Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/VywB9MBOeXyp-RoGGjU_j0h-CrU.roa
File: VywB9MBOeXyp-RoGGjU_j0h-CrU.roa (raw, json)
Hash identifier: i8osqYd9UosmwTGssmVsx4qFUO/niNIIL9qVet7hOQE=
Subject key identifier: 57:2C:01:F4:C0:4E:79:7C:A9:F9:1A:06:1A:35:3F:8F:48:7E:0A:B5
Certificate issuer: /CN=7e45a9a0353a33c6a4f93608f9d25f27c85948b7
Certificate serial: 01856B77AB6430A30D4F17195D2C51BE1C58
Authority key identifier: 7E:45:A9:A0:35:3A:33:C6:A4:F9:36:08:F9:D2:5F:27:C8:59:48:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/VywB9MBOeXyp-RoGGjU_j0h-CrU.roa
Signing time: Sun 01 Jan 2023 03:54:42 +0000
ROA not before: Sun 01 Jan 2023 03:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207120
IP address blocks: 91.209.142.0/24 maxlen: 24
185.113.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:77:ab:64:30:a3:0d:4f:17:19:5d:2c:51:be:1c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e45a9a0353a33c6a4f93608f9d25f27c85948b7
Validity
Not Before: Jan 1 03:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=572c01f4c04e797ca9f91a061a353f8f487e0ab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7c:0d:d0:6b:05:c7:40:3a:cb:00:00:ab:40:
07:8f:23:c7:15:92:b5:3f:89:92:e2:c7:c9:09:11:
3a:34:b1:7f:42:2c:58:14:d0:6f:a2:fa:06:34:4f:
fe:83:b0:78:11:28:95:d9:f3:5e:ce:ad:00:36:15:
5b:da:59:0d:de:a6:96:c5:6d:ec:77:71:c9:15:58:
8f:dd:77:e0:07:83:12:5d:8d:77:d7:93:34:22:00:
54:26:4c:4f:c9:84:b9:8f:e9:fe:3d:8a:48:ab:de:
49:2e:c5:95:9a:05:84:53:01:ad:a4:9a:d7:99:fe:
fa:96:6f:de:e2:e5:e8:2a:88:1c:4f:79:a6:d8:69:
92:32:f5:e4:79:f9:87:53:2e:8b:ee:99:f4:57:07:
f0:5f:91:da:d2:42:64:f8:c7:64:d7:c6:29:5d:fd:
1a:0e:33:4f:ad:3d:4d:06:3e:e0:28:d9:1c:6a:ed:
3e:5f:f6:73:eb:59:36:dc:9c:1c:e0:7d:73:7f:f7:
bf:62:5d:e6:ec:84:4b:04:bc:d4:3f:7b:bb:e1:b2:
92:1b:2c:e6:63:6d:2d:4c:fe:cb:da:ff:7b:9c:68:
a1:9e:bb:8f:bc:62:7c:97:60:95:80:b1:d8:bb:c1:
e3:92:80:bd:6b:3b:c9:17:df:4d:85:e4:42:76:6f:
7b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:2C:01:F4:C0:4E:79:7C:A9:F9:1A:06:1A:35:3F:8F:48:7E:0A:B5
X509v3 Authority Key Identifier:
keyid:7E:45:A9:A0:35:3A:33:C6:A4:F9:36:08:F9:D2:5F:27:C8:59:48:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/VywB9MBOeXyp-RoGGjU_j0h-CrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.142.0/24
185.113.0.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:d7:c8:a8:ad:ab:d3:7e:7c:bf:40:c8:c5:c0:49:58:74:cb:
fc:83:71:11:96:3c:a0:62:43:9e:aa:90:d0:48:50:13:de:3c:
cc:63:b4:db:45:50:79:40:28:ee:b6:72:15:c4:f5:11:8b:3e:
81:e0:b7:ff:a8:a9:3c:b2:ce:3b:5a:66:bc:be:93:6f:3c:75:
19:5f:17:37:7c:6b:2c:44:ad:e1:96:ca:77:db:ee:5c:cd:39:
09:95:be:79:ec:e5:a0:4f:c6:0b:59:68:8f:c8:4b:92:d2:58:
29:81:4b:47:01:c6:be:d9:e6:e3:55:2c:af:36:ca:21:b9:f0:
4c:94:39:ac:07:de:48:c0:1c:15:bd:c5:c6:a2:c2:eb:83:e1:
0d:1e:c6:9a:8f:ca:57:03:ff:2a:91:1c:da:0d:d5:22:f8:4f:
9b:0a:ba:67:1d:fe:7f:41:83:5e:ab:44:30:0e:67:b5:ab:11:
9f:4e:88:c2:05:16:9b:7d:0e:41:51:33:71:9f:02:71:9f:a2:
33:ff:b0:94:6b:9c:46:18:f7:e4:61:1d:e6:ea:50:12:00:0b:
20:63:e6:ac:db:62:ba:97:fb:ba:03:cd:61:e2:81:91:ec:0d:
1a:2e:44:9f:94:23:bf:c2:b3:d6:3d:4e:72:df:01:1d:85:2f:
0a:cf:a0:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrd6tkMKMNTxcZXSxRvhxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNDVhOWEwMzUzYTMzYzZhNGY5MzYwOGY5ZDI1ZjI3Yzg1
OTQ4YjcwHhcNMjMwMTAxMDM1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzJjMDFmNGMwNGU3OTdjYTlmOTFhMDYxYTM1M2Y4ZjQ4N2UwYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXwN0GsFx0A6ywAAq0AHjyPHFZK1
P4mS4sfJCRE6NLF/QixYFNBvovoGNE/+g7B4ESiV2fNezq0ANhVb2lkN3qaWxW3s
d3HJFViP3XfgB4MSXY1315M0IgBUJkxPyYS5j+n+PYpIq95JLsWVmgWEUwGtpJrX
mf76lm/e4uXoKogcT3mm2GmSMvXkefmHUy6L7pn0VwfwX5Ha0kJk+Mdk18YpXf0a
DjNPrT1NBj7gKNkcau0+X/Zz61k23Jwc4H1zf/e/Yl3m7IRLBLzUP3u74bKSGyzm
Y20tTP7L2v97nGihnruPvGJ8l2CVgLHYu8HjkoC9azvJF99NheRCdm97MwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFcsAfTATnl8qfkaBho1P49Ifgq1MB8GA1UdIwQY
MBaAFH5FqaA1OjPGpPk2CPnSXyfIWUi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmtXcG9EVTZNOGFrLVRZSS1kSmZKOGhaU0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9kZDdiZWItNmY3OC00MTliLTk1N2Qt
MzdhNjBjMzM1YTVkLzEvVnl3QjlNQk9lWHlwLVJvR0dqVV9qMGgtQ3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9kZDdiZWItNmY3OC00MTliLTk1N2QtMzdhNjBjMzM1YTVk
LzEvZmtXcG9EVTZNOGFrLVRZSS1kSmZKOGhaU0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9GOAwQC
uXEAMA0GCSqGSIb3DQEBCwUAA4IBAQBa18ioravTfny/QMjFwElYdMv8g3ERljyg
YkOeqpDQSFAT3jzMY7TbRVB5QCjutnIVxPURiz6B4Lf/qKk8ss47Wma8vpNvPHUZ
Xxc3fGssRK3hlsp32+5czTkJlb557OWgT8YLWWiPyEuS0lgpgUtHAca+2ebjVSyv
NsohufBMlDmsB95IwBwVvcXGosLrg+ENHsaaj8pXA/8qkRzaDdUi+E+bCrpnHf5/
QYNeq0QwDme1qxGfTojCBRabfQ5BUTNxnwJxn6Iz/7CUa5xGGPfkYR3m6lASAAsg
Y+as22K6l/u6A81h4oGR7A0aLkSflCO/wrPWPU5y3wEdhS8Kz6DT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:23 2024 by rpki-client on console-fra.rpki-client.org