Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/b525eb-cea4-47fd-8f7d-68e949082f9b/1/zGrPFk3yJCkLE3eeMgW8OusCN8s.roa
File: zGrPFk3yJCkLE3eeMgW8OusCN8s.roa (raw, json)
Hash identifier: ScQGGk4DCdBr/VcnifgNgcLr2OG/SUbBStrgFgRzLyM=
Subject key identifier: CC:6A:CF:16:4D:F2:24:29:0B:13:77:9E:32:05:BC:3A:EB:02:37:CB
Certificate issuer: /CN=ec1d7290bfd1be123fbe0b075fd50dcf646c4f76
Certificate serial: 0189E371E38100462C9EC80322C8E6AD9A10
Authority key identifier: EC:1D:72:90:BF:D1:BE:12:3F:BE:0B:07:5F:D5:0D:CF:64:6C:4F:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7B1ykL_RvhI_vgsHX9UNz2RsT3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/b525eb-cea4-47fd-8f7d-68e949082f9b/1/zGrPFk3yJCkLE3eeMgW8OusCN8s.roa
Signing time: Fri 11 Aug 2023 07:13:59 +0000
ROA not before: Fri 11 Aug 2023 07:13:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44934
IP address blocks: 91.203.56.0/22 maxlen: 24
2001:67c:6f0::/48 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:71:e3:81:00:46:2c:9e:c8:03:22:c8:e6:ad:9a:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec1d7290bfd1be123fbe0b075fd50dcf646c4f76
Validity
Not Before: Aug 11 07:13:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc6acf164df224290b13779e3205bc3aeb0237cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b6:9e:bf:6d:22:91:60:0d:75:2f:84:53:c8:
89:8b:93:38:50:30:21:41:25:b8:35:08:8a:c6:7a:
0d:7d:23:e8:7f:7f:51:21:9f:d9:0a:1b:7e:20:b1:
e4:43:f6:9b:5b:42:7d:57:53:b2:d9:28:87:83:02:
d6:9f:c1:d8:12:5d:ef:8d:60:a9:18:72:50:7f:58:
71:f8:b2:ac:56:cf:34:66:2b:ff:ab:df:00:43:e8:
26:bb:92:d7:01:75:d7:0a:8f:6d:4d:d1:13:93:7d:
ba:ba:5c:0e:b2:e7:ce:ef:e2:10:b3:0b:d6:10:69:
5b:d0:3d:d4:6b:80:80:7c:e8:c2:1e:62:7a:4b:13:
c6:54:cc:59:99:4f:e6:99:e5:f5:5a:5a:98:9a:65:
c9:fd:48:8a:46:eb:51:33:cf:ec:23:9b:66:61:82:
d8:bf:0c:76:3c:b8:41:95:9a:e4:b3:27:38:c3:ad:
4d:9b:f8:2d:18:e4:e1:73:cb:6b:42:17:c9:e1:bf:
85:25:89:87:3a:09:7b:46:a4:56:7c:bf:67:f5:90:
87:4c:7f:a8:23:fa:a7:30:6e:b1:98:5d:a5:5f:77:
ab:22:90:b9:62:75:87:4c:e6:c3:8d:9d:68:c8:f8:
29:12:1a:a6:6f:96:1e:08:8d:aa:0d:40:49:d1:e6:
db:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:6A:CF:16:4D:F2:24:29:0B:13:77:9E:32:05:BC:3A:EB:02:37:CB
X509v3 Authority Key Identifier:
keyid:EC:1D:72:90:BF:D1:BE:12:3F:BE:0B:07:5F:D5:0D:CF:64:6C:4F:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7B1ykL_RvhI_vgsHX9UNz2RsT3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/b525eb-cea4-47fd-8f7d-68e949082f9b/1/zGrPFk3yJCkLE3eeMgW8OusCN8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/b525eb-cea4-47fd-8f7d-68e949082f9b/1/7B1ykL_RvhI_vgsHX9UNz2RsT3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.56.0/22
IPv6:
2001:67c:6f0::/48
Signature Algorithm: sha256WithRSAEncryption
bd:d5:ab:80:7f:32:ce:da:13:78:78:22:12:5d:f5:69:16:3f:
41:e9:3f:df:cb:c2:a4:ea:77:46:e2:38:24:26:ad:26:47:a3:
19:ac:8f:9f:b5:6d:0e:a9:96:ce:a5:07:3e:9a:68:c1:3b:97:
5c:98:91:b2:ae:be:21:ca:70:b2:0f:52:14:f6:13:b8:a5:28:
55:8e:a9:c8:59:b9:02:ea:29:52:ff:af:a2:e7:4b:49:e2:47:
42:54:c5:91:a2:3a:3f:8b:9d:f5:18:50:25:02:a9:0a:68:5c:
51:59:e7:dd:01:46:a8:11:57:3a:79:6d:39:b6:bf:1d:fa:51:
b0:f5:7a:49:0e:00:6c:14:84:0a:25:ac:36:89:a2:7f:77:3a:
67:19:c6:01:fe:13:6f:ed:14:6c:c1:b5:76:31:b3:e2:22:9a:
ad:9e:21:69:65:01:2c:73:13:ba:f1:80:18:d8:d0:fb:8b:07:
bf:e0:65:1a:5a:7f:d4:b9:95:0f:9e:36:27:b9:c6:3f:64:c2:
74:22:27:f9:55:67:0d:e7:29:c5:f0:aa:ff:69:7d:af:d3:4e:
c2:fc:a3:00:71:7f:75:a8:4d:e2:f4:11:53:6f:52:88:83:1e:
15:12:9c:98:b1:93:96:61:3b:56:e8:3e:66:aa:38:fe:bf:3a:
5d:38:32:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnjceOBAEYsnsgDIsjmrZoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjMWQ3MjkwYmZkMWJlMTIzZmJlMGIwNzVmZDUwZGNmNjQ2
YzRmNzYwHhcNMjMwODExMDcxMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzZhY2YxNjRkZjIyNDI5MGIxMzc3OWUzMjA1YmMzYWViMDIzN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobaev20ikWANdS+EU8iJi5M4UDAh
QSW4NQiKxnoNfSPof39RIZ/ZCht+ILHkQ/abW0J9V1Oy2SiHgwLWn8HYEl3vjWCp
GHJQf1hx+LKsVs80Ziv/q98AQ+gmu5LXAXXXCo9tTdETk326ulwOsufO7+IQswvW
EGlb0D3Ua4CAfOjCHmJ6SxPGVMxZmU/mmeX1WlqYmmXJ/UiKRutRM8/sI5tmYYLY
vwx2PLhBlZrksyc4w61Nm/gtGOThc8trQhfJ4b+FJYmHOgl7RqRWfL9n9ZCHTH+o
I/qnMG6xmF2lX3erIpC5YnWHTObDjZ1oyPgpEhqmb5YeCI2qDUBJ0ebb4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMxqzxZN8iQpCxN3njIFvDrrAjfLMB8GA1UdIwQY
MBaAFOwdcpC/0b4SP74LB1/VDc9kbE92MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0IxeWtMX1J2aElfdmdzSFg5VU56MlJzVDNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9iNTI1ZWItY2VhNC00N2ZkLThmN2Qt
NjhlOTQ5MDgyZjliLzEvekdyUEZrM3lKQ2tMRTNlZU1nVzhPdXNDTjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9iNTI1ZWItY2VhNC00N2ZkLThmN2QtNjhlOTQ5MDgyZjli
LzEvN0IxeWtMX1J2aElfdmdzSFg5VU56MlJzVDNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW8s4MA8E
AgACMAkDBwAgAQZ8BvAwDQYJKoZIhvcNAQELBQADggEBAL3Vq4B/Ms7aE3h4IhJd
9WkWP0HpP9/LwqTqd0biOCQmrSZHoxmsj5+1bQ6pls6lBz6aaME7l1yYkbKuviHK
cLIPUhT2E7ilKFWOqchZuQLqKVL/r6LnS0niR0JUxZGiOj+LnfUYUCUCqQpoXFFZ
590BRqgRVzp5bTm2vx36UbD1ekkOAGwUhAolrDaJon93OmcZxgH+E2/tFGzBtXYx
s+Iimq2eIWllASxzE7rxgBjY0PuLB7/gZRpaf9S5lQ+eNie5xj9kwnQiJ/lVZw3n
KcXwqv9pfa/TTsL8owBxf3WoTeL0EVNvUoiDHhUSnJixk5ZhO1boPmaqOP6/Ol04
MtQ=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:46 2024 by rpki-client on console-fra.rpki-client.org