Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/t8iHaI4M1qCdNh2TMxoJvWXQwa0.roa
File: t8iHaI4M1qCdNh2TMxoJvWXQwa0.roa (raw, json)
Hash identifier: 0g3h3AE2koh0n+vvQ2GnGdoaZ1wk7JOpl3uzXTbz/Zo=
Subject key identifier: B7:C8:87:68:8E:0C:D6:A0:9D:36:1D:93:33:1A:09:BD:65:D0:C1:AD
Certificate issuer: /CN=09dcf1e897e598ec3f1ab60bd443328726dedae4
Certificate serial: 0187E17B3D91652094F0A80BE666CCF8BA58
Authority key identifier: 09:DC:F1:E8:97:E5:98:EC:3F:1A:B6:0B:D4:43:32:87:26:DE:DA:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/t8iHaI4M1qCdNh2TMxoJvWXQwa0.roa
Signing time: Wed 03 May 2023 11:59:22 +0000
ROA not before: Wed 03 May 2023 11:59:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212050
IP address blocks: 91.210.57.0/24 maxlen: 24
91.210.58.0/24 maxlen: 24
91.210.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:7b:3d:91:65:20:94:f0:a8:0b:e6:66:cc:f8:ba:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09dcf1e897e598ec3f1ab60bd443328726dedae4
Validity
Not Before: May 3 11:59:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7c887688e0cd6a09d361d93331a09bd65d0c1ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:60:d6:92:ba:fb:c0:84:a1:94:30:3a:65:e3:
65:2b:c2:8e:d9:00:a4:76:00:2e:0a:db:26:a9:86:
bd:8d:5d:e6:8e:7b:c1:9b:2c:90:a4:47:79:4f:e4:
48:74:e1:8b:1d:54:1a:9b:3c:ed:86:00:5d:93:65:
92:b1:f8:25:b1:fd:52:12:59:49:92:9d:e5:c7:77:
d7:5c:11:cd:98:5b:3a:98:ef:4c:03:ab:81:a4:ab:
88:d5:27:af:b6:dc:db:81:a3:00:fa:e5:84:72:68:
0d:a2:be:74:56:9f:ba:0a:f4:97:73:13:b3:18:d2:
9c:3b:fd:11:a3:c2:9f:b9:31:41:4b:87:4d:b9:da:
34:77:5f:43:c3:3c:3e:22:7c:f1:d4:d1:60:f9:8c:
c1:df:5c:b7:7e:4e:f7:ca:9a:fa:eb:da:15:83:02:
a1:c3:10:f5:79:25:af:63:c8:26:2b:fb:5c:35:19:
10:f9:94:d5:89:4d:62:b8:26:b1:9f:cf:51:93:24:
4d:67:ca:74:be:c1:18:ae:bc:07:49:e7:bf:d1:9a:
66:77:7d:c9:c6:db:b9:9d:c8:cd:86:86:da:06:f6:
90:b2:df:e5:70:76:98:75:97:9d:fd:bd:52:c0:0c:
d2:9c:55:ae:9f:63:82:e4:e8:83:2a:81:6d:d1:5c:
75:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:C8:87:68:8E:0C:D6:A0:9D:36:1D:93:33:1A:09:BD:65:D0:C1:AD
X509v3 Authority Key Identifier:
keyid:09:DC:F1:E8:97:E5:98:EC:3F:1A:B6:0B:D4:43:32:87:26:DE:DA:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/t8iHaI4M1qCdNh2TMxoJvWXQwa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.57.0-91.210.59.255
Signature Algorithm: sha256WithRSAEncryption
9f:b2:2b:c6:c6:4f:02:2b:f7:07:c6:28:e1:42:11:89:3c:2b:
c9:6f:12:40:94:8d:8d:7e:ae:df:7b:16:ae:2d:9d:2b:09:c4:
2d:58:39:25:90:38:0b:89:29:44:b0:8a:94:e6:bf:f1:33:70:
71:36:ac:4d:ba:20:f4:a0:e8:c0:a3:a0:31:4d:2c:6c:08:63:
e5:8f:8a:99:91:bd:8c:08:d1:4e:75:8a:e0:17:7b:7a:7d:44:
27:03:2e:ee:7e:99:55:62:05:d5:aa:5c:f4:e9:0f:72:8f:22:
56:da:0e:5d:9a:fe:b4:54:f0:56:77:dc:4a:57:c5:c3:92:1c:
0d:2d:43:dc:1f:9f:5c:96:c4:c7:7b:13:66:b9:f6:07:11:58:
0b:68:a8:3a:14:82:87:58:45:8a:04:e9:8a:03:72:ee:80:d5:
f5:34:9c:d8:f4:7d:4c:a9:d8:02:15:d3:d7:ac:4b:b3:bc:b9:
37:01:2d:77:c5:25:06:36:65:b6:1b:a0:2d:c5:d7:7b:23:e2:
78:ff:96:16:46:02:82:50:56:92:72:ff:63:fb:11:5c:55:b2:
d0:17:a1:f5:2e:6e:2b:a2:da:a4:d1:d5:94:a6:b6:fd:48:01:
32:ee:b1:51:c1:93:c0:db:ca:7a:a5:ab:1f:a9:16:dc:c2:d6:
74:a5:3c:aa
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYfhez2RZSCU8KgL5mbM+LpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZGNmMWU4OTdlNTk4ZWMzZjFhYjYwYmQ0NDMzMjg3MjZk
ZWRhZTQwHhcNMjMwNTAzMTE1OTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2M4ODc2ODhlMGNkNmEwOWQzNjFkOTMzMzFhMDliZDY1ZDBjMWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2DWkrr7wIShlDA6ZeNlK8KO2QCk
dgAuCtsmqYa9jV3mjnvBmyyQpEd5T+RIdOGLHVQamzzthgBdk2WSsfglsf1SEllJ
kp3lx3fXXBHNmFs6mO9MA6uBpKuI1SevttzbgaMA+uWEcmgNor50Vp+6CvSXcxOz
GNKcO/0Ro8KfuTFBS4dNudo0d19Dwzw+Inzx1NFg+YzB31y3fk73ypr669oVgwKh
wxD1eSWvY8gmK/tcNRkQ+ZTViU1iuCaxn89RkyRNZ8p0vsEYrrwHSee/0Zpmd33J
xtu5ncjNhobaBvaQst/lcHaYdZed/b1SwAzSnFWun2OC5OiDKoFt0Vx1owIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLfIh2iODNagnTYdkzMaCb1l0MGtMB8GA1UdIwQY
MBaAFAnc8eiX5ZjsPxq2C9RDMocm3trkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85YmM0Y2MtYjY0Ni00NzAxLTg5NzUt
NjIzZTE5OWZkYmU5LzEvdDhpSGFJNE0xcUNkTmgyVE14b0p2V1hRd2EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85YmM0Y2MtYjY0Ni00NzAxLTg5NzUtNjIzZTE5OWZkYmU5
LzEvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABb0jkD
BAJb0jgwDQYJKoZIhvcNAQELBQADggEBAJ+yK8bGTwIr9wfGKOFCEYk8K8lvEkCU
jY1+rt97Fq4tnSsJxC1YOSWQOAuJKUSwipTmv/EzcHE2rE26IPSg6MCjoDFNLGwI
Y+WPipmRvYwI0U51iuAXe3p9RCcDLu5+mVViBdWqXPTpD3KPIlbaDl2a/rRU8FZ3
3EpXxcOSHA0tQ9wfn1yWxMd7E2a59gcRWAtoqDoUgodYRYoE6YoDcu6A1fU0nNj0
fUyp2AIV09esS7O8uTcBLXfFJQY2ZbYboC3F13sj4nj/lhZGAoJQVpJy/2P7EVxV
stAXofUubiui2qTR1ZSmtv1IATLusVHBk8Dbynqlqx+pFtzC1nSlPKo=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:16 2024 by rpki-client on console-fra.rpki-client.org