Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/d9LgBpR7ml1a0pe1yfoaoc6xP1w.roa
File: d9LgBpR7ml1a0pe1yfoaoc6xP1w.roa (raw, json)
Hash identifier: UmzibQMx6ju5g803gn08fCYW4QlwAZGGVkyRxvEK6/o=
Subject key identifier: 77:D2:E0:06:94:7B:9A:5D:5A:D2:97:B5:C9:FA:1A:A1:CE:B1:3F:5C
Certificate issuer: /CN=28ac9edd240bfc4520ce0bc9b245963d24e2bfe2
Certificate serial: 018A6FC6319EA606752F522F8B5091A518C7
Authority key identifier: 28:AC:9E:DD:24:0B:FC:45:20:CE:0B:C9:B2:45:96:3D:24:E2:BF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KKye3SQL_EUgzgvJskWWPSTiv-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/d9LgBpR7ml1a0pe1yfoaoc6xP1w.roa
Signing time: Thu 07 Sep 2023 13:12:54 +0000
ROA not before: Thu 07 Sep 2023 13:12:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3170
IP address blocks: 92.60.44.0/22 maxlen: 24
91.218.58.0/24 maxlen: 24
2a07:f1c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:c6:31:9e:a6:06:75:2f:52:2f:8b:50:91:a5:18:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28ac9edd240bfc4520ce0bc9b245963d24e2bfe2
Validity
Not Before: Sep 7 13:12:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77d2e006947b9a5d5ad297b5c9fa1aa1ceb13f5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:21:c6:f1:6e:0c:4c:c7:62:25:9c:6d:b8:8b:
2c:0e:3d:66:72:1f:0e:29:e1:4a:74:82:d3:b2:b8:
8e:13:4f:13:66:08:93:16:c9:a2:85:5c:88:fc:1c:
28:95:82:6a:57:86:39:2a:ad:04:27:8d:11:6d:c5:
a5:9d:df:6f:ca:ed:f6:69:5b:ad:43:2d:99:ed:0c:
50:09:3a:e9:c1:f5:e2:61:fc:86:51:33:eb:cb:c3:
15:c8:a3:43:8f:e9:9a:12:90:78:89:b7:cb:81:f5:
b4:55:7b:3b:34:22:fd:da:52:90:03:88:2a:e5:1c:
35:60:7c:bd:74:d0:4a:c4:47:22:91:26:3e:83:cf:
c3:e1:c5:53:04:72:a4:99:8c:2d:2e:93:c1:5c:98:
2e:88:1c:09:d7:7b:55:05:6d:86:d9:6d:d2:60:55:
f3:dd:1e:40:28:dc:44:2f:16:02:29:d7:6c:f7:c1:
1c:4a:8a:bf:86:25:60:36:56:84:37:1b:76:67:c8:
8d:cc:f2:64:12:57:a0:de:20:cb:7f:75:ec:61:df:
b0:cb:63:c3:ab:4e:dd:0e:3e:3d:f0:fd:b8:31:8d:
31:a7:f4:88:8a:5f:52:fc:4e:04:43:f0:ce:62:ac:
df:0c:7b:7b:77:79:63:53:0d:03:37:fb:1b:d3:ec:
4b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:D2:E0:06:94:7B:9A:5D:5A:D2:97:B5:C9:FA:1A:A1:CE:B1:3F:5C
X509v3 Authority Key Identifier:
keyid:28:AC:9E:DD:24:0B:FC:45:20:CE:0B:C9:B2:45:96:3D:24:E2:BF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KKye3SQL_EUgzgvJskWWPSTiv-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/d9LgBpR7ml1a0pe1yfoaoc6xP1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/KKye3SQL_EUgzgvJskWWPSTiv-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.58.0/24
92.60.44.0/22
IPv6:
2a07:f1c0::/29
Signature Algorithm: sha256WithRSAEncryption
66:30:a8:57:a3:ce:29:09:42:2a:e1:50:00:5f:b4:ec:c7:f0:
7e:87:bb:39:ed:ff:a8:c7:df:86:5a:8a:da:e2:a4:21:53:62:
23:3c:f4:f8:48:f2:91:d2:41:8b:cf:63:ea:32:4b:3f:b0:90:
1d:24:0b:84:19:31:5b:fd:36:13:a3:a2:a8:67:23:70:8f:ca:
e0:08:31:3b:da:f0:90:81:e4:a6:9a:38:cd:ce:dd:9a:19:98:
8c:d2:4e:54:88:3d:b5:2c:c0:24:6a:69:5f:50:0e:41:40:a0:
ee:60:34:ae:cd:09:0c:89:0f:06:2f:3a:a1:2a:c6:8f:fe:f7:
f2:a6:d1:13:80:c1:1c:7e:d3:53:55:17:b5:40:39:29:eb:13:
b6:cb:08:49:8e:25:1c:a6:2a:40:51:ca:81:4d:c4:4e:a5:f3:
24:62:0c:46:3c:f8:8d:ba:dc:b4:d6:7c:27:18:cc:01:f7:bd:
dd:e5:fb:7b:13:cd:3b:a9:15:eb:3e:e8:69:4d:80:9b:31:a4:
74:73:87:94:f3:e9:19:ae:47:86:7a:33:11:aa:b1:ff:88:42:
78:af:74:8b:91:23:74:d5:73:0a:4f:a8:a6:71:e6:f8:3c:35:
0d:02:9a:b2:07:0e:06:78:65:6f:92:e1:ce:5d:fe:85:ec:13:
74:7c:c9:47
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYpvxjGepgZ1L1Ivi1CRpRjHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YWM5ZWRkMjQwYmZjNDUyMGNlMGJjOWIyNDU5NjNkMjRl
MmJmZTIwHhcNMjMwOTA3MTMxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2QyZTAwNjk0N2I5YTVkNWFkMjk3YjVjOWZhMWFhMWNlYjEzZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryHG8W4MTMdiJZxtuIssDj1mch8O
KeFKdILTsriOE08TZgiTFsmihVyI/BwolYJqV4Y5Kq0EJ40RbcWlnd9vyu32aVut
Qy2Z7QxQCTrpwfXiYfyGUTPry8MVyKNDj+maEpB4ibfLgfW0VXs7NCL92lKQA4gq
5Rw1YHy9dNBKxEcikSY+g8/D4cVTBHKkmYwtLpPBXJguiBwJ13tVBW2G2W3SYFXz
3R5AKNxELxYCKdds98EcSoq/hiVgNlaENxt2Z8iNzPJkEleg3iDLf3XsYd+wy2PD
q07dDj498P24MY0xp/SIil9S/E4EQ/DOYqzfDHt7d3ljUw0DN/sb0+xLtwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHfS4AaUe5pdWtKXtcn6GqHOsT9cMB8GA1UdIwQY
MBaAFCisnt0kC/xFIM4LybJFlj0k4r/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0t5ZTNTUUxfRVVnemd2SnNrV1dQU1Rpdi1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zNjBiMTctN2UxNy00NTFiLWFiZDUt
ODVhNTM0ZjE4MGZkLzEvZDlMZ0JwUjdtbDFhMHBlMXlmb2FvYzZ4UDF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8zNjBiMTctN2UxNy00NTFiLWFiZDUtODVhNTM0ZjE4MGZk
LzEvS0t5ZTNTUUxfRVVnemd2SnNrV1dQU1Rpdi1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9o6AwQC
XDwsMA0EAgACMAcDBQMqB/HAMA0GCSqGSIb3DQEBCwUAA4IBAQBmMKhXo84pCUIq
4VAAX7Tsx/B+h7s57f+ox9+GWora4qQhU2IjPPT4SPKR0kGLz2PqMks/sJAdJAuE
GTFb/TYTo6KoZyNwj8rgCDE72vCQgeSmmjjNzt2aGZiM0k5UiD21LMAkamlfUA5B
QKDuYDSuzQkMiQ8GLzqhKsaP/vfyptETgMEcftNTVRe1QDkp6xO2ywhJjiUcpipA
UcqBTcROpfMkYgxGPPiNuty01nwnGMwB973d5ft7E807qRXrPuhpTYCbMaR0c4eU
8+kZrkeGejMRqrH/iEJ4r3SLkSN01XMKT6imceb4PDUNApqyBw4GeGVvkuHOXf6F
7BN0fMlH
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:56 2024 by rpki-client on console-ams.rpki-client.org