Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/n1Zr5gOw_s6QtZCiHaK0ea5vjxE.roa
File: n1Zr5gOw_s6QtZCiHaK0ea5vjxE.roa (raw, json)
Hash identifier: Koekd+sO5dzBvs4P1qieMX+g8tGJJt1PdBInV42Es9M=
Subject key identifier: 9F:56:6B:E6:03:B0:FE:CE:90:B5:90:A2:1D:A2:B4:79:AE:6F:8F:11
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 0188F8E4FFAB5C6EC28CE2075E3040B307B9
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/n1Zr5gOw_s6QtZCiHaK0ea5vjxE.roa
Signing time: Mon 26 Jun 2023 18:08:57 +0000
ROA not before: Mon 26 Jun 2023 18:08:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.213.174.0/24 maxlen: 24
91.213.186.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
45.150.197.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f8:e4:ff:ab:5c:6e:c2:8c:e2:07:5e:30:40:b3:07:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Jun 26 18:08:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f566be603b0fece90b590a21da2b479ae6f8f11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bd:e4:a8:c0:b3:3b:91:94:46:1e:71:c0:a3:
db:fe:f0:71:8f:a2:8d:4c:ba:3a:0e:14:0a:be:05:
0d:bb:a6:a1:af:33:75:de:4b:84:81:fd:fa:ba:01:
a2:11:b4:7a:41:7c:68:32:27:71:a2:b4:a7:96:c4:
b0:21:7b:22:61:bb:44:d8:db:c8:85:cd:3a:1e:7a:
65:3f:31:1e:97:37:80:e8:92:78:bd:70:01:70:41:
ef:4b:d7:66:ee:2d:f6:64:26:bc:18:2d:1d:e9:1d:
a2:e2:2c:0e:e6:28:99:3c:4e:e1:3a:4f:55:28:57:
1c:7f:c2:14:14:3b:7d:2c:32:0e:4f:c1:6b:2c:00:
8d:1f:81:db:0d:07:97:f8:e4:a9:7d:d3:fa:4f:76:
77:94:e0:d8:9a:d0:a0:93:0b:c6:f9:b4:b1:71:64:
a0:5d:9c:f6:62:a1:9a:10:09:31:19:db:98:c8:d0:
51:fe:4a:69:ce:2e:f4:09:4b:d0:ac:fa:d5:cb:7e:
18:a5:74:86:53:43:49:3e:02:40:af:40:1e:eb:d3:
68:19:fa:d4:78:fe:83:09:71:74:10:c7:d1:66:df:
be:b4:a1:ae:9f:0f:ed:db:71:0b:03:1b:a1:f8:01:
c6:33:5c:df:b6:34:d7:1f:24:f0:3b:92:a0:f6:38:
04:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:56:6B:E6:03:B0:FE:CE:90:B5:90:A2:1D:A2:B4:79:AE:6F:8F:11
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/n1Zr5gOw_s6QtZCiHaK0ea5vjxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.197.0/24
91.213.174.0/24
91.213.186.0/24
91.213.200.0/24
Signature Algorithm: sha256WithRSAEncryption
32:35:ae:e6:e9:d6:1c:bc:a8:d3:9e:fe:53:7d:1a:2f:d7:25:
b4:b3:bc:ad:84:b5:1e:fa:78:45:24:db:d9:3d:4b:17:d2:6b:
92:ab:c0:e8:59:7f:90:d6:84:e8:5a:c1:e3:68:b1:f9:db:ec:
42:c6:a8:d9:31:7a:5b:eb:cb:e7:7e:38:9f:dc:34:ed:4d:41:
b9:48:f2:7c:da:35:91:11:be:ae:51:da:4b:5d:02:ac:e8:87:
a4:7a:e6:e7:84:dc:a9:f6:85:23:d8:96:dc:7e:22:93:96:06:
15:97:24:b9:1c:d3:49:a9:bd:cf:cb:80:5d:ae:83:f0:a6:8e:
7a:15:28:1d:68:f3:bc:5a:75:3e:1a:c8:c7:f5:e9:1c:d0:1b:
53:ad:69:d0:a1:58:82:4f:fc:83:57:2f:cb:dd:74:ef:a1:76:
18:ba:36:5d:3c:0a:1e:94:a4:f3:f7:f2:6e:5d:51:16:42:b2:
66:08:4b:b6:30:45:23:71:df:32:a4:39:b8:db:25:b5:91:88:
c2:c6:67:68:0b:d0:f2:2e:da:c7:45:a5:b8:c2:4a:05:94:60:
98:ac:b2:16:31:6e:eb:e7:ab:4d:09:d0:b8:e7:a0:aa:06:8c:
a3:de:1c:37:94:63:0f:fa:e7:3c:d9:22:f6:ce:78:e8:e4:b8:
65:ec:02:1d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYj45P+rXG7CjOIHXjBAswe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwNjI2MTgwODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjU2NmJlNjAzYjBmZWNlOTBiNTkwYTIxZGEyYjQ3OWFlNmY4ZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjb3kqMCzO5GURh5xwKPb/vBxj6KN
TLo6DhQKvgUNu6ahrzN13kuEgf36ugGiEbR6QXxoMidxorSnlsSwIXsiYbtE2NvI
hc06HnplPzEelzeA6JJ4vXABcEHvS9dm7i32ZCa8GC0d6R2i4iwO5iiZPE7hOk9V
KFccf8IUFDt9LDIOT8FrLACNH4HbDQeX+OSpfdP6T3Z3lODYmtCgkwvG+bSxcWSg
XZz2YqGaEAkxGduYyNBR/kppzi70CUvQrPrVy34YpXSGU0NJPgJAr0Ae69NoGfrU
eP6DCXF0EMfRZt++tKGunw/t23ELAxuh+AHGM1zftjTXHyTwO5Kg9jgEIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ9Wa+YDsP7OkLWQoh2itHmub48RMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvbjFacjVnT3dfczZRdFpDaUhhSzBlYTV2anhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZbFAwQA
W9WuAwQAW9W6AwQAW9XIMA0GCSqGSIb3DQEBCwUAA4IBAQAyNa7m6dYcvKjTnv5T
fRov1yW0s7ythLUe+nhFJNvZPUsX0muSq8DoWX+Q1oToWsHjaLH52+xCxqjZMXpb
68vnfjif3DTtTUG5SPJ82jWREb6uUdpLXQKs6IekeubnhNyp9oUj2JbcfiKTlgYV
lyS5HNNJqb3Py4BdroPwpo56FSgdaPO8WnU+GsjH9ekc0BtTrWnQoViCT/yDVy/L
3XTvoXYYujZdPAoelKTz9/JuXVEWQrJmCEu2MEUjcd8ypDm42yW1kYjCxmdoC9Dy
LtrHRaW4wkoFlGCYrLIWMW7r56tNCdC456CqBoyj3hw3lGMP+uc82SL2znjo5Lhl
7AId
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:39 2023 by rpki-client on console-ams.rpki-client.org