Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/417d77-0e9e-4091-b510-946018241c51/1/CVcKnN2Xrh9t2TlroUnmdKNDYkw.roa
File: CVcKnN2Xrh9t2TlroUnmdKNDYkw.roa (raw, json)
Hash identifier: 86dOBdQ/GMY86k3XcUNsSh/+r1O9daLPi2XMNeJT4zE=
Subject key identifier: 09:57:0A:9C:DD:97:AE:1F:6D:D9:39:6B:A1:49:E6:74:A3:43:62:4C
Certificate issuer: /CN=1b420b799c5206a19ef7717ee3c7312fd88330ae
Certificate serial: 01894FDBCA23F6C50C14E8B83BCD6D38806D
Authority key identifier: 1B:42:0B:79:9C:52:06:A1:9E:F7:71:7E:E3:C7:31:2F:D8:83:30:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G0ILeZxSBqGe93F-48cxL9iDMK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/417d77-0e9e-4091-b510-946018241c51/1/CVcKnN2Xrh9t2TlroUnmdKNDYkw.roa
Signing time: Thu 13 Jul 2023 15:25:51 +0000
ROA not before: Thu 13 Jul 2023 15:25:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51067
IP address blocks: 91.216.121.0/24 maxlen: 24
2001:67c:23f8::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4f:db:ca:23:f6:c5:0c:14:e8:b8:3b:cd:6d:38:80:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b420b799c5206a19ef7717ee3c7312fd88330ae
Validity
Not Before: Jul 13 15:25:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09570a9cdd97ae1f6dd9396ba149e674a343624c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e1:93:f0:e4:47:d5:5d:a7:db:d2:58:42:4b:
7a:8d:02:98:2d:a8:16:08:8e:74:24:38:21:96:74:
63:70:c7:d3:3c:87:42:bf:37:01:32:cb:18:0a:54:
77:d3:46:44:f3:5c:6e:32:5f:c9:61:51:2a:a1:f0:
ff:3c:47:31:2c:f0:30:1d:8c:e1:fe:79:59:2a:c7:
58:a3:d0:e0:5e:a7:26:61:9b:74:de:f8:28:a2:1b:
53:18:5a:45:80:62:8f:5c:e3:e6:2c:4a:fb:14:3a:
63:2c:58:dc:5b:8e:58:52:c3:2d:01:21:29:3b:c9:
fc:a7:a8:7c:c2:d3:14:81:71:2f:eb:b8:1f:29:75:
7f:d7:3a:13:85:f9:66:b0:b6:b6:80:fd:56:ac:91:
c1:77:9f:62:4a:22:4d:11:6c:8a:23:a4:33:0b:67:
95:37:ee:27:60:ab:ea:71:88:f5:6e:dd:29:75:52:
45:28:3a:60:59:f2:23:0d:20:cc:dc:52:54:76:b8:
a9:cb:ec:6b:e9:09:cb:c7:31:b6:1c:56:ef:66:f9:
83:31:b0:9d:d6:bb:60:05:c0:25:f9:78:ee:e1:0d:
c1:c4:f9:61:30:98:70:19:d9:94:6d:de:d6:99:fc:
c0:35:d5:82:ee:18:10:d0:fc:a6:8c:21:e7:45:8c:
ae:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:57:0A:9C:DD:97:AE:1F:6D:D9:39:6B:A1:49:E6:74:A3:43:62:4C
X509v3 Authority Key Identifier:
keyid:1B:42:0B:79:9C:52:06:A1:9E:F7:71:7E:E3:C7:31:2F:D8:83:30:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G0ILeZxSBqGe93F-48cxL9iDMK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/417d77-0e9e-4091-b510-946018241c51/1/CVcKnN2Xrh9t2TlroUnmdKNDYkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/417d77-0e9e-4091-b510-946018241c51/1/G0ILeZxSBqGe93F-48cxL9iDMK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.121.0/24
IPv6:
2001:67c:23f8::/48
Signature Algorithm: sha256WithRSAEncryption
58:48:04:be:7b:3a:a1:c8:ee:3a:6c:c9:72:75:4d:5f:44:9a:
d2:7b:6f:3a:dd:47:35:76:8d:e5:8e:de:d5:f0:87:b1:d2:bc:
c6:68:9e:73:89:fd:62:32:60:8d:13:80:06:40:4d:cd:5b:e0:
bf:ca:a9:ad:af:09:9d:c5:5b:7f:30:36:e3:94:1f:bb:77:f1:
30:b4:92:69:51:47:c7:bd:ab:0a:cf:a3:e7:6b:6e:e7:51:4f:
f8:f5:4c:ad:02:be:d2:92:80:f9:bf:65:c0:b4:c4:78:d3:fe:
0b:ff:72:d1:58:3f:69:36:48:56:e3:08:ef:3f:4b:42:f0:7b:
b8:3f:93:c8:7e:af:d6:c5:9b:83:a5:10:fb:34:ef:3b:b3:70:
5c:1d:e3:12:e7:37:90:c8:ef:4d:71:56:81:bf:95:f6:35:18:
a6:72:12:a8:52:e9:d9:ef:f4:3b:a0:05:4c:cc:5d:87:66:62:
ab:45:9c:42:4f:2c:cb:36:57:75:99:47:4f:f3:22:5e:ac:9d:
3d:6e:da:74:87:05:b2:3a:a8:f1:1d:f4:45:6a:05:2a:0f:e9:
29:0d:4e:d9:d8:09:5b:67:21:3f:1d:a0:3c:2f:e6:6b:e1:36:
ec:e0:41:c4:ed:9d:9e:d7:f3:c3:a3:85:1b:60:b6:c0:2b:ce:
c4:2d:b0:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYlP28oj9sUMFOi4O81tOIBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNDIwYjc5OWM1MjA2YTE5ZWY3NzE3ZWUzYzczMTJmZDg4
MzMwYWUwHhcNMjMwNzEzMTUyNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTU3MGE5Y2RkOTdhZTFmNmRkOTM5NmJhMTQ5ZTY3NGEzNDM2MjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOGT8ORH1V2n29JYQkt6jQKYLagW
CI50JDghlnRjcMfTPIdCvzcBMssYClR300ZE81xuMl/JYVEqofD/PEcxLPAwHYzh
/nlZKsdYo9DgXqcmYZt03vgoohtTGFpFgGKPXOPmLEr7FDpjLFjcW45YUsMtASEp
O8n8p6h8wtMUgXEv67gfKXV/1zoThflmsLa2gP1WrJHBd59iSiJNEWyKI6QzC2eV
N+4nYKvqcYj1bt0pdVJFKDpgWfIjDSDM3FJUdripy+xr6QnLxzG2HFbvZvmDMbCd
1rtgBcAl+Xju4Q3BxPlhMJhwGdmUbd7WmfzANdWC7hgQ0PymjCHnRYyujQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAlXCpzdl64fbdk5a6FJ5nSjQ2JMMB8GA1UdIwQY
MBaAFBtCC3mcUgahnvdxfuPHMS/YgzCuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzBJTGVaeFNCcUdlOTNGLTQ4Y3hMOWlETUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80MTdkNzctMGU5ZS00MDkxLWI1MTAt
OTQ2MDE4MjQxYzUxLzEvQ1ZjS25OMlhyaDl0MlRscm9Vbm1kS05EWWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi80MTdkNzctMGU5ZS00MDkxLWI1MTAtOTQ2MDE4MjQxYzUx
LzEvRzBJTGVaeFNCcUdlOTNGLTQ4Y3hMOWlETUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9h5MA8E
AgACMAkDBwAgAQZ8I/gwDQYJKoZIhvcNAQELBQADggEBAFhIBL57OqHI7jpsyXJ1
TV9EmtJ7bzrdRzV2jeWO3tXwh7HSvMZonnOJ/WIyYI0TgAZATc1b4L/Kqa2vCZ3F
W38wNuOUH7t38TC0kmlRR8e9qwrPo+drbudRT/j1TK0CvtKSgPm/ZcC0xHjT/gv/
ctFYP2k2SFbjCO8/S0Lwe7g/k8h+r9bFm4OlEPs07zuzcFwd4xLnN5DI701xVoG/
lfY1GKZyEqhS6dnv9DugBUzMXYdmYqtFnEJPLMs2V3WZR0/zIl6snT1u2nSHBbI6
qPEd9EVqBSoP6SkNTtnYCVtnIT8doDwv5mvhNuzgQcTtnZ7X88OjhRtgtsArzsQt
sCg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:19 2024 by rpki-client on console-fra.rpki-client.org