Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/d7d04c-3175-43ad-9e3d-10a4e537226e/1/_RT9g8CFoB2U_38GGl_O7nZPucQ.roa
File: _RT9g8CFoB2U_38GGl_O7nZPucQ.roa (raw, json)
Hash identifier: d3i/NQ25t66nXxqQVBTbeNS3KYF5sgqDHPKDmr3k5L0=
Subject key identifier: FD:14:FD:83:C0:85:A0:1D:94:FF:7F:06:1A:5F:CE:EE:76:4F:B9:C4
Certificate issuer: /CN=1af91dcedfdefdce59bdb05002b1cb6c52f0c5d3
Certificate serial: 01856C014B4227899D206C3BBF0E2118824E
Authority key identifier: 1A:F9:1D:CE:DF:DE:FD:CE:59:BD:B0:50:02:B1:CB:6C:52:F0:C5:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gvkdzt_e_c5ZvbBQArHLbFLwxdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/d7d04c-3175-43ad-9e3d-10a4e537226e/1/_RT9g8CFoB2U_38GGl_O7nZPucQ.roa
Signing time: Sun 01 Jan 2023 06:25:02 +0000
ROA not before: Sun 01 Jan 2023 06:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34270
IP address blocks: 85.91.224.0/19 maxlen: 19
2a01:3f8::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:4b:42:27:89:9d:20:6c:3b:bf:0e:21:18:82:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1af91dcedfdefdce59bdb05002b1cb6c52f0c5d3
Validity
Not Before: Jan 1 06:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd14fd83c085a01d94ff7f061a5fceee764fb9c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:10:44:35:68:c0:2e:c7:18:1f:b6:d7:94:dd:
48:67:da:f1:82:e5:62:6e:ae:96:8b:75:f7:4b:9e:
3b:12:32:ce:45:80:a7:ad:8f:1e:ed:b4:e6:ea:e5:
84:47:ad:ac:4b:66:94:45:9b:bf:a7:df:fe:61:8c:
90:1f:35:df:d9:1a:ec:a0:da:f7:c4:5a:ba:c7:2e:
78:d4:25:94:9e:ad:9d:3d:ea:56:0a:88:e6:61:d9:
47:dd:fc:11:af:e2:0d:62:83:cb:66:6e:59:d7:69:
93:8d:c7:db:25:05:e4:22:29:3a:bc:69:0e:84:5b:
9d:4d:34:f7:7a:9f:4d:14:1b:1e:3d:0c:68:00:19:
9d:12:da:fb:b9:38:31:d1:90:d6:79:9a:3f:55:1e:
27:6a:82:c1:6c:cb:2d:ce:a0:b3:5d:9e:58:f2:e9:
09:22:e7:c1:ef:17:0f:b0:3c:4e:d4:b3:0f:a4:35:
55:3d:03:ba:50:79:de:e8:60:e3:d1:5b:4f:ec:4e:
fa:e8:50:2f:01:25:5e:5c:54:1c:07:70:7b:ea:46:
e3:b1:cc:41:28:2d:21:22:7e:2d:68:a2:53:04:99:
2e:97:2a:1e:43:e6:a1:a8:27:61:e4:ad:e8:46:e8:
e3:9b:fb:68:fb:ab:89:78:8d:00:0c:c6:a1:8d:89:
64:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:14:FD:83:C0:85:A0:1D:94:FF:7F:06:1A:5F:CE:EE:76:4F:B9:C4
X509v3 Authority Key Identifier:
keyid:1A:F9:1D:CE:DF:DE:FD:CE:59:BD:B0:50:02:B1:CB:6C:52:F0:C5:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvkdzt_e_c5ZvbBQArHLbFLwxdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/d7d04c-3175-43ad-9e3d-10a4e537226e/1/_RT9g8CFoB2U_38GGl_O7nZPucQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/d7d04c-3175-43ad-9e3d-10a4e537226e/1/Gvkdzt_e_c5ZvbBQArHLbFLwxdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.224.0/19
IPv6:
2a01:3f8::/32
Signature Algorithm: sha256WithRSAEncryption
84:f5:ec:bc:2d:0d:38:06:e4:ad:dd:6c:f1:3f:bc:a6:9d:d6:
a6:40:a1:60:de:cc:25:71:79:d2:f5:34:9f:73:67:93:13:c4:
a1:65:8f:29:45:d1:7f:69:37:0e:d5:d1:da:f8:8c:d8:86:96:
67:ac:15:8b:5c:51:a6:a4:c0:ef:d7:e0:33:9c:2c:14:74:5b:
de:bf:57:8d:26:99:37:75:38:b8:e3:98:e9:f9:ac:61:f1:3b:
59:9b:a4:76:0f:86:44:c1:4a:9a:76:62:3a:cb:87:6d:b6:de:
6a:ff:5a:00:b7:45:df:67:ec:b9:de:c1:64:c6:50:b8:42:ca:
30:b2:8c:1c:0b:c7:0a:5a:78:51:ac:ae:36:0a:16:88:26:20:
4b:1d:5a:ce:1b:6f:a0:0e:bd:ab:be:0c:d5:76:f2:00:e7:4a:
78:47:b5:1c:34:24:9d:c9:8a:64:a6:63:97:fd:8b:1d:21:43:
35:12:17:5e:a9:4c:9b:b1:bc:bc:64:b5:0a:11:44:b6:4a:28:
5c:88:9f:c8:2f:09:b5:f6:02:1e:f3:ae:1e:2b:6f:bc:e4:a3:
6e:aa:13:cb:0e:f3:1b:b7:44:e5:3f:93:34:09:6a:c0:65:74:
2c:a6:5c:ae:6e:b2:44:8f:de:78:94:59:5c:82:f7:2d:f4:f9:
4c:5e:d1:69
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsAUtCJ4mdIGw7vw4hGIJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZjkxZGNlZGZkZWZkY2U1OWJkYjA1MDAyYjFjYjZjNTJm
MGM1ZDMwHhcNMjMwMTAxMDYyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDE0ZmQ4M2MwODVhMDFkOTRmZjdmMDYxYTVmY2VlZTc2NGZiOWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRBENWjALscYH7bXlN1IZ9rxguVi
bq6Wi3X3S547EjLORYCnrY8e7bTm6uWER62sS2aURZu/p9/+YYyQHzXf2RrsoNr3
xFq6xy541CWUnq2dPepWCojmYdlH3fwRr+INYoPLZm5Z12mTjcfbJQXkIik6vGkO
hFudTTT3ep9NFBsePQxoABmdEtr7uTgx0ZDWeZo/VR4naoLBbMstzqCzXZ5Y8ukJ
IufB7xcPsDxO1LMPpDVVPQO6UHne6GDj0VtP7E766FAvASVeXFQcB3B76kbjscxB
KC0hIn4taKJTBJkulyoeQ+ahqCdh5K3oRujjm/to+6uJeI0ADMahjYlkXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP0U/YPAhaAdlP9/Bhpfzu52T7nEMB8GA1UdIwQY
MBaAFBr5Hc7f3v3OWb2wUAKxy2xS8MXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZrZHp0X2VfYzVadmJCUUFySExiRkx3eGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9kN2QwNGMtMzE3NS00M2FkLTllM2Qt
MTBhNGU1MzcyMjZlLzEvX1JUOWc4Q0ZvQjJVXzM4R0dsX083blpQdWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9kN2QwNGMtMzE3NS00M2FkLTllM2QtMTBhNGU1MzcyMjZl
LzEvR3ZrZHp0X2VfYzVadmJCUUFySExiRkx3eGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFVVvgMA0E
AgACMAcDBQAqAQP4MA0GCSqGSIb3DQEBCwUAA4IBAQCE9ey8LQ04BuSt3WzxP7ym
ndamQKFg3swlcXnS9TSfc2eTE8ShZY8pRdF/aTcO1dHa+IzYhpZnrBWLXFGmpMDv
1+AznCwUdFvev1eNJpk3dTi445jp+axh8TtZm6R2D4ZEwUqadmI6y4dttt5q/1oA
t0XfZ+y53sFkxlC4QsowsowcC8cKWnhRrK42ChaIJiBLHVrOG2+gDr2rvgzVdvIA
50p4R7UcNCSdyYpkpmOX/YsdIUM1EhdeqUybsby8ZLUKEUS2SihciJ/ILwm19gIe
864eK2+85KNuqhPLDvMbt0TlP5M0CWrAZXQsplyubrJEj954lFlcgvct9PlMXtFp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:20 2024 by rpki-client on console-ams.rpki-client.org