Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/f85b7c-4ad6-427d-93ed-a6f1e495f1be/1/KUhAc2f581wHYPfnD-T7PLbtIbU.roa
File: KUhAc2f581wHYPfnD-T7PLbtIbU.roa (raw, json)
Hash identifier: Bh5wNHYbb/GnYv65mQS/bMiL2IWvQIMcd7olMlkhjtM=
Subject key identifier: 29:48:40:73:67:F9:F3:5C:07:60:F7:E7:0F:E4:FB:3C:B6:ED:21:B5
Certificate issuer: /CN=e140a047c8b30adc6d9ee326a669dfd011d9b5d3
Certificate serial: 018572C38F8A8DC6BA5B0B20D5A02FB6991B
Authority key identifier: E1:40:A0:47:C8:B3:0A:DC:6D:9E:E3:26:A6:69:DF:D0:11:D9:B5:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4UCgR8izCtxtnuMmpmnf0BHZtdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/f85b7c-4ad6-427d-93ed-a6f1e495f1be/1/KUhAc2f581wHYPfnD-T7PLbtIbU.roa
Signing time: Mon 02 Jan 2023 13:54:56 +0000
ROA not before: Mon 02 Jan 2023 13:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 91.132.227.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:8f:8a:8d:c6:ba:5b:0b:20:d5:a0:2f:b6:99:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e140a047c8b30adc6d9ee326a669dfd011d9b5d3
Validity
Not Before: Jan 2 13:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2948407367f9f35c0760f7e70fe4fb3cb6ed21b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:69:37:d4:84:0c:9c:14:3a:15:7a:26:de:24:
b4:90:4c:48:1d:ec:9b:e7:6d:74:7f:6b:2c:aa:17:
8b:90:83:8c:6e:54:92:92:0b:d6:7d:c4:84:84:af:
75:d1:de:9a:c5:93:97:85:62:6e:a0:4c:b9:8d:d0:
b5:80:73:93:c1:0e:68:4b:3e:03:60:a5:93:44:49:
28:be:51:3f:ee:66:74:11:b5:16:90:68:43:21:34:
31:da:4d:4b:9c:9f:79:a0:e4:75:7e:8f:f6:bc:32:
26:d2:f4:41:5e:aa:2c:a2:90:24:b1:f6:a7:9a:b1:
1b:f2:97:f2:e1:00:fc:b1:7b:33:0c:d6:01:cf:6d:
45:d5:3b:95:02:86:ab:46:66:4f:01:03:78:d8:4c:
77:96:20:dd:52:15:e8:90:11:81:bb:ad:e7:63:3f:
c4:6c:a9:eb:00:43:4b:64:a1:3d:ab:53:10:d8:25:
9e:e3:14:7e:18:fe:8b:70:2a:e8:00:12:70:a6:32:
41:bd:60:5e:1d:d5:d2:68:3f:52:f9:6b:d8:30:a8:
b3:81:40:89:21:93:f5:f2:59:a5:9d:a3:37:1e:0e:
cd:e0:72:e4:4f:d0:dd:a8:aa:94:f4:74:c4:fd:84:
b1:df:f8:a3:99:86:4e:46:64:a4:ed:92:cc:c4:ed:
56:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:48:40:73:67:F9:F3:5C:07:60:F7:E7:0F:E4:FB:3C:B6:ED:21:B5
X509v3 Authority Key Identifier:
keyid:E1:40:A0:47:C8:B3:0A:DC:6D:9E:E3:26:A6:69:DF:D0:11:D9:B5:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UCgR8izCtxtnuMmpmnf0BHZtdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/f85b7c-4ad6-427d-93ed-a6f1e495f1be/1/KUhAc2f581wHYPfnD-T7PLbtIbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/f85b7c-4ad6-427d-93ed-a6f1e495f1be/1/4UCgR8izCtxtnuMmpmnf0BHZtdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.227.0/24
Signature Algorithm: sha256WithRSAEncryption
28:05:55:7f:0c:2f:01:82:9a:d0:0d:9d:aa:67:17:12:f5:5c:
7b:55:4f:73:fc:f4:91:59:87:fb:b9:e7:3e:2a:b0:60:11:bc:
7b:f5:2a:04:9a:c5:c9:d0:44:d3:c9:ed:6e:66:93:25:57:ab:
67:16:f9:3d:ce:43:9d:02:a1:ee:6d:86:8e:2a:24:db:c8:4c:
bc:08:c1:db:9f:ae:44:33:d7:a1:60:7f:14:f9:c2:30:4f:c7:
92:d9:51:3d:1d:d7:66:54:a4:f5:70:1e:9b:65:0a:71:6a:5d:
41:f2:ec:6f:e0:99:d1:3d:92:23:44:4e:16:90:40:00:94:ec:
22:8e:7d:37:d9:96:32:66:02:93:f5:f5:e3:3a:aa:02:8b:b7:
0d:aa:8b:b4:ac:09:0a:6d:60:23:54:38:5d:61:04:f7:53:4a:
1d:43:09:8a:d4:78:1b:a4:07:2a:00:99:5f:70:71:39:cd:92:
fa:3d:78:62:c0:9c:31:f8:23:d2:22:4d:c9:a4:57:10:a3:d0:
b6:ff:a7:88:9a:d1:37:0b:64:e8:fc:3a:47:5d:3f:6a:80:cb:
83:50:de:e0:87:cf:fc:f3:ef:a0:29:3b:08:53:c1:3b:40:7b:
4c:e3:82:f2:97:c8:14:9e:b4:a8:5f:8e:73:08:df:12:c0:4a:
67:6e:f0:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw4+Kjca6Wwsg1aAvtpkbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNDBhMDQ3YzhiMzBhZGM2ZDllZTMyNmE2NjlkZmQwMTFk
OWI1ZDMwHhcNMjMwMTAyMTM1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTQ4NDA3MzY3ZjlmMzVjMDc2MGY3ZTcwZmU0ZmIzY2I2ZWQyMWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGk31IQMnBQ6FXom3iS0kExIHeyb
5210f2ssqheLkIOMblSSkgvWfcSEhK910d6axZOXhWJuoEy5jdC1gHOTwQ5oSz4D
YKWTREkovlE/7mZ0EbUWkGhDITQx2k1LnJ95oOR1fo/2vDIm0vRBXqosopAksfan
mrEb8pfy4QD8sXszDNYBz21F1TuVAoarRmZPAQN42Ex3liDdUhXokBGBu63nYz/E
bKnrAENLZKE9q1MQ2CWe4xR+GP6LcCroABJwpjJBvWBeHdXSaD9S+WvYMKizgUCJ
IZP18lmlnaM3Hg7N4HLkT9DdqKqU9HTE/YSx3/ijmYZORmSk7ZLMxO1WiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClIQHNn+fNcB2D35w/k+zy27SG1MB8GA1UdIwQY
MBaAFOFAoEfIswrcbZ7jJqZp39AR2bXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFVDZ1I4aXpDdHh0bnVNbXBtbmYwQkhadGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mODViN2MtNGFkNi00MjdkLTkzZWQt
YTZmMWU0OTVmMWJlLzEvS1VoQWMyZjU4MXdIWVBmbkQtVDdQTGJ0SWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mODViN2MtNGFkNi00MjdkLTkzZWQtYTZmMWU0OTVmMWJl
LzEvNFVDZ1I4aXpDdHh0bnVNbXBtbmYwQkhadGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW4TjMA0G
CSqGSIb3DQEBCwUAA4IBAQAoBVV/DC8BgprQDZ2qZxcS9Vx7VU9z/PSRWYf7uec+
KrBgEbx79SoEmsXJ0ETTye1uZpMlV6tnFvk9zkOdAqHubYaOKiTbyEy8CMHbn65E
M9ehYH8U+cIwT8eS2VE9HddmVKT1cB6bZQpxal1B8uxv4JnRPZIjRE4WkEAAlOwi
jn032ZYyZgKT9fXjOqoCi7cNqou0rAkKbWAjVDhdYQT3U0odQwmK1HgbpAcqAJlf
cHE5zZL6PXhiwJwx+CPSIk3JpFcQo9C2/6eImtE3C2To/DpHXT9qgMuDUN7gh8/8
8++gKTsIU8E7QHtM44Lyl8gUnrSoX45zCN8SwEpnbvCf
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:47 2024 by rpki-client on console-fra.rpki-client.org