Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/yQYJdcThI464w-4wZOpq9a59t0g.roa
File: yQYJdcThI464w-4wZOpq9a59t0g.roa (raw, json)
Hash identifier: PTf/pITvW1ZDz5TESajKo7eChmjm5LAmoGGU22l3jr8=
Subject key identifier: C9:06:09:75:C4:E1:23:8E:B8:C3:EE:30:64:EA:6A:F5:AE:7D:B7:48
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 01856C65F55C17A3718316D5CDA11353D0D5
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/yQYJdcThI464w-4wZOpq9a59t0g.roa
Signing time: Sun 01 Jan 2023 08:14:59 +0000
ROA not before: Sun 01 Jan 2023 08:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199258
IP address blocks: 91.196.137.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:f5:5c:17:a3:71:83:16:d5:cd:a1:13:53:d0:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jan 1 08:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9060975c4e1238eb8c3ee3064ea6af5ae7db748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5b:f4:bb:61:93:ec:76:d9:ae:cf:1a:b3:49:
03:81:c2:12:2e:eb:c9:ba:79:54:80:9e:9b:65:f6:
bd:1b:bd:78:d9:34:08:0d:1e:96:03:fa:a4:a4:67:
b6:e0:12:df:95:f2:54:51:aa:98:80:64:e3:94:c7:
35:f8:80:54:99:09:76:5e:53:5b:0b:db:4f:84:25:
ec:b1:5c:16:26:42:7f:f6:6b:28:87:88:3b:20:5d:
03:b5:37:b9:4a:0d:92:b0:6d:e2:06:68:df:d0:3e:
33:5a:c4:a8:14:c2:65:02:94:f7:cd:67:ef:1e:ee:
2a:0a:5f:bc:95:2d:b1:c6:ae:02:f5:e2:6a:30:ee:
31:ff:ed:d6:1f:0a:39:cd:d7:2e:36:c7:13:f9:cf:
a1:d0:08:39:7f:ca:19:e0:21:29:7b:78:06:03:5d:
f0:f5:80:45:79:d0:94:b4:32:37:3b:30:b6:ce:ce:
f2:39:1b:2f:b8:41:66:56:e9:87:0c:26:ee:27:48:
e1:27:ae:77:5f:e0:fe:25:5a:01:c7:84:86:84:88:
48:05:b5:c4:39:cf:1d:de:73:85:69:c8:07:01:a3:
bf:97:5a:e7:37:3e:0e:d1:44:bb:17:00:ab:43:5a:
08:80:70:b5:93:b7:d1:9c:15:28:5f:2e:2b:9e:eb:
b4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:06:09:75:C4:E1:23:8E:B8:C3:EE:30:64:EA:6A:F5:AE:7D:B7:48
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/yQYJdcThI464w-4wZOpq9a59t0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.137.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:52:fb:c3:dc:6a:f1:0a:08:c0:36:03:fc:8b:be:41:a0:80:
ef:9f:03:10:6d:e2:b8:73:2d:67:44:a9:c1:2c:63:54:78:87:
83:d3:91:58:56:9b:f9:d2:92:ec:1e:71:ca:1d:f9:b6:de:4d:
47:13:c5:53:35:69:8d:31:95:a2:30:8d:01:7f:47:94:65:c9:
6a:88:3c:50:8d:42:b4:08:e6:8d:33:cd:30:9b:44:a8:0b:80:
0b:cb:e2:29:2d:f3:d0:f5:24:d8:47:b9:7d:7b:7d:18:da:72:
f6:bb:dc:3d:b7:94:9d:95:12:f0:01:fa:bc:7f:24:b6:db:fc:
b4:8c:7d:4b:8e:a3:4f:ae:7d:c4:f6:f5:82:88:2a:24:37:19:
e1:fe:63:18:0b:98:3d:7e:61:5d:45:7e:71:e1:e4:b8:76:f3:
6f:b6:25:e8:bd:54:a7:1d:0f:e9:ad:72:27:af:00:22:7f:8c:
89:fc:2f:e0:ae:60:79:97:80:df:29:e8:f8:c1:79:c7:79:af:
ea:39:36:7e:b0:2c:d2:67:61:87:4a:43:6b:61:c9:66:7d:27:
a8:b7:42:4b:d2:53:a5:9d:ae:1f:84:9c:9d:87:87:cc:9a:c5:
3d:80:3d:06:3e:7d:33:ab:6c:73:26:04:77:d5:07:e8:4e:46:
c9:ae:15:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZfVcF6NxgxbVzaETU9DVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjMwMTAxMDgxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTA2MDk3NWM0ZTEyMzhlYjhjM2VlMzA2NGVhNmFmNWFlN2RiNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFv0u2GT7HbZrs8as0kDgcISLuvJ
unlUgJ6bZfa9G7142TQIDR6WA/qkpGe24BLflfJUUaqYgGTjlMc1+IBUmQl2XlNb
C9tPhCXssVwWJkJ/9msoh4g7IF0DtTe5Sg2SsG3iBmjf0D4zWsSoFMJlApT3zWfv
Hu4qCl+8lS2xxq4C9eJqMO4x/+3WHwo5zdcuNscT+c+h0Ag5f8oZ4CEpe3gGA13w
9YBFedCUtDI3OzC2zs7yORsvuEFmVumHDCbuJ0jhJ653X+D+JVoBx4SGhIhIBbXE
Oc8d3nOFacgHAaO/l1rnNz4O0US7FwCrQ1oIgHC1k7fRnBUoXy4rnuu0pwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMkGCXXE4SOOuMPuMGTqavWufbdIMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEveVFZSmRjVGhJNDY0dy00d1pPcHE5YTU5dDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8SJMA0G
CSqGSIb3DQEBCwUAA4IBAQCwUvvD3GrxCgjANgP8i75BoIDvnwMQbeK4cy1nRKnB
LGNUeIeD05FYVpv50pLsHnHKHfm23k1HE8VTNWmNMZWiMI0Bf0eUZclqiDxQjUK0
COaNM80wm0SoC4ALy+IpLfPQ9STYR7l9e30Y2nL2u9w9t5SdlRLwAfq8fyS22/y0
jH1LjqNPrn3E9vWCiCokNxnh/mMYC5g9fmFdRX5x4eS4dvNvtiXovVSnHQ/prXIn
rwAif4yJ/C/grmB5l4DfKej4wXnHea/qOTZ+sCzSZ2GHSkNrYclmfSeot0JL0lOl
na4fhJydh4fMmsU9gD0GPn0zq2xzJgR31QfoTkbJrhUZ
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:21 2024 by rpki-client on console-ams.rpki-client.org