Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/Cm4Ejy55WClNl2cUeOt_UHWHo2k.roa
File: Cm4Ejy55WClNl2cUeOt_UHWHo2k.roa (raw, json)
Hash identifier: dzUQ52Z/CQj2vZBCn4oMfyWW/bNT3HQNiWMXQHjJ7K0=
Subject key identifier: 0A:6E:04:8F:2E:79:58:29:4D:97:67:14:78:EB:7F:50:75:87:A3:69
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 018B37366E17B0057F3918972A8EB529B4DD
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/Cm4Ejy55WClNl2cUeOt_UHWHo2k.roa
Signing time: Mon 16 Oct 2023 06:39:55 +0000
ROA not before: Mon 16 Oct 2023 06:39:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201744
IP address blocks: 91.149.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:36:6e:17:b0:05:7f:39:18:97:2a:8e:b5:29:b4:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Oct 16 06:39:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a6e048f2e7958294d97671478eb7f507587a369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ef:3f:fe:23:65:76:09:c4:9b:f6:65:a4:5c:
73:88:7c:22:ea:34:7d:29:5f:c7:11:e9:0a:8b:dd:
38:4d:dc:05:cb:a4:31:2c:ea:e9:0b:93:b3:ed:9e:
bc:38:1c:63:c8:c8:e6:48:bb:ec:b9:14:a0:8d:20:
d8:c9:a7:2a:1a:6a:ec:fa:94:f4:1d:f7:23:d0:a7:
b3:ca:b4:97:c8:54:e0:70:81:3a:da:ae:60:cf:2c:
e8:93:f4:b4:60:3f:a4:09:7b:b3:18:20:e0:09:13:
fb:bc:ab:da:12:2b:bb:3c:43:d8:88:bd:3e:3b:4c:
87:56:88:a6:94:65:e4:0f:1f:c0:e5:fb:38:9d:32:
ff:af:ba:e6:b9:f5:94:de:2f:c2:2f:83:17:85:c7:
cd:b5:fa:c7:e0:92:4a:a8:d1:c1:68:5c:d1:de:ff:
23:5c:83:9a:09:78:0e:da:b7:8a:99:c7:14:e3:15:
bd:56:f2:3d:4e:bb:8f:21:92:e2:0e:1e:09:c8:ce:
47:70:31:15:c3:ea:8e:da:bb:9a:89:fb:07:19:26:
47:77:62:6e:9e:3e:3d:5c:e3:df:20:d7:08:af:97:
93:05:f8:42:59:81:2a:51:c8:f2:c4:44:4b:31:44:
fe:c0:be:87:17:23:0f:8b:cd:dd:f4:1c:4a:16:89:
44:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:6E:04:8F:2E:79:58:29:4D:97:67:14:78:EB:7F:50:75:87:A3:69
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/Cm4Ejy55WClNl2cUeOt_UHWHo2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.235.0/24
Signature Algorithm: sha256WithRSAEncryption
63:3b:e8:87:46:b5:40:09:4b:0c:be:8a:49:5f:29:6b:0d:57:
97:fb:e6:1d:d6:11:f8:2a:7a:3c:79:4e:aa:f4:4d:40:3b:41:
7d:5d:df:39:23:ff:2e:4e:fa:1c:56:c4:63:31:6c:10:f2:da:
25:fd:8c:fa:21:8d:d6:6a:6a:46:ac:39:21:5a:8d:80:8d:11:
d4:01:9f:de:88:6b:13:c8:3b:be:df:7a:ed:46:5d:54:44:99:
73:77:2b:85:51:fb:0d:f2:e3:fe:90:10:87:bc:af:67:91:a6:
17:ca:b9:37:04:50:be:de:14:64:46:08:cd:fa:93:9b:b8:bf:
2e:04:34:69:d5:14:0f:49:e8:94:f0:89:1a:6d:02:7b:1e:85:
66:ad:f8:eb:55:0c:c9:bf:76:ac:31:0a:1d:24:04:54:f9:cf:
b3:f3:f5:75:3a:e6:0e:8c:d1:89:05:90:24:18:dc:b9:0b:6b:
2f:fc:51:dd:27:90:3b:30:f7:c2:c5:32:a8:ea:d6:50:18:60:
2f:e0:33:d0:78:2f:c3:89:46:aa:5c:9f:ee:09:85:4b:b2:51:
d9:ec:d6:2b:15:21:04:f6:21:42:3a:69:c9:04:52:65:84:88:
e5:c2:2f:d0:14:22:5f:3f:1f:bd:ad:21:09:07:e2:60:e9:a2:
da:68:f6:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs3Nm4XsAV/ORiXKo61KbTdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjMxMDE2MDYzOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTZlMDQ4ZjJlNzk1ODI5NGQ5NzY3MTQ3OGViN2Y1MDc1ODdhMzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAge8//iNldgnEm/ZlpFxziHwi6jR9
KV/HEekKi904TdwFy6QxLOrpC5Oz7Z68OBxjyMjmSLvsuRSgjSDYyacqGmrs+pT0
Hfcj0KezyrSXyFTgcIE62q5gzyzok/S0YD+kCXuzGCDgCRP7vKvaEiu7PEPYiL0+
O0yHVoimlGXkDx/A5fs4nTL/r7rmufWU3i/CL4MXhcfNtfrH4JJKqNHBaFzR3v8j
XIOaCXgO2reKmccU4xW9VvI9TruPIZLiDh4JyM5HcDEVw+qO2ruaifsHGSZHd2Ju
nj49XOPfINcIr5eTBfhCWYEqUcjyxERLMUT+wL6HFyMPi83d9BxKFolE4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFApuBI8ueVgpTZdnFHjrf1B1h6NpMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvQ200RWp5NTVXQ2xObDJjVWVPdF9VSFdIbzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW5XrMA0G
CSqGSIb3DQEBCwUAA4IBAQBjO+iHRrVACUsMvopJXylrDVeX++Yd1hH4Kno8eU6q
9E1AO0F9Xd85I/8uTvocVsRjMWwQ8tol/Yz6IY3WampGrDkhWo2AjRHUAZ/eiGsT
yDu+33rtRl1URJlzdyuFUfsN8uP+kBCHvK9nkaYXyrk3BFC+3hRkRgjN+pObuL8u
BDRp1RQPSeiU8IkabQJ7HoVmrfjrVQzJv3asMQodJARU+c+z8/V1OuYOjNGJBZAk
GNy5C2sv/FHdJ5A7MPfCxTKo6tZQGGAv4DPQeC/DiUaqXJ/uCYVLslHZ7NYrFSEE
9iFCOmnJBFJlhIjlwi/QFCJfPx+9rSEJB+Jg6aLaaPZ5
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:09 2024 by rpki-client on console-ams.rpki-client.org