Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/45c689-751f-46d7-9b6c-b1fc547b7322/1/1-h6sjV-T0OMrjSeiUh-ox--XjiU.roa
File: 1-h6sjV-T0OMrjSeiUh-ox--XjiU.roa (raw, json)
Hash identifier: pC7zhxf027kRHt9mT1x2x07O/Q/firIHjQY9MI8rNCo=
Subject key identifier: FA:1E:AC:8D:5F:93:D0:E3:2B:8D:27:A2:52:1F:A8:C7:EF:97:8E:25
Certificate issuer: /CN=ce28340a209b2ba12ae903a74cbb5e2e23aed238
Certificate serial: 01856C4123F42EA9CEAC122D1BFA0E87E7F6
Authority key identifier: CE:28:34:0A:20:9B:2B:A1:2A:E9:03:A7:4C:BB:5E:2E:23:AE:D2:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zig0CiCbK6Eq6QOnTLteLiOu0jg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/45c689-751f-46d7-9b6c-b1fc547b7322/1/1-h6sjV-T0OMrjSeiUh-ox--XjiU.roa
Signing time: Sun 01 Jan 2023 07:34:46 +0000
ROA not before: Sun 01 Jan 2023 07:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62298
IP address blocks: 91.205.40.0/24 maxlen: 24
2a01:5340::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:23:f4:2e:a9:ce:ac:12:2d:1b:fa:0e:87:e7:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce28340a209b2ba12ae903a74cbb5e2e23aed238
Validity
Not Before: Jan 1 07:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa1eac8d5f93d0e32b8d27a2521fa8c7ef978e25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c8:e2:86:05:e9:f0:dc:23:c8:64:18:f8:f5:
03:d2:9f:08:de:2d:16:32:cf:02:ef:1e:43:0b:f2:
8e:92:fb:69:d0:96:c1:69:06:2d:6e:0f:43:32:52:
6c:03:cf:05:cb:2b:8a:b1:79:74:69:8e:b2:6b:ba:
eb:3b:f0:ea:61:37:18:65:4f:26:14:ea:ef:20:d6:
d5:67:d0:44:37:4e:d2:c2:f1:55:ce:ba:61:d8:20:
e3:89:45:5c:35:2d:76:e0:0d:bb:81:de:a3:4d:c0:
d0:6d:8b:47:3f:ec:45:82:0b:01:64:4d:7c:6e:ee:
a8:77:0c:b2:78:43:97:37:24:26:af:dc:89:cf:22:
91:74:e8:3c:2e:e4:7d:cb:0f:6a:0a:a1:02:9c:f7:
63:e9:0c:b8:44:9d:a8:9d:50:f7:cc:ed:e4:17:72:
39:bc:9c:c3:d1:f9:d6:51:4b:c0:7d:f6:75:0e:3e:
86:9a:1a:96:7d:20:ea:96:18:b5:86:42:56:90:9b:
f7:6f:33:ed:11:5c:0b:fc:a8:a7:e1:35:60:3e:e7:
ce:80:df:c8:2f:92:86:ef:82:18:a3:f7:dd:ab:5b:
2a:3c:8e:de:cb:82:25:7d:9d:7d:c0:d9:64:a4:2f:
27:23:3e:2d:a1:83:c3:b6:ee:7e:f1:6a:53:7c:18:
fe:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:1E:AC:8D:5F:93:D0:E3:2B:8D:27:A2:52:1F:A8:C7:EF:97:8E:25
X509v3 Authority Key Identifier:
keyid:CE:28:34:0A:20:9B:2B:A1:2A:E9:03:A7:4C:BB:5E:2E:23:AE:D2:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zig0CiCbK6Eq6QOnTLteLiOu0jg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/45c689-751f-46d7-9b6c-b1fc547b7322/1/1-h6sjV-T0OMrjSeiUh-ox--XjiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/45c689-751f-46d7-9b6c-b1fc547b7322/1/zig0CiCbK6Eq6QOnTLteLiOu0jg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.40.0/24
IPv6:
2a01:5340::/29
Signature Algorithm: sha256WithRSAEncryption
68:94:2d:83:1b:4d:52:90:d8:f0:3c:ea:c9:ce:2c:63:c8:24:
35:32:4e:23:fe:9b:b8:8f:11:be:de:a6:95:79:0a:92:3c:76:
f3:f0:d6:73:28:32:17:be:76:c3:e5:4a:85:a9:dc:c6:b0:da:
70:53:85:82:1a:94:ed:9f:57:40:bc:0f:27:4e:03:92:e9:66:
6d:d0:1c:03:7e:8e:29:ae:14:a4:f3:08:51:a7:03:d5:93:f5:
d1:cf:c2:af:49:d6:ad:3e:f5:d8:ff:f3:a2:b7:9f:1c:b4:f6:
06:72:f1:ca:a5:35:ac:e7:eb:e4:a5:40:6f:29:bc:75:1a:ec:
05:e3:b4:27:44:80:e1:09:32:a4:8b:b1:c1:09:b0:29:60:cf:
f4:a5:31:d4:1c:9b:69:f4:29:a9:7b:42:7f:7d:1e:89:bb:2c:
fe:5a:d2:38:e1:59:cb:2e:7b:77:05:b4:59:0e:33:c6:fd:93:
aa:2d:40:e6:07:20:cc:5e:d9:f4:69:34:c2:ad:2f:45:71:83:
ed:ea:5c:c6:58:90:0f:7f:2e:29:7e:18:27:ac:e2:75:4b:5a:
f4:2f:05:e5:c9:63:91:16:51:d5:f1:6e:d0:0a:83:8f:c1:56:
97:56:70:70:cb:81:7a:82:40:1f:f3:86:d6:07:31:81:ce:9a:
1d:10:23:7d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVsQSP0LqnOrBItG/oOh+f2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMjgzNDBhMjA5YjJiYTEyYWU5MDNhNzRjYmI1ZTJlMjNh
ZWQyMzgwHhcNMjMwMTAxMDczNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTFlYWM4ZDVmOTNkMGUzMmI4ZDI3YTI1MjFmYThjN2VmOTc4ZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcjihgXp8NwjyGQY+PUD0p8I3i0W
Ms8C7x5DC/KOkvtp0JbBaQYtbg9DMlJsA88FyyuKsXl0aY6ya7rrO/DqYTcYZU8m
FOrvINbVZ9BEN07SwvFVzrph2CDjiUVcNS124A27gd6jTcDQbYtHP+xFggsBZE18
bu6odwyyeEOXNyQmr9yJzyKRdOg8LuR9yw9qCqECnPdj6Qy4RJ2onVD3zO3kF3I5
vJzD0fnWUUvAffZ1Dj6GmhqWfSDqlhi1hkJWkJv3bzPtEVwL/Kin4TVgPufOgN/I
L5KG74IYo/fdq1sqPI7ey4IlfZ19wNlkpC8nIz4toYPDtu5+8WpTfBj+DwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPoerI1fk9DjK40nolIfqMfvl44lMB8GA1UdIwQY
MBaAFM4oNAogmyuhKukDp0y7Xi4jrtI4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemlnMENpQ2JLNkVxNlFPblRMdGVMaU91MGpnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80NWM2ODktNzUxZi00NmQ3LTliNmMt
YjFmYzU0N2I3MzIyLzEvMS1oNnNqVi1UME9NcmpTZWlVaC1veC0tWGppVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmEvNDVjNjg5LTc1MWYtNDZkNy05YjZjLWIxZmM1NDdiNzMy
Mi8xL3ppZzBDaUNiSzZFcTZRT25UTHRlTGlPdTBqZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAFvNKDAN
BAIAAjAHAwUDKgFTQDANBgkqhkiG9w0BAQsFAAOCAQEAaJQtgxtNUpDY8Dzqyc4s
Y8gkNTJOI/6buI8Rvt6mlXkKkjx28/DWcygyF752w+VKhancxrDacFOFghqU7Z9X
QLwPJ04DkulmbdAcA36OKa4UpPMIUacD1ZP10c/Cr0nWrT712P/zorefHLT2BnLx
yqU1rOfr5KVAbym8dRrsBeO0J0SA4QkypIuxwQmwKWDP9KUx1BybafQpqXtCf30e
ibss/lrSOOFZyy57dwW0WQ4zxv2Tqi1A5gcgzF7Z9Gk0wq0vRXGD7epcxliQD38u
KX4YJ6zidUta9C8F5cljkRZR1fFu0AqDj8FWl1ZwcMuBeoJAH/OG1gcxgc6aHRAj
fQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:45 2024 by rpki-client on console-fra.rpki-client.org