Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/dd1ddf-73cf-4bb2-8a6e-6e4aec86fe1e/1/lSfxnDzEQvKySC52WZ0j0Ien6BE.roa
File: lSfxnDzEQvKySC52WZ0j0Ien6BE.roa (raw, json)
Hash identifier: McdmSFRsI+6f9IMrX2k7aP2qCReETkk+/24MCIq5SbA=
Subject key identifier: 95:27:F1:9C:3C:C4:42:F2:B2:48:2E:76:59:9D:23:D0:87:A7:E8:11
Certificate issuer: /CN=637104d927e7e1ef8febbffddf28145495011094
Certificate serial: 01856EC200D69E7704938B77DD3F968019BB
Authority key identifier: 63:71:04:D9:27:E7:E1:EF:8F:EB:BF:FD:DF:28:14:54:95:01:10:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y3EE2Sfn4e-P67_93ygUVJUBEJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/dd1ddf-73cf-4bb2-8a6e-6e4aec86fe1e/1/lSfxnDzEQvKySC52WZ0j0Ien6BE.roa
Signing time: Sun 01 Jan 2023 19:14:45 +0000
ROA not before: Sun 01 Jan 2023 19:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42673
IP address blocks: 91.240.130.0/24 maxlen: 32
91.240.136.0/22 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:00:d6:9e:77:04:93:8b:77:dd:3f:96:80:19:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=637104d927e7e1ef8febbffddf28145495011094
Validity
Not Before: Jan 1 19:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9527f19c3cc442f2b2482e76599d23d087a7e811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6c:65:92:32:23:6d:a2:7d:a9:f9:ec:7c:48:
85:52:98:b3:db:66:42:8e:2e:ac:8c:05:d4:c7:2c:
04:ae:b6:24:88:e9:fc:0a:34:4b:1c:02:9f:e2:4f:
84:47:42:d6:be:37:e1:8b:8a:3c:5f:31:5f:b4:03:
10:b8:4f:82:13:21:1e:67:af:b9:25:5c:91:48:cd:
bc:70:c1:60:ad:48:e4:57:fb:64:2b:f9:59:a6:5e:
b3:99:91:e6:c7:6d:9a:e1:8f:fc:c7:be:90:7e:b6:
40:e3:8b:73:c3:00:f4:cb:6a:f7:65:92:28:d0:30:
df:44:10:f7:c4:cc:3b:6e:ee:67:83:48:ef:04:bc:
d7:45:e4:d1:92:56:64:2c:12:34:e5:4d:bf:62:25:
67:58:f6:7c:97:d7:d3:48:14:70:f9:85:62:8e:4a:
51:36:fa:bb:aa:bd:bc:e5:8e:1c:10:9b:15:f8:35:
98:1d:6f:3e:52:5e:0e:7a:ab:69:44:1a:df:06:61:
c3:65:31:ce:79:45:47:e8:36:2b:c9:6b:69:d6:25:
b9:8c:f5:68:05:4d:83:59:29:e4:33:02:36:da:54:
0f:99:50:9e:d9:6b:d7:a0:16:9f:54:5e:71:61:46:
dd:ca:d6:97:ae:d1:f4:3a:3a:4a:ba:ff:5a:73:0c:
02:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:27:F1:9C:3C:C4:42:F2:B2:48:2E:76:59:9D:23:D0:87:A7:E8:11
X509v3 Authority Key Identifier:
keyid:63:71:04:D9:27:E7:E1:EF:8F:EB:BF:FD:DF:28:14:54:95:01:10:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3EE2Sfn4e-P67_93ygUVJUBEJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dd1ddf-73cf-4bb2-8a6e-6e4aec86fe1e/1/lSfxnDzEQvKySC52WZ0j0Ien6BE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dd1ddf-73cf-4bb2-8a6e-6e4aec86fe1e/1/Y3EE2Sfn4e-P67_93ygUVJUBEJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.130.0/24
91.240.136.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:cc:16:fa:d2:98:e7:90:ff:85:99:30:1d:6d:b8:9f:7e:42:
d6:d4:23:02:2c:b9:48:b6:09:ff:0e:3c:01:e6:86:3a:be:75:
a8:6e:ff:af:87:d5:69:ab:0b:48:41:cf:11:bf:de:30:d8:03:
f4:22:99:41:e3:e8:4e:2f:b4:5a:34:4f:bb:0c:ec:2a:6e:e3:
99:34:46:b5:21:87:49:49:51:a2:ff:94:92:99:c3:0a:09:c9:
db:eb:f1:52:bb:44:f8:df:ba:34:09:3d:b5:64:70:52:1d:f9:
9c:e8:36:a6:3d:77:95:07:df:0e:a9:bf:f4:4f:9f:0c:bc:55:
26:13:fb:6e:12:ff:d3:1f:db:a8:b1:b2:7f:f2:7e:dd:fe:5d:
2e:40:23:de:c5:f0:50:ff:11:21:d9:8c:96:11:07:23:70:62:
e5:bf:ec:63:04:4e:6e:a7:8c:9a:18:3b:69:4b:5b:d1:f2:35:
e0:24:63:7d:77:27:39:82:03:91:02:ec:a7:01:bc:ec:c3:36:
45:bc:8d:b6:ab:0c:02:9f:1d:08:b5:fd:fa:df:c9:2d:4e:d5:
c8:1f:01:ff:11:64:3a:67:54:64:ff:3d:49:c6:12:44:22:34:
c8:55:fb:38:e6:44:53:e8:f8:73:4f:34:8a:87:d4:37:1d:66:
d5:d1:27:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuwgDWnncEk4t33T+WgBm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNzEwNGQ5MjdlN2UxZWY4ZmViYmZmZGRmMjgxNDU0OTUw
MTEwOTQwHhcNMjMwMTAxMTkxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTI3ZjE5YzNjYzQ0MmYyYjI0ODJlNzY1OTlkMjNkMDg3YTdlODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2xlkjIjbaJ9qfnsfEiFUpiz22ZC
ji6sjAXUxywErrYkiOn8CjRLHAKf4k+ER0LWvjfhi4o8XzFftAMQuE+CEyEeZ6+5
JVyRSM28cMFgrUjkV/tkK/lZpl6zmZHmx22a4Y/8x76QfrZA44tzwwD0y2r3ZZIo
0DDfRBD3xMw7bu5ng0jvBLzXReTRklZkLBI05U2/YiVnWPZ8l9fTSBRw+YVijkpR
Nvq7qr285Y4cEJsV+DWYHW8+Ul4OeqtpRBrfBmHDZTHOeUVH6DYryWtp1iW5jPVo
BU2DWSnkMwI22lQPmVCe2WvXoBafVF5xYUbdytaXrtH0OjpKuv9acwwCbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJUn8Zw8xELyskgudlmdI9CHp+gRMB8GA1UdIwQY
MBaAFGNxBNkn5+Hvj+u//d8oFFSVARCUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTNFRTJTZm40ZS1QNjdfOTN5Z1VWSlVCRUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kZDFkZGYtNzNjZi00YmIyLThhNmUt
NmU0YWVjODZmZTFlLzEvbFNmeG5EekVRdkt5U0M1MldaMGowSWVuNkJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9kZDFkZGYtNzNjZi00YmIyLThhNmUtNmU0YWVjODZmZTFl
LzEvWTNFRTJTZm40ZS1QNjdfOTN5Z1VWSlVCRUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/CCAwQC
W/CIMA0GCSqGSIb3DQEBCwUAA4IBAQAbzBb60pjnkP+FmTAdbbiffkLW1CMCLLlI
tgn/DjwB5oY6vnWobv+vh9VpqwtIQc8Rv94w2AP0IplB4+hOL7RaNE+7DOwqbuOZ
NEa1IYdJSVGi/5SSmcMKCcnb6/FSu0T437o0CT21ZHBSHfmc6DamPXeVB98Oqb/0
T58MvFUmE/tuEv/TH9uosbJ/8n7d/l0uQCPexfBQ/xEh2YyWEQcjcGLlv+xjBE5u
p4yaGDtpS1vR8jXgJGN9dyc5ggORAuynAbzswzZFvI22qwwCnx0Itf3638ktTtXI
HwH/EWQ6Z1Rk/z1JxhJEIjTIVfs45kRT6PhzTzSKh9Q3HWbV0SdW
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:32 2024 by rpki-client on console-fra.rpki-client.org