Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/8e16cf-cd3b-4177-a045-1c28e1cd5745/1/cIQw84iUygHRjXfjdN8XHO9WAgQ.roa
File: cIQw84iUygHRjXfjdN8XHO9WAgQ.roa (raw, json)
Hash identifier: tYFAZqCIhvYH18mZKYv625Y4LdzX1l42/4DfmNCu0OU=
Subject key identifier: 70:84:30:F3:88:94:CA:01:D1:8D:77:E3:74:DF:17:1C:EF:56:02:04
Certificate issuer: /CN=e981cd1fc6c32e4b3b7c9c538b04dd30a811c3cb
Certificate serial: 01856B25801D3BFF76804F55D04A26FBA00B
Authority key identifier: E9:81:CD:1F:C6:C3:2E:4B:3B:7C:9C:53:8B:04:DD:30:A8:11:C3:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6YHNH8bDLks7fJxTiwTdMKgRw8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/8e16cf-cd3b-4177-a045-1c28e1cd5745/1/cIQw84iUygHRjXfjdN8XHO9WAgQ.roa
Signing time: Sun 01 Jan 2023 02:24:57 +0000
ROA not before: Sun 01 Jan 2023 02:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51729
IP address blocks: 91.220.65.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:25:80:1d:3b:ff:76:80:4f:55:d0:4a:26:fb:a0:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e981cd1fc6c32e4b3b7c9c538b04dd30a811c3cb
Validity
Not Before: Jan 1 02:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=708430f38894ca01d18d77e374df171cef560204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:37:e7:9e:0b:ac:d6:0d:9c:d5:71:39:b7:26:
6e:24:d6:81:86:9d:a9:4f:fd:a4:74:b4:13:bb:50:
64:0d:e1:94:d9:ba:5c:c1:2b:47:ba:6c:4c:08:11:
ff:1f:a5:be:00:60:9a:78:b8:08:16:d3:2f:2c:d3:
6f:3b:3f:88:63:69:f1:c5:82:92:6f:84:02:8f:b9:
ee:58:f6:43:cd:2d:18:aa:5b:4a:57:fa:90:3a:9b:
72:03:50:27:31:6a:fc:34:92:9c:92:e5:95:2b:3b:
64:d3:6e:89:f6:0d:84:41:8d:2f:34:ed:b6:8f:43:
d7:57:16:aa:bd:7a:50:49:5c:d6:49:8c:11:95:08:
28:78:8d:53:e1:c2:85:7f:28:e5:b7:15:4f:f4:20:
24:93:fa:4b:01:81:74:e5:01:ce:bc:93:ef:f2:c0:
9d:53:25:9e:28:b2:8f:48:dc:fe:36:36:e3:85:81:
82:41:77:85:06:a8:96:15:7f:ee:bd:88:86:04:9c:
8f:65:af:fe:c8:c4:50:b3:28:f5:8b:70:d3:64:2c:
d0:e3:9b:7d:2f:fe:92:d1:12:e5:5f:4e:23:6c:8b:
c9:d7:74:ca:bc:4d:f8:7b:e2:af:0b:76:ab:24:3f:
fc:31:6a:d1:01:75:12:b9:69:42:69:2b:56:a6:8d:
5b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:84:30:F3:88:94:CA:01:D1:8D:77:E3:74:DF:17:1C:EF:56:02:04
X509v3 Authority Key Identifier:
keyid:E9:81:CD:1F:C6:C3:2E:4B:3B:7C:9C:53:8B:04:DD:30:A8:11:C3:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6YHNH8bDLks7fJxTiwTdMKgRw8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/8e16cf-cd3b-4177-a045-1c28e1cd5745/1/cIQw84iUygHRjXfjdN8XHO9WAgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/8e16cf-cd3b-4177-a045-1c28e1cd5745/1/6YHNH8bDLks7fJxTiwTdMKgRw8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.65.0/24
Signature Algorithm: sha256WithRSAEncryption
44:3e:38:a7:dc:c1:7e:f7:5d:a9:14:11:49:50:b5:82:12:de:
56:f3:eb:33:ab:71:d7:ea:13:af:0a:1a:91:4b:01:a6:a6:31:
b0:cb:ed:fe:fe:5c:a6:55:a5:9f:ea:99:e7:70:d2:3f:52:03:
b2:7d:4c:48:1c:2e:f5:b3:bb:08:f0:c6:ff:ba:86:bc:fa:e7:
4c:0d:63:3a:07:50:7d:e2:6f:eb:0f:22:b3:fe:99:4f:79:e5:
36:a1:de:91:48:a9:ef:f8:ec:c6:35:4c:17:75:6c:7b:b4:a1:
f4:b5:c2:75:a2:26:e0:8f:5c:dc:47:a6:e8:89:4f:bc:81:9b:
cc:ef:a5:25:a0:0c:60:01:04:28:66:9f:ca:c3:28:ef:16:52:
64:09:8b:f8:6f:66:4f:f3:ca:17:15:ec:dc:f4:84:3c:fb:df:
09:09:da:b3:f9:d3:a7:f1:fc:ee:28:29:ba:6c:ae:b8:52:65:
90:a2:9b:95:fe:3e:00:fb:ae:1b:84:8f:58:6b:a7:18:a2:d7:
a9:62:75:c1:2f:07:45:6e:8b:34:1e:f7:8b:64:dc:13:66:e4:
aa:56:49:b3:ad:bd:df:c5:dc:1b:7d:c4:e8:96:a3:e3:77:a4:
9f:ea:94:a5:c5:ba:82:0f:dd:61:a3:52:f5:f6:0a:52:2f:34:
9e:33:6e:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrJYAdO/92gE9V0Eom+6ALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ODFjZDFmYzZjMzJlNGIzYjdjOWM1MzhiMDRkZDMwYTgx
MWMzY2IwHhcNMjMwMTAxMDIyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDg0MzBmMzg4OTRjYTAxZDE4ZDc3ZTM3NGRmMTcxY2VmNTYwMjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDfnngus1g2c1XE5tyZuJNaBhp2p
T/2kdLQTu1BkDeGU2bpcwStHumxMCBH/H6W+AGCaeLgIFtMvLNNvOz+IY2nxxYKS
b4QCj7nuWPZDzS0YqltKV/qQOptyA1AnMWr8NJKckuWVKztk026J9g2EQY0vNO22
j0PXVxaqvXpQSVzWSYwRlQgoeI1T4cKFfyjltxVP9CAkk/pLAYF05QHOvJPv8sCd
UyWeKLKPSNz+NjbjhYGCQXeFBqiWFX/uvYiGBJyPZa/+yMRQsyj1i3DTZCzQ45t9
L/6S0RLlX04jbIvJ13TKvE34e+KvC3arJD/8MWrRAXUSuWlCaStWpo1b1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCEMPOIlMoB0Y1343TfFxzvVgIEMB8GA1UdIwQY
MBaAFOmBzR/Gwy5LO3ycU4sE3TCoEcPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNllITkg4YkRMa3M3Zkp4VGl3VGRNS2dSdzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni84ZTE2Y2YtY2QzYi00MTc3LWEwNDUt
MWMyOGUxY2Q1NzQ1LzEvY0lRdzg0aVV5Z0hSalhmamROOFhITzlXQWdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni84ZTE2Y2YtY2QzYi00MTc3LWEwNDUtMWMyOGUxY2Q1NzQ1
LzEvNllITkg4YkRMa3M3Zkp4VGl3VGRNS2dSdzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9xBMA0G
CSqGSIb3DQEBCwUAA4IBAQBEPjin3MF+912pFBFJULWCEt5W8+szq3HX6hOvChqR
SwGmpjGwy+3+/lymVaWf6pnncNI/UgOyfUxIHC71s7sI8Mb/uoa8+udMDWM6B1B9
4m/rDyKz/plPeeU2od6RSKnv+OzGNUwXdWx7tKH0tcJ1oibgj1zcR6boiU+8gZvM
76UloAxgAQQoZp/KwyjvFlJkCYv4b2ZP88oXFezc9IQ8+98JCdqz+dOn8fzuKCm6
bK64UmWQopuV/j4A+64bhI9Ya6cYotepYnXBLwdFbos0HveLZNwTZuSqVkmzrb3f
xdwbfcTolqPjd6Sf6pSlxbqCD91ho1L19gpSLzSeM24l
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:54 2024 by rpki-client on console-fra.rpki-client.org