Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/9-LyDERQnQ84Dat2Y3lFXoFxihE.roa
File: 9-LyDERQnQ84Dat2Y3lFXoFxihE.roa (raw, json)
Hash identifier: pOqRu5w0+aK5vJdeA5njkFq88ExfRsXLRaoNpf5yjb4=
Subject key identifier: F7:E2:F2:0C:44:50:9D:0F:38:0D:AB:76:63:79:45:5E:81:71:8A:11
Certificate issuer: /CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Certificate serial: 01856C9CE1B60E656982D20AA2F80D91F0EC
Authority key identifier: 89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/9-LyDERQnQ84Dat2Y3lFXoFxihE.roa
Signing time: Sun 01 Jan 2023 09:14:58 +0000
ROA not before: Sun 01 Jan 2023 09:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12642
IP address blocks: 91.195.191.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:e1:b6:0e:65:69:82:d2:0a:a2:f8:0d:91:f0:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Validity
Not Before: Jan 1 09:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7e2f20c44509d0f380dab766379455e81718a11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:76:74:c1:91:c8:e6:6b:25:1d:65:35:2a:99:
e1:06:06:18:17:f9:ca:17:b6:7e:6f:1f:89:df:f9:
7b:ad:f0:3e:42:eb:a3:07:2a:33:ff:15:de:25:ba:
fd:75:78:b2:c4:1c:06:26:ef:2d:a1:a3:c1:71:27:
a1:04:dd:01:e6:9d:be:0c:8f:20:17:27:9a:44:be:
1c:51:b0:52:0b:d2:f1:73:df:6f:45:d1:47:75:fe:
b5:eb:c9:c0:57:ef:0d:1f:35:61:99:4c:34:b2:d1:
e7:cc:75:a2:de:0b:a3:20:f3:17:e7:82:a4:4b:59:
30:89:c4:c3:76:21:cd:a5:83:76:c6:aa:8a:bc:28:
f5:0e:bf:f3:61:cb:d4:9b:7e:6a:6a:95:89:b9:93:
a8:f6:3f:67:d6:df:08:69:ac:db:ee:29:f1:c6:8a:
e2:aa:f2:45:4d:be:cf:59:6a:2f:9f:2a:a0:7d:70:
10:46:05:5a:56:ab:8b:17:76:c7:3b:46:bc:c4:f1:
12:47:c7:52:5c:69:86:c4:e9:a5:01:13:7c:92:a3:
6d:f8:53:a6:d5:c2:a7:a0:96:69:9e:a9:cb:24:7a:
0c:8e:e1:f4:09:e8:23:19:47:f6:50:16:73:05:92:
2d:26:59:96:43:26:bc:3d:93:a2:99:72:1e:dd:29:
fd:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:E2:F2:0C:44:50:9D:0F:38:0D:AB:76:63:79:45:5E:81:71:8A:11
X509v3 Authority Key Identifier:
keyid:89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/9-LyDERQnQ84Dat2Y3lFXoFxihE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.191.0/24
Signature Algorithm: sha256WithRSAEncryption
31:a5:d5:0e:dd:9b:c7:b5:68:22:91:a8:ee:93:2e:8a:d3:af:
70:e7:79:6d:f1:27:a1:cf:7b:21:26:37:6a:85:ef:e5:b0:a9:
3d:18:ce:b3:49:fd:e8:72:f4:08:b9:78:d6:df:8c:af:1a:c5:
f9:e3:bc:95:b9:70:f6:d9:45:59:74:32:44:1d:96:e7:17:68:
ca:ad:b2:11:64:e7:35:ff:00:d7:c5:cb:cc:fd:4d:c0:67:ca:
21:88:b8:9c:3c:90:b0:cd:6c:88:03:38:97:54:00:e7:8f:ce:
90:0a:36:ca:ac:0e:0e:76:de:7a:e2:a8:fb:f6:1c:71:2e:c7:
2b:d7:a8:24:1c:de:42:03:3a:a1:58:c9:67:fb:d6:d1:e5:f4:
51:fa:c1:15:1d:be:19:29:d4:32:1b:4f:6d:6d:91:89:e7:63:
c3:01:ac:34:cb:1d:8d:03:2d:04:92:1c:d0:30:2b:81:e0:a9:
8f:1a:4e:12:a2:c1:f9:fb:04:2c:83:cb:71:06:6b:7b:25:41:
ce:06:a0:c6:f7:d3:d7:91:58:0c:d9:ac:7e:aa:e8:ac:86:c7:
af:19:b3:5e:8f:3a:b6:40:3c:25:60:1d:12:de:67:b3:4c:5f:
e8:47:05:4e:45:bf:77:9a:c3:19:d2:8a:33:a6:df:f3:f7:cc:
56:3e:77:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsnOG2DmVpgtIKovgNkfDsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTZjZDlmNGJlYjdiMGMwNGQzMWZmZTVjNjc0YTg3YTc3
MzlkMjEwHhcNMjMwMTAxMDkxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2UyZjIwYzQ0NTA5ZDBmMzgwZGFiNzY2Mzc5NDU1ZTgxNzE4YTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23Z0wZHI5mslHWU1KpnhBgYYF/nK
F7Z+bx+J3/l7rfA+QuujByoz/xXeJbr9dXiyxBwGJu8toaPBcSehBN0B5p2+DI8g
FyeaRL4cUbBSC9Lxc99vRdFHdf6168nAV+8NHzVhmUw0stHnzHWi3gujIPMX54Kk
S1kwicTDdiHNpYN2xqqKvCj1Dr/zYcvUm35qapWJuZOo9j9n1t8Iaazb7inxxori
qvJFTb7PWWovnyqgfXAQRgVaVquLF3bHO0a8xPESR8dSXGmGxOmlARN8kqNt+FOm
1cKnoJZpnqnLJHoMjuH0CegjGUf2UBZzBZItJlmWQya8PZOimXIe3Sn97QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPfi8gxEUJ0POA2rdmN5RV6BcYoRMB8GA1UdIwQY
MBaAFImmzZ9L63sMBNMf/lxnSoenc50hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYt
MWY5MjQ0OTVmY2RkLzEvOS1MeURFUlFuUTg0RGF0MlkzbEZYb0Z4aWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYtMWY5MjQ0OTVmY2Rk
LzEvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8O/MA0G
CSqGSIb3DQEBCwUAA4IBAQAxpdUO3ZvHtWgikajuky6K069w53lt8Sehz3shJjdq
he/lsKk9GM6zSf3ocvQIuXjW34yvGsX547yVuXD22UVZdDJEHZbnF2jKrbIRZOc1
/wDXxcvM/U3AZ8ohiLicPJCwzWyIAziXVADnj86QCjbKrA4Odt564qj79hxxLscr
16gkHN5CAzqhWMln+9bR5fRR+sEVHb4ZKdQyG09tbZGJ52PDAaw0yx2NAy0EkhzQ
MCuB4KmPGk4SosH5+wQsg8txBmt7JUHOBqDG99PXkVgM2ax+quishsevGbNejzq2
QDwlYB0S3mezTF/oRwVORb93msMZ0oozpt/z98xWPncJ
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:35 2024 by rpki-client on console-ams.rpki-client.org