Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/iz9UUjiyqVy0LZLe-3ZP1pXMnvk.roa
File: iz9UUjiyqVy0LZLe-3ZP1pXMnvk.roa (raw, json)
Hash identifier: PC7xswnrHrJ6j8c95BpYubSAFioG/ErqURY4Ks0ixWw=
Subject key identifier: 8B:3F:54:52:38:B2:A9:5C:B4:2D:92:DE:FB:76:4F:D6:95:CC:9E:F9
Certificate issuer: /CN=57130f799f8a8985502a2ea3356037674085cfca
Certificate serial: 01857182FFDA1B6CCD38265F6E7C694992AA
Authority key identifier: 57:13:0F:79:9F:8A:89:85:50:2A:2E:A3:35:60:37:67:40:85:CF:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/iz9UUjiyqVy0LZLe-3ZP1pXMnvk.roa
Signing time: Mon 02 Jan 2023 08:04:48 +0000
ROA not before: Mon 02 Jan 2023 08:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34235
IP address blocks: 5.179.192.0/21 maxlen: 21
91.223.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:82:ff:da:1b:6c:cd:38:26:5f:6e:7c:69:49:92:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57130f799f8a8985502a2ea3356037674085cfca
Validity
Not Before: Jan 2 08:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b3f545238b2a95cb42d92defb764fd695cc9ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:88:da:5e:74:27:9c:a8:65:3c:17:9b:b9:c7:
df:cd:f3:ae:3d:8a:1d:dc:7c:75:64:1b:2c:7b:d3:
98:8f:2c:bb:89:67:0f:47:d1:be:25:2f:f0:63:64:
72:7a:07:e9:42:8a:0f:fa:ac:ec:21:d2:62:4d:3b:
77:f9:79:72:e7:33:e5:e2:0f:01:5e:da:d8:24:fd:
9e:f3:69:f7:61:26:60:62:d6:a5:87:e8:af:9d:8f:
f3:1d:f9:dc:d2:5e:4f:e1:27:62:45:bf:65:74:ae:
6d:8f:ef:6e:49:56:d0:79:99:1c:e6:48:4a:6b:a9:
74:47:78:8d:52:dd:31:5c:4d:a1:72:92:e5:f4:9a:
e8:76:2c:14:96:32:57:d1:a3:14:18:57:51:4a:19:
01:b9:c9:fa:80:6b:73:34:47:42:88:c5:c6:5d:b0:
28:24:a0:98:60:de:bd:ce:97:01:1e:85:25:0f:c7:
1e:35:b8:a2:a9:b1:35:29:cc:94:3d:3d:cc:0f:7b:
d1:36:57:11:e9:1d:3e:31:75:4d:ca:a5:10:89:12:
99:e3:91:8b:da:4c:d4:80:c6:f9:c4:42:d6:30:1a:
9a:ac:69:23:33:5d:fd:68:d9:1b:d7:14:ca:dc:1a:
75:73:c2:62:8e:fd:43:71:02:49:81:38:f2:77:c0:
90:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:3F:54:52:38:B2:A9:5C:B4:2D:92:DE:FB:76:4F:D6:95:CC:9E:F9
X509v3 Authority Key Identifier:
keyid:57:13:0F:79:9F:8A:89:85:50:2A:2E:A3:35:60:37:67:40:85:CF:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/iz9UUjiyqVy0LZLe-3ZP1pXMnvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.179.192.0/21
91.223.253.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:0e:2a:d1:69:dd:38:d2:f7:03:97:cc:8d:be:ef:a3:f3:c0:
3c:8a:68:15:5c:65:3c:49:50:d3:c4:63:c5:85:a5:e7:58:ef:
5b:c5:00:32:1e:e2:b5:93:1f:85:02:5d:7c:46:12:dd:a4:ce:
62:84:f5:01:66:3e:7a:20:79:2c:6e:2d:0b:a9:7b:f0:55:e5:
2a:f9:73:b3:4e:27:60:c9:1e:42:ce:2d:78:7e:80:35:40:57:
c6:9d:07:e5:c7:07:cb:e6:fc:d7:56:44:32:4d:fd:53:a4:b2:
cb:c4:e7:96:a2:cf:82:20:4c:9d:e7:e1:97:81:ab:10:9e:fc:
e1:91:06:3b:d6:fc:1c:7a:e9:07:ab:83:fc:0e:cc:c2:64:92:
49:88:15:7a:51:38:66:f3:a3:06:c0:30:49:1f:19:ba:e3:d1:
6d:02:51:b6:bf:55:bd:02:f8:2c:40:ae:13:6c:6d:c9:9d:54:
5a:74:9b:2b:f3:95:e0:6a:07:f3:a1:bc:e4:fa:b2:23:a9:45:
04:e5:ff:4e:85:46:76:95:1c:7c:c0:65:af:38:ea:c6:b0:46:
a1:5f:5a:ce:82:21:e1:80:dd:d5:d2:90:f7:57:7b:a0:e4:93:
59:9a:6c:c4:08:9a:7b:ba:f8:64:f3:e5:10:38:69:90:78:97:
12:52:6b:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxgv/aG2zNOCZfbnxpSZKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTMwZjc5OWY4YTg5ODU1MDJhMmVhMzM1NjAzNzY3NDA4
NWNmY2EwHhcNMjMwMTAyMDgwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjNmNTQ1MjM4YjJhOTVjYjQyZDkyZGVmYjc2NGZkNjk1Y2M5ZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsojaXnQnnKhlPBebucffzfOuPYod
3Hx1ZBsse9OYjyy7iWcPR9G+JS/wY2RyegfpQooP+qzsIdJiTTt3+Xly5zPl4g8B
XtrYJP2e82n3YSZgYtalh+ivnY/zHfnc0l5P4SdiRb9ldK5tj+9uSVbQeZkc5khK
a6l0R3iNUt0xXE2hcpLl9JrodiwUljJX0aMUGFdRShkBucn6gGtzNEdCiMXGXbAo
JKCYYN69zpcBHoUlD8ceNbiiqbE1KcyUPT3MD3vRNlcR6R0+MXVNyqUQiRKZ45GL
2kzUgMb5xELWMBqarGkjM139aNkb1xTK3Bp1c8Jijv1DcQJJgTjyd8CQUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIs/VFI4sqlctC2S3vt2T9aVzJ75MB8GA1UdIwQY
MBaAFFcTD3mfiomFUCouozVgN2dAhc/KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhNUGVaLUtpWVZRS2k2ak5XQTNaMENGejhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81MTgxZGUtNDRjZC00NjU0LTk2ZmMt
ZDNiOTBhOWI5YjQxLzEvaXo5VVVqaXlxVnkwTFpMZS0zWlAxcFhNbnZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi81MTgxZGUtNDRjZC00NjU0LTk2ZmMtZDNiOTBhOWI5YjQx
LzEvVnhNUGVaLUtpWVZRS2k2ak5XQTNaMENGejhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBbPAAwQA
W9/9MA0GCSqGSIb3DQEBCwUAA4IBAQC0DirRad040vcDl8yNvu+j88A8imgVXGU8
SVDTxGPFhaXnWO9bxQAyHuK1kx+FAl18RhLdpM5ihPUBZj56IHksbi0LqXvwVeUq
+XOzTidgyR5Czi14foA1QFfGnQflxwfL5vzXVkQyTf1TpLLLxOeWos+CIEyd5+GX
gasQnvzhkQY71vwceukHq4P8DszCZJJJiBV6UThm86MGwDBJHxm649FtAlG2v1W9
AvgsQK4TbG3JnVRadJsr85Xgagfzobzk+rIjqUUE5f9OhUZ2lRx8wGWvOOrGsEah
X1rOgiHhgN3V0pD3V3ug5JNZmmzECJp7uvhk8+UQOGmQeJcSUmvW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:02 2024 by rpki-client on console-fra.rpki-client.org