Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/8ad64a-057f-472a-89b1-5eef024d9a92/1/q0bvztQ1ob_7IGbSWw8KVyxecC8.roa
File: q0bvztQ1ob_7IGbSWw8KVyxecC8.roa (raw, json)
Hash identifier: 5jjmYnBrfrtSDbgxCdzWz4ZwId0VLD4vTVs2ft2Y4qk=
Subject key identifier: AB:46:EF:CE:D4:35:A1:BF:FB:20:66:D2:5B:0F:0A:57:2C:5E:70:2F
Certificate issuer: /CN=1a5b7d43bb4c83e7c7d97ce07543a96d74c69fda
Certificate serial: 01856D6F5AB85A4614D004D14B24BB89239E
Authority key identifier: 1A:5B:7D:43:BB:4C:83:E7:C7:D9:7C:E0:75:43:A9:6D:74:C6:9F:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Glt9Q7tMg-fH2XzgdUOpbXTGn9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/8ad64a-057f-472a-89b1-5eef024d9a92/1/q0bvztQ1ob_7IGbSWw8KVyxecC8.roa
Signing time: Sun 01 Jan 2023 13:04:52 +0000
ROA not before: Sun 01 Jan 2023 13:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197479
IP address blocks: 91.222.145.0/24 maxlen: 24
91.222.144.0/22 maxlen: 22
91.222.144.0/24 maxlen: 24
91.222.146.0/24 maxlen: 24
91.222.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:5a:b8:5a:46:14:d0:04:d1:4b:24:bb:89:23:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a5b7d43bb4c83e7c7d97ce07543a96d74c69fda
Validity
Not Before: Jan 1 13:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab46efced435a1bffb2066d25b0f0a572c5e702f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:75:d6:b0:8b:bb:21:2c:f7:d2:92:1c:a6:2a:
ed:40:e7:cb:2b:f4:fd:6d:a4:c2:3a:8b:71:9d:5d:
ea:25:e5:bb:cb:7e:5e:f1:01:11:fb:d7:62:66:b1:
1d:31:46:77:80:c5:db:42:17:0d:f7:e7:81:37:92:
98:06:f4:31:2c:49:2a:19:3e:47:34:59:bc:39:e4:
af:40:a6:59:76:0a:ca:d7:53:cc:17:ff:84:f2:6f:
ad:3f:df:1f:18:0e:2f:08:37:fa:f5:8d:90:e5:14:
41:86:c6:e3:f7:06:e3:db:32:e1:2f:03:4a:08:cf:
fe:bb:b3:3c:52:74:9a:da:00:44:c3:49:6b:b5:97:
2c:a5:7d:44:48:3b:19:2b:9e:fa:43:78:05:e5:3a:
9d:97:f6:c0:16:b5:77:b3:db:eb:5a:f9:42:0b:3f:
14:38:20:d8:68:1b:50:bb:fe:dc:84:c6:d7:4a:8a:
4b:5b:c5:89:2f:9e:ab:b8:c7:ba:04:60:ff:40:06:
95:51:0b:1d:1b:f9:95:fd:39:d0:7f:b5:b8:ec:8a:
48:74:e7:53:f4:47:cf:f6:ea:e1:14:c1:c1:9b:30:
5b:10:b0:03:03:6f:18:a5:6c:2c:3f:17:81:4a:4f:
0c:9b:eb:a9:bb:4b:eb:2d:3f:30:61:48:1b:2f:93:
ac:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:46:EF:CE:D4:35:A1:BF:FB:20:66:D2:5B:0F:0A:57:2C:5E:70:2F
X509v3 Authority Key Identifier:
keyid:1A:5B:7D:43:BB:4C:83:E7:C7:D9:7C:E0:75:43:A9:6D:74:C6:9F:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Glt9Q7tMg-fH2XzgdUOpbXTGn9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/8ad64a-057f-472a-89b1-5eef024d9a92/1/q0bvztQ1ob_7IGbSWw8KVyxecC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/8ad64a-057f-472a-89b1-5eef024d9a92/1/Glt9Q7tMg-fH2XzgdUOpbXTGn9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.144.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:37:84:eb:c6:c1:52:df:bd:3d:a0:5b:e5:3d:3d:14:cf:7b:
54:9c:e3:50:cb:fe:54:97:cb:42:40:ab:46:c3:4a:92:d6:d4:
10:c1:c5:9e:75:9f:05:cb:75:68:c5:b9:54:67:05:36:c1:cc:
0e:5b:86:f9:db:0e:73:ae:e5:75:45:88:25:e6:db:c9:bd:42:
7a:7d:01:09:e4:fe:c6:3d:a4:7d:9f:eb:94:4a:1e:81:65:97:
b9:13:6e:1a:70:a5:97:b1:97:27:fe:99:24:1c:c2:0e:ae:95:
02:46:37:08:5a:6d:5e:2f:ba:41:fb:a3:ba:bc:4b:01:69:a2:
36:c7:71:06:2b:dd:73:44:d6:ec:b9:c0:f3:e4:d6:4b:9c:dd:
b9:a4:25:24:99:8c:3d:ec:7a:fc:4d:e9:16:b7:6b:8c:1e:39:
02:7c:57:2e:24:82:14:09:29:64:fe:99:cd:10:bb:f4:84:91:
b1:c7:c2:69:d5:44:5d:7d:ba:74:38:c3:48:6b:f6:46:c5:89:
31:78:8e:38:d6:1e:30:d2:e7:5d:c6:29:86:b5:fb:b5:99:fa:
c8:f2:c6:53:12:ed:73:20:83:0c:52:7c:24:fb:1e:55:8d:e1:
03:38:c6:e4:c9:14:84:86:62:89:7a:43:04:5c:6e:3b:4a:00:
da:6a:c2:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb1q4WkYU0ATRSyS7iSOeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNWI3ZDQzYmI0YzgzZTdjN2Q5N2NlMDc1NDNhOTZkNzRj
NjlmZGEwHhcNMjMwMTAxMTMwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjQ2ZWZjZWQ0MzVhMWJmZmIyMDY2ZDI1YjBmMGE1NzJjNWU3MDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3XWsIu7ISz30pIcpirtQOfLK/T9
baTCOotxnV3qJeW7y35e8QER+9diZrEdMUZ3gMXbQhcN9+eBN5KYBvQxLEkqGT5H
NFm8OeSvQKZZdgrK11PMF/+E8m+tP98fGA4vCDf69Y2Q5RRBhsbj9wbj2zLhLwNK
CM/+u7M8UnSa2gBEw0lrtZcspX1ESDsZK576Q3gF5Tqdl/bAFrV3s9vrWvlCCz8U
OCDYaBtQu/7chMbXSopLW8WJL56ruMe6BGD/QAaVUQsdG/mV/TnQf7W47IpIdOdT
9EfP9urhFMHBmzBbELADA28YpWwsPxeBSk8Mm+upu0vrLT8wYUgbL5OshwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKtG787UNaG/+yBm0lsPClcsXnAvMB8GA1UdIwQY
MBaAFBpbfUO7TIPnx9l84HVDqW10xp/aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2x0OVE3dE1nLWZIMlh6Z2RVT3BiWFRHbjlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC84YWQ2NGEtMDU3Zi00NzJhLTg5YjEt
NWVlZjAyNGQ5YTkyLzEvcTBidnp0UTFvYl83SUdiU1d3OEtWeXhlY0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC84YWQ2NGEtMDU3Zi00NzJhLTg5YjEtNWVlZjAyNGQ5YTky
LzEvR2x0OVE3dE1nLWZIMlh6Z2RVT3BiWFRHbjlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW96QMA0G
CSqGSIb3DQEBCwUAA4IBAQALN4TrxsFS3709oFvlPT0Uz3tUnONQy/5Ul8tCQKtG
w0qS1tQQwcWedZ8Fy3VoxblUZwU2wcwOW4b52w5zruV1RYgl5tvJvUJ6fQEJ5P7G
PaR9n+uUSh6BZZe5E24acKWXsZcn/pkkHMIOrpUCRjcIWm1eL7pB+6O6vEsBaaI2
x3EGK91zRNbsucDz5NZLnN25pCUkmYw97Hr8TekWt2uMHjkCfFcuJIIUCSlk/pnN
ELv0hJGxx8Jp1URdfbp0OMNIa/ZGxYkxeI441h4w0uddximGtfu1mfrI8sZTEu1z
IIMMUnwk+x5VjeEDOMbkyRSEhmKJekMEXG47SgDaasL6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:41 2024 by rpki-client on console-ams.rpki-client.org