Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/2ed5da-85cf-449f-bd85-628b0fbcd0b6/1/zHIlP-yr-N_caGsdir52Ku--xcM.roa
File: zHIlP-yr-N_caGsdir52Ku--xcM.roa (raw, json)
Hash identifier: hkkD/w/0f+J1hHKzSerjlGR5VPpfXXQO7Qk9HnVsW9Q=
Subject key identifier: CC:72:25:3F:EC:AB:F8:DF:DC:68:6B:1D:8A:BE:76:2A:EF:BE:C5:C3
Certificate issuer: /CN=03820e964dfd3d281420afda20ce949e60d4cc44
Certificate serial: 01856CE614D85ACE01B262EA26C45EEDB457
Authority key identifier: 03:82:0E:96:4D:FD:3D:28:14:20:AF:DA:20:CE:94:9E:60:D4:CC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A4IOlk39PSgUIK_aIM6UnmDUzEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/2ed5da-85cf-449f-bd85-628b0fbcd0b6/1/zHIlP-yr-N_caGsdir52Ku--xcM.roa
Signing time: Sun 01 Jan 2023 10:34:55 +0000
ROA not before: Sun 01 Jan 2023 10:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199165
IP address blocks: 91.241.56.0/24 maxlen: 24
2001:67c:2e7c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:14:d8:5a:ce:01:b2:62:ea:26:c4:5e:ed:b4:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03820e964dfd3d281420afda20ce949e60d4cc44
Validity
Not Before: Jan 1 10:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc72253fecabf8dfdc686b1d8abe762aefbec5c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b5:8a:41:73:0a:fa:a6:72:eb:09:d5:48:99:
4d:dd:1d:0a:c5:6e:c5:01:72:ba:07:0d:bc:07:51:
be:6f:56:e3:ce:23:a5:23:8f:aa:8a:53:89:6f:9d:
72:df:1a:78:bd:6c:cf:d2:2f:bc:6c:04:84:74:7c:
23:d6:71:ce:b9:af:4c:57:80:37:3a:48:f7:8a:db:
bb:d2:1a:74:f2:51:d6:46:c2:35:c8:66:b2:6d:e1:
51:c4:ee:68:52:9d:56:eb:82:53:55:2b:dc:d7:bf:
e5:6f:c6:dc:83:4b:71:40:9a:11:fe:7b:48:55:a2:
54:6e:9d:1b:85:89:54:d3:cd:42:b5:c6:f2:34:f0:
07:53:a4:75:71:a1:29:4d:36:19:ae:6c:34:b9:d7:
e8:8a:31:ec:c7:f0:c4:ad:57:7c:0e:b5:23:25:aa:
70:d9:72:c7:e7:ac:a7:b9:33:05:8e:31:2e:73:08:
a0:46:33:07:e2:14:23:36:49:39:3a:b3:ee:b2:fb:
be:69:a4:70:38:dc:99:05:1a:8f:d1:59:54:6d:0c:
3b:bd:97:e5:01:7a:21:52:30:94:d6:b4:43:00:18:
75:be:72:28:57:a3:5d:b8:a6:cb:08:6d:fa:7d:90:
31:bc:92:66:28:20:3f:a7:60:00:0b:c7:f8:f7:3f:
09:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:72:25:3F:EC:AB:F8:DF:DC:68:6B:1D:8A:BE:76:2A:EF:BE:C5:C3
X509v3 Authority Key Identifier:
keyid:03:82:0E:96:4D:FD:3D:28:14:20:AF:DA:20:CE:94:9E:60:D4:CC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A4IOlk39PSgUIK_aIM6UnmDUzEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2ed5da-85cf-449f-bd85-628b0fbcd0b6/1/zHIlP-yr-N_caGsdir52Ku--xcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2ed5da-85cf-449f-bd85-628b0fbcd0b6/1/A4IOlk39PSgUIK_aIM6UnmDUzEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.56.0/24
IPv6:
2001:67c:2e7c::/48
Signature Algorithm: sha256WithRSAEncryption
37:7a:8f:ef:28:ad:7c:8a:0e:d5:b7:ec:dd:0b:e9:52:48:c4:
85:f8:b6:0e:05:95:31:be:69:f4:b8:e3:37:89:f7:ec:53:3a:
a9:a5:27:ea:8d:e6:cd:e1:8e:a2:75:19:34:4d:3a:78:10:15:
d7:26:be:fe:14:39:77:2c:0f:50:59:8c:d4:33:b8:55:32:f0:
70:23:74:5a:2d:10:64:ef:da:78:36:bd:2b:c2:ea:67:58:2c:
ca:2e:1d:fc:f9:7f:f6:8e:89:e5:99:de:1f:1b:09:cf:ec:8f:
fa:a6:9f:a8:a6:d5:e9:04:51:4f:0b:f2:f3:fc:4d:de:73:62:
c6:ee:e4:37:61:9e:01:a7:64:93:83:2f:ee:eb:ca:18:9f:41:
64:a9:46:c3:8b:df:f8:ea:04:60:fb:b8:a2:8b:18:0e:eb:2a:
b2:4f:f9:3c:a9:0e:06:43:4a:31:4c:84:d3:46:a0:44:26:f7:
57:35:a1:76:d9:c7:8d:90:61:b0:64:25:52:7b:55:72:7d:e0:
d8:e1:b6:91:1b:b8:4b:d7:e8:d6:6f:04:ea:f2:db:14:bb:e2:
ea:4f:4d:14:80:10:b3:2a:ff:d6:10:e8:f6:f8:05:f4:29:1a:
8f:aa:8f:3a:ba:32:99:a9:5f:93:0b:07:ab:19:57:24:ec:0b:
e2:f6:f9:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVs5hTYWs4BsmLqJsRe7bRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzODIwZTk2NGRmZDNkMjgxNDIwYWZkYTIwY2U5NDllNjBk
NGNjNDQwHhcNMjMwMTAxMTAzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzcyMjUzZmVjYWJmOGRmZGM2ODZiMWQ4YWJlNzYyYWVmYmVjNWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLWKQXMK+qZy6wnVSJlN3R0KxW7F
AXK6Bw28B1G+b1bjziOlI4+qilOJb51y3xp4vWzP0i+8bASEdHwj1nHOua9MV4A3
Okj3itu70hp08lHWRsI1yGaybeFRxO5oUp1W64JTVSvc17/lb8bcg0txQJoR/ntI
VaJUbp0bhYlU081CtcbyNPAHU6R1caEpTTYZrmw0udfoijHsx/DErVd8DrUjJapw
2XLH56ynuTMFjjEucwigRjMH4hQjNkk5OrPusvu+aaRwONyZBRqP0VlUbQw7vZfl
AXohUjCU1rRDABh1vnIoV6NduKbLCG36fZAxvJJmKCA/p2AAC8f49z8JiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMxyJT/sq/jf3GhrHYq+dirvvsXDMB8GA1UdIwQY
MBaAFAOCDpZN/T0oFCCv2iDOlJ5g1MxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTRJT2xrMzlQU2dVSUtfYUlNNlVubURVekVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8yZWQ1ZGEtODVjZi00NDlmLWJkODUt
NjI4YjBmYmNkMGI2LzEvekhJbFAteXItTl9jYUdzZGlyNTJLdS0teGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8yZWQ1ZGEtODVjZi00NDlmLWJkODUtNjI4YjBmYmNkMGI2
LzEvQTRJT2xrMzlQU2dVSUtfYUlNNlVubURVekVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW/E4MA8E
AgACMAkDBwAgAQZ8LnwwDQYJKoZIhvcNAQELBQADggEBADd6j+8orXyKDtW37N0L
6VJIxIX4tg4FlTG+afS44zeJ9+xTOqmlJ+qN5s3hjqJ1GTRNOngQFdcmvv4UOXcs
D1BZjNQzuFUy8HAjdFotEGTv2ng2vSvC6mdYLMouHfz5f/aOieWZ3h8bCc/sj/qm
n6im1ekEUU8L8vP8Td5zYsbu5DdhngGnZJODL+7ryhifQWSpRsOL3/jqBGD7uKKL
GA7rKrJP+TypDgZDSjFMhNNGoEQm91c1oXbZx42QYbBkJVJ7VXJ94NjhtpEbuEvX
6NZvBOry2xS74upPTRSAELMq/9YQ6Pb4BfQpGo+qjzq6MpmpX5MLB6sZVyTsC+L2
+aY=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:17 2024 by rpki-client on console-ams.rpki-client.org