Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/azRZf-EtzGUrO9XZhWZHEEQTmsI.roa
File: azRZf-EtzGUrO9XZhWZHEEQTmsI.roa (raw, json)
Hash identifier: irgyTAmfq6hAssfZnaztOP1j71MfUzr2UR2D6i7guI4=
Subject key identifier: 6B:34:59:7F:E1:2D:CC:65:2B:3B:D5:D9:85:66:47:10:44:13:9A:C2
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 018D77585EE11D9364F1D9DCAE0F2040C38A
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/azRZf-EtzGUrO9XZhWZHEEQTmsI.roa
Signing time: Mon 05 Feb 2024 03:38:16 +0000
ROA not before: Mon 05 Feb 2024 03:38:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201575
IP address blocks: 91.213.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 Feb 2024 02:14:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:77:58:5e:e1:1d:93:64:f1:d9:dc:ae:0f:20:40:c3:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Feb 5 03:38:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b34597fe12dcc652b3bd5d98566471044139ac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:07:0e:aa:2f:c7:ee:97:b6:54:b8:77:14:11:
8d:f1:9f:5e:b9:df:cf:80:6e:d0:cd:92:33:fa:d1:
af:c5:ea:c2:3d:ab:b2:e8:f0:32:d7:52:e0:c3:bf:
fb:01:55:1a:56:01:31:82:2b:c8:8a:78:ce:e6:43:
43:7c:a9:75:21:28:3b:b1:b8:79:dd:3a:ce:82:d5:
55:3a:4e:0f:d8:94:c5:af:12:a6:01:cd:80:14:ca:
82:80:7f:bc:3e:74:cf:0d:c3:dd:f8:0d:66:a8:be:
33:73:c5:fa:7e:4e:3e:b5:b2:73:9a:26:20:99:77:
eb:ac:07:63:bd:47:3c:d4:5c:59:d1:81:f0:40:71:
3b:10:cf:9c:f8:46:92:d2:49:8b:b0:dc:52:f0:12:
31:00:ab:09:f8:1d:eb:f6:4c:de:d5:8a:bd:98:12:
50:78:72:a2:da:52:9e:fe:c7:4b:7b:68:91:45:55:
5f:c6:9d:a2:39:95:21:fa:01:6b:f5:f5:26:5b:3e:
3f:03:34:f7:a2:18:1c:39:d3:d7:38:64:bd:7f:7d:
77:37:48:e2:e6:ff:be:9e:5f:05:06:42:a2:e3:da:
4b:32:08:90:d1:d3:9d:6e:42:4e:c5:13:cf:2e:49:
ba:cb:7e:f6:83:93:e9:8a:a7:cb:f4:d8:10:e1:b4:
92:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:34:59:7F:E1:2D:CC:65:2B:3B:D5:D9:85:66:47:10:44:13:9A:C2
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/azRZf-EtzGUrO9XZhWZHEEQTmsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.189.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:d5:7a:ab:7f:dd:ba:7a:04:e6:bd:b1:1b:59:b7:50:07:0c:
7d:f2:d1:b8:67:3f:49:00:17:09:f3:99:8e:7f:02:29:b6:1f:
97:21:35:af:35:da:a1:70:cf:4c:9f:45:16:a8:6e:8b:c0:c5:
52:68:66:c9:a1:ca:1b:1a:ff:29:de:c1:27:4d:54:73:99:46:
16:cb:9c:13:81:48:f5:af:00:3d:f6:6e:95:48:46:4e:ec:2d:
63:ea:e8:e0:4e:1e:b7:d3:e4:ca:87:68:3d:17:e1:31:44:41:
8c:db:fd:16:05:4a:de:72:6f:ec:ed:e0:92:8d:18:87:69:e8:
e2:77:fa:eb:81:59:c5:75:fb:23:09:0a:47:83:44:47:46:45:
e3:1e:8b:8b:08:99:bd:9d:d1:e9:d0:e1:90:00:c0:28:32:70:
86:5c:76:45:a0:f1:39:2c:b0:65:29:31:20:e6:cf:e3:bf:45:
c3:f2:47:7e:57:af:86:77:46:4b:91:6a:97:2a:58:e7:86:36:
8d:e9:20:eb:78:24:46:e5:5c:f4:37:ec:06:fe:59:d7:c2:c4:
d5:48:51:14:9a:e2:81:c0:1c:b0:c2:9b:73:69:5f:26:78:33:
02:5a:5a:bf:5c:ca:ce:c1:a0:d3:39:bc:df:85:53:96:2d:b2:
35:18:11:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY13WF7hHZNk8dncrg8gQMOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjQwMjA1MDMzODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjM0NTk3ZmUxMmRjYzY1MmIzYmQ1ZDk4NTY2NDcxMDQ0MTM5YWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugcOqi/H7pe2VLh3FBGN8Z9eud/P
gG7QzZIz+tGvxerCPauy6PAy11Lgw7/7AVUaVgExgivIinjO5kNDfKl1ISg7sbh5
3TrOgtVVOk4P2JTFrxKmAc2AFMqCgH+8PnTPDcPd+A1mqL4zc8X6fk4+tbJzmiYg
mXfrrAdjvUc81FxZ0YHwQHE7EM+c+EaS0kmLsNxS8BIxAKsJ+B3r9kze1Yq9mBJQ
eHKi2lKe/sdLe2iRRVVfxp2iOZUh+gFr9fUmWz4/AzT3ohgcOdPXOGS9f313N0ji
5v++nl8FBkKi49pLMgiQ0dOdbkJOxRPPLkm6y372g5PpiqfL9NgQ4bSSSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGs0WX/hLcxlKzvV2YVmRxBEE5rCMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvYXpSWmYtRXR6R1VyTzlYWmhXWkhFRVFUbXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9W9MA0G
CSqGSIb3DQEBCwUAA4IBAQC31Xqrf926egTmvbEbWbdQBwx98tG4Zz9JABcJ85mO
fwIpth+XITWvNdqhcM9Mn0UWqG6LwMVSaGbJocobGv8p3sEnTVRzmUYWy5wTgUj1
rwA99m6VSEZO7C1j6ujgTh630+TKh2g9F+ExREGM2/0WBUrecm/s7eCSjRiHaeji
d/rrgVnFdfsjCQpHg0RHRkXjHouLCJm9ndHp0OGQAMAoMnCGXHZFoPE5LLBlKTEg
5s/jv0XD8kd+V6+Gd0ZLkWqXKljnhjaN6SDreCRG5Vz0N+wG/lnXwsTVSFEUmuKB
wBywwptzaV8meDMCWlq/XMrOwaDTObzfhVOWLbI1GBFO
-----END CERTIFICATE-----
Generated at Sat Feb 17 05:38:52 2024 by rpki-client on console-ams.rpki-client.org