Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/91b4hVqashCGRTWyA6GZ7KAZFNU.roa
File: 91b4hVqashCGRTWyA6GZ7KAZFNU.roa (raw, json)
Hash identifier: DUejQQdNo6qWzK0lV6lxH3at7dCt+k5QSsrcvOeoQbQ=
Subject key identifier: F7:56:F8:85:5A:9A:B2:10:86:45:35:B2:03:A1:99:EC:A0:19:14:D5
Certificate issuer: /CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Certificate serial: 018573CCD716BC9BC9DF53490E98D1F359B2
Authority key identifier: CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/91b4hVqashCGRTWyA6GZ7KAZFNU.roa
Signing time: Mon 02 Jan 2023 18:44:42 +0000
ROA not before: Mon 02 Jan 2023 18:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210924
IP address blocks: 185.210.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:cc:d7:16:bc:9b:c9:df:53:49:0e:98:d1:f3:59:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Validity
Not Before: Jan 2 18:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f756f8855a9ab210864535b203a199eca01914d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4a:43:51:38:e9:02:f4:4e:37:13:d7:10:78:
4f:61:01:d4:03:a0:4b:1d:8c:03:ed:60:3c:60:48:
71:1a:53:4e:ae:55:5d:57:0a:60:f4:fe:85:9e:41:
d5:22:e4:ef:51:14:7a:04:35:b6:68:c0:96:76:0d:
a8:92:67:50:dd:81:98:f9:24:6b:bd:ab:cb:d2:9e:
5e:62:9d:32:1a:b7:c1:65:9f:73:d2:23:6f:1e:fa:
73:72:9d:08:53:f4:54:43:c8:69:bf:15:68:91:f2:
c3:3a:cc:f8:31:5d:4c:44:c2:91:68:35:5a:a9:03:
95:89:a2:d2:01:80:63:6b:5f:1f:66:68:12:09:dd:
d1:94:18:d5:44:e3:41:a4:52:a0:43:00:54:84:e3:
35:cb:7d:d2:5a:6e:83:35:df:b3:82:12:88:8b:93:
92:13:b8:9c:ef:7e:7b:7a:17:56:0b:b6:71:cb:c5:
96:ec:b9:74:53:b5:18:33:d9:73:ae:55:d2:b6:dd:
3c:af:7b:2c:67:3e:06:b7:5c:06:2d:d9:38:b9:d2:
db:14:5c:be:31:81:6d:d6:e1:6a:42:43:64:c0:90:
a4:3f:c3:27:3d:51:6a:b3:fc:65:95:fb:f3:ad:1d:
fe:b7:35:dd:3a:2e:5b:ff:94:ce:9a:16:25:a9:0a:
14:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:56:F8:85:5A:9A:B2:10:86:45:35:B2:03:A1:99:EC:A0:19:14:D5
X509v3 Authority Key Identifier:
keyid:CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/91b4hVqashCGRTWyA6GZ7KAZFNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.157.0/24
Signature Algorithm: sha256WithRSAEncryption
77:19:0d:ea:99:5b:f4:3d:43:30:06:25:04:cf:58:3c:f5:49:
f8:4a:35:05:99:f8:08:ac:ea:a4:45:20:4a:81:96:99:66:39:
12:01:66:1f:32:3b:50:17:05:09:fb:22:63:36:40:fb:04:f9:
33:59:84:d5:c5:b9:c7:db:bb:48:ca:c2:d9:6c:2b:fe:69:0a:
69:49:c4:46:bd:76:12:a4:f7:4c:7a:12:b0:75:d4:71:7f:4f:
c6:f5:b5:6c:2d:11:0b:73:68:3c:2a:be:21:1b:ac:f7:85:9f:
a3:4c:f7:33:80:85:2a:04:2b:6e:b2:ff:1e:27:b1:16:15:fa:
7c:2d:30:8d:18:98:c3:ed:2d:34:2a:fa:1d:87:2c:ed:1d:04:
45:1a:94:b8:45:0b:c7:22:21:de:e5:7e:95:70:44:fc:5e:c3:
82:13:28:bf:68:1d:ea:a6:e0:4b:56:ca:0d:64:82:3f:b3:eb:
7a:bd:03:69:9f:dd:5a:e3:c4:89:de:ca:dc:f7:be:d6:4b:63:
05:9c:71:af:af:fc:e6:90:24:5d:4e:65:8a:c9:dd:29:5b:12:
88:10:df:76:95:0e:18:d9:73:03:b3:07:0f:06:7a:e0:79:da:
30:dd:0c:a9:55:07:7b:7f:8e:a7:8e:fa:2e:96:35:8b:e3:3f:
7f:1f:3b:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzzNcWvJvJ31NJDpjR81myMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNjQ1YmMwZmRiODYyNmJjZTJjMDQyNWM0MDg3YjU0ZTE1
MGQzODYwHhcNMjMwMTAyMTg0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzU2Zjg4NTVhOWFiMjEwODY0NTM1YjIwM2ExOTllY2EwMTkxNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokpDUTjpAvRONxPXEHhPYQHUA6BL
HYwD7WA8YEhxGlNOrlVdVwpg9P6FnkHVIuTvURR6BDW2aMCWdg2okmdQ3YGY+SRr
vavL0p5eYp0yGrfBZZ9z0iNvHvpzcp0IU/RUQ8hpvxVokfLDOsz4MV1MRMKRaDVa
qQOViaLSAYBja18fZmgSCd3RlBjVRONBpFKgQwBUhOM1y33SWm6DNd+zghKIi5OS
E7ic7357ehdWC7Zxy8WW7Ll0U7UYM9lzrlXStt08r3ssZz4Gt1wGLdk4udLbFFy+
MYFt1uFqQkNkwJCkP8MnPVFqs/xllfvzrR3+tzXdOi5b/5TOmhYlqQoUTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPdW+IVamrIQhkU1sgOhmeygGRTVMB8GA1UdIwQY
MBaAFMtkW8D9uGJrziwEJcQIe1ThUNOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmIt
ZTg3NTRkMDA1ZWJlLzEvOTFiNGhWcWFzaENHUlRXeUE2R1o3S0FaRk5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmItZTg3NTRkMDA1ZWJl
LzEveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudKdMA0G
CSqGSIb3DQEBCwUAA4IBAQB3GQ3qmVv0PUMwBiUEz1g89Un4SjUFmfgIrOqkRSBK
gZaZZjkSAWYfMjtQFwUJ+yJjNkD7BPkzWYTVxbnH27tIysLZbCv+aQppScRGvXYS
pPdMehKwddRxf0/G9bVsLRELc2g8Kr4hG6z3hZ+jTPczgIUqBCtusv8eJ7EWFfp8
LTCNGJjD7S00KvodhyztHQRFGpS4RQvHIiHe5X6VcET8XsOCEyi/aB3qpuBLVsoN
ZII/s+t6vQNpn91a48SJ3src977WS2MFnHGvr/zmkCRdTmWKyd0pWxKIEN92lQ4Y
2XMDswcPBnrgedow3QypVQd7f46njvouljWL4z9/HzvK
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:42 2024 by rpki-client on console-fra.rpki-client.org