Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/3ed97d-e867-425f-8743-0daed3aa6249/1/q6TI3OZB_e-ox9w2Gn65vMoAsQU.roa
File: q6TI3OZB_e-ox9w2Gn65vMoAsQU.roa (raw, json)
Hash identifier: rm+ryGX0w++fLuQjufAGOVzAvsyBaWb/AK4vCeRsf3w=
Subject key identifier: AB:A4:C8:DC:E6:41:FD:EF:A8:C7:DC:36:1A:7E:B9:BC:CA:00:B1:05
Certificate issuer: /CN=2776d64ea8fd028b6888e374557bb91f05ee0ec6
Certificate serial: 01857002848EE00374D15C1B57D2F60B89F6
Authority key identifier: 27:76:D6:4E:A8:FD:02:8B:68:88:E3:74:55:7B:B9:1F:05:EE:0E:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J3bWTqj9AotoiON0VXu5HwXuDsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/3ed97d-e867-425f-8743-0daed3aa6249/1/q6TI3OZB_e-ox9w2Gn65vMoAsQU.roa
Signing time: Mon 02 Jan 2023 01:04:51 +0000
ROA not before: Mon 02 Jan 2023 01:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48719
IP address blocks: 91.211.210.0/24 maxlen: 24
91.211.208.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:84:8e:e0:03:74:d1:5c:1b:57:d2:f6:0b:89:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2776d64ea8fd028b6888e374557bb91f05ee0ec6
Validity
Not Before: Jan 2 01:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aba4c8dce641fdefa8c7dc361a7eb9bcca00b105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b0:a9:5e:ed:67:1d:12:e0:13:a8:12:4d:b1:
42:31:5c:54:75:6c:9b:ba:c3:1a:ab:91:3b:2d:f3:
f8:5e:9b:f0:12:a3:8b:59:ce:a9:1e:50:de:db:aa:
69:27:28:cc:3c:2a:43:70:5b:79:3d:92:e0:ed:f8:
a9:26:cc:aa:7a:e7:09:0d:c8:b9:0a:de:f0:c1:6a:
2d:38:45:69:f4:0b:3c:6e:94:a8:bb:83:32:56:90:
ad:d4:13:d2:c6:bd:4b:cb:5f:eb:9a:d2:b2:db:ee:
a6:3c:f0:03:26:b0:6b:af:96:de:00:84:4f:0e:b3:
9f:eb:e8:f0:df:12:0a:43:77:d7:a3:3b:95:0e:78:
b3:e0:e3:d5:7e:73:9e:00:e9:d8:45:d2:b3:ba:98:
af:db:30:06:9b:c7:23:74:21:50:1e:f9:1a:ec:b9:
02:2d:cf:92:e1:46:bf:c3:78:80:f4:6c:61:f5:1a:
da:0c:7f:52:57:eb:ad:23:bc:ef:5f:25:a3:ba:da:
de:c9:cc:06:19:02:7b:18:ba:6b:49:af:65:cc:45:
70:d5:66:91:64:d8:b3:fe:7d:0b:10:13:7e:a6:c2:
2e:2b:ac:4f:59:70:5d:cb:1d:ae:da:d5:30:63:1c:
f0:2c:78:36:60:88:2c:80:09:ea:ab:54:05:2e:3f:
10:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A4:C8:DC:E6:41:FD:EF:A8:C7:DC:36:1A:7E:B9:BC:CA:00:B1:05
X509v3 Authority Key Identifier:
keyid:27:76:D6:4E:A8:FD:02:8B:68:88:E3:74:55:7B:B9:1F:05:EE:0E:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J3bWTqj9AotoiON0VXu5HwXuDsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3ed97d-e867-425f-8743-0daed3aa6249/1/q6TI3OZB_e-ox9w2Gn65vMoAsQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3ed97d-e867-425f-8743-0daed3aa6249/1/J3bWTqj9AotoiON0VXu5HwXuDsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.208.0/22
Signature Algorithm: sha256WithRSAEncryption
39:1c:b5:fa:78:6f:b6:4e:9b:d3:1b:24:3c:77:60:10:a0:27:
34:d0:5d:6f:56:17:f7:5f:71:5a:99:11:ca:9d:4e:73:e3:52:
73:14:b2:9b:16:63:33:43:b8:5e:94:aa:c5:dc:7e:43:4e:40:
1b:e9:ff:eb:21:d9:0f:39:58:c9:47:e7:6a:b5:dd:91:a2:6d:
8d:43:a0:da:34:ef:6a:a5:d2:ae:e8:df:d8:60:c9:26:4d:9c:
ed:20:e9:1e:ad:d1:65:22:90:0d:84:3a:5e:2a:7d:0e:04:6e:
c7:ee:d2:8a:d5:bc:6c:05:ec:eb:d4:99:1c:ef:a1:43:72:02:
fa:5d:ac:b1:a0:e4:0d:87:98:42:0c:35:a1:eb:14:39:f5:1c:
16:f3:72:f7:48:7e:ee:8b:ee:ae:19:ce:0d:08:2a:38:02:67:
f5:e9:ee:31:38:e8:83:9f:8d:3f:cf:d0:b3:5a:45:4a:5f:a1:
b5:77:f3:82:57:33:17:f9:dc:32:80:48:0c:56:a7:16:65:e5:
d7:b5:bd:c0:98:1c:68:dd:f0:d2:7d:86:f0:b5:f5:4a:2f:d7:
60:34:bb:68:16:dc:34:0c:2b:93:d0:ca:5d:fa:b1:c6:06:46:
76:72:aa:59:f5:a0:14:62:1e:98:1e:b6:ba:98:ed:ec:d5:b1:
88:95:52:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAoSO4AN00VwbV9L2C4n2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NzZkNjRlYThmZDAyOGI2ODg4ZTM3NDU1N2JiOTFmMDVl
ZTBlYzYwHhcNMjMwMTAyMDEwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmE0YzhkY2U2NDFmZGVmYThjN2RjMzYxYTdlYjliY2NhMDBiMTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7CpXu1nHRLgE6gSTbFCMVxUdWyb
usMaq5E7LfP4XpvwEqOLWc6pHlDe26ppJyjMPCpDcFt5PZLg7fipJsyqeucJDci5
Ct7wwWotOEVp9As8bpSou4MyVpCt1BPSxr1Ly1/rmtKy2+6mPPADJrBrr5beAIRP
DrOf6+jw3xIKQ3fXozuVDniz4OPVfnOeAOnYRdKzupiv2zAGm8cjdCFQHvka7LkC
Lc+S4Ua/w3iA9Gxh9RraDH9SV+utI7zvXyWjutreycwGGQJ7GLprSa9lzEVw1WaR
ZNiz/n0LEBN+psIuK6xPWXBdyx2u2tUwYxzwLHg2YIgsgAnqq1QFLj8QmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKukyNzmQf3vqMfcNhp+ubzKALEFMB8GA1UdIwQY
MBaAFCd21k6o/QKLaIjjdFV7uR8F7g7GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjNiV1RxajlBb3RvaU9OMFZYdTVId1h1RHNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zZWQ5N2QtZTg2Ny00MjVmLTg3NDMt
MGRhZWQzYWE2MjQ5LzEvcTZUSTNPWkJfZS1veDl3MkduNjV2TW9Bc1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zZWQ5N2QtZTg2Ny00MjVmLTg3NDMtMGRhZWQzYWE2MjQ5
LzEvSjNiV1RxajlBb3RvaU9OMFZYdTVId1h1RHNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9PQMA0G
CSqGSIb3DQEBCwUAA4IBAQA5HLX6eG+2TpvTGyQ8d2AQoCc00F1vVhf3X3FamRHK
nU5z41JzFLKbFmMzQ7helKrF3H5DTkAb6f/rIdkPOVjJR+dqtd2Rom2NQ6DaNO9q
pdKu6N/YYMkmTZztIOkerdFlIpANhDpeKn0OBG7H7tKK1bxsBezr1Jkc76FDcgL6
XayxoOQNh5hCDDWh6xQ59RwW83L3SH7ui+6uGc4NCCo4Amf16e4xOOiDn40/z9Cz
WkVKX6G1d/OCVzMX+dwygEgMVqcWZeXXtb3AmBxo3fDSfYbwtfVKL9dgNLtoFtw0
DCuT0Mpd+rHGBkZ2cqpZ9aAUYh6YHra6mO3s1bGIlVLn
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:01 2024 by rpki-client on console-ams.rpki-client.org