Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/6555c3-0546-4eef-8648-506a21595cb8/1/5Ps4ujLpW7eJtvXwmFTQe3wYOqo.roa
File: 5Ps4ujLpW7eJtvXwmFTQe3wYOqo.roa (raw, json)
Hash identifier: rNlpNZaE2S/wzh8fcutHoDU3KGq9DdFrWOHrXW95X1E=
Subject key identifier: E4:FB:38:BA:32:E9:5B:B7:89:B6:F5:F0:98:54:D0:7B:7C:18:3A:AA
Certificate issuer: /CN=87a4e5d7725c5868aabea025b838dcc233c6ffc9
Certificate serial: 01856D0ABEE8081F070125563433752ED99D
Authority key identifier: 87:A4:E5:D7:72:5C:58:68:AA:BE:A0:25:B8:38:DC:C2:33:C6:FF:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h6Tl13JcWGiqvqAluDjcwjPG_8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/6555c3-0546-4eef-8648-506a21595cb8/1/5Ps4ujLpW7eJtvXwmFTQe3wYOqo.roa
Signing time: Sun 01 Jan 2023 11:14:58 +0000
ROA not before: Sun 01 Jan 2023 11:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198263
IP address blocks: 91.232.164.0/22 maxlen: 22
193.186.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:be:e8:08:1f:07:01:25:56:34:33:75:2e:d9:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87a4e5d7725c5868aabea025b838dcc233c6ffc9
Validity
Not Before: Jan 1 11:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4fb38ba32e95bb789b6f5f09854d07b7c183aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5a:0c:03:77:2b:2a:27:9e:32:aa:cb:ce:e0:
dd:3d:e5:37:cf:8c:7d:94:50:67:36:69:4a:9e:81:
39:a1:24:14:cc:a8:ed:77:bc:30:aa:96:6e:6e:bb:
10:65:e0:42:6d:24:01:eb:37:fa:bc:46:8d:18:65:
10:d2:62:5c:39:f5:f3:08:e3:4b:4e:bf:77:a0:5c:
c1:da:2c:ff:6d:07:a7:d9:7b:94:57:e8:5a:b0:58:
01:9e:99:97:76:aa:8b:71:79:4b:43:be:7a:87:6e:
38:b7:6d:19:12:92:72:4d:92:88:c6:3d:30:b1:98:
de:8f:05:32:8d:df:86:38:7c:99:8d:12:e0:2f:77:
50:89:e8:a1:f6:bc:2d:08:40:27:13:26:93:cf:8c:
dd:1b:82:ce:f1:57:a2:bd:b7:35:13:f8:3e:c1:9c:
57:90:78:0b:fb:eb:69:8b:09:d9:ad:37:cd:8a:48:
7c:16:09:1c:d6:08:bf:8f:84:93:83:5c:d4:fc:18:
8a:c4:ca:70:a6:70:cf:df:9e:4d:68:48:34:59:72:
e9:56:14:f8:2f:be:d3:1d:97:95:7c:21:95:f3:f8:
d0:db:a9:8d:83:90:41:5e:a9:23:45:8a:98:8d:01:
d8:c8:1d:1d:8b:f5:33:b9:6f:ff:02:95:3e:bc:65:
02:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:FB:38:BA:32:E9:5B:B7:89:B6:F5:F0:98:54:D0:7B:7C:18:3A:AA
X509v3 Authority Key Identifier:
keyid:87:A4:E5:D7:72:5C:58:68:AA:BE:A0:25:B8:38:DC:C2:33:C6:FF:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h6Tl13JcWGiqvqAluDjcwjPG_8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/6555c3-0546-4eef-8648-506a21595cb8/1/5Ps4ujLpW7eJtvXwmFTQe3wYOqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/6555c3-0546-4eef-8648-506a21595cb8/1/h6Tl13JcWGiqvqAluDjcwjPG_8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.164.0/22
193.186.39.0/24
Signature Algorithm: sha256WithRSAEncryption
60:91:a0:c4:a4:01:47:c4:da:51:5d:b8:2a:f3:da:ff:c1:6f:
e3:40:8a:0a:a5:37:62:a2:41:5c:aa:78:93:73:e5:03:07:ff:
20:1a:1e:41:64:f0:e7:60:3a:49:e6:a8:51:9b:be:79:cf:f0:
67:44:90:2b:c9:a2:81:d5:21:b7:2a:54:f8:34:4b:27:d4:be:
ab:e2:4a:65:2d:6b:46:92:98:8f:10:c8:29:71:f8:b3:41:6a:
1f:87:ff:cc:20:76:61:14:fd:92:e7:af:22:bc:67:5d:b9:be:
9d:b0:9d:fc:25:f6:93:2a:3a:e0:7f:ec:e2:bb:7f:9f:ca:d4:
ed:0d:b8:a4:77:dd:ff:1c:e0:bc:23:45:ee:1e:61:b7:62:c9:
69:88:e4:20:52:22:15:f1:2d:96:e2:ad:98:12:e3:55:88:6f:
b5:49:8f:3f:bb:71:e0:69:eb:ab:f4:f6:bd:05:fb:78:99:be:
df:5a:b6:d1:30:d9:ad:a3:fe:8e:72:6f:e0:18:db:4a:1d:ed:
ec:e4:a6:be:ac:3f:c9:d2:e6:97:94:e4:2f:a7:2c:79:49:68:
20:ba:8b:51:64:a3:85:8b:d7:a4:bf:af:ce:a7:36:88:28:ce:
b3:8d:a0:f5:a2:af:9c:f6:07:39:5f:45:70:ad:48:f5:34:5c:
11:8a:6f:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtCr7oCB8HASVWNDN1LtmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YTRlNWQ3NzI1YzU4NjhhYWJlYTAyNWI4MzhkY2MyMzNj
NmZmYzkwHhcNMjMwMTAxMTExNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGZiMzhiYTMyZTk1YmI3ODliNmY1ZjA5ODU0ZDA3YjdjMTgzYWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1oMA3crKieeMqrLzuDdPeU3z4x9
lFBnNmlKnoE5oSQUzKjtd7wwqpZubrsQZeBCbSQB6zf6vEaNGGUQ0mJcOfXzCONL
Tr93oFzB2iz/bQen2XuUV+hasFgBnpmXdqqLcXlLQ756h244t20ZEpJyTZKIxj0w
sZjejwUyjd+GOHyZjRLgL3dQieih9rwtCEAnEyaTz4zdG4LO8Veivbc1E/g+wZxX
kHgL++tpiwnZrTfNikh8Fgkc1gi/j4STg1zU/BiKxMpwpnDP355NaEg0WXLpVhT4
L77THZeVfCGV8/jQ26mNg5BBXqkjRYqYjQHYyB0di/UzuW//ApU+vGUCmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOT7OLoy6Vu3ibb18JhU0Ht8GDqqMB8GA1UdIwQY
MBaAFIek5ddyXFhoqr6gJbg43MIzxv/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDZUbDEzSmNXR2lxdnFBbHVEamN3alBHXzhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My82NTU1YzMtMDU0Ni00ZWVmLTg2NDgt
NTA2YTIxNTk1Y2I4LzEvNVBzNHVqTHBXN2VKdHZYd21GVFFlM3dZT3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My82NTU1YzMtMDU0Ni00ZWVmLTg2NDgtNTA2YTIxNTk1Y2I4
LzEvaDZUbDEzSmNXR2lxdnFBbHVEamN3alBHXzhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+ikAwQA
wbonMA0GCSqGSIb3DQEBCwUAA4IBAQBgkaDEpAFHxNpRXbgq89r/wW/jQIoKpTdi
okFcqniTc+UDB/8gGh5BZPDnYDpJ5qhRm755z/BnRJAryaKB1SG3KlT4NEsn1L6r
4kplLWtGkpiPEMgpcfizQWofh//MIHZhFP2S568ivGddub6dsJ38JfaTKjrgf+zi
u3+fytTtDbikd93/HOC8I0XuHmG3YslpiOQgUiIV8S2W4q2YEuNViG+1SY8/u3Hg
aeur9Pa9Bft4mb7fWrbRMNmto/6Ocm/gGNtKHe3s5Ka+rD/J0uaXlOQvpyx5SWgg
uotRZKOFi9ekv6/OpzaIKM6zjaD1oq+c9gc5X0VwrUj1NFwRim94
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:58 2024 by rpki-client on console-fra.rpki-client.org