Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/ast_BlLjwacLB0msFuzBmOV_I6U.roa
File: ast_BlLjwacLB0msFuzBmOV_I6U.roa (raw, json)
Hash identifier: zDiO2fmvSSu9seONW75NefiYgseXfvrWIOuRXJ+thoA=
Subject key identifier: 6A:CB:7F:06:52:E3:C1:A7:0B:07:49:AC:16:EC:C1:98:E5:7F:23:A5
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 0185703066F59D697CD0F91570A5D8058F38
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/ast_BlLjwacLB0msFuzBmOV_I6U.roa
Signing time: Mon 02 Jan 2023 01:54:58 +0000
ROA not before: Mon 02 Jan 2023 01:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42759
IP address blocks: 91.120.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:66:f5:9d:69:7c:d0:f9:15:70:a5:d8:05:8f:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 01:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6acb7f0652e3c1a70b0749ac16ecc198e57f23a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c9:96:01:8c:e5:7c:17:0b:85:27:58:8c:3b:
af:32:9c:e2:cc:eb:d4:2c:be:3e:50:bc:6d:af:2c:
82:22:a5:29:cf:83:c6:1e:eb:26:7c:83:e7:b9:8b:
e5:99:d2:4a:4f:d6:ab:6b:01:a5:3e:43:f1:4a:32:
c7:71:c0:af:94:d6:76:08:de:84:96:2f:cd:dc:be:
0e:c8:68:a0:e5:a4:e4:21:55:54:df:9a:33:e4:60:
3a:df:b5:80:17:09:6a:f5:35:72:28:f5:e9:a9:82:
e6:79:03:4d:e3:da:b8:84:a9:53:4f:88:eb:80:0f:
7c:b9:1c:67:c6:6c:c4:9e:76:9c:24:0a:8a:aa:01:
c9:83:b6:0a:3d:6c:ed:4e:7e:db:b8:1b:13:d7:6e:
8f:6f:4e:91:64:10:61:c0:22:88:62:e2:fa:1e:91:
b2:29:82:71:80:fc:eb:41:2b:0c:b2:cf:08:60:f9:
b3:cb:4d:d6:67:46:5e:be:cc:2e:be:ab:0e:6c:4e:
d3:10:7e:a0:c8:81:32:ed:94:a3:96:39:87:a5:af:
2d:fa:20:d7:a5:93:f9:cc:dd:43:c0:c6:f0:10:57:
32:6a:2c:c9:62:a6:5a:f7:57:f1:c2:44:fb:c5:93:
b3:5b:fb:71:b3:59:3b:83:2d:c4:b3:6c:e6:e6:02:
5d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:CB:7F:06:52:E3:C1:A7:0B:07:49:AC:16:EC:C1:98:E5:7F:23:A5
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/ast_BlLjwacLB0msFuzBmOV_I6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.120.49.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:e8:45:0a:5b:10:64:38:cc:a8:30:ac:62:56:9f:72:56:6e:
16:be:7a:5a:fd:52:32:01:86:fa:33:46:0c:5f:96:2e:dd:0f:
52:0c:58:9f:9b:8e:6e:12:9e:41:82:e5:50:09:91:04:0a:2b:
7c:a6:6a:71:2d:19:de:b8:54:5a:17:43:17:cf:f8:53:41:e2:
09:ca:9f:af:ca:8c:11:a1:9d:c0:e3:11:3a:c1:7e:97:06:ea:
9e:aa:32:84:33:d9:7c:f9:d3:2d:b1:11:04:85:ad:b1:d6:de:
70:3f:e9:45:00:a9:59:52:c6:f4:f8:c7:9d:08:5c:78:87:69:
ae:b9:2c:9e:c5:ed:23:30:4e:19:2f:6a:c4:62:19:8e:8a:bf:
03:fd:c4:8d:95:e4:74:ae:e6:57:f0:16:50:b4:9f:87:91:4c:
2d:88:47:cb:9a:00:59:49:d2:be:9a:bd:78:c8:7c:1e:1f:79:
b9:06:7a:08:30:d1:59:fb:60:af:7b:67:e1:aa:ff:3a:d1:a8:
e6:8f:40:30:02:a9:fc:f3:df:ab:d3:c9:67:18:c9:2b:33:63:
c1:c4:81:08:6c:b3:0a:ee:de:0a:41:27:35:9e:4c:44:35:c5:
e3:53:85:86:f3:2b:08:85:23:84:8d:06:0b:f8:60:7d:f1:88:
2a:6f:ce:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMGb1nWl80PkVcKXYBY84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjMwMTAyMDE1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWNiN2YwNjUyZTNjMWE3MGIwNzQ5YWMxNmVjYzE5OGU1N2YyM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMmWAYzlfBcLhSdYjDuvMpzizOvU
LL4+ULxtryyCIqUpz4PGHusmfIPnuYvlmdJKT9arawGlPkPxSjLHccCvlNZ2CN6E
li/N3L4OyGig5aTkIVVU35oz5GA637WAFwlq9TVyKPXpqYLmeQNN49q4hKlTT4jr
gA98uRxnxmzEnnacJAqKqgHJg7YKPWztTn7buBsT126Pb06RZBBhwCKIYuL6HpGy
KYJxgPzrQSsMss8IYPmzy03WZ0ZevswuvqsObE7TEH6gyIEy7ZSjljmHpa8t+iDX
pZP5zN1DwMbwEFcyaizJYqZa91fxwkT7xZOzW/txs1k7gy3Es2zm5gJd0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGrLfwZS48GnCwdJrBbswZjlfyOlMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvYXN0X0JsTGp3YWNMQjBtc0Z1ekJtT1ZfSTZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW3gxMA0G
CSqGSIb3DQEBCwUAA4IBAQBb6EUKWxBkOMyoMKxiVp9yVm4Wvnpa/VIyAYb6M0YM
X5Yu3Q9SDFifm45uEp5BguVQCZEECit8pmpxLRneuFRaF0MXz/hTQeIJyp+vyowR
oZ3A4xE6wX6XBuqeqjKEM9l8+dMtsREEha2x1t5wP+lFAKlZUsb0+MedCFx4h2mu
uSyexe0jME4ZL2rEYhmOir8D/cSNleR0ruZX8BZQtJ+HkUwtiEfLmgBZSdK+mr14
yHweH3m5BnoIMNFZ+2Cve2fhqv860ajmj0AwAqn889+r08lnGMkrM2PBxIEIbLMK
7t4KQSc1nkxENcXjU4WG8ysIhSOEjQYL+GB98Ygqb84k
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:13 2024 by rpki-client on console-ams.rpki-client.org