Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/630904-5612-49f7-80b3-a3ca2112268b/1/fArSQQ6bPzxdvpF3M9vKUOwa3rY.roa
File: fArSQQ6bPzxdvpF3M9vKUOwa3rY.roa (raw, json)
Hash identifier: rbGfJxDMcSAMc30+kkRWbNFfE6tcuqtfDOpYCknVqRk=
Subject key identifier: 7C:0A:D2:41:0E:9B:3F:3C:5D:BE:91:77:33:DB:CA:50:EC:1A:DE:B6
Certificate issuer: /CN=f38b7ca41f40082290ca8aefdec4bd297d3aec0c
Certificate serial: 01857230F5A4CE3201C9CCC253DCC347F16C
Authority key identifier: F3:8B:7C:A4:1F:40:08:22:90:CA:8A:EF:DE:C4:BD:29:7D:3A:EC:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/84t8pB9ACCKQyorv3sS9KX067Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/630904-5612-49f7-80b3-a3ca2112268b/1/fArSQQ6bPzxdvpF3M9vKUOwa3rY.roa
Signing time: Mon 02 Jan 2023 11:14:49 +0000
ROA not before: Mon 02 Jan 2023 11:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198611
IP address blocks: 91.240.131.0/24 maxlen: 24
2a0c:44c0:2::/48 maxlen: 48
2a0c:44c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:f5:a4:ce:32:01:c9:cc:c2:53:dc:c3:47:f1:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f38b7ca41f40082290ca8aefdec4bd297d3aec0c
Validity
Not Before: Jan 2 11:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c0ad2410e9b3f3c5dbe917733dbca50ec1adeb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:79:db:43:5d:1f:48:fa:00:45:30:fe:99:43:
97:70:76:f7:07:f3:0a:fb:e4:db:9f:06:8f:bd:c3:
d6:e6:48:2f:1b:a2:c4:ee:3c:5c:b9:47:6d:f5:d7:
4d:e8:7e:6e:82:01:70:7f:ca:31:da:8c:22:cf:89:
3c:5a:21:74:00:d5:cd:96:52:94:88:a7:bb:53:2e:
06:f0:2d:6f:89:6e:70:81:1d:6e:ac:de:8c:e7:25:
3d:e8:14:e4:17:60:76:61:56:7d:d4:48:23:23:e2:
3c:8a:62:51:72:f2:9e:05:bd:2b:8e:24:b4:4a:a4:
04:ed:1f:54:07:62:8a:e0:d4:77:ea:a0:9f:0a:f7:
56:44:b7:91:0d:d0:3a:0e:c6:86:45:45:76:8c:b4:
98:0b:18:07:40:4d:2b:c9:32:ca:67:aa:b7:14:24:
5a:dc:68:81:b1:15:eb:16:62:13:3e:be:8d:02:f3:
d9:c4:7d:0d:6c:8d:5d:de:88:40:05:0a:ab:5a:7e:
59:64:28:25:43:1f:08:21:b9:24:d8:79:63:54:72:
35:b6:88:01:9e:bc:e8:e5:4f:86:11:e5:f6:4f:e5:
d6:06:d0:d7:a3:b2:62:52:99:2f:66:79:f6:6c:7f:
1a:fd:0f:7f:99:08:48:b6:fa:c2:6d:d4:2e:3d:88:
98:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:0A:D2:41:0E:9B:3F:3C:5D:BE:91:77:33:DB:CA:50:EC:1A:DE:B6
X509v3 Authority Key Identifier:
keyid:F3:8B:7C:A4:1F:40:08:22:90:CA:8A:EF:DE:C4:BD:29:7D:3A:EC:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/84t8pB9ACCKQyorv3sS9KX067Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/630904-5612-49f7-80b3-a3ca2112268b/1/fArSQQ6bPzxdvpF3M9vKUOwa3rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/630904-5612-49f7-80b3-a3ca2112268b/1/84t8pB9ACCKQyorv3sS9KX067Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.131.0/24
IPv6:
2a0c:44c0:1::-2a0c:44c0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
50:99:30:ab:5c:2d:9a:0c:a3:3d:61:eb:4c:c6:51:d4:08:10:
3b:fb:91:c4:b3:9d:fc:80:e7:d3:a4:a1:28:65:19:01:7c:cd:
94:45:00:57:51:da:18:f4:03:1b:a9:37:e9:80:19:ca:36:fc:
30:54:d8:78:05:68:68:ff:1e:e1:d6:c7:42:42:e1:63:c5:fb:
67:a6:22:1e:17:20:5a:37:a2:47:3f:4c:bb:c2:2c:ab:8c:82:
90:1e:e9:32:92:8a:2e:fc:f6:b2:48:c1:ca:be:b4:9b:cb:97:
ed:a8:f4:70:d4:63:b4:ef:05:62:0d:c8:eb:12:aa:0b:b4:27:
79:d8:d5:ba:93:33:da:e6:d8:e4:1f:44:bd:d1:97:7c:d6:11:
a1:83:ac:8b:93:43:ad:fb:85:3a:bb:59:e1:0f:61:ec:3d:72:
6e:6c:fb:7e:9f:4d:b6:0e:03:02:36:ed:f8:47:65:71:13:3a:
ca:e0:ea:7f:07:0f:96:ca:4c:7a:95:fb:54:61:89:d1:e0:04:
de:69:73:a0:68:61:f3:f6:ca:97:12:e4:c2:61:ec:c1:c5:4a:
2e:bd:6a:68:24:70:cb:32:f9:e2:3e:1e:60:90:7b:f2:8e:4c:
4b:11:50:ce:56:85:96:e9:f8:82:85:1f:e2:99:a6:1e:0b:40:
c2:9e:09:1f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVyMPWkzjIByczCU9zDR/FsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzOGI3Y2E0MWY0MDA4MjI5MGNhOGFlZmRlYzRiZDI5N2Qz
YWVjMGMwHhcNMjMwMTAyMTExNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzBhZDI0MTBlOWIzZjNjNWRiZTkxNzczM2RiY2E1MGVjMWFkZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nnbQ10fSPoARTD+mUOXcHb3B/MK
++TbnwaPvcPW5kgvG6LE7jxcuUdt9ddN6H5uggFwf8ox2owiz4k8WiF0ANXNllKU
iKe7Uy4G8C1viW5wgR1urN6M5yU96BTkF2B2YVZ91EgjI+I8imJRcvKeBb0rjiS0
SqQE7R9UB2KK4NR36qCfCvdWRLeRDdA6DsaGRUV2jLSYCxgHQE0ryTLKZ6q3FCRa
3GiBsRXrFmITPr6NAvPZxH0NbI1d3ohABQqrWn5ZZCglQx8IIbkk2HljVHI1togB
nrzo5U+GEeX2T+XWBtDXo7JiUpkvZnn2bH8a/Q9/mQhItvrCbdQuPYiYvQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHwK0kEOmz88Xb6RdzPbylDsGt62MB8GA1UdIwQY
MBaAFPOLfKQfQAgikMqK797EvSl9OuwMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODR0OHBCOUFDQ0tReW9ydjNzUzlLWDA2N0F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS82MzA5MDQtNTYxMi00OWY3LTgwYjMt
YTNjYTIxMTIyNjhiLzEvZkFyU1FRNmJQenhkdnBGM005dktVT3dhM3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS82MzA5MDQtNTYxMi00OWY3LTgwYjMtYTNjYTIxMTIyNjhi
LzEvODR0OHBCOUFDQ0tReW9ydjNzUzlLWDA2N0F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAW/CDMBoE
AgACMBQwEgMHACoMRMAAAQMHACoMRMAAAjANBgkqhkiG9w0BAQsFAAOCAQEAUJkw
q1wtmgyjPWHrTMZR1AgQO/uRxLOd/IDn06ShKGUZAXzNlEUAV1HaGPQDG6k36YAZ
yjb8MFTYeAVoaP8e4dbHQkLhY8X7Z6YiHhcgWjeiRz9Mu8Isq4yCkB7pMpKKLvz2
skjByr60m8uX7aj0cNRjtO8FYg3I6xKqC7QnedjVupMz2ubY5B9EvdGXfNYRoYOs
i5NDrfuFOrtZ4Q9h7D1ybmz7fp9Ntg4DAjbt+EdlcRM6yuDqfwcPlspMepX7VGGJ
0eAE3mlzoGhh8/bKlxLkwmHswcVKLr1qaCRwyzL54j4eYJB78o5MSxFQzlaFlun4
goUf4pmmHgtAwp4JHw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:53 2024 by rpki-client on console-ams.rpki-client.org