Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/v0HYrXk3nJDAcC60cdAtB28zNGA.roa
File: v0HYrXk3nJDAcC60cdAtB28zNGA.roa (raw, json)
Hash identifier: 6ZOQ17OFKmpslukVTbcxWXgmRYBLekCMrQsYZvWRCKo=
Subject key identifier: BF:41:D8:AD:79:37:9C:90:C0:70:2E:B4:71:D0:2D:07:6F:33:34:60
Certificate issuer: /CN=44f885220f1719f5837cb5a36fa62f3f537e8e3f
Certificate serial: 01890C85B983A73FDE636F74A2A0D7B358A6
Authority key identifier: 44:F8:85:22:0F:17:19:F5:83:7C:B5:A3:6F:A6:2F:3F:53:7E:8E:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPiFIg8XGfWDfLWjb6YvP1N-jj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/v0HYrXk3nJDAcC60cdAtB28zNGA.roa
Signing time: Fri 30 Jun 2023 13:37:17 +0000
ROA not before: Fri 30 Jun 2023 13:37:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44548
IP address blocks: 91.220.199.0/24 maxlen: 24
195.93.156.0/23 maxlen: 23
195.93.156.0/24 maxlen: 24
195.93.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0c:85:b9:83:a7:3f:de:63:6f:74:a2:a0:d7:b3:58:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44f885220f1719f5837cb5a36fa62f3f537e8e3f
Validity
Not Before: Jun 30 13:37:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf41d8ad79379c90c0702eb471d02d076f333460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3a:e8:77:d2:fe:75:d6:3e:56:46:e4:a2:cd:
1b:75:d9:79:b7:24:28:cf:0d:26:86:3a:26:f8:4a:
20:37:ee:40:a5:b0:71:e1:06:ab:18:34:d0:79:fd:
9a:36:82:2d:35:83:13:08:4c:35:f0:1b:59:15:52:
51:e0:bb:36:6f:5c:65:be:c6:3d:db:a2:43:e2:f9:
83:a3:54:b6:85:ab:36:c7:84:8e:4f:8d:d3:fe:8d:
7d:47:95:f1:99:e7:a3:c2:72:72:58:dc:b0:18:62:
d0:1a:b7:0c:36:34:bf:ac:46:45:e8:7f:32:82:35:
0a:5e:f0:6a:8c:7a:d0:a8:eb:72:43:9d:29:21:6d:
31:75:5d:4d:e3:42:b1:a2:4d:4c:53:ce:4b:0f:7b:
c8:d1:59:7e:40:a9:b7:05:98:70:59:20:3a:c5:a9:
e5:ae:aa:ac:9e:0e:db:73:78:e1:1a:26:6d:30:78:
8b:e4:96:66:85:c0:c2:cc:a4:8f:0c:6e:05:6e:a8:
40:79:5a:54:f1:13:f0:7b:ee:52:60:d8:ce:62:94:
8c:23:04:c6:3b:25:31:32:f8:b0:51:d8:0e:c2:64:
b4:d3:3a:aa:f1:c6:21:56:87:50:be:34:f3:8b:6f:
de:81:63:d4:cd:c2:15:e0:a5:7b:0e:2f:75:8d:a2:
af:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:41:D8:AD:79:37:9C:90:C0:70:2E:B4:71:D0:2D:07:6F:33:34:60
X509v3 Authority Key Identifier:
keyid:44:F8:85:22:0F:17:19:F5:83:7C:B5:A3:6F:A6:2F:3F:53:7E:8E:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPiFIg8XGfWDfLWjb6YvP1N-jj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/v0HYrXk3nJDAcC60cdAtB28zNGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/RPiFIg8XGfWDfLWjb6YvP1N-jj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.199.0/24
195.93.156.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:c8:47:37:58:79:13:0b:bd:2f:f2:6b:64:60:fe:bd:8a:35:
6f:d8:3b:38:57:21:97:ff:0a:a9:35:b1:45:46:49:6e:bf:59:
9f:de:f2:c6:31:50:1c:7e:ac:f9:75:ba:bf:d7:f1:96:e6:92:
f1:aa:8f:bb:a3:a9:1b:d0:bf:f7:24:82:86:89:12:f0:10:59:
b0:ca:da:42:cc:01:4f:d7:06:a0:ff:eb:ae:ba:02:7c:58:17:
ef:f9:69:15:d3:00:18:11:64:60:a7:18:61:e0:8b:74:c0:19:
29:27:8d:d3:d5:13:9e:6c:be:90:a5:aa:b4:3b:41:f6:28:7a:
f3:ca:f1:29:9b:98:f7:c9:fb:1e:c2:1d:a4:8b:b0:e1:0c:1d:
e5:6c:b0:b6:14:f1:10:2f:76:53:14:68:d5:84:f2:00:66:ef:
da:9c:1e:25:fa:7f:22:7a:69:d8:e8:f6:25:fa:d3:47:85:2a:
0c:e0:d3:f5:cd:b8:04:7b:3d:eb:bb:72:e4:1c:49:3f:42:e1:
73:00:66:0d:f1:45:f2:3e:25:39:f2:5d:ec:3a:af:83:19:30:
01:af:d2:e6:16:cd:08:17:1a:01:50:22:65:91:18:bd:b8:9a:
f6:37:9b:d5:fe:f0:9f:5f:97:10:91:8b:6d:41:e6:d6:1f:02:
9c:9d:da:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkMhbmDpz/eY290oqDXs1imMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Zjg4NTIyMGYxNzE5ZjU4MzdjYjVhMzZmYTYyZjNmNTM3
ZThlM2YwHhcNMjMwNjMwMTMzNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjQxZDhhZDc5Mzc5YzkwYzA3MDJlYjQ3MWQwMmQwNzZmMzMzNDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDrod9L+ddY+Vkbkos0bddl5tyQo
zw0mhjom+EogN+5ApbBx4QarGDTQef2aNoItNYMTCEw18BtZFVJR4Ls2b1xlvsY9
26JD4vmDo1S2has2x4SOT43T/o19R5XxmeejwnJyWNywGGLQGrcMNjS/rEZF6H8y
gjUKXvBqjHrQqOtyQ50pIW0xdV1N40Kxok1MU85LD3vI0Vl+QKm3BZhwWSA6xanl
rqqsng7bc3jhGiZtMHiL5JZmhcDCzKSPDG4FbqhAeVpU8RPwe+5SYNjOYpSMIwTG
OyUxMviwUdgOwmS00zqq8cYhVodQvjTzi2/egWPUzcIV4KV7Di91jaKvbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL9B2K15N5yQwHAutHHQLQdvMzRgMB8GA1UdIwQY
MBaAFET4hSIPFxn1g3y1o2+mLz9Tfo4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBpRklnOFhHZldEZkxXamI2WXZQMU4tamo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iYWIxOTQtNWUyNC00ZWFkLThmNDkt
MzdlZDk5MTQzYWFlLzEvdjBIWXJYazNuSkRBY0M2MGNkQXRCMjh6TkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iYWIxOTQtNWUyNC00ZWFkLThmNDktMzdlZDk5MTQzYWFl
LzEvUlBpRklnOFhHZldEZkxXamI2WXZQMU4tamo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9zHAwQB
w12cMA0GCSqGSIb3DQEBCwUAA4IBAQA+yEc3WHkTC70v8mtkYP69ijVv2Ds4VyGX
/wqpNbFFRkluv1mf3vLGMVAcfqz5dbq/1/GW5pLxqo+7o6kb0L/3JIKGiRLwEFmw
ytpCzAFP1wag/+uuugJ8WBfv+WkV0wAYEWRgpxhh4It0wBkpJ43T1ROebL6Qpaq0
O0H2KHrzyvEpm5j3yfsewh2ki7DhDB3lbLC2FPEQL3ZTFGjVhPIAZu/anB4l+n8i
emnY6PYl+tNHhSoM4NP1zbgEez3ru3LkHEk/QuFzAGYN8UXyPiU58l3sOq+DGTAB
r9LmFs0IFxoBUCJlkRi9uJr2N5vV/vCfX5cQkYttQebWHwKcndrU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:05 2024 by rpki-client on console-ams.rpki-client.org