Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/20SBAnhkA5hgUC7la9JTyukx1ow.roa
File: 20SBAnhkA5hgUC7la9JTyukx1ow.roa (raw, json)
Hash identifier: csW1Hj2v2pb1DmRdkhUrym2eWvfqI0rFAWTnHUi+FZk=
Subject key identifier: DB:44:81:02:78:64:03:98:60:50:2E:E5:6B:D2:53:CA:E9:31:D6:8C
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 018A3B7BBCF7BE67BFBDD33FFA4811CD0B28
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/20SBAnhkA5hgUC7la9JTyukx1ow.roa
Signing time: Mon 28 Aug 2023 09:31:19 +0000
ROA not before: Mon 28 Aug 2023 09:31:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212862
IP address blocks: 91.205.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:7b:bc:f7:be:67:bf:bd:d3:3f:fa:48:11:cd:0b:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Aug 28 09:31:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db4481027864039860502ee56bd253cae931d68c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cf:52:63:04:77:93:a1:5f:a4:87:82:fd:28:
f7:28:7f:fb:98:fb:c1:8d:7f:53:b0:27:a8:4f:d3:
13:70:08:6e:a8:4a:e9:fb:c3:52:0f:a8:9a:df:9f:
2d:a5:65:6a:c8:c0:87:04:79:13:e5:59:43:b0:40:
6d:1d:cb:20:98:05:d3:90:73:42:84:8c:da:22:ad:
d9:4d:db:24:93:9a:e4:59:ab:1c:3b:83:41:4e:b0:
8e:fb:15:be:b2:65:87:ad:99:ad:aa:47:5c:f8:6b:
eb:0b:2c:ed:8e:39:a7:60:28:f7:ff:45:2d:e4:b4:
b7:87:e1:16:c1:5d:d0:db:b1:c4:fa:d1:3a:c2:5e:
6e:ea:c7:41:29:1a:ac:06:f4:82:b7:0f:3b:c1:57:
bf:c6:11:39:70:44:d7:6b:8f:71:d8:d2:46:a9:f6:
ed:2f:bc:0f:cf:ba:15:08:8c:e9:75:12:05:e7:58:
3d:39:ba:28:94:7a:62:07:54:b6:4d:89:0c:c8:63:
dc:35:c1:88:41:f9:78:b3:6a:97:e2:0f:6f:6e:1c:
b5:28:70:0d:80:0a:9a:2f:0f:29:be:27:19:6b:d5:
7c:55:96:e5:df:4e:50:ed:5b:d6:77:da:b7:34:69:
7a:2a:31:e4:d5:bd:e5:bc:24:48:0d:5f:e3:d4:58:
2c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:44:81:02:78:64:03:98:60:50:2E:E5:6B:D2:53:CA:E9:31:D6:8C
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/20SBAnhkA5hgUC7la9JTyukx1ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.220.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:bc:61:e2:d5:a7:43:be:f4:e0:31:33:ec:81:1b:4c:50:8e:
26:0b:98:e1:9a:6b:07:0a:1c:ce:13:73:ff:a0:cf:1f:86:be:
a5:86:f5:96:64:9b:65:b1:2c:5f:30:cb:bc:9d:f6:78:66:17:
3f:86:af:ce:ff:9d:1a:25:2d:fd:3f:12:41:7d:bf:0e:99:dc:
39:bd:d5:46:80:92:c4:31:66:b1:89:0e:4a:36:f0:a4:61:73:
4c:0a:db:fb:6a:ab:81:7c:b3:f5:7b:00:f5:70:c9:8c:a5:69:
a0:fd:55:48:00:cb:19:c6:42:95:f3:01:66:3d:9c:70:ae:b8:
03:86:b1:9b:bb:6f:e4:89:9a:b0:7c:19:c5:ee:64:57:e8:35:
32:1e:3e:f3:80:fd:3a:2b:86:83:8f:ea:3e:df:0f:fc:f3:51:
b4:79:cc:16:bf:da:46:3a:29:50:eb:b1:cd:ab:69:df:a4:6c:
a0:ce:d8:49:63:9f:9e:9a:1e:fb:15:82:ee:37:4f:ba:d7:32:
75:03:30:43:83:16:7a:14:65:e1:58:5d:e8:07:18:e5:83:72:
7d:e2:98:d6:bd:3a:3b:39:bf:fe:06:91:f4:e4:35:a5:c2:aa:
d3:c0:33:ab:3c:a2:0e:e9:60:30:12:01:a1:b7:70:a9:cb:01:
65:b9:da:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYo7e7z3vme/vdM/+kgRzQsoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjMwODI4MDkzMTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjQ0ODEwMjc4NjQwMzk4NjA1MDJlZTU2YmQyNTNjYWU5MzFkNjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApc9SYwR3k6FfpIeC/Sj3KH/7mPvB
jX9TsCeoT9MTcAhuqErp+8NSD6ia358tpWVqyMCHBHkT5VlDsEBtHcsgmAXTkHNC
hIzaIq3ZTdskk5rkWascO4NBTrCO+xW+smWHrZmtqkdc+GvrCyztjjmnYCj3/0Ut
5LS3h+EWwV3Q27HE+tE6wl5u6sdBKRqsBvSCtw87wVe/xhE5cETXa49x2NJGqfbt
L7wPz7oVCIzpdRIF51g9OboolHpiB1S2TYkMyGPcNcGIQfl4s2qX4g9vbhy1KHAN
gAqaLw8pvicZa9V8VZbl305Q7VvWd9q3NGl6KjHk1b3lvCRIDV/j1Fgs3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNtEgQJ4ZAOYYFAu5WvSU8rpMdaMMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvMjBTQkFuaGtBNWhnVUM3bGE5SlR5dWt4MW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW83cMA0G
CSqGSIb3DQEBCwUAA4IBAQBsvGHi1adDvvTgMTPsgRtMUI4mC5jhmmsHChzOE3P/
oM8fhr6lhvWWZJtlsSxfMMu8nfZ4Zhc/hq/O/50aJS39PxJBfb8Omdw5vdVGgJLE
MWaxiQ5KNvCkYXNMCtv7aquBfLP1ewD1cMmMpWmg/VVIAMsZxkKV8wFmPZxwrrgD
hrGbu2/kiZqwfBnF7mRX6DUyHj7zgP06K4aDj+o+3w/881G0ecwWv9pGOilQ67HN
q2nfpGygzthJY5+emh77FYLuN0+61zJ1AzBDgxZ6FGXhWF3oBxjlg3J94pjWvTo7
Ob/+BpH05DWlwqrTwDOrPKIO6WAwEgGht3CpywFludpf
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:20 2024 by rpki-client on console-fra.rpki-client.org