Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/xkvAEv6wnXiTuuXm7z7V72PRsK4.roa
File: xkvAEv6wnXiTuuXm7z7V72PRsK4.roa (raw, json)
Hash identifier: TT2GcnKOc/Wp91rH0nry0PLW/bvkjHs5puiy3i50m18=
Subject key identifier: C6:4B:C0:12:FE:B0:9D:78:93:BA:E5:E6:EF:3E:D5:EF:63:D1:B0:AE
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 018A80725A0500B52873FF569B8E859B4704
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/xkvAEv6wnXiTuuXm7z7V72PRsK4.roa
Signing time: Sun 10 Sep 2023 18:54:52 +0000
ROA not before: Sun 10 Sep 2023 18:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63018
IP address blocks: 91.213.189.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:80:72:5a:05:00:b5:28:73:ff:56:9b:8e:85:9b:47:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Sep 10 18:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c64bc012feb09d7893bae5e6ef3ed5ef63d1b0ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:61:c7:00:3f:53:20:dd:ff:98:41:8f:e3:0f:
86:97:f9:19:6e:57:32:b2:31:30:45:bd:18:c7:24:
43:67:c2:fe:70:d0:0e:70:26:b7:34:5d:80:ee:b3:
3d:55:c4:92:77:0c:a9:c3:fa:30:30:92:44:d6:79:
63:17:61:ac:c9:f1:76:29:b0:7c:0f:df:b2:a8:90:
1a:b8:aa:46:c2:0c:9a:8e:cc:62:e3:e7:d5:67:51:
c8:02:75:61:24:b9:67:a6:7c:2a:9e:34:77:c1:cc:
53:9e:57:0e:5e:16:0d:b0:d2:ad:e4:1a:52:17:38:
f8:bc:ab:4a:13:7e:a5:d0:79:43:43:90:2b:eb:d9:
b3:16:71:07:67:bd:a4:71:fd:ab:6b:e3:c4:3d:95:
47:6c:01:75:9f:29:bd:44:7d:c4:19:08:bd:4d:aa:
0a:be:f1:20:a8:26:4a:d8:00:c6:65:f3:e7:d4:db:
47:80:83:cf:50:1a:7f:06:8e:8f:1b:03:f7:99:9d:
b6:ff:f9:ba:50:16:92:fa:66:15:98:a2:08:83:ad:
a7:a0:b9:01:fd:c1:5f:bd:b3:d9:32:2d:7c:82:d5:
71:a0:8e:c8:22:eb:6b:c4:40:8d:49:da:d5:c4:25:
fc:ed:c5:a9:44:55:a8:86:1e:16:2f:fd:9d:8c:c4:
cd:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4B:C0:12:FE:B0:9D:78:93:BA:E5:E6:EF:3E:D5:EF:63:D1:B0:AE
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/xkvAEv6wnXiTuuXm7z7V72PRsK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.189.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:d4:75:60:a4:83:a1:f9:63:09:0d:fd:2a:d6:3a:a9:d2:24:
ca:fd:3f:56:3a:7b:fb:39:3f:69:85:5a:e3:62:8b:09:df:c3:
ca:22:f5:0b:44:9a:39:a4:d4:59:08:1f:c6:a8:2d:f5:d0:da:
fa:67:92:f4:2b:06:7d:ab:6f:6e:32:8b:f1:73:50:a7:40:12:
d4:c2:8d:ff:b7:58:63:4b:5d:aa:80:fc:2c:11:e0:1c:70:94:
48:46:da:59:0e:73:6a:d6:0a:02:45:4f:61:1b:e8:05:b7:f9:
84:7f:d5:59:1b:25:27:be:d1:1d:f6:3d:3e:2d:d0:71:c3:39:
59:96:dd:b5:57:ab:ad:17:33:ee:1e:26:2d:a3:57:dc:ad:71:
87:e2:c1:0e:dc:f6:f1:61:11:a4:10:50:0d:7d:ed:42:4d:9d:
05:f5:18:c0:3e:2e:cd:0b:e1:64:28:b4:b5:db:70:a1:4f:c0:
65:94:8d:5e:d3:64:ee:32:fc:89:75:90:fe:6e:2f:64:36:70:
43:e2:1e:2d:81:45:32:f6:ed:81:0a:b9:37:c9:29:67:26:7c:
b1:11:49:c9:86:d6:cb:2f:ec:86:27:6c:30:00:97:e7:b8:ad:
a9:ef:93:d1:6a:a7:53:c2:9a:78:5e:c3:c6:03:bb:0c:c6:51:
fe:03:05:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqAcloFALUoc/9Wm46Fm0cEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwOTEwMTg1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRiYzAxMmZlYjA5ZDc4OTNiYWU1ZTZlZjNlZDVlZjYzZDFiMGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mHHAD9TIN3/mEGP4w+Gl/kZblcy
sjEwRb0YxyRDZ8L+cNAOcCa3NF2A7rM9VcSSdwypw/owMJJE1nljF2GsyfF2KbB8
D9+yqJAauKpGwgyajsxi4+fVZ1HIAnVhJLlnpnwqnjR3wcxTnlcOXhYNsNKt5BpS
Fzj4vKtKE36l0HlDQ5Ar69mzFnEHZ72kcf2ra+PEPZVHbAF1nym9RH3EGQi9TaoK
vvEgqCZK2ADGZfPn1NtHgIPPUBp/Bo6PGwP3mZ22//m6UBaS+mYVmKIIg62noLkB
/cFfvbPZMi18gtVxoI7IIutrxECNSdrVxCX87cWpRFWohh4WL/2djMTNuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZLwBL+sJ14k7rl5u8+1e9j0bCuMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEveGt2QUV2NnduWGlUdXVYbTd6N1Y3MlBSc0s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9W9MA0G
CSqGSIb3DQEBCwUAA4IBAQAP1HVgpIOh+WMJDf0q1jqp0iTK/T9WOnv7OT9phVrj
YosJ38PKIvULRJo5pNRZCB/GqC310Nr6Z5L0KwZ9q29uMovxc1CnQBLUwo3/t1hj
S12qgPwsEeAccJRIRtpZDnNq1goCRU9hG+gFt/mEf9VZGyUnvtEd9j0+LdBxwzlZ
lt21V6utFzPuHiYto1fcrXGH4sEO3PbxYRGkEFANfe1CTZ0F9RjAPi7NC+FkKLS1
23ChT8BllI1e02TuMvyJdZD+bi9kNnBD4h4tgUUy9u2BCrk3ySlnJnyxEUnJhtbL
L+yGJ2wwAJfnuK2p75PRaqdTwpp4XsPGA7sMxlH+AwVJ
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:04 2024 by rpki-client on console-fra.rpki-client.org