Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/dca257-d163-4ed9-94ad-c170091283eb/1/XnZ8ZMoM2ex7ThZgWXFCAyTCeWA.roa
File: XnZ8ZMoM2ex7ThZgWXFCAyTCeWA.roa (raw, json)
Hash identifier: 7hNikvarXVB5xfdTnxV0v4fGu5XUbZcDnr8HTEEb1K4=
Subject key identifier: 5E:76:7C:64:CA:0C:D9:EC:7B:4E:16:60:59:71:42:03:24:C2:79:60
Certificate issuer: /CN=561c7ccc52376787374092eafac2623e0571a81e
Certificate serial: 0185737A91A79CF3D6D6CC233DFF210CF330
Authority key identifier: 56:1C:7C:CC:52:37:67:87:37:40:92:EA:FA:C2:62:3E:05:71:A8:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vhx8zFI3Z4c3QJLq-sJiPgVxqB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/dca257-d163-4ed9-94ad-c170091283eb/1/XnZ8ZMoM2ex7ThZgWXFCAyTCeWA.roa
Signing time: Mon 02 Jan 2023 17:14:50 +0000
ROA not before: Mon 02 Jan 2023 17:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211332
IP address blocks: 91.233.183.0/24 maxlen: 24
2a0d:c140::/29 maxlen: 29
2a09:f140::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:91:a7:9c:f3:d6:d6:cc:23:3d:ff:21:0c:f3:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=561c7ccc52376787374092eafac2623e0571a81e
Validity
Not Before: Jan 2 17:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e767c64ca0cd9ec7b4e16605971420324c27960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d5:2f:06:76:61:a7:07:8c:e9:d9:ba:7a:d2:
e7:ac:1c:a4:d2:45:68:5d:7f:de:d4:0d:60:05:eb:
c8:d5:a2:c7:f1:03:ec:5f:b4:4f:06:33:a9:ed:02:
8c:fd:a8:3c:3e:08:c1:6e:ae:01:7b:20:02:e7:22:
e3:2d:cb:78:f2:07:e6:21:5b:2a:20:66:7d:08:98:
6e:af:ef:f1:20:39:28:bf:f8:06:32:58:91:2b:13:
d2:96:f2:7c:9e:d0:5c:e7:6e:05:de:1a:f0:35:95:
08:d0:5c:8f:78:68:c5:34:58:ea:e1:94:b0:be:09:
65:cb:d5:33:54:48:4e:4e:77:03:98:1f:26:7f:fc:
e0:9a:b4:85:93:25:fd:41:dc:de:dd:da:37:73:90:
21:ce:5e:d2:eb:e2:d4:64:a6:15:0e:52:27:9c:cc:
f6:25:30:6d:78:dc:3a:b5:98:4e:61:18:ba:04:ae:
8a:d3:a6:3b:ed:13:6e:5f:c8:51:92:07:ac:2f:5c:
59:38:4c:79:68:62:9d:8c:4d:7d:8c:7b:70:b0:fc:
d5:9c:5a:1f:81:71:a5:64:eb:f0:3b:7c:95:95:96:
95:04:0d:8c:03:66:c8:5c:f5:f0:39:4a:25:3e:2e:
64:ea:d2:cb:40:cf:92:61:d6:3d:35:f5:10:21:d6:
42:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:76:7C:64:CA:0C:D9:EC:7B:4E:16:60:59:71:42:03:24:C2:79:60
X509v3 Authority Key Identifier:
keyid:56:1C:7C:CC:52:37:67:87:37:40:92:EA:FA:C2:62:3E:05:71:A8:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vhx8zFI3Z4c3QJLq-sJiPgVxqB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/dca257-d163-4ed9-94ad-c170091283eb/1/XnZ8ZMoM2ex7ThZgWXFCAyTCeWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/dca257-d163-4ed9-94ad-c170091283eb/1/Vhx8zFI3Z4c3QJLq-sJiPgVxqB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.183.0/24
IPv6:
2a09:f140::/29
2a0d:c140::/29
Signature Algorithm: sha256WithRSAEncryption
6a:d5:a0:02:0a:8b:02:ba:f6:9f:9b:a4:13:01:21:02:13:3c:
c3:4d:f5:5d:24:d8:c8:57:e2:c9:77:83:f4:e5:a2:5f:00:7e:
c7:db:ea:8e:06:28:99:31:b8:55:6d:d5:6e:cf:b3:b0:9e:78:
e9:cc:73:fd:37:d3:ac:7e:6f:21:76:a9:d3:d6:1e:df:9f:c6:
8d:59:ab:4c:5c:cb:47:fc:ed:8f:07:f4:fa:1d:60:19:a4:01:
e7:fb:f5:1f:2a:1d:6b:b5:e0:24:01:dd:de:90:f7:89:42:6b:
f3:5e:60:aa:d7:47:d0:56:85:78:e4:95:c7:6b:09:94:49:06:
88:43:68:fe:1a:2a:01:1b:ff:3e:f3:55:6e:5f:f7:27:09:97:
7a:12:03:2f:e4:2d:26:4e:8d:21:2c:12:19:05:7b:f1:de:a3:
a1:a2:bf:dc:99:d3:c8:17:aa:39:24:b0:60:41:99:58:0b:62:
11:90:6a:9e:45:7e:8c:74:ec:20:2f:00:b2:27:76:c6:41:aa:
8e:d8:0d:1c:8b:37:57:e6:57:18:3c:d4:c3:f3:f3:d4:13:21:
cc:11:8f:53:10:dd:65:e8:34:fa:50:8c:2e:98:e3:bf:2d:51:
7d:39:66:8d:db:34:fc:ef:ee:13:c6:7a:68:c4:64:6d:f4:1d:
03:92:45:c0
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVzepGnnPPW1swjPf8hDPMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2MWM3Y2NjNTIzNzY3ODczNzQwOTJlYWZhYzI2MjNlMDU3
MWE4MWUwHhcNMjMwMTAyMTcxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTc2N2M2NGNhMGNkOWVjN2I0ZTE2NjA1OTcxNDIwMzI0YzI3OTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNUvBnZhpweM6dm6etLnrByk0kVo
XX/e1A1gBevI1aLH8QPsX7RPBjOp7QKM/ag8PgjBbq4BeyAC5yLjLct48gfmIVsq
IGZ9CJhur+/xIDkov/gGMliRKxPSlvJ8ntBc524F3hrwNZUI0FyPeGjFNFjq4ZSw
vglly9UzVEhOTncDmB8mf/zgmrSFkyX9Qdze3do3c5Ahzl7S6+LUZKYVDlInnMz2
JTBteNw6tZhOYRi6BK6K06Y77RNuX8hRkgesL1xZOEx5aGKdjE19jHtwsPzVnFof
gXGlZOvwO3yVlZaVBA2MA2bIXPXwOUolPi5k6tLLQM+SYdY9NfUQIdZCkQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFF52fGTKDNnse04WYFlxQgMkwnlgMB8GA1UdIwQY
MBaAFFYcfMxSN2eHN0CS6vrCYj4FcageMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmh4OHpGSTNaNGMzUUpMcS1zSmlQZ1Z4cUI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9kY2EyNTctZDE2My00ZWQ5LTk0YWQt
YzE3MDA5MTI4M2ViLzEvWG5aOFpNb00yZXg3VGhaZ1dYRkNBeVRDZVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9kY2EyNTctZDE2My00ZWQ5LTk0YWQtYzE3MDA5MTI4M2Vi
LzEvVmh4OHpGSTNaNGMzUUpMcS1zSmlQZ1Z4cUI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAW+m3MBQE
AgACMA4DBQMqCfFAAwUDKg3BQDANBgkqhkiG9w0BAQsFAAOCAQEAatWgAgqLArr2
n5ukEwEhAhM8w031XSTYyFfiyXeD9OWiXwB+x9vqjgYomTG4VW3Vbs+zsJ546cxz
/TfTrH5vIXap09Ye35/GjVmrTFzLR/ztjwf0+h1gGaQB5/v1Hyoda7XgJAHd3pD3
iUJr815gqtdH0FaFeOSVx2sJlEkGiENo/hoqARv/PvNVbl/3JwmXehIDL+QtJk6N
ISwSGQV78d6joaK/3JnTyBeqOSSwYEGZWAtiEZBqnkV+jHTsIC8Asid2xkGqjtgN
HIs3V+ZXGDzUw/Pz1BMhzBGPUxDdZeg0+lCMLpjjvy1RfTlmjds0/O/uE8Z6aMRk
bfQdA5JFwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:31 2024 by rpki-client on console-fra.rpki-client.org