Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/8fcb12-ae4e-4353-a3b9-f0ad375a8086/1/Zff9okD8p968NTwbphle7CnrCc0.roa
File: Zff9okD8p968NTwbphle7CnrCc0.roa (raw, json)
Hash identifier: laRqQgd5k68B4pKCWgEVnYvyM7WjwelHO7QMODRnmFY=
Subject key identifier: 65:F7:FD:A2:40:FC:A7:DE:BC:35:3C:1B:A6:19:5E:EC:29:EB:09:CD
Certificate issuer: /CN=a7fc5c65c93a7404086b17a54e7e0da960a9b293
Certificate serial: 018571BA279EB22098CD35BCFE367321E1B3
Authority key identifier: A7:FC:5C:65:C9:3A:74:04:08:6B:17:A5:4E:7E:0D:A9:60:A9:B2:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_xcZck6dAQIaxelTn4NqWCpspM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/8fcb12-ae4e-4353-a3b9-f0ad375a8086/1/Zff9okD8p968NTwbphle7CnrCc0.roa
Signing time: Mon 02 Jan 2023 09:05:03 +0000
ROA not before: Mon 02 Jan 2023 09:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49554
IP address blocks: 91.225.112.0/22 maxlen: 22
91.225.113.0/24 maxlen: 24
2001:678:c00::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:27:9e:b2:20:98:cd:35:bc:fe:36:73:21:e1:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fc5c65c93a7404086b17a54e7e0da960a9b293
Validity
Not Before: Jan 2 09:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65f7fda240fca7debc353c1ba6195eec29eb09cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d6:f6:4a:11:47:fd:eb:db:90:d2:9a:4c:dc:
14:6a:c6:34:f7:36:75:10:81:03:73:14:32:02:14:
9b:a6:da:34:46:76:7d:e8:83:b9:9d:5d:af:7e:8e:
04:c9:d2:64:5e:7a:8e:80:25:c7:93:b5:28:a3:60:
67:a3:d5:d6:b4:82:4f:9e:1d:3e:7c:5d:02:a8:a7:
24:1f:31:db:6d:ef:25:47:fd:3d:9f:a4:9e:cb:96:
65:a4:9e:b9:ac:1e:7d:3a:f6:08:94:1e:1d:6c:86:
42:8d:d8:ef:dc:4a:39:b7:d1:f1:06:35:0a:59:d0:
9f:eb:fc:bd:6a:92:63:77:8c:94:ef:28:ab:70:17:
22:55:3b:68:e0:48:6c:c0:a7:b1:99:15:ef:d0:8a:
04:c8:76:70:7e:90:2d:a5:33:22:b1:26:0c:bc:0d:
b6:3f:90:47:d5:b4:ed:67:d8:0f:05:cc:3b:94:5c:
87:9d:35:a3:1d:69:bc:54:08:3e:d7:81:31:c8:ac:
78:b5:d0:45:98:fa:71:e0:54:d4:ac:ba:03:93:66:
80:d3:9c:43:ea:e7:bb:00:42:eb:8e:d1:2b:9b:a8:
b1:ce:fe:ee:b4:cd:79:49:73:8d:ad:c4:fd:a8:35:
23:21:13:5a:ed:02:c1:87:ef:77:c7:7b:44:4e:02:
ce:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F7:FD:A2:40:FC:A7:DE:BC:35:3C:1B:A6:19:5E:EC:29:EB:09:CD
X509v3 Authority Key Identifier:
keyid:A7:FC:5C:65:C9:3A:74:04:08:6B:17:A5:4E:7E:0D:A9:60:A9:B2:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_xcZck6dAQIaxelTn4NqWCpspM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/8fcb12-ae4e-4353-a3b9-f0ad375a8086/1/Zff9okD8p968NTwbphle7CnrCc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/8fcb12-ae4e-4353-a3b9-f0ad375a8086/1/p_xcZck6dAQIaxelTn4NqWCpspM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.112.0/22
IPv6:
2001:678:c00::/48
Signature Algorithm: sha256WithRSAEncryption
82:5e:dd:7d:b3:eb:5a:68:d0:9c:eb:85:f5:2c:2c:51:72:2e:
f5:a4:7b:4d:56:fb:2e:c4:8d:f0:ab:e9:7f:26:83:cf:63:3a:
1e:88:f5:df:29:5b:65:c8:51:01:98:7c:36:1c:da:29:d7:cc:
f3:15:4b:be:06:22:06:8c:ba:1c:90:16:5b:31:51:d5:0e:41:
66:ee:02:e8:56:76:88:6e:30:ae:59:58:18:f7:a2:74:9e:e9:
6c:73:9f:c7:bd:cd:cc:22:f5:3d:87:36:26:b4:94:5d:ad:e0:
88:4f:25:2e:9d:fa:45:42:ad:d0:95:3c:dd:c8:31:c5:9c:67:
d5:fc:0e:d1:0d:db:87:fb:0e:a8:c7:32:d8:41:79:93:2a:7a:
0d:c8:49:18:5a:37:fc:20:44:9c:05:59:ad:70:f5:5f:fe:a7:
ba:e8:3a:53:48:37:05:c2:95:bd:29:f4:19:63:de:e6:a3:db:
6f:07:a5:08:72:23:c7:ab:00:a0:b1:b6:7b:15:c8:32:5f:67:
4a:6b:0f:dd:47:5e:ea:d7:9d:70:00:d6:e3:41:02:bf:43:5e:
ed:74:40:ba:bb:ec:2f:ba:e3:aa:41:96:f5:d1:a4:9f:c8:04:
48:03:5a:33:90:49:c4:c8:c1:79:6d:c3:15:ad:a8:5e:a4:12:
2f:ba:82:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxuieesiCYzTW8/jZzIeGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmM1YzY1YzkzYTc0MDQwODZiMTdhNTRlN2UwZGE5NjBh
OWIyOTMwHhcNMjMwMTAyMDkwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWY3ZmRhMjQwZmNhN2RlYmMzNTNjMWJhNjE5NWVlYzI5ZWIwOWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtb2ShFH/evbkNKaTNwUasY09zZ1
EIEDcxQyAhSbpto0RnZ96IO5nV2vfo4EydJkXnqOgCXHk7Uoo2Bno9XWtIJPnh0+
fF0CqKckHzHbbe8lR/09n6Sey5ZlpJ65rB59OvYIlB4dbIZCjdjv3Eo5t9HxBjUK
WdCf6/y9apJjd4yU7yircBciVTto4EhswKexmRXv0IoEyHZwfpAtpTMisSYMvA22
P5BH1bTtZ9gPBcw7lFyHnTWjHWm8VAg+14ExyKx4tdBFmPpx4FTUrLoDk2aA05xD
6ue7AELrjtErm6ixzv7utM15SXONrcT9qDUjIRNa7QLBh+93x3tETgLOPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGX3/aJA/KfevDU8G6YZXuwp6wnNMB8GA1UdIwQY
MBaAFKf8XGXJOnQECGsXpU5+DalgqbKTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF94Y1pjazZkQVFJYXhlbFRuNE5xV0Nwc3BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS84ZmNiMTItYWU0ZS00MzUzLWEzYjkt
ZjBhZDM3NWE4MDg2LzEvWmZmOW9rRDhwOTY4TlR3YnBobGU3Q25yQ2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS84ZmNiMTItYWU0ZS00MzUzLWEzYjktZjBhZDM3NWE4MDg2
LzEvcF94Y1pjazZkQVFJYXhlbFRuNE5xV0Nwc3BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW+FwMA8E
AgACMAkDBwAgAQZ4DAAwDQYJKoZIhvcNAQELBQADggEBAIJe3X2z61po0JzrhfUs
LFFyLvWke01W+y7EjfCr6X8mg89jOh6I9d8pW2XIUQGYfDYc2inXzPMVS74GIgaM
uhyQFlsxUdUOQWbuAuhWdohuMK5ZWBj3onSe6Wxzn8e9zcwi9T2HNia0lF2t4IhP
JS6d+kVCrdCVPN3IMcWcZ9X8DtEN24f7DqjHMthBeZMqeg3ISRhaN/wgRJwFWa1w
9V/+p7roOlNINwXClb0p9Blj3uaj228HpQhyI8erAKCxtnsVyDJfZ0prD91HXurX
nXAA1uNBAr9DXu10QLq77C+646pBlvXRpJ/IBEgDWjOQScTIwXltwxWtqF6kEi+6
giU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:59 2024 by rpki-client on console-ams.rpki-client.org