Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/0B6eJ_QBu5fwH5l3akH1bdYW_wo.roa
File: 0B6eJ_QBu5fwH5l3akH1bdYW_wo.roa (raw, json)
Hash identifier: cvirY6H1QdmJJF6782E1CvkswdVdVDAgs8UGf3sg82c=
Subject key identifier: D0:1E:9E:27:F4:01:BB:97:F0:1F:99:77:6A:41:F5:6D:D6:16:FF:0A
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 01857042A86481FC1E9C6E547AC18AD431B0
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/0B6eJ_QBu5fwH5l3akH1bdYW_wo.roa
Signing time: Mon 02 Jan 2023 02:14:54 +0000
ROA not before: Mon 02 Jan 2023 02:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21485
IP address blocks: 91.231.153.0/24 maxlen: 24
2001:67c:15ec::/48 maxlen: 48
2a0a:3500::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:a8:64:81:fc:1e:9c:6e:54:7a:c1:8a:d4:31:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Jan 2 02:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d01e9e27f401bb97f01f99776a41f56dd616ff0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3c:d1:df:42:b1:6c:24:15:4f:e6:57:f0:be:
cc:18:00:84:2c:83:be:d2:dc:3c:c2:83:1c:20:3e:
97:be:3d:33:06:16:01:fa:ab:1a:52:c1:cb:87:b9:
97:22:84:4d:4e:23:92:f1:15:13:27:cf:d8:73:5a:
39:17:d0:78:9c:61:b6:4a:e5:2e:d9:c9:a9:e9:d7:
0b:1f:77:fd:d6:3c:ff:33:d9:0d:01:0d:9b:bc:68:
8c:bf:3c:f2:90:09:58:be:0f:4a:8a:a3:63:78:ca:
f0:00:5c:5d:07:8d:4c:f0:42:fe:77:cf:f2:2a:8d:
a3:6b:70:f4:7d:26:61:2b:4f:e5:2a:8e:32:16:38:
be:ad:7b:f8:8e:01:ee:41:14:8f:dc:54:7d:8a:36:
a4:37:72:56:02:85:4e:27:e6:15:86:69:d0:39:29:
a4:8f:38:8c:4f:cf:8b:ba:5c:d0:6c:cc:17:85:7e:
c4:9d:01:4c:fa:de:f5:b7:84:1c:87:c9:e3:38:1b:
c7:82:0f:d6:c4:9c:48:38:1f:07:be:4b:44:bf:30:
95:71:5d:a6:4e:17:15:8f:28:e1:95:0e:3a:95:f5:
35:8b:61:cd:9f:b9:64:1f:30:67:68:2f:49:b5:8c:
d2:2b:4f:b3:1d:ba:42:23:64:b7:5a:69:5e:3f:df:
bf:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:1E:9E:27:F4:01:BB:97:F0:1F:99:77:6A:41:F5:6D:D6:16:FF:0A
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/0B6eJ_QBu5fwH5l3akH1bdYW_wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.153.0/24
IPv6:
2001:67c:15ec::/48
2a0a:3500::/32
Signature Algorithm: sha256WithRSAEncryption
1f:50:fb:a8:2f:86:bf:ac:0e:ff:38:b8:ef:4e:ab:3a:42:6d:
8a:d6:63:70:d9:f5:ee:23:eb:05:3e:6a:b8:d4:9b:a3:08:0e:
53:5c:f1:2a:3e:21:e4:dd:cd:e6:b4:82:ab:2a:0c:d2:bd:0a:
68:e8:99:85:74:b0:2e:41:0b:aa:43:45:3b:6b:56:2b:64:7e:
3c:b3:1b:09:00:fb:b6:84:ba:80:1e:4d:37:54:b4:c7:75:24:
9e:40:22:0b:6c:8d:cb:ee:92:fe:dd:8c:bd:9e:a3:32:d4:15:
12:f6:89:64:5c:fe:43:52:a1:2f:d8:eb:72:e0:e9:ed:ee:3d:
ae:42:13:c7:d5:0a:d2:e7:22:2c:09:25:68:ae:f6:69:8a:d6:
58:8d:c6:64:b7:37:5b:51:61:b6:a8:49:d1:6d:f3:fe:ca:e2:
e7:14:40:be:ba:f9:ff:66:de:22:b6:c3:26:a6:05:7f:b8:09:
2b:39:e5:58:31:33:9f:69:73:b7:5d:64:d3:de:d4:62:da:7c:
b9:7c:96:c9:56:3b:e2:e5:00:88:f9:4c:50:26:2a:9f:c3:4e:
2c:41:da:9a:6c:d6:15:55:3c:2a:2c:aa:bd:60:5e:1a:c7:54:
73:0d:8e:ec:cd:1f:91:e4:3b:90:f0:eb:ca:b0:66:b7:45:d0:
2f:aa:76:09
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVwQqhkgfwenG5UesGK1DGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMwMTAyMDIxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDFlOWUyN2Y0MDFiYjk3ZjAxZjk5Nzc2YTQxZjU2ZGQ2MTZmZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzzR30KxbCQVT+ZX8L7MGACELIO+
0tw8woMcID6Xvj0zBhYB+qsaUsHLh7mXIoRNTiOS8RUTJ8/Yc1o5F9B4nGG2SuUu
2cmp6dcLH3f91jz/M9kNAQ2bvGiMvzzykAlYvg9KiqNjeMrwAFxdB41M8EL+d8/y
Ko2ja3D0fSZhK0/lKo4yFji+rXv4jgHuQRSP3FR9ijakN3JWAoVOJ+YVhmnQOSmk
jziMT8+LulzQbMwXhX7EnQFM+t71t4Qch8njOBvHgg/WxJxIOB8HvktEvzCVcV2m
ThcVjyjhlQ46lfU1i2HNn7lkHzBnaC9JtYzSK0+zHbpCI2S3WmleP9+/FQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNAenif0AbuX8B+Zd2pB9W3WFv8KMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvMEI2ZUpfUUJ1NWZ3SDVsM2FrSDFiZFlXX3dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAW+eZMBYE
AgACMBADBwAgAQZ8FewDBQAqCjUAMA0GCSqGSIb3DQEBCwUAA4IBAQAfUPuoL4a/
rA7/OLjvTqs6Qm2K1mNw2fXuI+sFPmq41JujCA5TXPEqPiHk3c3mtIKrKgzSvQpo
6JmFdLAuQQuqQ0U7a1YrZH48sxsJAPu2hLqAHk03VLTHdSSeQCILbI3L7pL+3Yy9
nqMy1BUS9olkXP5DUqEv2Oty4Ont7j2uQhPH1QrS5yIsCSVorvZpitZYjcZktzdb
UWG2qEnRbfP+yuLnFEC+uvn/Zt4itsMmpgV/uAkrOeVYMTOfaXO3XWTT3tRi2ny5
fJbJVjvi5QCI+UxQJiqfw04sQdqabNYVVTwqLKq9YF4ax1RzDY7szR+R5DuQ8OvK
sGa3RdAvqnYJ
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:31 2024 by rpki-client on console-ams.rpki-client.org