Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/ah5lhiHPxBolluhPoq2Oexb8v1U.roa
File: ah5lhiHPxBolluhPoq2Oexb8v1U.roa (raw, json)
Hash identifier: WygzIpIQQnRfdxeNoZ+a5SRCC9Oz5WXvDA1RcAjY5IE=
Subject key identifier: 6A:1E:65:86:21:CF:C4:1A:25:96:E8:4F:A2:AD:8E:7B:16:FC:BF:55
Certificate issuer: /CN=50980fb6ade858f2652e736993126c85759f06d9
Certificate serial: 0186509AE222AAC33769DD7AFC076C6CAD08
Authority key identifier: 50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/ah5lhiHPxBolluhPoq2Oexb8v1U.roa
Signing time: Tue 14 Feb 2023 15:46:12 +0000
ROA not before: Tue 14 Feb 2023 15:46:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 91.232.8.0/22 maxlen: 24
91.204.181.0/24 maxlen: 24
91.204.182.0/24 maxlen: 24
91.204.182.0/23 maxlen: 23
91.204.180.0/24 maxlen: 24
91.218.176.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:50:9a:e2:22:aa:c3:37:69:dd:7a:fc:07:6c:6c:ad:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50980fb6ade858f2652e736993126c85759f06d9
Validity
Not Before: Feb 14 15:46:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a1e658621cfc41a2596e84fa2ad8e7b16fcbf55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c5:40:83:ff:77:41:cb:85:6f:7d:fa:15:93:
0e:19:1d:a7:0f:e6:42:a2:80:61:b2:de:18:71:f1:
e4:b9:21:ae:dd:86:1b:cf:db:8a:e8:09:fa:85:27:
2c:bd:2d:67:de:0a:2f:47:77:d3:f5:70:f6:a3:01:
33:f1:78:1f:69:4f:44:60:e9:91:30:ae:ca:ad:ce:
29:bf:7e:ea:6d:22:97:81:da:52:70:05:cc:e0:c6:
82:9b:3d:34:39:fc:19:1f:f1:48:11:4c:85:90:34:
88:a5:d5:91:30:66:21:17:74:0c:0e:8a:8f:a8:96:
06:a2:2c:ed:76:07:0f:ec:25:cf:ec:61:60:97:61:
9a:7f:f2:2c:3b:96:9f:ae:cf:cd:55:7a:2d:cf:85:
70:32:fc:76:f9:3c:b2:42:ef:73:fe:cd:0c:de:20:
98:cf:c6:36:f8:8a:60:54:35:4c:61:20:31:ca:aa:
94:96:e7:bc:2e:bf:36:de:17:bd:ac:05:f7:18:17:
d4:8a:60:58:28:15:c6:42:f6:90:d1:ed:91:07:b8:
64:cf:da:5d:db:84:5c:a7:eb:d9:82:d3:bb:53:df:
eb:16:32:43:da:f7:72:41:12:39:2f:ca:3e:77:d9:
88:de:bc:8b:de:0e:90:d5:d0:a1:98:b2:ba:8e:db:
c6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:1E:65:86:21:CF:C4:1A:25:96:E8:4F:A2:AD:8E:7B:16:FC:BF:55
X509v3 Authority Key Identifier:
keyid:50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/ah5lhiHPxBolluhPoq2Oexb8v1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.180.0/22
91.218.176.0/22
91.232.8.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:c3:8f:c1:e2:66:46:cd:79:16:8f:5d:31:ab:69:5c:cd:1f:
1b:e2:ed:ca:32:c4:df:15:2d:da:5b:b7:56:35:74:54:6d:73:
4f:f9:8c:3f:34:56:cd:68:5a:1a:d9:9e:9d:23:84:86:aa:a2:
45:c1:79:a2:47:23:32:06:3d:e7:2d:3c:c5:84:fc:e2:22:8c:
ee:08:4b:9c:e2:dc:b5:b8:aa:f2:4b:3b:f1:ca:0d:e7:53:36:
9e:58:9e:d4:a1:45:be:78:46:2d:12:6b:1a:90:90:4d:88:6e:
85:4e:ac:3c:05:7e:1e:e5:ec:15:a8:54:66:7e:e7:94:5c:2a:
99:40:de:65:b0:4a:89:c6:ea:c2:ff:6d:17:c1:df:be:0a:40:
8c:8a:98:fa:f9:5b:39:9f:68:a4:43:a2:1c:61:21:d9:2e:01:
2f:01:02:30:9e:34:b8:b4:d5:79:4e:9c:c3:ba:40:30:e9:fa:
50:e5:6e:48:57:99:1d:5f:c3:9d:80:3c:f3:3b:b5:c8:45:51:
8b:2b:61:9c:7f:c3:44:f1:6e:14:d3:d8:9b:20:9b:b4:4a:3b:
7c:d1:29:15:bd:ca:a6:27:b8:e4:f5:40:d8:27:cb:07:a4:a0:
ce:c6:0c:e9:e2:75:14:6c:b7:ce:31:5a:22:e6:bc:08:a4:0e:
80:6b:49:40
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZQmuIiqsM3ad16/AdsbK0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTgwZmI2YWRlODU4ZjI2NTJlNzM2OTkzMTI2Yzg1NzU5
ZjA2ZDkwHhcNMjMwMjE0MTU0NjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTFlNjU4NjIxY2ZjNDFhMjU5NmU4NGZhMmFkOGU3YjE2ZmNiZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8VAg/93QcuFb336FZMOGR2nD+ZC
ooBhst4YcfHkuSGu3YYbz9uK6An6hScsvS1n3govR3fT9XD2owEz8XgfaU9EYOmR
MK7Krc4pv37qbSKXgdpScAXM4MaCmz00OfwZH/FIEUyFkDSIpdWRMGYhF3QMDoqP
qJYGoiztdgcP7CXP7GFgl2Gaf/IsO5afrs/NVXotz4VwMvx2+TyyQu9z/s0M3iCY
z8Y2+IpgVDVMYSAxyqqUlue8Lr823he9rAX3GBfUimBYKBXGQvaQ0e2RB7hkz9pd
24Rcp+vZgtO7U9/rFjJD2vdyQRI5L8o+d9mI3ryL3g6Q1dChmLK6jtvGuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGoeZYYhz8QaJZboT6KtjnsW/L9VMB8GA1UdIwQY
MBaAFFCYD7at6FjyZS5zaZMSbIV1nwbZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEt
Y2NhNzlhNjk4MjBhLzEvYWg1bGhpSFB4Qm9sbHVoUG9xMk9leGI4djFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEtY2NhNzlhNjk4MjBh
LzEvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8y0AwQC
W9qwAwQCW+gIMA0GCSqGSIb3DQEBCwUAA4IBAQAew4/B4mZGzXkWj10xq2lczR8b
4u3KMsTfFS3aW7dWNXRUbXNP+Yw/NFbNaFoa2Z6dI4SGqqJFwXmiRyMyBj3nLTzF
hPziIozuCEuc4ty1uKrySzvxyg3nUzaeWJ7UoUW+eEYtEmsakJBNiG6FTqw8BX4e
5ewVqFRmfueUXCqZQN5lsEqJxurC/20Xwd++CkCMipj6+Vs5n2ikQ6IcYSHZLgEv
AQIwnjS4tNV5TpzDukAw6fpQ5W5IV5kdX8OdgDzzO7XIRVGLK2Gcf8NE8W4U09ib
IJu0Sjt80SkVvcqmJ7jk9UDYJ8sHpKDOxgzp4nUUbLfOMVoi5rwIpA6Aa0lA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:47 2023 by rpki-client on console-fra.rpki-client.org