Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/3ZI7isYOVBGYk0wpOrIhTEg8qQU.roa
File: 3ZI7isYOVBGYk0wpOrIhTEg8qQU.roa (raw, json)
Hash identifier: xx7AdKCSOLI8AUUxm9uy4i9EoRZxTB2lYg0xk7lkSt4=
Subject key identifier: DD:92:3B:8A:C6:0E:54:11:98:93:4C:29:3A:B2:21:4C:48:3C:A9:05
Certificate issuer: /CN=9d6cf689d49af30a17b810e7f275872fd916d858
Certificate serial: 0185709512C485CA33F2B06BDBBC45AFA932
Authority key identifier: 9D:6C:F6:89:D4:9A:F3:0A:17:B8:10:E7:F2:75:87:2F:D9:16:D8:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nWz2idSa8woXuBDn8nWHL9kW2Fg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/3ZI7isYOVBGYk0wpOrIhTEg8qQU.roa
Signing time: Mon 02 Jan 2023 03:44:55 +0000
ROA not before: Mon 02 Jan 2023 03:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196682
IP address blocks: 193.9.28.0/24 maxlen: 24
91.219.31.0/24 maxlen: 24
91.219.28.0/24 maxlen: 24
91.219.29.0/24 maxlen: 24
91.219.30.0/24 maxlen: 24
2001:678:108::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:12:c4:85:ca:33:f2:b0:6b:db:bc:45:af:a9:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d6cf689d49af30a17b810e7f275872fd916d858
Validity
Not Before: Jan 2 03:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd923b8ac60e541198934c293ab2214c483ca905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:58:5f:9e:04:5f:be:cb:34:03:7c:c1:32:53:
7b:46:82:95:d2:40:af:b7:9a:b2:ea:09:4b:dd:68:
5d:53:f3:92:37:27:8c:15:a6:c1:83:e1:25:31:83:
35:b2:24:38:28:49:1f:74:f0:00:82:1a:d4:3d:2d:
98:e0:48:0a:56:42:c8:62:88:be:c0:a1:ab:d7:19:
ab:f8:28:de:ab:cd:bc:32:02:ac:9d:97:2f:a4:e8:
6b:57:f4:b1:c3:c2:fd:64:d4:5f:b1:4b:99:0e:27:
88:2e:96:50:5b:41:02:f6:26:71:fd:6f:a6:de:3c:
1f:73:fa:e5:a3:20:db:07:ee:10:64:9b:73:30:84:
90:c0:ff:bd:f6:ee:24:44:2a:21:db:8c:89:9f:94:
37:55:b8:6b:9b:b3:b3:89:7f:dd:2c:fc:3d:2b:7b:
1f:81:f0:d9:5f:85:cf:5c:b2:cf:90:89:8b:cf:a4:
57:8b:1a:15:be:80:a4:16:d1:34:db:43:b6:6f:50:
55:46:35:26:f4:8c:54:ac:2b:8f:fb:93:1c:9a:fb:
64:b6:4f:0a:9d:c3:eb:6c:2e:10:ee:d6:fc:3a:83:
76:75:a6:51:2d:82:60:d5:f1:a7:9c:8c:53:cb:f5:
ff:f2:dc:40:19:8e:8f:7e:9c:76:e9:41:5a:b8:77:
56:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:92:3B:8A:C6:0E:54:11:98:93:4C:29:3A:B2:21:4C:48:3C:A9:05
X509v3 Authority Key Identifier:
keyid:9D:6C:F6:89:D4:9A:F3:0A:17:B8:10:E7:F2:75:87:2F:D9:16:D8:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nWz2idSa8woXuBDn8nWHL9kW2Fg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/3ZI7isYOVBGYk0wpOrIhTEg8qQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/nWz2idSa8woXuBDn8nWHL9kW2Fg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.28.0/22
193.9.28.0/24
IPv6:
2001:678:108::/48
Signature Algorithm: sha256WithRSAEncryption
a2:77:56:8e:59:d2:f1:e0:20:6e:d0:6a:fc:00:21:6b:7a:f9:
cc:5e:7e:75:5a:1e:8b:f7:61:47:bf:67:48:72:84:61:8e:a3:
fe:c1:1f:5d:5b:37:43:33:6f:4b:b8:ed:a7:d8:3d:57:ce:ee:
c5:b2:be:7b:d3:49:f0:b9:2c:22:0d:53:82:8c:d0:1d:6c:87:
d7:2b:71:35:76:2a:e4:31:07:ae:71:9c:b5:75:31:c9:b2:71:
ad:de:4d:81:b0:0f:9d:c9:d7:8f:be:81:73:a2:60:9d:32:d7:
a9:84:fa:09:51:67:fe:69:6b:c8:ad:02:24:1d:99:0c:66:26:
48:f8:d6:73:7e:29:bc:7e:28:dc:13:37:a9:d2:fd:aa:0f:ab:
e2:1d:16:59:1a:61:70:72:7c:b0:29:53:30:13:ce:f8:07:7c:
a3:c2:3c:97:b8:e3:3f:65:e4:06:08:7d:39:06:59:da:94:dc:
54:72:bb:fa:03:fc:54:f9:36:b7:38:58:ae:d2:b2:3c:90:11:
61:5f:35:d8:ac:0d:0c:a1:dc:49:46:5e:48:61:54:0c:44:c5:
5c:79:7c:26:a0:8b:19:98:91:b4:c8:64:e7:d0:cf:97:1b:c5:
46:2d:4e:69:0d:ba:c5:3c:61:14:62:67:0d:5f:5f:2d:f6:06:
98:b6:8b:08
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVwlRLEhcoz8rBr27xFr6kyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNmNmNjg5ZDQ5YWYzMGExN2I4MTBlN2YyNzU4NzJmZDkx
NmQ4NTgwHhcNMjMwMTAyMDM0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDkyM2I4YWM2MGU1NDExOTg5MzRjMjkzYWIyMjE0YzQ4M2NhOTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1hfngRfvss0A3zBMlN7RoKV0kCv
t5qy6glL3WhdU/OSNyeMFabBg+ElMYM1siQ4KEkfdPAAghrUPS2Y4EgKVkLIYoi+
wKGr1xmr+Cjeq828MgKsnZcvpOhrV/Sxw8L9ZNRfsUuZDieILpZQW0EC9iZx/W+m
3jwfc/rloyDbB+4QZJtzMISQwP+99u4kRCoh24yJn5Q3Vbhrm7OziX/dLPw9K3sf
gfDZX4XPXLLPkImLz6RXixoVvoCkFtE020O2b1BVRjUm9IxUrCuP+5Mcmvtktk8K
ncPrbC4Q7tb8OoN2daZRLYJg1fGnnIxTy/X/8txAGY6Pfpx26UFauHdWZQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFN2SO4rGDlQRmJNMKTqyIUxIPKkFMB8GA1UdIwQY
MBaAFJ1s9onUmvMKF7gQ5/J1hy/ZFthYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbld6MmlkU2E4d29YdUJEbjhuV0hMOWtXMkZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NDgzNTktZWI2ZC00NWY3LWI1Y2It
NGZkMzgxYjA3ZjdkLzEvM1pJN2lzWU9WQkdZazB3cE9ySWhURWc4cVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NDgzNTktZWI2ZC00NWY3LWI1Y2ItNGZkMzgxYjA3Zjdk
LzEvbld6MmlkU2E4d29YdUJEbjhuV0hMOWtXMkZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCW9scAwQA
wQkcMA8EAgACMAkDBwAgAQZ4AQgwDQYJKoZIhvcNAQELBQADggEBAKJ3Vo5Z0vHg
IG7QavwAIWt6+cxefnVaHov3YUe/Z0hyhGGOo/7BH11bN0Mzb0u47afYPVfO7sWy
vnvTSfC5LCINU4KM0B1sh9crcTV2KuQxB65xnLV1Mcmyca3eTYGwD53J14++gXOi
YJ0y16mE+glRZ/5pa8itAiQdmQxmJkj41nN+Kbx+KNwTN6nS/aoPq+IdFlkaYXBy
fLApUzATzvgHfKPCPJe44z9l5AYIfTkGWdqU3FRyu/oD/FT5Nrc4WK7SsjyQEWFf
NdisDQyh3ElGXkhhVAxExVx5fCagixmYkbTIZOfQz5cbxUYtTmkNusU8YRRiZw1f
Xy32Bpi2iwg=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:30 2024 by rpki-client on console-ams.rpki-client.org