Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/64b8dd-9bcb-475e-bf8f-d87fb767d8bd/1/sSHO6P1nHM3SpezwisaonkA_np8.roa
File: sSHO6P1nHM3SpezwisaonkA_np8.roa (raw, json)
Hash identifier: 3KiRkJHDevsMRhMhcJddohwJqiuiDKU7acO5CpcDbfY=
Subject key identifier: B1:21:CE:E8:FD:67:1C:CD:D2:A5:EC:F0:8A:C6:A8:9E:40:3F:9E:9F
Certificate issuer: /CN=d8c18b5ad3a25f118a83bb2ffbbe795d6643663c
Certificate serial: 01884EA2137406EE9496CB9E3628BBCA9BD2
Authority key identifier: D8:C1:8B:5A:D3:A2:5F:11:8A:83:BB:2F:FB:BE:79:5D:66:43:66:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MGLWtOiXxGKg7sv-755XWZDZjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/64b8dd-9bcb-475e-bf8f-d87fb767d8bd/1/sSHO6P1nHM3SpezwisaonkA_np8.roa
Signing time: Wed 24 May 2023 16:40:24 +0000
ROA not before: Wed 24 May 2023 16:40:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200736
IP address blocks: 91.132.132.0/24 maxlen: 24
91.132.134.0/24 maxlen: 24
91.132.133.0/24 maxlen: 24
91.132.135.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4e:a2:13:74:06:ee:94:96:cb:9e:36:28:bb:ca:9b:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c18b5ad3a25f118a83bb2ffbbe795d6643663c
Validity
Not Before: May 24 16:40:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b121cee8fd671ccdd2a5ecf08ac6a89e403f9e9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:41:df:8f:7e:db:da:9d:61:82:02:c2:fa:df:
65:2d:d1:70:08:36:f2:cd:57:45:c3:bb:cd:7f:24:
bd:8f:70:dd:f6:be:de:19:70:dc:c4:cc:0c:9b:17:
70:8f:0b:fe:5e:e1:4d:56:5f:4d:8e:eb:bb:6d:db:
89:1c:56:2c:a3:51:bf:92:c0:89:ce:25:03:ae:0f:
3c:30:b1:c9:06:3d:52:61:c5:de:03:bd:8f:da:84:
ff:51:02:9a:ad:38:14:f3:cc:55:9c:5a:f7:9e:5f:
e8:e8:5c:97:eb:21:d3:54:7d:ca:d2:55:fd:b6:98:
ff:6c:0f:52:ed:9e:56:68:24:aa:37:3e:55:6f:6e:
cc:f5:03:d0:a3:a1:25:4c:7c:88:89:76:72:fb:7f:
00:c1:33:0e:bf:5b:82:e8:ce:9d:be:c9:de:00:80:
b5:3b:4f:9d:b4:94:89:17:06:0d:5d:fc:d9:da:c1:
3e:ac:77:bd:98:56:ec:f0:bb:3c:49:bf:c1:db:aa:
8d:f2:f3:43:32:ff:d7:43:69:78:f9:87:ba:64:28:
60:e8:1e:7a:18:a2:f4:23:7f:7b:fa:8b:3f:b1:25:
3f:95:b9:eb:f7:fd:10:f7:72:3e:71:58:11:f7:45:
4d:f4:9d:76:94:77:77:8a:6b:d5:7d:b8:56:ac:6d:
10:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:21:CE:E8:FD:67:1C:CD:D2:A5:EC:F0:8A:C6:A8:9E:40:3F:9E:9F
X509v3 Authority Key Identifier:
keyid:D8:C1:8B:5A:D3:A2:5F:11:8A:83:BB:2F:FB:BE:79:5D:66:43:66:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MGLWtOiXxGKg7sv-755XWZDZjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/64b8dd-9bcb-475e-bf8f-d87fb767d8bd/1/sSHO6P1nHM3SpezwisaonkA_np8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/64b8dd-9bcb-475e-bf8f-d87fb767d8bd/1/2MGLWtOiXxGKg7sv-755XWZDZjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.132.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:16:84:07:ef:0e:ff:ef:50:21:4a:08:85:d0:14:6e:10:8c:
4e:00:71:c2:5c:c2:13:29:c4:8c:0b:f1:63:b3:bd:0e:89:d5:
48:06:4e:d0:1e:37:e9:40:52:d2:d3:ff:72:8b:9d:ac:ba:0c:
d1:7d:5c:b9:9f:73:a7:32:37:64:5d:e8:3e:83:4f:a6:6e:e4:
72:11:65:8c:23:41:4a:18:fc:3f:c1:b4:5a:4d:8d:8a:83:0a:
40:a1:98:0b:ef:8a:37:c6:9b:cd:a8:c3:d1:7b:55:5e:de:a7:
9e:d0:7a:7a:61:f3:39:a1:2f:19:84:71:4a:0c:20:9c:01:94:
71:34:9b:81:e9:d5:dd:05:25:19:a1:59:d9:c3:7e:4f:6f:38:
a8:78:12:82:80:26:8f:9a:ff:0f:eb:2c:bc:a2:ac:69:45:3d:
42:31:86:c9:f2:9a:fc:d1:3d:b7:e3:4a:9b:ee:3c:c2:a5:5d:
73:bb:db:4e:99:d9:4b:1d:fc:14:f8:2e:06:54:9e:2b:5e:1d:
5e:ea:66:8c:cb:65:56:f8:ba:d9:d8:5e:18:7d:df:3e:b6:15:
6b:20:8c:bc:d2:85:9d:de:22:9f:77:c8:99:21:99:cf:e9:25:
8a:88:17:dd:79:ba:48:b1:ce:11:06:a3:25:0b:30:e7:11:18:
09:c0:0d:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhOohN0Bu6UlsueNii7ypvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzE4YjVhZDNhMjVmMTE4YTgzYmIyZmZiYmU3OTVkNjY0
MzY2M2MwHhcNMjMwNTI0MTY0MDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTIxY2VlOGZkNjcxY2NkZDJhNWVjZjA4YWM2YTg5ZTQwM2Y5ZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUHfj37b2p1hggLC+t9lLdFwCDby
zVdFw7vNfyS9j3Dd9r7eGXDcxMwMmxdwjwv+XuFNVl9Njuu7bduJHFYso1G/ksCJ
ziUDrg88MLHJBj1SYcXeA72P2oT/UQKarTgU88xVnFr3nl/o6FyX6yHTVH3K0lX9
tpj/bA9S7Z5WaCSqNz5Vb27M9QPQo6ElTHyIiXZy+38AwTMOv1uC6M6dvsneAIC1
O0+dtJSJFwYNXfzZ2sE+rHe9mFbs8Ls8Sb/B26qN8vNDMv/XQ2l4+Ye6ZChg6B56
GKL0I397+os/sSU/lbnr9/0Q93I+cVgR90VN9J12lHd3imvVfbhWrG0QUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLEhzuj9ZxzN0qXs8IrGqJ5AP56fMB8GA1UdIwQY
MBaAFNjBi1rTol8RioO7L/u+eV1mQ2Y8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1HTFd0T2lYeEdLZzdzdi03NTVYV1pEWmp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy82NGI4ZGQtOWJjYi00NzVlLWJmOGYt
ZDg3ZmI3NjdkOGJkLzEvc1NITzZQMW5ITTNTcGV6d2lzYW9ua0FfbnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy82NGI4ZGQtOWJjYi00NzVlLWJmOGYtZDg3ZmI3NjdkOGJk
LzEvMk1HTFd0T2lYeEdLZzdzdi03NTVYV1pEWmp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW4SEMA0G
CSqGSIb3DQEBCwUAA4IBAQCuFoQH7w7/71AhSgiF0BRuEIxOAHHCXMITKcSMC/Fj
s70OidVIBk7QHjfpQFLS0/9yi52sugzRfVy5n3OnMjdkXeg+g0+mbuRyEWWMI0FK
GPw/wbRaTY2KgwpAoZgL74o3xpvNqMPRe1Ve3qee0Hp6YfM5oS8ZhHFKDCCcAZRx
NJuB6dXdBSUZoVnZw35PbzioeBKCgCaPmv8P6yy8oqxpRT1CMYbJ8pr80T2340qb
7jzCpV1zu9tOmdlLHfwU+C4GVJ4rXh1e6maMy2VW+LrZ2F4Yfd8+thVrIIy80oWd
3iKfd8iZIZnP6SWKiBfdebpIsc4RBqMlCzDnERgJwA0K
-----END CERTIFICATE-----
Generated at Mon Oct 16 18:37:43 2023 by rpki-client on console-ams.rpki-client.org