Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/KxsE77PVJ_4Mt9tU3AnCXOEsArw.roa
File: KxsE77PVJ_4Mt9tU3AnCXOEsArw.roa (raw, json)
Hash identifier: SygJXO+rX5SwkhJjhEUbd8W9U0MWjNwDBPHXcUoxBp8=
Subject key identifier: 2B:1B:04:EF:B3:D5:27:FE:0C:B7:DB:54:DC:09:C2:5C:E1:2C:02:BC
Certificate issuer: /CN=a9a073b31d888e4439e272e007c9532fc305c80d
Certificate serial: 018573B16F21D512D8CF942A9240A6A63E8E
Authority key identifier: A9:A0:73:B3:1D:88:8E:44:39:E2:72:E0:07:C9:53:2F:C3:05:C8:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qaBzsx2IjkQ54nLgB8lTL8MFyA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/KxsE77PVJ_4Mt9tU3AnCXOEsArw.roa
Signing time: Mon 02 Jan 2023 18:14:46 +0000
ROA not before: Mon 02 Jan 2023 18:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40975
IP address blocks: 195.138.214.0/24 maxlen: 24
91.197.244.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:b1:6f:21:d5:12:d8:cf:94:2a:92:40:a6:a6:3e:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9a073b31d888e4439e272e007c9532fc305c80d
Validity
Not Before: Jan 2 18:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b1b04efb3d527fe0cb7db54dc09c25ce12c02bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:70:16:6b:62:c8:3b:6b:a2:4e:40:2d:f2:a7:
42:3a:bb:9f:f4:f9:b8:f7:24:81:3c:78:ae:f5:4e:
a9:3c:8d:fb:67:3d:37:2c:e2:60:c3:a8:4b:1f:68:
f9:ea:cb:8c:31:e7:36:65:28:48:ac:9c:bc:85:92:
f4:b7:f0:b2:88:17:71:f1:f6:d1:e3:51:58:16:aa:
75:bc:98:03:8c:6f:86:26:54:1f:c9:48:1d:7a:07:
ce:9e:b2:4a:c7:ca:82:d4:9d:87:72:91:6a:9e:65:
f3:f7:e7:cc:8c:cd:24:c5:fa:b1:b9:0b:0b:32:c5:
74:f5:b7:4d:2b:8b:26:89:e2:60:47:05:2b:ac:08:
93:33:d8:fb:cc:93:f4:ae:b3:56:a2:8a:67:e7:75:
5c:ad:90:97:9e:ff:4e:f2:f1:02:aa:3c:38:f6:d1:
38:c6:df:1f:2f:c0:73:6a:f2:d9:e7:c4:78:cc:68:
43:a5:af:1d:ce:33:2c:cf:ea:fa:59:b5:0d:01:b2:
ee:62:13:d9:85:16:0f:36:a8:18:12:05:5f:1a:b2:
3f:8a:2e:b9:61:2f:8a:9c:13:7c:20:df:d7:be:3c:
8b:02:4b:59:f8:1d:ce:63:74:dd:d7:00:a8:c2:52:
bd:90:44:f2:1e:4b:f9:a8:e8:82:b9:39:35:a5:b7:
3e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:1B:04:EF:B3:D5:27:FE:0C:B7:DB:54:DC:09:C2:5C:E1:2C:02:BC
X509v3 Authority Key Identifier:
keyid:A9:A0:73:B3:1D:88:8E:44:39:E2:72:E0:07:C9:53:2F:C3:05:C8:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qaBzsx2IjkQ54nLgB8lTL8MFyA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/KxsE77PVJ_4Mt9tU3AnCXOEsArw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.244.0/22
195.138.214.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:5e:f3:77:42:c0:bb:90:68:7b:71:fb:8a:bf:63:07:7a:33:
48:90:b8:54:56:ae:98:ce:8e:16:64:e6:2a:2f:68:7a:94:32:
b4:a7:5e:20:1b:27:18:93:a7:70:5f:0b:63:f4:fe:cb:41:93:
3e:74:85:f4:31:0b:7e:b0:ea:ca:3d:bc:a7:15:7b:9a:b9:b5:
e8:5d:c1:33:d2:cc:48:b4:06:34:01:6f:18:ab:9a:4a:dd:fa:
75:cc:7a:d7:ba:6a:93:b8:ce:00:ad:f9:36:85:fa:85:70:b4:
c0:5e:4c:b3:51:52:2e:39:59:ba:f8:b4:4b:91:38:ef:a6:ae:
33:8a:48:76:db:a6:76:a3:24:c7:af:1a:bd:e4:39:47:90:49:
1e:e0:0b:64:8a:9b:84:33:ba:e5:83:35:26:36:69:1d:66:d3:
17:aa:37:f7:3c:54:02:cb:39:b9:71:06:73:f6:12:0d:67:b8:
63:ea:22:e6:1b:73:a2:60:c5:b3:3e:f9:34:6d:e8:df:74:86:
45:55:0a:09:99:cf:d4:59:cc:1d:d8:3f:ea:5b:19:88:db:ab:
fc:b1:b5:95:79:13:64:16:68:6a:a3:0d:e3:f7:1d:09:fc:5e:
3b:1d:fd:3a:fd:dd:c1:cb:eb:9c:62:11:c9:54:d6:c0:55:f0:
86:dd:eb:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzsW8h1RLYz5QqkkCmpj6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YTA3M2IzMWQ4ODhlNDQzOWUyNzJlMDA3Yzk1MzJmYzMw
NWM4MGQwHhcNMjMwMTAyMTgxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjFiMDRlZmIzZDUyN2ZlMGNiN2RiNTRkYzA5YzI1Y2UxMmMwMmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXAWa2LIO2uiTkAt8qdCOruf9Pm4
9ySBPHiu9U6pPI37Zz03LOJgw6hLH2j56suMMec2ZShIrJy8hZL0t/CyiBdx8fbR
41FYFqp1vJgDjG+GJlQfyUgdegfOnrJKx8qC1J2HcpFqnmXz9+fMjM0kxfqxuQsL
MsV09bdNK4smieJgRwUrrAiTM9j7zJP0rrNWoopn53VcrZCXnv9O8vECqjw49tE4
xt8fL8BzavLZ58R4zGhDpa8dzjMsz+r6WbUNAbLuYhPZhRYPNqgYEgVfGrI/ii65
YS+KnBN8IN/XvjyLAktZ+B3OY3Td1wCowlK9kETyHkv5qOiCuTk1pbc+twIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCsbBO+z1Sf+DLfbVNwJwlzhLAK8MB8GA1UdIwQY
MBaAFKmgc7MdiI5EOeJy4AfJUy/DBcgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFCenN4Mklqa1E1NG5MZ0I4bFRMOE1GeUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iYTNiMmYtYTI4OS00MDRlLWFlZjgt
NGU3MzdlMDZkMjkwLzEvS3hzRTc3UFZKXzRNdDl0VTNBbkNYT0VzQXJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iYTNiMmYtYTI4OS00MDRlLWFlZjgtNGU3MzdlMDZkMjkw
LzEvcWFCenN4Mklqa1E1NG5MZ0I4bFRMOE1GeUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8X0AwQA
w4rWMA0GCSqGSIb3DQEBCwUAA4IBAQA+XvN3QsC7kGh7cfuKv2MHejNIkLhUVq6Y
zo4WZOYqL2h6lDK0p14gGycYk6dwXwtj9P7LQZM+dIX0MQt+sOrKPbynFXuaubXo
XcEz0sxItAY0AW8Yq5pK3fp1zHrXumqTuM4Arfk2hfqFcLTAXkyzUVIuOVm6+LRL
kTjvpq4zikh226Z2oyTHrxq95DlHkEke4AtkipuEM7rlgzUmNmkdZtMXqjf3PFQC
yzm5cQZz9hINZ7hj6iLmG3OiYMWzPvk0bejfdIZFVQoJmc/UWcwd2D/qWxmI26v8
sbWVeRNkFmhqow3j9x0J/F47Hf06/d3By+ucYhHJVNbAVfCG3euB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:02 2024 by rpki-client on console-ams.rpki-client.org