Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3jk0mVsiCI687gCn-UOwC16xx_Y.roa
File: 3jk0mVsiCI687gCn-UOwC16xx_Y.roa (raw, json)
Hash identifier: WT6sbwOBsrTQO4tFEe7cPcUFgh3lDcqnvAO4U+nA8ps=
Subject key identifier: DE:39:34:99:5B:22:08:8E:BC:EE:00:A7:F9:43:B0:0B:5E:B1:C7:F6
Certificate issuer: /CN=dcfae7d4e69d42e4f4c95d99f482b9a944dbefc8
Certificate serial: 0185718C442DED87328B44C2B2AB90450F97
Authority key identifier: DC:FA:E7:D4:E6:9D:42:E4:F4:C9:5D:99:F4:82:B9:A9:44:DB:EF:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3jk0mVsiCI687gCn-UOwC16xx_Y.roa
Signing time: Mon 02 Jan 2023 08:14:55 +0000
ROA not before: Mon 02 Jan 2023 08:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 91.236.67.0/24 maxlen: 24
91.236.66.0/24 maxlen: 24
2a10:a700:100::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:44:2d:ed:87:32:8b:44:c2:b2:ab:90:45:0f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcfae7d4e69d42e4f4c95d99f482b9a944dbefc8
Validity
Not Before: Jan 2 08:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de3934995b22088ebcee00a7f943b00b5eb1c7f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8e:86:0f:2b:48:bd:a3:ac:18:65:73:76:20:
9b:71:3a:b3:40:eb:e0:44:62:ea:c1:14:c4:00:22:
11:2d:22:a3:40:a6:c9:d6:0d:32:30:19:c0:fc:af:
c9:6a:62:30:37:29:f2:81:7e:78:68:2a:f6:82:2a:
9e:45:a3:dd:f0:47:19:b3:93:29:9b:b1:5d:1b:b7:
10:62:b7:04:02:52:42:27:e7:ca:b4:9d:99:30:7c:
51:7b:c8:59:ea:17:56:cf:eb:5a:ba:c3:35:81:48:
0d:a7:f1:c5:c5:f9:fa:96:0a:07:d3:f9:a2:8e:e4:
e6:cb:24:70:57:76:2a:3b:83:ee:85:e8:46:b0:7b:
1f:ff:5b:f4:f9:12:c3:8e:4c:9a:1f:13:06:71:f2:
fe:3b:eb:94:e9:1b:5f:65:dc:99:d5:ca:da:ff:5f:
ba:cd:07:f2:46:66:1e:b0:76:98:7e:0c:24:1e:95:
64:aa:7b:f5:d0:23:26:de:aa:93:6a:4b:4e:59:be:
a0:8b:df:a0:c9:68:04:a3:d5:9b:f7:46:d7:a8:53:
1b:1b:b4:2c:58:61:1b:95:f9:e6:e0:de:76:36:30:
f1:09:b4:70:15:9b:36:ee:b3:a8:13:d1:ff:ea:0e:
df:7d:b4:6b:8e:d8:e6:2f:00:af:24:7f:97:70:1c:
bc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:39:34:99:5B:22:08:8E:BC:EE:00:A7:F9:43:B0:0B:5E:B1:C7:F6
X509v3 Authority Key Identifier:
keyid:DC:FA:E7:D4:E6:9D:42:E4:F4:C9:5D:99:F4:82:B9:A9:44:DB:EF:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3jk0mVsiCI687gCn-UOwC16xx_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3Prn1OadQuT0yV2Z9IK5qUTb78g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.66.0/23
IPv6:
2a10:a700:100::/40
Signature Algorithm: sha256WithRSAEncryption
82:e8:2f:76:16:20:45:39:60:5f:40:df:40:6e:31:c7:42:d1:
5e:08:7d:ff:2e:f3:74:a7:0a:b6:1b:5f:7c:15:bb:21:7c:5e:
c5:b5:00:7c:2d:b6:e2:ff:aa:79:4c:a0:9f:04:d0:0a:89:c2:
19:18:45:0b:c9:9c:8d:c5:e7:99:aa:98:0d:a5:45:b6:04:a1:
d2:b4:c2:cf:6a:6c:1e:e6:2c:dd:3c:5f:e1:7e:ed:fb:44:c8:
35:89:48:a3:dc:84:08:4c:4e:5b:17:ae:8c:5c:51:8a:1f:be:
bb:2a:b3:7c:f5:ff:1d:b3:ac:fa:aa:b7:c3:f4:aa:1b:f5:03:
88:f2:2d:fa:19:12:e1:5f:0e:ad:bf:f9:45:fe:92:03:24:af:
0e:03:33:2e:c8:5e:4c:a4:f5:70:14:e2:9e:a0:dd:1b:0d:2b:
16:be:c7:bd:fa:2b:1c:d9:1c:45:f1:94:6c:98:72:cc:3f:9e:
b0:71:5c:7a:23:31:2d:94:af:19:ae:df:26:48:31:9f:37:36:
ef:55:f6:d2:4b:fd:7f:f9:5d:07:dd:cc:b5:ea:57:ea:e3:bd:
f4:73:a7:e8:d1:71:7a:c1:68:4b:54:68:d0:6b:66:c6:95:e8:
99:b8:b2:52:8c:6c:32:cd:b5:21:ac:e1:5e:91:f1:d7:dd:36:
8f:36:81:29
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVxjEQt7Ycyi0TCsquQRQ+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZmFlN2Q0ZTY5ZDQyZTRmNGM5NWQ5OWY0ODJiOWE5NDRk
YmVmYzgwHhcNMjMwMTAyMDgxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTM5MzQ5OTViMjIwODhlYmNlZTAwYTdmOTQzYjAwYjVlYjFjN2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoI6GDytIvaOsGGVzdiCbcTqzQOvg
RGLqwRTEACIRLSKjQKbJ1g0yMBnA/K/JamIwNynygX54aCr2giqeRaPd8EcZs5Mp
m7FdG7cQYrcEAlJCJ+fKtJ2ZMHxRe8hZ6hdWz+tausM1gUgNp/HFxfn6lgoH0/mi
juTmyyRwV3YqO4PuhehGsHsf/1v0+RLDjkyaHxMGcfL+O+uU6RtfZdyZ1cra/1+6
zQfyRmYesHaYfgwkHpVkqnv10CMm3qqTaktOWb6gi9+gyWgEo9Wb90bXqFMbG7Qs
WGEblfnm4N52NjDxCbRwFZs27rOoE9H/6g7ffbRrjtjmLwCvJH+XcBy8lQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFN45NJlbIgiOvO4Ap/lDsAtescf2MB8GA1UdIwQY
MBaAFNz659TmnULk9MldmfSCualE2+/IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1BybjFPYWRRdVQweVYyWjlJSzVxVVRiNzhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85MzQyZjgtZGY5ZS00NWJiLTk3MmYt
MzcyNzNkZjM5MDFjLzEvM2prMG1Wc2lDSTY4N2dDbi1VT3dDMTZ4eF9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85MzQyZjgtZGY5ZS00NWJiLTk3MmYtMzcyNzNkZjM5MDFj
LzEvM1BybjFPYWRRdVQweVYyWjlJSzVxVVRiNzhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBW+xCMA4E
AgACMAgDBgAqEKcAATANBgkqhkiG9w0BAQsFAAOCAQEAgugvdhYgRTlgX0DfQG4x
x0LRXgh9/y7zdKcKthtffBW7IXxexbUAfC224v+qeUygnwTQConCGRhFC8mcjcXn
maqYDaVFtgSh0rTCz2psHuYs3Txf4X7t+0TINYlIo9yECExOWxeujFxRih++uyqz
fPX/HbOs+qq3w/SqG/UDiPIt+hkS4V8Orb/5Rf6SAySvDgMzLsheTKT1cBTinqDd
Gw0rFr7HvforHNkcRfGUbJhyzD+esHFceiMxLZSvGa7fJkgxnzc271X20kv9f/ld
B93MtepX6uO99HOn6NFxesFoS1Ro0GtmxpXombiyUoxsMs21IazhXpHx1902jzaB
KQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:26 2024 by rpki-client on console-ams.rpki-client.org