Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/Ub4jDGx5dlH_eF_pAZYtaFPZ290.roa
File: Ub4jDGx5dlH_eF_pAZYtaFPZ290.roa (raw, json)
Hash identifier: nviqeoSOwWED+bAUKeNlgY9sj4gFhvK8KgCz2nhxfWk=
Subject key identifier: 51:BE:23:0C:6C:79:76:51:FF:78:5F:E9:01:96:2D:68:53:D9:DB:DD
Certificate issuer: /CN=fd717f3ab63945a1be739c2b3a2589bea55ddb6e
Certificate serial: 01856D53C966A64FBFC7F638AFEB39910A20
Authority key identifier: FD:71:7F:3A:B6:39:45:A1:BE:73:9C:2B:3A:25:89:BE:A5:5D:DB:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XF_OrY5RaG-c5wrOiWJvqVd224.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/Ub4jDGx5dlH_eF_pAZYtaFPZ290.roa
Signing time: Sun 01 Jan 2023 12:34:45 +0000
ROA not before: Sun 01 Jan 2023 12:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47505
IP address blocks: 91.206.78.0/23 maxlen: 23
193.142.208.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:c9:66:a6:4f:bf:c7:f6:38:af:eb:39:91:0a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd717f3ab63945a1be739c2b3a2589bea55ddb6e
Validity
Not Before: Jan 1 12:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51be230c6c797651ff785fe901962d6853d9dbdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:aa:85:d2:27:2a:8b:2c:1a:c6:70:d9:ee:10:
1b:9c:03:d0:04:35:ea:2f:8a:9a:1f:b5:e4:b2:5d:
32:0c:2c:16:93:92:91:0a:ee:29:99:b9:e1:7d:31:
10:77:c9:96:ad:b5:dd:f5:10:f6:f9:c1:52:26:2c:
dc:47:6c:60:e1:83:0a:20:c5:c6:42:01:e8:36:1c:
8f:f5:be:76:a3:95:fb:94:30:49:e7:8b:fb:ad:35:
ab:b3:c0:66:59:bb:7b:48:c6:32:24:20:ad:65:bc:
e4:b3:66:93:4b:ca:04:8c:bb:d1:75:f6:43:3f:5d:
3c:16:0a:fb:fb:8b:8c:4d:ff:e8:02:8c:d7:33:d0:
13:d3:ae:1b:74:ef:a2:26:d5:3f:0d:06:19:10:77:
99:2d:0b:e4:90:64:7f:c8:65:6f:c1:70:30:28:2c:
98:c5:85:20:db:37:b4:c5:54:8c:70:3c:32:97:12:
08:e6:fa:34:ed:04:16:e0:9b:ac:42:dc:4c:9d:27:
1c:de:9f:eb:df:6e:81:d7:2c:3e:a5:dc:8f:f2:1e:
4c:cc:52:ff:61:cb:40:3c:80:b5:d3:23:e4:b2:e6:
de:04:e9:e5:9f:92:6e:c0:b7:a9:4a:ef:a1:86:12:
2a:6f:f5:8d:09:25:f0:0a:1a:36:44:5f:1a:1c:60:
e3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:BE:23:0C:6C:79:76:51:FF:78:5F:E9:01:96:2D:68:53:D9:DB:DD
X509v3 Authority Key Identifier:
keyid:FD:71:7F:3A:B6:39:45:A1:BE:73:9C:2B:3A:25:89:BE:A5:5D:DB:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XF_OrY5RaG-c5wrOiWJvqVd224.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/Ub4jDGx5dlH_eF_pAZYtaFPZ290.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.78.0/23
193.142.208.0/24
Signature Algorithm: sha256WithRSAEncryption
40:cd:ba:57:c5:78:d1:be:e3:56:57:bf:48:a0:fb:5e:c6:13:
f2:80:ff:17:5c:db:b7:46:ab:50:6d:17:f7:31:8c:82:04:05:
4c:35:c1:25:e8:be:28:db:65:8c:44:d0:eb:0d:a7:a0:c2:e3:
42:7d:bc:8b:b3:96:59:4b:7b:82:9d:b3:0c:e3:05:33:02:18:
e2:09:0d:a7:b7:bd:7a:e0:cc:13:32:54:1a:6c:08:f5:03:0c:
67:2d:6d:27:cd:45:67:52:0f:81:ef:ed:d4:7d:7f:23:c8:6d:
fc:cc:4d:19:dd:1a:47:ea:0b:98:61:83:bd:d8:6c:6f:7d:d4:
b6:39:9e:2b:30:e1:0b:ec:1d:d5:68:c9:87:3f:50:55:f6:05:
73:0f:65:a9:f0:3b:dc:57:6e:4e:7f:17:87:4d:12:4e:51:7b:
a1:47:cf:13:79:60:87:ca:f2:3f:e7:24:d1:92:1f:53:9d:34:
66:a0:09:0c:8f:94:94:7e:bb:af:8a:29:f8:11:d5:ef:9a:27:
33:67:98:21:69:73:4c:1c:82:b6:36:f0:b5:df:a7:18:07:3f:
1f:7c:80:52:23:2a:e4:5f:98:84:80:f5:57:43:30:86:d5:5d:
0b:03:4e:ac:98:23:f7:83:49:de:3c:1d:ce:ac:5f:ca:95:8b:
8f:fa:7e:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtU8lmpk+/x/Y4r+s5kQogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNzE3ZjNhYjYzOTQ1YTFiZTczOWMyYjNhMjU4OWJlYTU1
ZGRiNmUwHhcNMjMwMTAxMTIzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWJlMjMwYzZjNzk3NjUxZmY3ODVmZTkwMTk2MmQ2ODUzZDlkYmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8aqF0icqiywaxnDZ7hAbnAPQBDXq
L4qaH7Xksl0yDCwWk5KRCu4pmbnhfTEQd8mWrbXd9RD2+cFSJizcR2xg4YMKIMXG
QgHoNhyP9b52o5X7lDBJ54v7rTWrs8BmWbt7SMYyJCCtZbzks2aTS8oEjLvRdfZD
P108Fgr7+4uMTf/oAozXM9AT064bdO+iJtU/DQYZEHeZLQvkkGR/yGVvwXAwKCyY
xYUg2ze0xVSMcDwylxII5vo07QQW4JusQtxMnScc3p/r326B1yw+pdyP8h5MzFL/
YctAPIC10yPksubeBOnln5JuwLepSu+hhhIqb/WNCSXwCho2RF8aHGDj2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFG+IwxseXZR/3hf6QGWLWhT2dvdMB8GA1UdIwQY
MBaAFP1xfzq2OUWhvnOcKzolib6lXdtuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1hGX09yWTVSYUctYzV3ck9pV0p2cVZkMjI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yZjBhNjYtMTYzNC00MGZiLTk5YjAt
OTMxNTA1ZmY0MWM1LzEvVWI0akRHeDVkbEhfZUZfcEFaWXRhRlBaMjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yZjBhNjYtMTYzNC00MGZiLTk5YjAtOTMxNTA1ZmY0MWM1
LzEvX1hGX09yWTVSYUctYzV3ck9pV0p2cVZkMjI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW85OAwQA
wY7QMA0GCSqGSIb3DQEBCwUAA4IBAQBAzbpXxXjRvuNWV79IoPtexhPygP8XXNu3
RqtQbRf3MYyCBAVMNcEl6L4o22WMRNDrDaegwuNCfbyLs5ZZS3uCnbMM4wUzAhji
CQ2nt7164MwTMlQabAj1AwxnLW0nzUVnUg+B7+3UfX8jyG38zE0Z3RpH6guYYYO9
2GxvfdS2OZ4rMOEL7B3VaMmHP1BV9gVzD2Wp8DvcV25OfxeHTRJOUXuhR88TeWCH
yvI/5yTRkh9TnTRmoAkMj5SUfruviin4EdXvmiczZ5ghaXNMHIK2NvC136cYBz8f
fIBSIyrkX5iEgPVXQzCG1V0LA06smCP3g0nePB3OrF/KlYuP+n72
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:43 2024 by rpki-client on console-ams.rpki-client.org