Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2e18f7-09c7-45b1-bcb7-9f6686e42800/1/bWSqaahqJM0QI43lXA3IUevWjLE.roa
File: bWSqaahqJM0QI43lXA3IUevWjLE.roa (raw, json)
Hash identifier: /91KTNKVCUN+S+d4daKxaklc+F7L8nZmlcyYGMAu0TA=
Subject key identifier: 6D:64:AA:69:A8:6A:24:CD:10:23:8D:E5:5C:0D:C8:51:EB:D6:8C:B1
Certificate issuer: /CN=0a06b65cbb97667abdff9b861a22f9d01d1d46cb
Certificate serial: 018572B40BDE0D8A94260FDFFE317AA6546C
Authority key identifier: 0A:06:B6:5C:BB:97:66:7A:BD:FF:9B:86:1A:22:F9:D0:1D:1D:46:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cga2XLuXZnq9_5uGGiL50B0dRss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/2e18f7-09c7-45b1-bcb7-9f6686e42800/1/bWSqaahqJM0QI43lXA3IUevWjLE.roa
Signing time: Mon 02 Jan 2023 13:38:00 +0000
ROA not before: Mon 02 Jan 2023 13:38:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209615
IP address blocks: 91.132.236.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:0b:de:0d:8a:94:26:0f:df:fe:31:7a:a6:54:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a06b65cbb97667abdff9b861a22f9d01d1d46cb
Validity
Not Before: Jan 2 13:38:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d64aa69a86a24cd10238de55c0dc851ebd68cb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e4:cf:90:bd:fb:04:cd:99:f4:4f:2d:41:0a:
b8:c3:c1:ab:1a:84:f6:ad:9c:af:67:f0:a5:83:65:
bb:a3:00:fc:85:9f:e2:00:1f:d9:c0:23:08:52:00:
a9:9a:88:8b:2d:da:6f:dd:1a:57:9e:35:19:bf:2d:
74:87:eb:b1:9c:e1:b8:e2:26:14:5f:22:1e:80:9d:
ef:9b:fd:28:91:4f:62:5b:65:6f:29:5e:ef:60:7d:
c9:8d:26:fe:fe:0c:cf:52:9b:02:63:c4:28:af:b5:
32:80:80:7a:e3:4e:33:c3:d5:67:4c:a4:b0:94:48:
cd:02:38:cf:28:e0:18:ae:72:ba:73:8e:70:cf:e5:
18:f2:4a:67:45:b8:52:06:01:72:67:d0:33:16:5c:
16:8f:f3:7f:27:10:f5:44:88:23:16:13:66:9e:90:
d0:f9:03:1c:7c:4d:a2:d7:0c:5f:6a:98:db:dd:0e:
83:37:30:5d:c2:ac:b4:3a:e7:fb:0b:49:c3:f6:90:
8f:b8:13:e4:07:3f:44:c4:1e:65:46:bf:61:5f:64:
4e:89:e6:95:53:1a:03:1d:0c:09:98:59:49:30:50:
9a:6e:59:7f:6a:46:b9:5e:7b:cd:2a:e7:0b:5e:28:
51:f6:16:ed:44:30:0a:dc:42:ba:ec:55:fa:90:a4:
78:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:64:AA:69:A8:6A:24:CD:10:23:8D:E5:5C:0D:C8:51:EB:D6:8C:B1
X509v3 Authority Key Identifier:
keyid:0A:06:B6:5C:BB:97:66:7A:BD:FF:9B:86:1A:22:F9:D0:1D:1D:46:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cga2XLuXZnq9_5uGGiL50B0dRss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2e18f7-09c7-45b1-bcb7-9f6686e42800/1/bWSqaahqJM0QI43lXA3IUevWjLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2e18f7-09c7-45b1-bcb7-9f6686e42800/1/Cga2XLuXZnq9_5uGGiL50B0dRss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.236.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:6a:8b:68:3c:74:e7:12:1d:30:87:a1:75:75:aa:08:b8:82:
42:73:1a:e7:ed:c7:70:48:62:90:cd:07:83:03:77:a9:b6:98:
53:e3:d6:b9:97:02:a9:bb:3c:cb:1b:12:f7:95:41:1f:17:f6:
eb:07:9b:98:0b:03:aa:c9:ce:87:a6:13:1e:1d:e3:c0:eb:72:
c8:55:19:ee:c3:b1:c6:7d:1a:cb:0e:18:88:2b:e1:58:cb:b3:
02:f4:f7:de:84:4a:d9:0f:2e:c1:ae:ed:fe:94:a6:a0:72:7d:
2f:3a:08:fc:ec:4d:fe:18:75:18:ed:d4:4e:b7:cb:d2:d8:d5:
8b:ac:e2:16:35:92:e1:79:e3:08:3c:0a:7c:7f:54:77:ff:0a:
a3:74:65:7d:ec:13:59:37:56:30:89:5c:5b:e9:42:de:92:8e:
b4:6c:f6:82:7e:31:57:5a:d2:31:f7:48:a6:fa:c6:e3:0a:5d:
10:e2:62:ab:ea:ea:eb:4c:b9:b0:e1:33:de:4c:ba:78:c9:30:
98:1f:c6:4a:22:e4:c1:52:85:62:ea:84:dd:af:1a:13:56:7a:
b2:f7:b6:6a:3d:f5:f0:ad:70:06:74:ba:d2:85:ee:c3:05:23:
13:3f:07:79:67:77:03:6b:ea:14:a7:fd:01:78:83:e4:a0:c4:
2f:56:c3:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytAveDYqUJg/f/jF6plRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMDZiNjVjYmI5NzY2N2FiZGZmOWI4NjFhMjJmOWQwMWQx
ZDQ2Y2IwHhcNMjMwMTAyMTMzODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDY0YWE2OWE4NmEyNGNkMTAyMzhkZTU1YzBkYzg1MWViZDY4Y2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluTPkL37BM2Z9E8tQQq4w8GrGoT2
rZyvZ/Clg2W7owD8hZ/iAB/ZwCMIUgCpmoiLLdpv3RpXnjUZvy10h+uxnOG44iYU
XyIegJ3vm/0okU9iW2VvKV7vYH3JjSb+/gzPUpsCY8Qor7UygIB6404zw9VnTKSw
lEjNAjjPKOAYrnK6c45wz+UY8kpnRbhSBgFyZ9AzFlwWj/N/JxD1RIgjFhNmnpDQ
+QMcfE2i1wxfapjb3Q6DNzBdwqy0Ouf7C0nD9pCPuBPkBz9ExB5lRr9hX2ROieaV
UxoDHQwJmFlJMFCabll/aka5XnvNKucLXihR9hbtRDAK3EK67FX6kKR4yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG1kqmmoaiTNECON5VwNyFHr1oyxMB8GA1UdIwQY
MBaAFAoGtly7l2Z6vf+bhhoi+dAdHUbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2dhMlhMdVhabnE5XzV1R0dpTDUwQjBkUnNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yZTE4ZjctMDljNy00NWIxLWJjYjct
OWY2Njg2ZTQyODAwLzEvYldTcWFhaHFKTTBRSTQzbFhBM0lVZXZXakxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yZTE4ZjctMDljNy00NWIxLWJjYjctOWY2Njg2ZTQyODAw
LzEvQ2dhMlhMdVhabnE5XzV1R0dpTDUwQjBkUnNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW4TsMA0G
CSqGSIb3DQEBCwUAA4IBAQBuaotoPHTnEh0wh6F1daoIuIJCcxrn7cdwSGKQzQeD
A3eptphT49a5lwKpuzzLGxL3lUEfF/brB5uYCwOqyc6HphMeHePA63LIVRnuw7HG
fRrLDhiIK+FYy7MC9PfehErZDy7Bru3+lKagcn0vOgj87E3+GHUY7dROt8vS2NWL
rOIWNZLheeMIPAp8f1R3/wqjdGV97BNZN1YwiVxb6ULeko60bPaCfjFXWtIx90im
+sbjCl0Q4mKr6urrTLmw4TPeTLp4yTCYH8ZKIuTBUoVi6oTdrxoTVnqy97ZqPfXw
rXAGdLrShe7DBSMTPwd5Z3cDa+oUp/0BeIPkoMQvVsNv
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:10 2024 by rpki-client on console-fra.rpki-client.org