Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/7b7f26-f841-4700-aafb-ead0634192cd/1/g2b2yQEZ0Af9X79_7a8e9QC2yTc.roa
File: g2b2yQEZ0Af9X79_7a8e9QC2yTc.roa (raw, json)
Hash identifier: WfCkFUAxmy1kYB6fH51lhku+bXzwtKyxL4YTrUOm6t0=
Subject key identifier: 83:66:F6:C9:01:19:D0:07:FD:5F:BF:7F:ED:AF:1E:F5:00:B6:C9:37
Certificate issuer: /CN=af3f700503f40720a82f76ef15cda62022f1f9a9
Certificate serial: 01856C1CA09447993D21E60952DDE6057E51
Authority key identifier: AF:3F:70:05:03:F4:07:20:A8:2F:76:EF:15:CD:A6:20:22:F1:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rz9wBQP0ByCoL3bvFc2mICLx-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/7b7f26-f841-4700-aafb-ead0634192cd/1/g2b2yQEZ0Af9X79_7a8e9QC2yTc.roa
Signing time: Sun 01 Jan 2023 06:54:53 +0000
ROA not before: Sun 01 Jan 2023 06:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42100
IP address blocks: 91.212.13.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:a0:94:47:99:3d:21:e6:09:52:dd:e6:05:7e:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af3f700503f40720a82f76ef15cda62022f1f9a9
Validity
Not Before: Jan 1 06:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8366f6c90119d007fd5fbf7fedaf1ef500b6c937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:eb:13:31:4f:fd:1e:43:df:44:d9:fa:02:43:
df:3d:ec:cc:c3:07:21:90:87:a7:e5:7a:2e:a4:32:
5f:f5:04:a4:c6:ec:2c:11:9f:16:ff:d7:b0:8e:a3:
e7:7c:09:93:19:34:1a:71:22:2d:bb:6e:5e:0e:93:
42:8d:7c:3d:5d:b7:44:dd:2c:cf:0b:5d:12:76:8f:
2f:8a:42:bd:41:7b:27:4c:e6:46:85:50:78:58:e2:
40:b7:6b:88:aa:16:33:b3:3e:40:1d:5d:28:8d:87:
63:72:b3:da:d0:1b:fc:f9:41:1c:6d:cb:fe:7a:7a:
0a:50:96:fa:04:16:ed:61:e6:08:17:aa:c1:c6:36:
7b:1f:7e:cc:6f:c6:48:fe:fa:54:9a:b5:91:df:2f:
98:c9:99:04:5a:a1:e4:6b:a9:79:bc:d5:53:dd:ef:
e3:55:49:c1:5a:65:98:c6:80:30:ec:02:98:2e:38:
e7:b4:0b:50:4c:03:8d:55:19:02:ea:59:af:78:37:
a3:48:39:ca:b2:34:c6:6c:53:db:78:57:a5:3f:89:
6e:04:96:fb:90:43:1b:e9:ea:f0:e5:30:9e:62:e1:
66:ed:88:1f:5e:43:5c:9a:85:02:69:ad:be:27:68:
c7:d1:c3:7d:54:b3:07:26:bd:54:d7:2b:ab:91:8d:
aa:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:66:F6:C9:01:19:D0:07:FD:5F:BF:7F:ED:AF:1E:F5:00:B6:C9:37
X509v3 Authority Key Identifier:
keyid:AF:3F:70:05:03:F4:07:20:A8:2F:76:EF:15:CD:A6:20:22:F1:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rz9wBQP0ByCoL3bvFc2mICLx-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/7b7f26-f841-4700-aafb-ead0634192cd/1/g2b2yQEZ0Af9X79_7a8e9QC2yTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/7b7f26-f841-4700-aafb-ead0634192cd/1/rz9wBQP0ByCoL3bvFc2mICLx-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.13.0/24
Signature Algorithm: sha256WithRSAEncryption
97:e7:ed:0a:f3:c9:f1:5e:e9:19:55:72:18:ab:23:f1:b0:67:
00:ec:7e:fe:61:ba:89:e6:ef:20:ad:ab:09:e2:9b:fd:91:02:
cd:53:ec:be:da:3b:78:e3:0e:e7:bd:41:c0:95:9b:01:52:e8:
69:57:0c:53:fa:ce:bd:cf:82:c2:60:5c:61:89:ee:cb:4c:d8:
73:8d:32:b7:7e:ff:52:2b:46:fd:d8:20:ef:48:a0:e5:85:a6:
d0:a4:17:60:38:e9:4c:4f:ea:26:55:c3:e6:3f:40:da:88:ac:
dd:39:af:26:ec:ae:62:bc:f7:6b:bb:09:00:0e:20:b1:3b:93:
47:65:f9:f3:a8:da:dc:90:65:eb:7b:f5:23:d7:0c:61:bd:0e:
9f:59:08:41:75:84:0d:72:79:50:0f:4a:f4:5f:b4:43:fa:35:
88:cf:a8:96:2a:0f:6c:6e:6e:a9:fc:44:51:49:c7:47:93:70:
9b:d7:15:5e:f5:97:cd:b1:18:d9:ee:83:5a:36:c4:b3:85:e7:
cd:76:af:c3:93:2f:c3:70:df:7d:7d:9a:7d:a4:fa:e8:a1:65:
62:a7:cf:9b:35:df:4f:fc:db:b3:14:da:02:d8:b3:21:33:99:
af:56:86:f7:13:de:b2:38:bc:6f:15:61:d6:df:a9:55:a9:98:
95:e9:bb:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsHKCUR5k9IeYJUt3mBX5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmM2Y3MDA1MDNmNDA3MjBhODJmNzZlZjE1Y2RhNjIwMjJm
MWY5YTkwHhcNMjMwMTAxMDY1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzY2ZjZjOTAxMTlkMDA3ZmQ1ZmJmN2ZlZGFmMWVmNTAwYjZjOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+sTMU/9HkPfRNn6AkPfPezMwwch
kIen5XoupDJf9QSkxuwsEZ8W/9ewjqPnfAmTGTQacSItu25eDpNCjXw9XbdE3SzP
C10Sdo8vikK9QXsnTOZGhVB4WOJAt2uIqhYzsz5AHV0ojYdjcrPa0Bv8+UEcbcv+
enoKUJb6BBbtYeYIF6rBxjZ7H37Mb8ZI/vpUmrWR3y+YyZkEWqHka6l5vNVT3e/j
VUnBWmWYxoAw7AKYLjjntAtQTAONVRkC6lmveDejSDnKsjTGbFPbeFelP4luBJb7
kEMb6erw5TCeYuFm7YgfXkNcmoUCaa2+J2jH0cN9VLMHJr1U1yurkY2qmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFINm9skBGdAH/V+/f+2vHvUAtsk3MB8GA1UdIwQY
MBaAFK8/cAUD9AcgqC927xXNpiAi8fmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcno5d0JRUDBCeUNvTDNidkZjMm1JQ0x4LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83YjdmMjYtZjg0MS00NzAwLWFhZmIt
ZWFkMDYzNDE5MmNkLzEvZzJiMnlRRVowQWY5WDc5XzdhOGU5UUMyeVRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC83YjdmMjYtZjg0MS00NzAwLWFhZmItZWFkMDYzNDE5MmNk
LzEvcno5d0JRUDBCeUNvTDNidkZjMm1JQ0x4LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9QNMA0G
CSqGSIb3DQEBCwUAA4IBAQCX5+0K88nxXukZVXIYqyPxsGcA7H7+YbqJ5u8grasJ
4pv9kQLNU+y+2jt44w7nvUHAlZsBUuhpVwxT+s69z4LCYFxhie7LTNhzjTK3fv9S
K0b92CDvSKDlhabQpBdgOOlMT+omVcPmP0DaiKzdOa8m7K5ivPdruwkADiCxO5NH
ZfnzqNrckGXre/Uj1wxhvQ6fWQhBdYQNcnlQD0r0X7RD+jWIz6iWKg9sbm6p/ERR
ScdHk3Cb1xVe9ZfNsRjZ7oNaNsSzhefNdq/Dky/DcN99fZp9pProoWVip8+bNd9P
/NuzFNoC2LMhM5mvVob3E96yOLxvFWHW36lVqZiV6bvG
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:03 2024 by rpki-client on console-fra.rpki-client.org