Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/U2GKCj6cCzYnd5zJxlZQ6CdfOWg.roa
File: U2GKCj6cCzYnd5zJxlZQ6CdfOWg.roa (raw, json)
Hash identifier: rtLmuB/m7GXjrS3EVm024a4xV0l2nAHsU9Y9sC+oZAU=
Subject key identifier: 53:61:8A:0A:3E:9C:0B:36:27:77:9C:C9:C6:56:50:E8:27:5F:39:68
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 01856DC1C2466C657391EF49E5B2832A694A
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/U2GKCj6cCzYnd5zJxlZQ6CdfOWg.roa
Signing time: Sun 01 Jan 2023 14:34:52 +0000
ROA not before: Sun 01 Jan 2023 14:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 91.149.215.0/24 maxlen: 24
91.149.219.0/24 maxlen: 24
91.149.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Feb 2023 05:45:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:c2:46:6c:65:73:91:ef:49:e5:b2:83:2a:69:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Jan 1 14:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53618a0a3e9c0b3627779cc9c65650e8275f3968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e8:c4:92:d4:34:a5:18:cd:94:32:20:e8:7d:
34:a8:1e:ff:b9:c1:a8:83:0f:3b:5b:2e:cd:60:65:
95:a3:9f:ef:ae:5b:dd:5c:ae:3d:af:7f:61:17:7e:
dc:db:49:1a:4a:97:6a:6b:a8:7e:b3:97:fc:5a:d6:
6c:fe:84:7b:c2:e1:9d:2e:b2:28:35:c3:f0:98:85:
c5:14:ab:1a:7e:ff:9f:cf:c6:2e:e1:78:9e:d1:8d:
87:b6:07:cc:ab:18:5a:86:ff:2d:8a:87:35:ff:b3:
a2:b4:c3:a6:d3:fb:48:e4:d6:bb:e9:6f:1a:59:7a:
d0:8a:39:6b:57:c5:6c:2f:a5:48:ee:a7:ae:7c:fe:
18:19:65:ff:42:39:71:fb:89:e0:8a:cb:8e:54:8e:
3e:b3:e3:1d:91:9b:e0:ce:38:07:10:01:a1:2d:7a:
b9:dd:57:9a:ad:a8:30:59:13:f5:0c:c5:e6:10:55:
20:21:b9:55:49:07:f7:ec:68:3a:d3:25:ae:1f:96:
5c:4b:aa:16:06:17:03:84:f0:1c:4b:f9:3e:ed:9c:
3d:67:e0:de:d9:62:dc:e7:98:f6:f0:2b:46:b7:37:
e6:b1:56:ee:32:e2:26:5a:66:7b:44:62:e1:a3:07:
48:d4:a1:6d:c8:54:02:b7:9e:52:d0:10:09:3d:fd:
39:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:61:8A:0A:3E:9C:0B:36:27:77:9C:C9:C6:56:50:E8:27:5F:39:68
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/U2GKCj6cCzYnd5zJxlZQ6CdfOWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.215.0/24
91.149.219.0/24
91.149.221.0/24
Signature Algorithm: sha256WithRSAEncryption
90:dc:a4:b3:58:8c:ae:9b:73:6d:59:8f:43:87:3d:b0:42:0c:
c2:09:98:09:72:d0:f5:a1:d3:36:f9:c7:5e:79:f9:45:a7:8e:
5f:2f:e3:ef:69:c9:3b:d6:81:48:78:09:1f:41:3e:49:1d:db:
af:93:dc:11:c1:d2:57:1b:07:2c:74:7e:d3:f0:63:ef:75:d4:
84:55:d1:b4:ea:99:02:b7:9b:5f:46:ea:35:74:f1:fa:85:13:
85:9b:04:05:8c:4e:06:55:3a:03:3f:e3:d5:c8:bc:b0:97:74:
75:8f:17:9a:7e:a5:90:e2:04:65:77:a2:4b:01:31:a5:7b:b1:
96:4a:5d:34:94:f2:09:e1:c8:2c:3c:ca:c8:04:8e:fc:c2:a3:
9a:38:14:9e:b6:2e:ba:07:04:af:53:e8:3e:1c:41:51:44:44:
74:9b:d1:a7:53:41:ea:06:fa:71:2c:c2:f1:91:c6:d4:8e:cd:
d1:e1:e3:7b:3a:c1:d8:c2:d6:74:da:e7:9e:62:6b:c3:d6:aa:
02:0c:98:f3:7c:eb:bd:75:c2:ca:0f:81:86:ca:c3:82:0d:7f:
dd:0c:7e:72:2f:ea:1e:38:62:70:8b:b9:bd:81:f8:81:f1:e8:
30:c8:38:c2:07:c6:ce:9a:e3:ae:41:80:d0:5d:62:37:87:d7:
ab:bb:c7:e7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtwcJGbGVzke9J5bKDKmlKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjMwMTAxMTQzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzYxOGEwYTNlOWMwYjM2Mjc3NzljYzljNjU2NTBlODI3NWYzOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+jEktQ0pRjNlDIg6H00qB7/ucGo
gw87Wy7NYGWVo5/vrlvdXK49r39hF37c20kaSpdqa6h+s5f8WtZs/oR7wuGdLrIo
NcPwmIXFFKsafv+fz8Yu4Xie0Y2HtgfMqxhahv8tioc1/7OitMOm0/tI5Na76W8a
WXrQijlrV8VsL6VI7qeufP4YGWX/Qjlx+4ngisuOVI4+s+MdkZvgzjgHEAGhLXq5
3VearagwWRP1DMXmEFUgIblVSQf37Gg60yWuH5ZcS6oWBhcDhPAcS/k+7Zw9Z+De
2WLc55j28CtGtzfmsVbuMuImWmZ7RGLhowdI1KFtyFQCt55S0BAJPf05DQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFNhigo+nAs2J3ecycZWUOgnXzloMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvVTJHS0NqNmNDelluZDV6SnhsWlE2Q2RmT1dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW5XXAwQA
W5XbAwQAW5XdMA0GCSqGSIb3DQEBCwUAA4IBAQCQ3KSzWIyum3NtWY9Dhz2wQgzC
CZgJctD1odM2+cdeeflFp45fL+Pvack71oFIeAkfQT5JHduvk9wRwdJXGwcsdH7T
8GPvddSEVdG06pkCt5tfRuo1dPH6hROFmwQFjE4GVToDP+PVyLywl3R1jxeafqWQ
4gRld6JLATGle7GWSl00lPIJ4cgsPMrIBI78wqOaOBSeti66BwSvU+g+HEFRRER0
m9GnU0HqBvpxLMLxkcbUjs3R4eN7OsHYwtZ02ueeYmvD1qoCDJjzfOu9dcLKD4GG
ysOCDX/dDH5yL+oeOGJwi7m9gfiB8egwyDjCB8bOmuOuQYDQXWI3h9eru8fn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:21 2024 by rpki-client on console-fra.rpki-client.org