ee:10:
1f:bc:71:06:8f:67:7b:bf:31:42:fe:9d:b7:8e:d1:4a:88:31:
f9:68:b8:91:fe:2f:ce:e3:9f:bd:03:f3:42:c4:3a:cc:2e:55:
0e:9f:95:74:74:3c:5d:80:98:99:60:f8:2f:48:0e:64:d4:e8:
23:e7:48:d7:54:d3:d8:a5:92:04:85:0a:16:84:e6:65:cc:a1:
be:e7:e3:60:fd:f9:16:84:59:dd:8f:0c:24:b3:f1:fc:a4:ed:
d2:9d:b9:d8:1b:fc:66:db:84:24:8c:d6:0f:43:31:40:6c:57:
c1:bd:26:8c:06:7c:6c:f8:a8:de:6e:33:17:3c:67:a0:af:ae:
12:07:16:02:55:c3:70:fb:4d:c3:a3:99:7d:a8:d3:da:11:61:
12:6f:b0:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy3vA3q8h9ghH+YdOfQoX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YWE3YTc1NzZiMWIyMjk1OTBjMDkwZmQzNTZjMzgyZGZm
MzE1YjcwHhcNMjMwMTAyMTQyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjdlOTlmYzFhMzkzZDVmYWI1OTFiMjY0OWRmMDhjOWI4MmU5MWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5TiYuZ72w5yO4ckvcEUO26XypGd
hZCBQiraCNQROZoFYT043MyXf9iDhKqQUBtOnfNhRKGhC6mfjZpnttg29MtmDH/m
84WBzo+hybr/U0UfNsLyf2rJy0zRqBXmDnmA/lzIONQ03J7sdpy6Z89Zb3+chxDM
LBmplWcB3VCPMDz+PFr34PgMRgUcXph+T/2N7IIXR9lH4JGH7/aLEOZ+ALiRMNnb
12DrAtrdBysqBEQCVmDVAxBi8ca7d1jWN8nO+xwZPKYTLLnEZUBDFpcdAKAi4K0h
XpdCl8dtUymemM0PjPBLRjz1hFjz/QNpGaVZSFlqCJoK+lYhlCCCxYuheQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBt+mfwaOT1fq1kbJknfCMm4LpHFMB8GA1UdIwQY
MBaAFKiqenV2sbIpWQwJD9NWw4Lf8xW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUtwNmRYYXhzaWxaREFrUDAxYkRndF96RmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9lNWVkYjMtMGVhOC00NDIyLWIxNzUt
Zjc1MzQ1ODQ4ZTNmLzEvRzM2Wl9CbzVQVi1yV1JzbVNkOEl5Ymd1a2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9lNWVkYjMtMGVhOC00NDIyLWIxNzUtZjc1MzQ1ODQ4ZTNm
LzEvcUtwNmRYYXhzaWxaREFrUDAxYkRndF96RmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW93wMA0G
CSqGSIb3DQEBCwUAA4IBAQCVNyFfHrtFcx0dQeU7gE9F3HPegSKkMYjSWfQXuXGv
iwEeSKUybX6OE0akjFvzj2lVeAAlxHR9pLi4Om5H4NjfR2GOoFt0Ry+RRiE65NoR
SXoYS9Bz0HkYOJdeVsVLauE/+JT2AWiYH39Q7hAfvHEGj2d7vzFC/p23jtFKiDH5
aLiR/i/O45+9A/NCxDrMLlUOn5V0dDxdgJiZYPgvSA5k1Ogj50jXVNPYpZIEhQoW
hOZlzKG+5+Ng/fkWhFndjwwks/H8pO3SnbnYG/xm24QkjNYPQzFAbFfBvSaMBnxs
+KjebjMXPGegr64SBxYCVcNw+03Do5l9qNPaEWESb7BG
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:59 2024 by rpki-client on console-ams.rpki-client.org