Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/pbClZIgqgz1Ui1QSGkE7bVZSVxA.roa
File: pbClZIgqgz1Ui1QSGkE7bVZSVxA.roa (raw, json)
Hash identifier: rP7HyBa0iuXOKBYYz7qVq64KV809+SGC9wL8KC4H/cQ=
Subject key identifier: A5:B0:A5:64:88:2A:83:3D:54:8B:54:12:1A:41:3B:6D:56:52:57:10
Certificate issuer: /CN=dcfae7d4e69d42e4f4c95d99f482b9a944dbefc8
Certificate serial: 0185718C435929C5E687DDE5E9E47EB41985
Authority key identifier: DC:FA:E7:D4:E6:9D:42:E4:F4:C9:5D:99:F4:82:B9:A9:44:DB:EF:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/pbClZIgqgz1Ui1QSGkE7bVZSVxA.roa
Signing time: Mon 02 Jan 2023 08:14:55 +0000
ROA not before: Mon 02 Jan 2023 08:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 91.236.66.0/24 maxlen: 24
91.236.67.0/24 maxlen: 24
2a10:a700:100::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:43:59:29:c5:e6:87:dd:e5:e9:e4:7e:b4:19:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcfae7d4e69d42e4f4c95d99f482b9a944dbefc8
Validity
Not Before: Jan 2 08:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5b0a564882a833d548b54121a413b6d56525710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:58:53:bb:21:0c:60:68:4c:79:07:55:96:e1:
8b:24:aa:9f:7c:55:83:5a:57:7f:1b:7d:00:6d:05:
5e:37:c7:45:63:92:e0:ba:9a:37:1c:ff:87:17:e6:
91:f4:5f:99:78:d3:6f:91:d7:d2:38:a8:2a:f5:6f:
9b:b9:63:fa:71:fb:6e:de:d0:2a:25:40:db:2c:e2:
4b:f8:68:86:6f:01:82:40:a9:af:62:7b:85:26:fc:
16:f9:ce:6c:8b:61:e9:1a:0e:7b:c3:8f:c0:4c:19:
15:fb:2b:2e:90:f5:14:64:57:8a:ee:9c:1d:e1:24:
f5:81:e0:75:d1:be:d3:2d:e4:68:5f:92:a9:e6:f5:
0a:23:07:c2:c4:57:27:3d:18:fa:51:3c:45:fc:28:
3e:92:4f:4c:34:14:1f:e6:3d:a7:bc:8b:2a:b5:0a:
d7:09:20:af:11:02:e8:52:f6:6a:80:d7:2a:4c:e5:
a7:18:fa:dd:35:24:4a:55:a5:27:08:9a:d0:c1:de:
89:f6:80:52:be:d0:82:d1:d7:7a:05:13:b7:d3:f0:
1c:27:8a:88:1d:d1:d3:f3:08:d6:a6:79:bb:3b:16:
ac:03:41:0d:2e:f9:02:62:6e:cb:ca:4c:20:f5:36:
8f:77:fa:b8:3f:7d:3c:46:e1:dd:cc:3c:22:46:4f:
5f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B0:A5:64:88:2A:83:3D:54:8B:54:12:1A:41:3B:6D:56:52:57:10
X509v3 Authority Key Identifier:
keyid:DC:FA:E7:D4:E6:9D:42:E4:F4:C9:5D:99:F4:82:B9:A9:44:DB:EF:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/pbClZIgqgz1Ui1QSGkE7bVZSVxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3Prn1OadQuT0yV2Z9IK5qUTb78g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.66.0/23
IPv6:
2a10:a700:100::/40
Signature Algorithm: sha256WithRSAEncryption
94:7c:43:31:cb:06:5b:15:91:c8:92:57:9e:aa:0d:74:30:de:
2d:d7:cf:4a:6f:ce:28:d4:9c:d1:85:56:55:1d:65:4c:a5:8e:
b2:fd:a5:9c:c6:68:1a:a2:fb:b9:b4:d1:f4:78:ec:7e:ce:eb:
f4:5d:4c:84:11:6b:72:99:c7:e8:50:58:a6:81:8b:e5:34:92:
32:02:31:61:f2:03:6a:ac:3c:fc:da:88:d4:af:b4:38:e4:c8:
70:b9:29:1f:94:a8:51:fa:9a:7a:b9:44:79:c9:aa:c3:25:05:
65:15:45:75:f2:6a:81:86:0b:3f:59:c3:3b:a7:03:71:ec:17:
10:66:7d:7c:b7:fe:ad:57:8e:03:b9:83:22:af:fa:ef:4b:99:
f1:8f:ac:5e:a6:26:8a:e1:f3:48:82:11:7c:54:55:0d:1e:73:
be:e2:60:59:95:82:4e:33:b8:3d:07:74:34:c0:70:68:ea:33:
1e:50:ad:70:6f:33:49:4e:38:0b:10:5a:f4:39:b7:4c:5a:ca:
98:c9:66:88:db:a0:9d:44:20:2f:3a:c2:6c:7f:fa:bc:28:e1:
7a:76:34:d5:92:2e:29:77:80:93:b5:dd:70:5f:f3:31:2e:52:
7c:d0:53:ed:5e:a5:a2:78:7a:9e:3b:c6:d0:63:58:0d:69:21:
41:66:8d:f2
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVxjENZKcXmh93l6eR+tBmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZmFlN2Q0ZTY5ZDQyZTRmNGM5NWQ5OWY0ODJiOWE5NDRk
YmVmYzgwHhcNMjMwMTAyMDgxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWIwYTU2NDg4MmE4MzNkNTQ4YjU0MTIxYTQxM2I2ZDU2NTI1NzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVhTuyEMYGhMeQdVluGLJKqffFWD
Wld/G30AbQVeN8dFY5Lgupo3HP+HF+aR9F+ZeNNvkdfSOKgq9W+buWP6cftu3tAq
JUDbLOJL+GiGbwGCQKmvYnuFJvwW+c5si2HpGg57w4/ATBkV+ysukPUUZFeK7pwd
4ST1geB10b7TLeRoX5Kp5vUKIwfCxFcnPRj6UTxF/Cg+kk9MNBQf5j2nvIsqtQrX
CSCvEQLoUvZqgNcqTOWnGPrdNSRKVaUnCJrQwd6J9oBSvtCC0dd6BRO30/AcJ4qI
HdHT8wjWpnm7OxasA0ENLvkCYm7Lykwg9TaPd/q4P308RuHdzDwiRk9frQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFKWwpWSIKoM9VItUEhpBO21WUlcQMB8GA1UdIwQY
MBaAFNz659TmnULk9MldmfSCualE2+/IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1BybjFPYWRRdVQweVYyWjlJSzVxVVRiNzhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85MzQyZjgtZGY5ZS00NWJiLTk3MmYt
MzcyNzNkZjM5MDFjLzEvcGJDbFpJZ3FnejFVaTFRU0drRTdiVlpTVnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85MzQyZjgtZGY5ZS00NWJiLTk3MmYtMzcyNzNkZjM5MDFj
LzEvM1BybjFPYWRRdVQweVYyWjlJSzVxVVRiNzhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBW+xCMA4E
AgACMAgDBgAqEKcAATANBgkqhkiG9w0BAQsFAAOCAQEAlHxDMcsGWxWRyJJXnqoN
dDDeLdfPSm/OKNSc0YVWVR1lTKWOsv2lnMZoGqL7ubTR9Hjsfs7r9F1MhBFrcpnH
6FBYpoGL5TSSMgIxYfIDaqw8/NqI1K+0OOTIcLkpH5SoUfqaerlEecmqwyUFZRVF
dfJqgYYLP1nDO6cDcewXEGZ9fLf+rVeOA7mDIq/670uZ8Y+sXqYmiuHzSIIRfFRV
DR5zvuJgWZWCTjO4PQd0NMBwaOozHlCtcG8zSU44CxBa9Dm3TFrKmMlmiNugnUQg
LzrCbH/6vCjhenY01ZIuKXeAk7XdcF/zMS5SfNBT7V6lonh6njvG0GNYDWkhQWaN
8g==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:43 2024 by rpki-client on console-fra.rpki-client.org