Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/b48hbLzEm4JqWYXhoXP14jhGiPQ.roa
File: b48hbLzEm4JqWYXhoXP14jhGiPQ.roa (raw, json)
Hash identifier: 5KDgyuDxjwnCP8uTbwjcS6HYv6vSG8sDztuTq78Ewuc=
Subject key identifier: 6F:8F:21:6C:BC:C4:9B:82:6A:59:85:E1:A1:73:F5:E2:38:46:88:F4
Certificate issuer: /CN=1cacb77e20b78147d47f8394294f117b5c84ef5e
Certificate serial: 018572B421C8432CF4B77E60761F8F79BA22
Authority key identifier: 1C:AC:B7:7E:20:B7:81:47:D4:7F:83:94:29:4F:11:7B:5C:84:EF:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HKy3fiC3gUfUf4OUKU8Re1yE714.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/b48hbLzEm4JqWYXhoXP14jhGiPQ.roa
Signing time: Mon 02 Jan 2023 13:38:05 +0000
ROA not before: Mon 02 Jan 2023 13:38:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211848
IP address blocks: 91.239.117.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:21:c8:43:2c:f4:b7:7e:60:76:1f:8f:79:ba:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cacb77e20b78147d47f8394294f117b5c84ef5e
Validity
Not Before: Jan 2 13:38:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f8f216cbcc49b826a5985e1a173f5e2384688f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:1e:ae:77:7a:c9:cc:db:25:1a:ff:cf:37:b0:
9c:25:5e:a9:91:d9:5d:6b:4c:7b:b5:25:6c:1f:a3:
dd:1b:e4:86:85:0c:ba:a8:39:90:32:92:44:1a:b7:
c0:39:68:e4:ca:50:6d:25:77:d2:3e:e3:f6:a4:fd:
53:f5:07:4d:8c:e3:ab:d4:b2:68:81:69:03:81:20:
fc:34:cc:a3:3c:f5:90:e0:a5:ab:51:b2:ce:a9:9d:
5b:21:c9:cf:df:4a:11:a0:7d:ef:7f:ec:2c:4e:a7:
37:01:58:fb:4a:85:90:fa:6b:97:b4:d2:83:78:e9:
e5:19:86:6d:36:a9:be:5b:ea:0f:70:85:60:96:58:
97:bd:4f:75:50:45:06:08:2f:1d:d0:c7:77:87:1d:
9d:a7:a7:34:ac:ce:34:aa:4f:a9:15:1e:ee:aa:86:
f6:e4:79:38:f4:7a:11:8f:a6:d5:96:59:5e:c8:6f:
1c:00:38:6f:e2:c3:c9:cc:fa:b7:de:78:bf:76:3c:
8a:f0:d6:e7:e7:c7:b1:d2:39:85:2b:dc:f5:2d:b9:
f9:94:51:4d:a4:6d:0a:fd:b1:15:cb:57:e0:8a:a4:
a5:99:50:ac:c7:c1:33:18:49:0e:2f:84:5c:e2:d2:
c4:8f:e6:86:b0:b5:3e:d7:51:aa:20:ba:57:ea:9e:
60:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:8F:21:6C:BC:C4:9B:82:6A:59:85:E1:A1:73:F5:E2:38:46:88:F4
X509v3 Authority Key Identifier:
keyid:1C:AC:B7:7E:20:B7:81:47:D4:7F:83:94:29:4F:11:7B:5C:84:EF:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKy3fiC3gUfUf4OUKU8Re1yE714.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/b48hbLzEm4JqWYXhoXP14jhGiPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/HKy3fiC3gUfUf4OUKU8Re1yE714.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.117.0/24
Signature Algorithm: sha256WithRSAEncryption
22:e1:d9:ff:0f:d2:dc:9f:a6:d2:68:9f:23:18:fc:18:21:38:
6e:f3:d1:89:99:6d:c5:cb:0e:66:4f:1f:2c:f4:aa:a9:b3:50:
dc:cf:2a:16:75:84:08:0d:b9:f2:14:b3:68:6d:dd:e5:d3:2e:
c7:ad:a5:61:3e:77:e2:9a:c8:52:54:23:ad:4e:91:05:f5:e6:
c1:df:6d:04:b0:fe:99:2c:fb:5c:2f:62:35:4f:8e:66:52:42:
4c:fb:60:44:6d:48:21:7b:58:cb:b2:b3:88:b6:75:fa:23:cb:
21:df:2b:48:68:78:f6:df:0f:ec:e1:c3:65:a6:1b:86:bd:2c:
fa:46:cf:1f:80:e6:a0:17:1d:52:2c:59:89:5d:02:4a:e3:8e:
f3:f7:33:c5:a3:09:b8:04:c0:62:1c:da:42:da:63:c8:e6:a7:
7a:18:2b:4e:e8:a1:75:b6:9a:83:a6:30:bd:7e:2f:ff:44:80:
8c:72:37:5b:0d:9e:a7:fd:b8:cc:79:11:27:2f:e5:3f:59:c7:
03:63:a7:ec:1d:ae:ed:da:df:e4:47:b1:36:7b:e1:51:c7:bf:
ad:71:e6:44:6f:da:cf:1c:0c:7c:24:3e:a1:8c:96:93:9e:9c:
0e:ff:7e:19:47:d2:7f:cb:1d:03:a0:f6:38:82:ad:c1:29:36:
e1:02:65:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytCHIQyz0t35gdh+PeboiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYWNiNzdlMjBiNzgxNDdkNDdmODM5NDI5NGYxMTdiNWM4
NGVmNWUwHhcNMjMwMTAyMTMzODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjhmMjE2Y2JjYzQ5YjgyNmE1OTg1ZTFhMTczZjVlMjM4NDY4OGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhB6ud3rJzNslGv/PN7CcJV6pkdld
a0x7tSVsH6PdG+SGhQy6qDmQMpJEGrfAOWjkylBtJXfSPuP2pP1T9QdNjOOr1LJo
gWkDgSD8NMyjPPWQ4KWrUbLOqZ1bIcnP30oRoH3vf+wsTqc3AVj7SoWQ+muXtNKD
eOnlGYZtNqm+W+oPcIVglliXvU91UEUGCC8d0Md3hx2dp6c0rM40qk+pFR7uqob2
5Hk49HoRj6bVllleyG8cADhv4sPJzPq33ni/djyK8Nbn58ex0jmFK9z1Lbn5lFFN
pG0K/bEVy1fgiqSlmVCsx8EzGEkOL4Rc4tLEj+aGsLU+11GqILpX6p5gtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+PIWy8xJuCalmF4aFz9eI4Roj0MB8GA1UdIwQY
MBaAFByst34gt4FH1H+DlClPEXtchO9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEt5M2ZpQzNnVWZVZjRPVUtVOFJlMXlFNzE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy80MTdhYjItZmNiMy00MDVkLWEwYzgt
NTMyNWE1MjAwYmE5LzEvYjQ4aGJMekVtNEpxV1lYaG9YUDE0amhHaVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy80MTdhYjItZmNiMy00MDVkLWEwYzgtNTMyNWE1MjAwYmE5
LzEvSEt5M2ZpQzNnVWZVZjRPVUtVOFJlMXlFNzE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+91MA0G
CSqGSIb3DQEBCwUAA4IBAQAi4dn/D9Lcn6bSaJ8jGPwYIThu89GJmW3Fyw5mTx8s
9Kqps1DczyoWdYQIDbnyFLNobd3l0y7HraVhPnfimshSVCOtTpEF9ebB320EsP6Z
LPtcL2I1T45mUkJM+2BEbUghe1jLsrOItnX6I8sh3ytIaHj23w/s4cNlphuGvSz6
Rs8fgOagFx1SLFmJXQJK447z9zPFowm4BMBiHNpC2mPI5qd6GCtO6KF1tpqDpjC9
fi//RICMcjdbDZ6n/bjMeREnL+U/WccDY6fsHa7t2t/kR7E2e+FRx7+tceZEb9rP
HAx8JD6hjJaTnpwO/34ZR9J/yx0DoPY4gq3BKTbhAmXG
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:35 2024 by rpki-client on console-fra.rpki-client.org