Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/muS6KGSh4tXkn4GIR-QV0kuZzjA.roa
File: muS6KGSh4tXkn4GIR-QV0kuZzjA.roa (raw, json)
Hash identifier: 1+cxRvE1+aGkv/U2la3uHkTBqsD5ie0fVOdn83HWMag=
Subject key identifier: 9A:E4:BA:28:64:A1:E2:D5:E4:9F:81:88:47:E4:15:D2:4B:99:CE:30
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 018CACDDE88A0F680206F0A388614BA5CC8B
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/muS6KGSh4tXkn4GIR-QV0kuZzjA.roa
Signing time: Wed 27 Dec 2023 20:01:13 +0000
ROA not before: Wed 27 Dec 2023 20:01:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 188.191.96.0/24 maxlen: 24
188.191.107.0/24 maxlen: 24
91.225.225.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ac:dd:e8:8a:0f:68:02:06:f0:a3:88:61:4b:a5:cc:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Dec 27 20:01:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ae4ba2864a1e2d5e49f818847e415d24b99ce30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f5:4a:5a:88:58:b3:33:46:a9:ba:e8:9e:78:
1f:b3:13:52:27:12:13:50:67:da:5b:bb:d7:1c:c1:
c1:2b:ed:aa:54:ab:04:c0:56:16:8b:af:5d:72:d6:
b8:aa:91:a1:96:aa:cc:d5:c9:f4:2c:50:f3:5c:66:
a3:08:31:84:69:7b:49:9f:6e:98:63:37:24:85:fd:
ff:8b:4d:d0:8f:1c:af:7f:33:bc:61:e3:76:b0:e1:
05:3a:57:ac:4b:b4:a4:24:f4:fb:31:39:25:5f:f1:
66:53:a9:ab:02:45:78:21:d6:72:77:95:1f:9c:35:
6b:9f:97:a6:6b:97:b0:85:40:e6:0c:22:eb:1a:ab:
09:29:67:f7:06:c0:4e:e1:74:a0:6d:8f:73:a2:3b:
a6:5b:74:ad:82:11:ab:23:21:f0:c3:21:82:a8:00:
96:e3:e4:9b:99:0d:28:d7:34:31:c2:bc:08:03:67:
db:d3:b7:85:72:90:e3:e8:2a:d3:de:6b:24:4a:a2:
87:cb:58:85:a2:ed:25:0a:c2:05:c3:c6:ab:00:58:
e3:20:00:eb:1f:b3:a6:c6:a2:67:05:b6:c9:26:0e:
33:00:41:67:08:c8:fd:37:f1:c3:31:df:04:30:ee:
47:7d:10:ea:51:3e:62:4a:d2:8e:c4:38:f7:f4:8c:
6a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:E4:BA:28:64:A1:E2:D5:E4:9F:81:88:47:E4:15:D2:4B:99:CE:30
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/muS6KGSh4tXkn4GIR-QV0kuZzjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.225.0/24
188.191.96.0/24
188.191.107.0/24
Signature Algorithm: sha256WithRSAEncryption
14:34:ef:7e:bb:db:65:3d:3e:b1:ad:4f:34:ce:5d:f4:30:3d:
e5:a8:91:c9:61:d8:00:71:b0:3e:32:5c:d8:b8:fb:7d:93:58:
2f:3a:61:ea:bf:8d:32:e6:3b:18:e7:30:01:13:4a:4b:bd:1b:
a9:c7:3e:08:40:16:de:9b:81:04:29:dc:89:68:2c:92:6c:41:
2d:b1:fd:f6:3c:c1:cd:da:3d:bb:1f:e2:df:a2:01:a2:13:c3:
a9:88:c4:97:fb:e4:8c:f3:09:09:50:ae:1d:84:23:e8:30:31:
1a:f7:3e:d6:c6:c4:d4:a5:2b:c1:ad:0e:44:46:d6:b2:71:c8:
81:40:b5:af:fa:f9:97:5f:ac:62:02:ff:5e:4e:bd:a7:e1:1b:
a1:6d:07:2b:51:3b:ef:68:ca:ee:10:8b:f0:b9:1c:f6:60:0c:
38:3c:0e:2a:91:45:14:6c:da:ab:5c:7e:c3:09:cc:dd:97:8b:
b4:e4:93:71:04:2e:c4:d5:58:ed:c4:7a:db:78:81:74:24:a2:
e8:2d:0a:fd:2d:e0:28:91:83:d7:b2:8a:f0:f2:8b:24:7e:12:
94:e8:23:0c:8d:bf:f5:83:19:ce:d8:6f:07:1f:1e:23:ef:43:
12:09:65:1f:01:22:53:2f:ea:0a:c1:3d:a0:e0:ea:1f:2c:15:
d7:f1:89:50
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYys3eiKD2gCBvCjiGFLpcyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMxMjI3MjAwMTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWU0YmEyODY0YTFlMmQ1ZTQ5ZjgxODg0N2U0MTVkMjRiOTljZTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvVKWohYszNGqbronngfsxNSJxIT
UGfaW7vXHMHBK+2qVKsEwFYWi69dcta4qpGhlqrM1cn0LFDzXGajCDGEaXtJn26Y
Yzckhf3/i03QjxyvfzO8YeN2sOEFOlesS7SkJPT7MTklX/FmU6mrAkV4IdZyd5Uf
nDVrn5ema5ewhUDmDCLrGqsJKWf3BsBO4XSgbY9zojumW3StghGrIyHwwyGCqACW
4+SbmQ0o1zQxwrwIA2fb07eFcpDj6CrT3mskSqKHy1iFou0lCsIFw8arAFjjIADr
H7OmxqJnBbbJJg4zAEFnCMj9N/HDMd8EMO5HfRDqUT5iStKOxDj39IxqoQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJrkuihkoeLV5J+BiEfkFdJLmc4wMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvbXVTNktHU2g0dFhrbjRHSVItUVYwa3VaempBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+HhAwQA
vL9gAwQAvL9rMA0GCSqGSIb3DQEBCwUAA4IBAQAUNO9+u9tlPT6xrU80zl30MD3l
qJHJYdgAcbA+MlzYuPt9k1gvOmHqv40y5jsY5zABE0pLvRupxz4IQBbem4EEKdyJ
aCySbEEtsf32PMHN2j27H+LfogGiE8OpiMSX++SM8wkJUK4dhCPoMDEa9z7WxsTU
pSvBrQ5ERtaycciBQLWv+vmXX6xiAv9eTr2n4RuhbQcrUTvvaMruEIvwuRz2YAw4
PA4qkUUUbNqrXH7DCczdl4u05JNxBC7E1VjtxHrbeIF0JKLoLQr9LeAokYPXsorw
8oskfhKU6CMMjb/1gxnO2G8HHx4j70MSCWUfASJTL+oKwT2g4OofLBXX8YlQ
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:58 2024 by rpki-client on console-ams.rpki-client.org