Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/pq0fPg5hA0_JKezC_eYq9xgg7kk.roa
File: pq0fPg5hA0_JKezC_eYq9xgg7kk.roa (raw, json)
Hash identifier: p9+DAZ/bV6zwA2CftjTdsM8qsm+IFGIOxVd90JEUwGY=
Subject key identifier: A6:AD:1F:3E:0E:61:03:4F:C9:29:EC:C2:FD:E6:2A:F7:18:20:EE:49
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 01880E91193F11D4547AC3CE9F6C34282A79
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/pq0fPg5hA0_JKezC_eYq9xgg7kk.roa
Signing time: Fri 12 May 2023 06:06:10 +0000
ROA not before: Fri 12 May 2023 06:06:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137443
IP address blocks: 91.217.135.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0e:91:19:3f:11:d4:54:7a:c3:ce:9f:6c:34:28:2a:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: May 12 06:06:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6ad1f3e0e61034fc929ecc2fde62af71820ee49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d5:1b:4f:75:9e:ba:09:ac:b4:2f:55:66:21:
01:ef:13:58:72:6a:0f:67:be:34:6e:a3:72:b3:44:
68:02:33:a9:43:12:1e:90:81:98:68:ab:93:5a:d6:
00:f5:6c:1b:e3:da:12:45:6b:de:10:91:96:f3:00:
0b:67:3f:7a:5c:07:61:b8:6a:b3:5c:f6:59:68:c4:
a6:b0:df:d8:34:48:d8:86:f3:34:27:b8:9c:4b:86:
c2:4d:51:e0:e3:80:ef:fa:2f:19:49:bc:9a:54:a9:
bf:13:67:1b:6f:37:5b:f1:26:03:e5:1a:4a:0d:09:
84:1d:22:44:81:27:b5:c0:58:85:4c:fd:ec:f5:0d:
f3:b0:de:fd:77:2b:b9:d6:45:3b:db:15:fa:26:60:
e0:10:63:e5:61:1e:48:d1:a9:76:82:d2:96:78:95:
6e:a2:11:83:1f:26:bd:ba:69:ed:4e:e5:22:e7:3b:
a4:e4:e2:2a:fb:69:86:c4:1b:f0:7f:fb:69:cb:b8:
fc:a7:64:a4:09:c3:db:8f:83:cb:4e:bb:5a:32:96:
d7:86:64:1c:66:b2:a8:bb:f9:6a:d0:ee:d8:a3:f0:
67:b0:7c:3d:5f:65:98:d9:6f:43:78:c6:9d:bf:04:
ae:e2:1c:f3:98:f1:f8:d3:81:d2:c0:43:df:09:21:
12:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:AD:1F:3E:0E:61:03:4F:C9:29:EC:C2:FD:E6:2A:F7:18:20:EE:49
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/pq0fPg5hA0_JKezC_eYq9xgg7kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.135.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:7a:fe:48:25:98:11:68:97:b3:5c:a4:a3:61:e9:c3:aa:1b:
a9:34:36:f6:9b:cd:c0:31:ae:86:a8:3e:94:43:15:5a:6b:02:
8e:34:d5:4a:28:43:dd:75:21:25:c5:86:7d:df:89:1c:24:c5:
e7:50:34:85:a3:c8:5b:11:34:7f:49:85:a4:f7:26:da:2a:56:
39:11:b3:98:e7:bc:e5:e6:db:bf:5e:cb:b8:34:cf:e9:72:0c:
7d:3a:fa:b3:69:90:04:28:39:4a:a8:5d:0b:5f:1e:5f:3e:69:
09:fd:01:2f:e8:b8:72:81:d4:34:4c:af:57:94:b7:01:52:ff:
ba:f5:8e:5a:56:7c:2d:80:39:82:98:7f:44:12:d3:c1:3f:33:
b2:09:32:17:71:25:8b:b7:74:f7:f6:35:ee:e7:a0:2f:18:fd:
29:f0:35:54:8c:9b:d2:f9:8d:cd:35:6e:00:4b:11:b0:c3:a9:
fb:8c:2c:cf:40:53:46:4d:39:0e:f5:ea:a6:1d:5f:ed:89:17:
57:47:64:9a:e3:f7:b2:b0:03:13:ca:96:76:f6:4a:40:20:16:
bd:28:d2:18:dd:97:00:55:bb:08:57:b6:89:c4:3c:21:78:d4:
fa:2b:52:a8:78:e8:b2:79:f7:9d:f8:ec:98:ad:48:46:b0:76:
d0:2a:01:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgOkRk/EdRUesPOn2w0KCp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwNTEyMDYwNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmFkMWYzZTBlNjEwMzRmYzkyOWVjYzJmZGU2MmFmNzE4MjBlZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNUbT3WeugmstC9VZiEB7xNYcmoP
Z740bqNys0RoAjOpQxIekIGYaKuTWtYA9Wwb49oSRWveEJGW8wALZz96XAdhuGqz
XPZZaMSmsN/YNEjYhvM0J7icS4bCTVHg44Dv+i8ZSbyaVKm/E2cbbzdb8SYD5RpK
DQmEHSJEgSe1wFiFTP3s9Q3zsN79dyu51kU72xX6JmDgEGPlYR5I0al2gtKWeJVu
ohGDHya9umntTuUi5zuk5OIq+2mGxBvwf/tpy7j8p2SkCcPbj4PLTrtaMpbXhmQc
ZrKou/lq0O7Yo/BnsHw9X2WY2W9DeMadvwSu4hzzmPH404HSwEPfCSESEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKatHz4OYQNPySnswv3mKvcYIO5JMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvcHEwZlBnNWhBMF9KS2V6Q19lWXE5eGdnN2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9mHMA0G
CSqGSIb3DQEBCwUAA4IBAQCKev5IJZgRaJezXKSjYenDqhupNDb2m83AMa6GqD6U
QxVaawKONNVKKEPddSElxYZ934kcJMXnUDSFo8hbETR/SYWk9ybaKlY5EbOY57zl
5tu/Xsu4NM/pcgx9OvqzaZAEKDlKqF0LXx5fPmkJ/QEv6LhygdQ0TK9XlLcBUv+6
9Y5aVnwtgDmCmH9EEtPBPzOyCTIXcSWLt3T39jXu56AvGP0p8DVUjJvS+Y3NNW4A
SxGww6n7jCzPQFNGTTkO9eqmHV/tiRdXR2Sa4/eysAMTypZ29kpAIBa9KNIY3ZcA
VbsIV7aJxDwheNT6K1KoeOiyefed+OyYrUhGsHbQKgFt
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:04 2024 by rpki-client on console-fra.rpki-client.org