Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/066da9-995e-48f2-b9f1-801cab720edb/1/arvSRaXBCdpQ8JZn29GHOeY0MD8.roa
File: arvSRaXBCdpQ8JZn29GHOeY0MD8.roa (raw, json)
Hash identifier: f9Ait1WA9F13yvvGd+2ifBkytICdhmoMMAflfz/ybvw=
Subject key identifier: 6A:BB:D2:45:A5:C1:09:DA:50:F0:96:67:DB:D1:87:39:E6:34:30:3F
Certificate issuer: /CN=efa4772463cdbe12b73b16ad0d2516f07d63830d
Certificate serial: 0188E72622D875187B1DEF35451904A4F0BF
Authority key identifier: EF:A4:77:24:63:CD:BE:12:B7:3B:16:AD:0D:25:16:F0:7D:63:83:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76R3JGPNvhK3OxatDSUW8H1jgw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/066da9-995e-48f2-b9f1-801cab720edb/1/arvSRaXBCdpQ8JZn29GHOeY0MD8.roa
Signing time: Fri 23 Jun 2023 07:26:56 +0000
ROA not before: Fri 23 Jun 2023 07:26:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 91.213.91.0/24 maxlen: 24
2001:67c:2ea0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e7:26:22:d8:75:18:7b:1d:ef:35:45:19:04:a4:f0:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa4772463cdbe12b73b16ad0d2516f07d63830d
Validity
Not Before: Jun 23 07:26:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6abbd245a5c109da50f09667dbd18739e634303f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f7:30:c3:19:2f:1a:ab:6d:95:26:e8:3b:d2:
1b:ce:9a:ce:f3:7d:5d:73:06:14:8a:f1:c7:32:57:
97:a6:93:dd:cc:d3:80:7a:96:6e:d3:6f:48:60:48:
d8:5c:c1:a5:b2:8c:41:83:ad:6a:11:f3:8b:70:fd:
d6:9b:5b:9b:b4:ca:05:03:86:56:96:ad:6b:ef:4f:
20:8c:08:64:45:69:f8:51:fa:c7:ff:86:40:2d:81:
cf:e1:40:7c:1d:98:b8:f2:fa:14:d3:c8:fa:4f:6a:
63:e3:2c:60:00:09:f2:02:66:97:66:bc:fb:5d:e4:
3d:38:c4:68:96:51:c7:d0:09:f3:e9:cf:0c:44:de:
e2:11:e6:91:18:47:a5:f9:75:3e:d5:2b:7e:aa:f8:
36:95:af:52:84:aa:21:54:29:80:34:89:3d:8f:b1:
8b:9a:7a:e0:22:1d:10:e5:5a:a2:aa:83:3c:64:2d:
3c:a1:6d:7a:4d:e8:9b:70:96:85:e2:a2:f5:ff:34:
fe:c4:00:87:24:96:a5:4e:54:ad:64:b2:57:21:be:
bb:e4:2b:13:d9:ec:26:2b:ab:d8:f0:2a:b8:66:1b:
c8:c5:59:b5:ce:8a:bc:76:26:46:53:51:82:29:69:
ef:a7:a6:f6:40:b8:00:ba:d7:d8:c2:7d:1b:4b:78:
f8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:BB:D2:45:A5:C1:09:DA:50:F0:96:67:DB:D1:87:39:E6:34:30:3F
X509v3 Authority Key Identifier:
keyid:EF:A4:77:24:63:CD:BE:12:B7:3B:16:AD:0D:25:16:F0:7D:63:83:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76R3JGPNvhK3OxatDSUW8H1jgw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/066da9-995e-48f2-b9f1-801cab720edb/1/arvSRaXBCdpQ8JZn29GHOeY0MD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/066da9-995e-48f2-b9f1-801cab720edb/1/76R3JGPNvhK3OxatDSUW8H1jgw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.91.0/24
IPv6:
2001:67c:2ea0::/48
Signature Algorithm: sha256WithRSAEncryption
85:7a:18:9f:b1:9b:bc:c8:97:10:12:b1:bc:bc:1a:c1:f2:c5:
e5:ce:d0:b5:5c:5a:9e:b9:a3:71:1a:86:ff:e9:aa:29:56:1f:
a8:e8:84:e6:76:b7:82:0d:aa:dc:73:0a:6f:3b:d2:e3:1f:0c:
13:22:26:d9:d8:be:cb:55:7d:1a:95:6a:c8:2e:c8:10:5e:14:
e1:ae:3d:91:a5:9c:1d:26:be:14:3f:99:46:9a:bc:f1:40:66:
73:ed:e8:98:9d:d4:82:b8:d8:4b:94:98:64:b6:cb:15:03:6b:
c5:18:3c:94:16:e1:06:d8:46:06:61:39:f5:d1:0d:b1:67:c2:
b8:c9:15:69:a9:38:8e:31:39:3e:e2:3b:9d:b2:5e:f5:31:b5:
53:45:5b:be:ac:37:be:b7:78:b1:42:1e:32:0a:fe:e1:39:4b:
e5:d3:72:9c:05:7e:bb:54:54:4a:93:3f:f2:1c:a1:4b:39:5a:
f2:10:f2:3a:74:de:7a:48:cd:86:97:1e:c6:ce:ed:49:68:61:
18:a5:eb:6e:65:e0:20:af:1d:f5:2a:71:d4:e5:ce:96:c7:1b:
4d:84:cb:94:ba:38:2b:f7:0c:fb:15:30:9a:c7:23:d6:e2:ba:
2a:6c:3d:d1:46:47:c8:95:f6:7e:17:db:83:79:85:ec:95:41:
ad:da:32:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYjnJiLYdRh7He81RRkEpPC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTQ3NzI0NjNjZGJlMTJiNzNiMTZhZDBkMjUxNmYwN2Q2
MzgzMGQwHhcNMjMwNjIzMDcyNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWJiZDI0NWE1YzEwOWRhNTBmMDk2NjdkYmQxODczOWU2MzQzMDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvcwwxkvGqttlSboO9IbzprO831d
cwYUivHHMleXppPdzNOAepZu029IYEjYXMGlsoxBg61qEfOLcP3Wm1ubtMoFA4ZW
lq1r708gjAhkRWn4UfrH/4ZALYHP4UB8HZi48voU08j6T2pj4yxgAAnyAmaXZrz7
XeQ9OMRollHH0Anz6c8MRN7iEeaRGEel+XU+1St+qvg2la9ShKohVCmANIk9j7GL
mnrgIh0Q5VqiqoM8ZC08oW16TeibcJaF4qL1/zT+xACHJJalTlStZLJXIb675CsT
2ewmK6vY8Cq4ZhvIxVm1zoq8diZGU1GCKWnvp6b2QLgAutfYwn0bS3j4AQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGq70kWlwQnaUPCWZ9vRhznmNDA/MB8GA1UdIwQY
MBaAFO+kdyRjzb4StzsWrQ0lFvB9Y4MNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZSM0pHUE52aEszT3hhdERTVVc4SDFqZ3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wNjZkYTktOTk1ZS00OGYyLWI5ZjEt
ODAxY2FiNzIwZWRiLzEvYXJ2U1JhWEJDZHBROEpabjI5R0hPZVkwTUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wNjZkYTktOTk1ZS00OGYyLWI5ZjEtODAxY2FiNzIwZWRi
LzEvNzZSM0pHUE52aEszT3hhdERTVVc4SDFqZ3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9VbMA8E
AgACMAkDBwAgAQZ8LqAwDQYJKoZIhvcNAQELBQADggEBAIV6GJ+xm7zIlxASsby8
GsHyxeXO0LVcWp65o3Eahv/pqilWH6johOZ2t4INqtxzCm870uMfDBMiJtnYvstV
fRqVasguyBBeFOGuPZGlnB0mvhQ/mUaavPFAZnPt6Jid1IK42EuUmGS2yxUDa8UY
PJQW4QbYRgZhOfXRDbFnwrjJFWmpOI4xOT7iO52yXvUxtVNFW76sN763eLFCHjIK
/uE5S+XTcpwFfrtUVEqTP/IcoUs5WvIQ8jp03npIzYaXHsbO7UloYRil625l4CCv
HfUqcdTlzpbHG02Ey5S6OCv3DPsVMJrHI9biuipsPdFGR8iV9n4X24N5heyVQa3a
MiY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:40 2024 by rpki-client on console-ams.rpki-client.org