Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/92831e-b0fd-4312-a46b-24a0d82cea9e/1/xHsAlQnBk-0xW2VuZEf-LffMUXk.roa
File: xHsAlQnBk-0xW2VuZEf-LffMUXk.roa (raw, json)
Hash identifier: n/nGzL9xs88ZLr+KeYeD6PtfG5KH1JaIH/GRcSh005Y=
Subject key identifier: C4:7B:00:95:09:C1:93:ED:31:5B:65:6E:64:47:FE:2D:F7:CC:51:79
Certificate issuer: /CN=cf9cc33182e44d897f4eacf14213467ef88711d4
Certificate serial: 0185725587C8EAFEEE97C7B57261BF45D4E4
Authority key identifier: CF:9C:C3:31:82:E4:4D:89:7F:4E:AC:F1:42:13:46:7E:F8:87:11:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z5zDMYLkTYl_TqzxQhNGfviHEdQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/92831e-b0fd-4312-a46b-24a0d82cea9e/1/xHsAlQnBk-0xW2VuZEf-LffMUXk.roa
Signing time: Mon 02 Jan 2023 11:54:45 +0000
ROA not before: Mon 02 Jan 2023 11:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35393
IP address blocks: 193.200.171.0/24 maxlen: 24
91.209.245.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:87:c8:ea:fe:ee:97:c7:b5:72:61:bf:45:d4:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf9cc33182e44d897f4eacf14213467ef88711d4
Validity
Not Before: Jan 2 11:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c47b009509c193ed315b656e6447fe2df7cc5179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d0:3c:4d:7e:30:1f:dc:c8:33:57:68:83:4c:
8f:03:f1:4f:6f:55:7b:6f:c0:58:18:ff:c5:ce:e9:
23:ba:12:07:c2:2a:af:59:bf:5d:d1:d4:ca:69:6f:
60:87:d9:f2:0f:f3:3f:ef:d3:39:5c:23:27:ce:29:
3c:8d:28:ea:29:78:fe:bb:3f:39:c9:2c:82:6c:bb:
e9:1a:84:d3:f5:4a:37:c3:e0:f1:39:ad:b2:18:5e:
84:99:b8:a4:66:d2:f8:35:0f:49:d6:7d:3c:87:37:
3e:cc:f0:ca:af:d2:20:61:81:5d:b8:f9:79:4e:27:
f0:4c:9a:57:b5:cd:6e:a7:9e:c9:16:ae:16:1d:d6:
e7:5f:50:f0:04:8e:a5:53:b1:b8:9a:11:35:82:b3:
7f:37:ec:f2:fa:9b:37:63:bb:b1:79:a9:ad:59:76:
bd:9d:44:c2:73:8a:c2:ec:6a:98:9a:df:ee:1f:b7:
9d:e6:1c:af:2d:1c:78:6a:58:21:d8:63:6b:39:2f:
ef:3b:4d:53:66:40:52:64:7c:01:d5:9b:d6:05:18:
f3:f6:36:c8:d1:cd:22:89:02:0a:71:93:36:28:cd:
72:c6:f5:52:b9:d5:ff:c8:6a:2f:91:fa:27:09:5d:
dd:6c:0a:9e:e3:a5:44:46:ef:c8:07:79:43:7e:48:
b2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:7B:00:95:09:C1:93:ED:31:5B:65:6E:64:47:FE:2D:F7:CC:51:79
X509v3 Authority Key Identifier:
keyid:CF:9C:C3:31:82:E4:4D:89:7F:4E:AC:F1:42:13:46:7E:F8:87:11:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z5zDMYLkTYl_TqzxQhNGfviHEdQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/92831e-b0fd-4312-a46b-24a0d82cea9e/1/xHsAlQnBk-0xW2VuZEf-LffMUXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/92831e-b0fd-4312-a46b-24a0d82cea9e/1/z5zDMYLkTYl_TqzxQhNGfviHEdQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.245.0/24
193.200.171.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:26:b3:b6:d6:d1:8c:8f:12:3b:05:bc:53:15:01:7b:36:56:
98:7e:63:23:9e:8b:37:e3:17:c0:a9:c0:c7:92:66:7d:3f:e5:
a0:ff:7d:17:53:88:1d:e8:03:0e:42:25:1e:fd:f8:39:7f:45:
b2:80:2d:ea:1d:29:77:88:c0:80:48:91:3c:11:3f:57:37:77:
83:a7:e9:be:f9:15:6c:cd:a2:14:d7:f8:a6:e4:f6:1f:2f:7d:
1c:2d:7e:7d:eb:c4:c6:99:19:00:23:68:1b:8a:c6:28:f3:d1:
ba:b3:8e:47:bc:f4:ac:07:07:7b:9f:7f:d3:6f:5c:3b:b8:63:
7d:55:ba:3f:e0:cc:0c:19:c0:90:28:37:ff:33:98:dd:6e:24:
95:b9:90:a3:ef:ee:f3:b7:b5:02:d5:a2:28:c6:73:cf:17:fa:
6d:47:1c:84:68:06:33:54:51:66:4f:cb:89:9f:06:f5:c0:f5:
05:ee:7f:1b:ad:89:05:1e:cf:4c:5c:6f:25:6c:4d:70:b0:b7:
7f:9a:57:df:16:b4:0b:2e:f4:c6:a4:9e:b3:5b:8d:e9:47:3f:
22:d5:09:5c:e3:8b:85:d9:4d:f8:01:bc:3f:cf:d4:8e:6e:16:
6f:ce:c5:16:02:c7:a7:64:07:26:32:aa:79:fd:1e:d8:f9:83:
41:95:8e:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyVYfI6v7ul8e1cmG/RdTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmOWNjMzMxODJlNDRkODk3ZjRlYWNmMTQyMTM0NjdlZjg4
NzExZDQwHhcNMjMwMTAyMTE1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDdiMDA5NTA5YzE5M2VkMzE1YjY1NmU2NDQ3ZmUyZGY3Y2M1MTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNA8TX4wH9zIM1dog0yPA/FPb1V7
b8BYGP/FzukjuhIHwiqvWb9d0dTKaW9gh9nyD/M/79M5XCMnzik8jSjqKXj+uz85
ySyCbLvpGoTT9Uo3w+DxOa2yGF6EmbikZtL4NQ9J1n08hzc+zPDKr9IgYYFduPl5
TifwTJpXtc1up57JFq4WHdbnX1DwBI6lU7G4mhE1grN/N+zy+ps3Y7uxeamtWXa9
nUTCc4rC7GqYmt/uH7ed5hyvLRx4algh2GNrOS/vO01TZkBSZHwB1ZvWBRjz9jbI
0c0iiQIKcZM2KM1yxvVSudX/yGovkfonCV3dbAqe46VERu/IB3lDfkiy/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMR7AJUJwZPtMVtlbmRH/i33zFF5MB8GA1UdIwQY
MBaAFM+cwzGC5E2Jf06s8UITRn74hxHUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejV6RE1ZTGtUWWxfVHF6eFFoTkdmdmlIRWRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC85MjgzMWUtYjBmZC00MzEyLWE0NmIt
MjRhMGQ4MmNlYTllLzEveEhzQWxRbkJrLTB4VzJWdVpFZi1MZmZNVVhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC85MjgzMWUtYjBmZC00MzEyLWE0NmItMjRhMGQ4MmNlYTll
LzEvejV6RE1ZTGtUWWxfVHF6eFFoTkdmdmlIRWRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9H1AwQA
wcirMA0GCSqGSIb3DQEBCwUAA4IBAQC3JrO21tGMjxI7BbxTFQF7NlaYfmMjnos3
4xfAqcDHkmZ9P+Wg/30XU4gd6AMOQiUe/fg5f0WygC3qHSl3iMCASJE8ET9XN3eD
p+m++RVszaIU1/im5PYfL30cLX5968TGmRkAI2gbisYo89G6s45HvPSsBwd7n3/T
b1w7uGN9Vbo/4MwMGcCQKDf/M5jdbiSVuZCj7+7zt7UC1aIoxnPPF/ptRxyEaAYz
VFFmT8uJnwb1wPUF7n8brYkFHs9MXG8lbE1wsLd/mlffFrQLLvTGpJ6zW43pRz8i
1Qlc44uF2U34Abw/z9SObhZvzsUWAsenZAcmMqp5/R7Y+YNBlY4n
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:20 2024 by rpki-client on console-ams.rpki-client.org