Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/5ORAryEVQ3vSk9yB3Spc6h8u-oA.roa
File: 5ORAryEVQ3vSk9yB3Spc6h8u-oA.roa (raw, json)
Hash identifier: 4N6d6fKnCpYVX0gIcJ7Yqj1j6rfWxA56TaGY4bc1b84=
Subject key identifier: E4:E4:40:AF:21:15:43:7B:D2:93:DC:81:DD:2A:5C:EA:1F:2E:FA:80
Certificate issuer: /CN=b40aa5163496e053a76b6d69cdc45f75006cd8df
Certificate serial: 018573718BA46F4AEBC7FDD93884ED7EC23C
Authority key identifier: B4:0A:A5:16:34:96:E0:53:A7:6B:6D:69:CD:C4:5F:75:00:6C:D8:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/5ORAryEVQ3vSk9yB3Spc6h8u-oA.roa
Signing time: Mon 02 Jan 2023 17:04:59 +0000
ROA not before: Mon 02 Jan 2023 17:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51509
IP address blocks: 91.217.92.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:8b:a4:6f:4a:eb:c7:fd:d9:38:84:ed:7e:c2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b40aa5163496e053a76b6d69cdc45f75006cd8df
Validity
Not Before: Jan 2 17:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4e440af2115437bd293dc81dd2a5cea1f2efa80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5c:bc:cd:76:e6:ad:60:0a:1b:37:f0:96:a7:
52:78:6a:16:df:57:cb:59:1a:e3:e6:06:c1:4f:88:
73:9b:3a:dc:86:a3:d0:2d:db:04:75:c2:b6:e0:39:
6b:ba:b9:9a:71:03:52:9a:77:a7:18:c8:b3:cf:10:
13:fc:fc:c3:91:cf:8a:4d:b1:aa:0f:e5:e3:49:83:
49:5c:83:da:b9:3b:4a:0c:b1:2f:b7:42:47:fc:c4:
34:d1:e1:9f:4c:fd:4f:ad:1a:1e:51:2e:f9:b4:08:
12:23:62:55:4f:74:eb:06:16:6f:95:2f:25:a3:a8:
83:f4:0e:85:6a:fb:fa:e2:63:50:20:6c:fb:9d:63:
3a:23:c5:43:dd:2b:61:8f:0b:1b:6c:31:58:67:97:
6e:97:b4:55:70:69:9a:40:0b:c8:f0:d2:c0:07:24:
85:78:82:05:d5:6f:8f:36:3f:c2:f7:d2:1e:41:4a:
71:6e:84:e1:44:11:c4:a1:ef:1a:ce:b8:9a:11:26:
d5:5c:a4:64:81:20:e7:7e:63:57:39:47:95:88:34:
b3:0f:1f:49:d0:bc:b9:d4:93:d7:3f:4d:93:3a:36:
48:d9:1f:41:0b:8e:7f:2a:09:c2:62:a3:79:62:80:
74:22:f3:d9:d9:20:ba:f1:b2:c9:e2:7d:21:fb:c7:
c6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E4:40:AF:21:15:43:7B:D2:93:DC:81:DD:2A:5C:EA:1F:2E:FA:80
X509v3 Authority Key Identifier:
keyid:B4:0A:A5:16:34:96:E0:53:A7:6B:6D:69:CD:C4:5F:75:00:6C:D8:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/5ORAryEVQ3vSk9yB3Spc6h8u-oA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.92.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:66:4b:56:2c:ba:2d:85:1c:0e:8e:fb:e8:ae:5a:40:0f:c1:
49:42:e2:a8:a8:67:3c:e5:73:fc:99:8e:79:10:e9:3b:58:01:
d1:a0:8e:77:4b:05:0a:a0:80:3c:b8:c4:05:c5:94:1a:a5:7f:
7f:35:e8:c1:52:b1:f4:04:2c:d0:8b:f5:92:94:60:71:2b:5b:
84:05:6a:08:5f:c9:eb:03:c0:08:10:f2:fd:f8:ac:e9:c4:79:
3e:10:41:ab:18:9b:e0:a8:09:bb:5c:57:ba:c4:9d:5c:1b:32:
72:15:a0:f0:4c:bd:fa:71:5a:89:12:02:9e:ea:a7:7a:b0:fc:
32:2b:b7:f6:d7:4a:a6:10:1e:3f:12:93:22:01:03:a0:76:ff:
fb:14:fa:46:e2:76:9e:91:8f:99:9c:fd:6d:58:ae:ff:29:bf:
b9:d7:96:70:a6:6a:e8:ef:e9:d6:7f:88:00:10:5c:42:ee:3e:
24:7a:30:4e:f0:c8:7b:c1:4d:e4:68:9f:fc:96:da:b3:34:05:
c2:87:e5:a3:a2:a3:3e:43:e6:5f:70:d0:48:f2:f6:7e:4c:0f:
73:f0:b3:87:18:10:d4:e5:1b:02:1f:16:0b:0f:77:5a:2b:df:
b9:9b:b0:3d:99:a0:e2:f2:49:3f:c5:89:fe:75:b6:3c:40:6c:
2f:25:a9:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzcYukb0rrx/3ZOITtfsI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MGFhNTE2MzQ5NmUwNTNhNzZiNmQ2OWNkYzQ1Zjc1MDA2
Y2Q4ZGYwHhcNMjMwMTAyMTcwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGU0NDBhZjIxMTU0MzdiZDI5M2RjODFkZDJhNWNlYTFmMmVmYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Vy8zXbmrWAKGzfwlqdSeGoW31fL
WRrj5gbBT4hzmzrchqPQLdsEdcK24DlrurmacQNSmnenGMizzxAT/PzDkc+KTbGq
D+XjSYNJXIPauTtKDLEvt0JH/MQ00eGfTP1PrRoeUS75tAgSI2JVT3TrBhZvlS8l
o6iD9A6Favv64mNQIGz7nWM6I8VD3SthjwsbbDFYZ5dul7RVcGmaQAvI8NLABySF
eIIF1W+PNj/C99IeQUpxboThRBHEoe8azriaESbVXKRkgSDnfmNXOUeViDSzDx9J
0Ly51JPXP02TOjZI2R9BC45/KgnCYqN5YoB0IvPZ2SC68bLJ4n0h+8fGRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOTkQK8hFUN70pPcgd0qXOofLvqAMB8GA1UdIwQY
MBaAFLQKpRY0luBTp2ttac3EX3UAbNjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hMjBmYjAtNWI4ZC00NTE3LWI0NmUt
YzcyY2JhYzI4NWY4LzEvNU9SQXJ5RVZRM3ZTazl5QjNTcGM2aDh1LW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hMjBmYjAtNWI4ZC00NTE3LWI0NmUtYzcyY2JhYzI4NWY4
LzEvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9lcMA0G
CSqGSIb3DQEBCwUAA4IBAQB9ZktWLLothRwOjvvorlpAD8FJQuKoqGc85XP8mY55
EOk7WAHRoI53SwUKoIA8uMQFxZQapX9/NejBUrH0BCzQi/WSlGBxK1uEBWoIX8nr
A8AIEPL9+KzpxHk+EEGrGJvgqAm7XFe6xJ1cGzJyFaDwTL36cVqJEgKe6qd6sPwy
K7f210qmEB4/EpMiAQOgdv/7FPpG4naekY+ZnP1tWK7/Kb+515Zwpmro7+nWf4gA
EFxC7j4kejBO8Mh7wU3kaJ/8ltqzNAXCh+WjoqM+Q+ZfcNBI8vZ+TA9z8LOHGBDU
5RsCHxYLD3daK9+5m7A9maDi8kk/xYn+dbY8QGwvJano
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:49 2024 by rpki-client on console-fra.rpki-client.org