Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/T7TCsS49ysGUasZ2PHyMD7vt5hE.roa
File: T7TCsS49ysGUasZ2PHyMD7vt5hE.roa (raw, json)
Hash identifier: 3L6XKYXuCbf69HkzwXE7wUEGOqdES16CBS4ElO6mLAo=
Subject key identifier: 4F:B4:C2:B1:2E:3D:CA:C1:94:6A:C6:76:3C:7C:8C:0F:BB:ED:E6:11
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 0186968DDF0DE7BAF7C39E6F2EAC10F7972B
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/T7TCsS49ysGUasZ2PHyMD7vt5hE.roa
Signing time: Tue 28 Feb 2023 05:45:25 +0000
ROA not before: Tue 28 Feb 2023 05:45:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 91.149.215.0/24 maxlen: 24
91.149.228.0/24 maxlen: 24
91.149.252.0/24 maxlen: 24
91.149.248.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:96:8d:df:0d:e7:ba:f7:c3:9e:6f:2e:ac:10:f7:97:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Feb 28 05:45:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fb4c2b12e3dcac1946ac6763c7c8c0fbbede611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:38:68:ed:ad:18:d9:fb:a9:53:55:6f:77:38:
ce:0c:75:90:a0:30:24:d6:df:9d:41:b2:45:a1:4a:
4c:88:68:5c:13:a3:f0:aa:b3:fa:4d:f5:ef:3e:c5:
b2:7c:2f:1a:14:11:89:b9:13:96:a6:16:70:79:b5:
2e:89:aa:95:2e:68:63:bf:71:8e:55:e1:4f:2e:20:
8b:02:dc:1a:ab:bd:41:0b:17:99:5f:d4:e2:04:23:
b9:a7:79:03:f4:b5:cf:2f:85:fe:a6:2b:8f:25:d4:
a5:71:3a:97:9b:98:38:95:3a:42:b6:fe:04:ce:e3:
5e:4f:86:28:80:95:18:5b:89:d1:10:fc:1a:8e:4c:
32:45:a1:1d:7a:ca:c7:93:7d:99:88:86:79:89:bd:
c7:74:e9:f4:d6:fb:7f:89:6a:c4:97:4b:bd:57:b9:
6a:32:16:39:81:34:da:8c:65:7d:78:8b:c5:b4:05:
0e:02:fd:90:a2:8c:23:2a:f2:ea:5b:a6:d5:de:df:
1e:31:36:52:bf:68:ad:30:ee:5d:f4:90:25:2d:9a:
8b:7d:e0:76:85:10:a7:ed:a5:e4:7e:da:d3:9b:ed:
e8:0a:c7:bf:98:11:2d:cc:9b:a8:f1:33:cc:92:fe:
af:88:47:8a:f3:65:48:b3:44:fe:de:76:6a:6c:58:
7a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B4:C2:B1:2E:3D:CA:C1:94:6A:C6:76:3C:7C:8C:0F:BB:ED:E6:11
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/T7TCsS49ysGUasZ2PHyMD7vt5hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.215.0/24
91.149.228.0/24
91.149.248.0-91.149.252.255
Signature Algorithm: sha256WithRSAEncryption
cf:4f:15:9c:e4:11:92:ed:64:c5:98:c4:ab:eb:c5:b2:c0:9a:
c6:ed:df:0a:1c:73:23:5f:50:bd:0b:b7:b7:29:b0:e1:da:7a:
fd:d6:ac:cb:ac:0d:d7:a9:73:5d:a9:f5:16:61:41:c4:db:86:
51:10:7f:58:da:a6:25:fb:13:94:76:91:eb:0b:71:17:bc:e0:
8e:cb:a5:89:ae:50:bd:9d:37:9a:68:20:5d:ee:d2:60:5c:03:
1f:87:00:2e:cd:7a:8d:3a:60:aa:6e:6f:67:a1:0f:be:d4:36:
a6:79:7a:04:c5:13:d9:f9:d6:3f:82:13:af:b4:d2:3f:e9:0d:
e6:c7:06:82:64:06:56:e8:da:c8:f0:aa:6a:d1:79:09:9c:b5:
c0:f1:99:9b:a9:0d:67:41:12:68:35:d8:6e:a3:69:1c:e3:29:
d9:a8:91:5f:2b:2b:d7:68:af:a2:f9:fe:89:d0:85:12:77:4e:
03:dd:98:23:f2:08:85:02:95:43:19:81:17:b5:1f:10:2c:42:
a9:d2:f1:c8:67:84:69:a6:8f:f2:bf:3a:cc:45:0d:a8:c1:fa:
7a:88:6f:e9:1d:89:0b:0a:75:0e:67:34:6c:d6:c6:f0:b9:b3:
d4:b1:29:39:38:ba:ad:c1:c4:ec:ac:be:2a:67:6a:e7:e3:d4:
8f:87:a8:eb
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYaWjd8N57r3w55vLqwQ95crMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjMwMjI4MDU0NTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmI0YzJiMTJlM2RjYWMxOTQ2YWM2NzYzYzdjOGMwZmJiZWRlNjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjho7a0Y2fupU1VvdzjODHWQoDAk
1t+dQbJFoUpMiGhcE6PwqrP6TfXvPsWyfC8aFBGJuROWphZwebUuiaqVLmhjv3GO
VeFPLiCLAtwaq71BCxeZX9TiBCO5p3kD9LXPL4X+piuPJdSlcTqXm5g4lTpCtv4E
zuNeT4YogJUYW4nREPwajkwyRaEdesrHk32ZiIZ5ib3HdOn01vt/iWrEl0u9V7lq
MhY5gTTajGV9eIvFtAUOAv2QoowjKvLqW6bV3t8eMTZSv2itMO5d9JAlLZqLfeB2
hRCn7aXkftrTm+3oCse/mBEtzJuo8TPMkv6viEeK82VIs0T+3nZqbFh6HwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFE+0wrEuPcrBlGrGdjx8jA+77eYRMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvVDdUQ3NTNDl5c0dVYXNaMlBIeU1EN3Z0NWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW5XXAwQA
W5XkMAwDBANblfgDBABblfwwDQYJKoZIhvcNAQELBQADggEBAM9PFZzkEZLtZMWY
xKvrxbLAmsbt3woccyNfUL0Lt7cpsOHaev3WrMusDdepc12p9RZhQcTbhlEQf1ja
piX7E5R2kesLcRe84I7LpYmuUL2dN5poIF3u0mBcAx+HAC7Neo06YKpub2ehD77U
NqZ5egTFE9n51j+CE6+00j/pDebHBoJkBlbo2sjwqmrReQmctcDxmZupDWdBEmg1
2G6jaRzjKdmokV8rK9dor6L5/onQhRJ3TgPdmCPyCIUClUMZgRe1HxAsQqnS8chn
hGmmj/K/OsxFDajB+nqIb+kdiQsKdQ5nNGzWxvC5s9SxKTk4uq3BxOysvipnaufj
1I+HqOs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:50 2023 by rpki-client on console-fra.rpki-client.org