Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/7422fe-f013-43e3-be91-d4d35d99981d/1/beL1hFelXg2raTN2iwdAo34OPHk.roa
File: beL1hFelXg2raTN2iwdAo34OPHk.roa (raw, json)
Hash identifier: ENYWnT6pHPJN5VAPIADPDHHNQzNi8CrFEx1yVchc/sE=
Subject key identifier: 6D:E2:F5:84:57:A5:5E:0D:AB:69:33:76:8B:07:40:A3:7E:0E:3C:79
Certificate issuer: /CN=1f29bcbd5cfcc195e76b70a1bf0dd991ec7e33d4
Certificate serial: 018570E7565B96C2CA8EBC0FAEC1BA7686D0
Authority key identifier: 1F:29:BC:BD:5C:FC:C1:95:E7:6B:70:A1:BF:0D:D9:91:EC:7E:33:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hym8vVz8wZXna3Chvw3Zkex-M9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/7422fe-f013-43e3-be91-d4d35d99981d/1/beL1hFelXg2raTN2iwdAo34OPHk.roa
Signing time: Mon 02 Jan 2023 05:14:47 +0000
ROA not before: Mon 02 Jan 2023 05:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207066
IP address blocks: 91.199.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:56:5b:96:c2:ca:8e:bc:0f:ae:c1:ba:76:86:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f29bcbd5cfcc195e76b70a1bf0dd991ec7e33d4
Validity
Not Before: Jan 2 05:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6de2f58457a55e0dab6933768b0740a37e0e3c79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:52:7d:74:c4:58:d3:ee:4f:ab:6d:6c:f8:de:
5c:02:c3:2d:6a:56:e6:6e:63:14:0e:cc:f4:84:62:
2e:d0:5d:91:c4:69:9f:2b:3f:3c:36:e0:63:d1:72:
c1:cb:e9:2a:d1:4f:af:a0:2a:f2:76:b3:b4:9d:ba:
63:a2:52:5b:8e:5b:38:18:f3:79:4d:ca:91:cb:fd:
b7:1b:00:28:2f:c4:3b:00:bf:ed:5a:5f:40:82:56:
43:3e:e9:8a:b2:f0:f9:90:c2:3f:ce:5c:25:23:fd:
91:f1:df:cb:3c:74:1a:c8:7f:d2:d6:88:c8:19:ad:
44:a0:25:f2:f8:df:0a:94:eb:2e:95:db:9c:2b:d6:
13:fb:41:3d:40:13:20:1f:aa:27:f9:74:a5:d9:95:
c5:f2:16:b5:e2:2c:0c:ce:62:38:92:f4:a1:a3:0d:
9b:48:7f:49:e2:df:64:e4:7e:51:c3:95:7e:d9:bb:
87:28:f9:85:f8:aa:92:82:19:75:e6:42:b2:34:9d:
56:b5:d0:5d:6b:21:cc:4f:2a:46:6b:d5:46:54:6d:
e5:12:d5:be:8c:32:1f:e2:73:4a:81:98:78:05:c1:
a8:e5:c1:54:8c:b0:12:a4:2a:c7:90:28:d4:e2:a0:
e5:58:dd:45:7f:a3:dc:78:4e:ea:bd:6e:6a:a4:2f:
fa:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E2:F5:84:57:A5:5E:0D:AB:69:33:76:8B:07:40:A3:7E:0E:3C:79
X509v3 Authority Key Identifier:
keyid:1F:29:BC:BD:5C:FC:C1:95:E7:6B:70:A1:BF:0D:D9:91:EC:7E:33:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hym8vVz8wZXna3Chvw3Zkex-M9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7422fe-f013-43e3-be91-d4d35d99981d/1/beL1hFelXg2raTN2iwdAo34OPHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7422fe-f013-43e3-be91-d4d35d99981d/1/Hym8vVz8wZXna3Chvw3Zkex-M9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.86.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:1d:2d:56:8b:1d:60:81:90:e1:c5:59:94:a9:4a:9d:f3:99:
80:d3:76:16:06:6d:94:b3:cf:ef:48:4f:fc:0b:85:10:00:da:
02:92:e6:23:85:a8:4a:10:ad:5a:ad:93:05:4c:1b:3f:8d:36:
d6:1f:32:2b:ad:bc:e3:10:05:89:fc:b8:4a:4c:1f:8c:85:d4:
1a:11:c6:27:e5:fe:03:bd:77:d7:be:e0:8b:10:f1:25:31:58:
30:86:50:01:ff:0b:35:d3:cb:a9:a3:d4:9a:c7:b9:49:0a:41:
e3:68:b2:46:8b:3a:cf:fb:5b:1a:c9:cd:2d:9f:09:24:20:85:
64:d3:ff:08:6d:1b:70:9e:79:ca:fa:db:ff:fb:7b:3a:27:b4:
3a:05:4c:3b:14:42:bd:0f:0f:d7:02:14:18:7a:aa:f8:81:8c:
a9:39:62:bf:d3:0f:28:80:dd:58:2c:23:80:62:5b:35:5b:3a:
16:1b:f2:48:7c:3b:f6:df:01:32:13:8a:75:a2:d2:5f:33:a7:
6b:58:3c:b2:02:42:fd:e2:48:80:a7:83:86:36:33:b8:be:0b:
40:c6:58:de:97:2f:65:96:78:5f:01:aa:52:50:1e:af:d2:20:
2b:a2:ab:eb:f9:7b:c4:2a:93:5d:85:20:97:b5:41:13:40:f1:
8d:9f:e4:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw51ZblsLKjrwPrsG6dobQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMjliY2JkNWNmY2MxOTVlNzZiNzBhMWJmMGRkOTkxZWM3
ZTMzZDQwHhcNMjMwMTAyMDUxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGUyZjU4NDU3YTU1ZTBkYWI2OTMzNzY4YjA3NDBhMzdlMGUzYzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlJ9dMRY0+5Pq21s+N5cAsMtalbm
bmMUDsz0hGIu0F2RxGmfKz88NuBj0XLBy+kq0U+voCrydrO0nbpjolJbjls4GPN5
TcqRy/23GwAoL8Q7AL/tWl9AglZDPumKsvD5kMI/zlwlI/2R8d/LPHQayH/S1ojI
Ga1EoCXy+N8KlOsulducK9YT+0E9QBMgH6on+XSl2ZXF8ha14iwMzmI4kvShow2b
SH9J4t9k5H5Rw5V+2buHKPmF+KqSghl15kKyNJ1WtdBdayHMTypGa9VGVG3lEtW+
jDIf4nNKgZh4BcGo5cFUjLASpCrHkCjU4qDlWN1Ff6PceE7qvW5qpC/6IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG3i9YRXpV4Nq2kzdosHQKN+Djx5MB8GA1UdIwQY
MBaAFB8pvL1c/MGV52twob8N2ZHsfjPUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHltOHZWejh3WlhuYTNDaHZ3M1prZXgtTTlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83NDIyZmUtZjAxMy00M2UzLWJlOTEt
ZDRkMzVkOTk5ODFkLzEvYmVMMWhGZWxYZzJyYVROMml3ZEFvMzRPUEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83NDIyZmUtZjAxMy00M2UzLWJlOTEtZDRkMzVkOTk5ODFk
LzEvSHltOHZWejh3WlhuYTNDaHZ3M1prZXgtTTlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8dWMA0G
CSqGSIb3DQEBCwUAA4IBAQBtHS1Wix1ggZDhxVmUqUqd85mA03YWBm2Us8/vSE/8
C4UQANoCkuYjhahKEK1arZMFTBs/jTbWHzIrrbzjEAWJ/LhKTB+MhdQaEcYn5f4D
vXfXvuCLEPElMVgwhlAB/ws108upo9Sax7lJCkHjaLJGizrP+1sayc0tnwkkIIVk
0/8IbRtwnnnK+tv/+3s6J7Q6BUw7FEK9Dw/XAhQYeqr4gYypOWK/0w8ogN1YLCOA
Yls1WzoWG/JIfDv23wEyE4p1otJfM6drWDyyAkL94kiAp4OGNjO4vgtAxljely9l
lnhfAapSUB6v0iAroqvr+XvEKpNdhSCXtUETQPGNn+SP
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:28 2024 by rpki-client on console-ams.rpki-client.org