Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/_Yn2GHo5EdcNguzODicv6Mv9LAI.roa
File: _Yn2GHo5EdcNguzODicv6Mv9LAI.roa (raw, json)
Hash identifier: lck/0Y4qh+wzjwt/uIqCaS8q7gyWJiI27VpAKu4a1tM=
Subject key identifier: FD:89:F6:18:7A:39:11:D7:0D:82:EC:CE:0E:27:2F:E8:CB:FD:2C:02
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 018A6527E4C25CF20C849DDFAB8021574508
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/_Yn2GHo5EdcNguzODicv6Mv9LAI.roa
Signing time: Tue 05 Sep 2023 11:43:47 +0000
ROA not before: Tue 05 Sep 2023 11:43:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 91.149.200.0/24 maxlen: 24
91.149.244.0/24 maxlen: 24
91.149.245.0/24 maxlen: 24
91.149.246.0/24 maxlen: 24
91.149.247.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:27:e4:c2:5c:f2:0c:84:9d:df:ab:80:21:57:45:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Sep 5 11:43:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd89f6187a3911d70d82ecce0e272fe8cbfd2c02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4d:7b:e0:45:bf:0e:54:a4:bb:d9:8a:47:67:
8c:6b:5c:04:e7:fc:4c:f1:14:b5:b4:63:62:2e:d0:
14:cb:1e:ef:d1:af:ff:31:f4:95:6d:5e:80:11:50:
02:85:a1:c1:07:54:fe:e7:64:85:39:5a:29:ae:15:
9a:8d:cc:ca:eb:c9:e5:83:69:23:18:10:85:01:6a:
40:ff:b5:89:ec:9b:e7:6c:c9:da:c4:11:20:d3:b8:
0e:46:d1:4d:e5:67:e7:7c:8b:e5:ea:c2:fa:3a:e3:
65:62:4d:e4:13:96:3e:51:c9:ae:55:c3:1e:65:f0:
3f:29:95:3a:44:36:48:ef:1e:88:72:ea:7e:f4:36:
a6:e0:29:a6:b4:0b:f7:a9:46:c3:4a:fb:3c:fd:e3:
2e:08:53:0b:11:ee:e1:c0:8c:d6:69:08:6e:d8:3a:
5d:5a:82:d3:ac:75:93:c8:51:d2:4e:f1:6f:e6:18:
43:bc:ba:cc:c2:4b:7a:c3:dc:f9:c6:74:fa:76:67:
90:21:87:28:f5:3c:64:9c:55:eb:df:d2:47:f8:8e:
58:1b:d1:f0:08:46:d2:86:26:86:cc:38:97:a9:29:
5a:64:b2:bc:f7:93:a5:21:c9:48:e7:a9:2d:d6:6b:
8d:d2:99:da:64:b6:a4:da:e9:b7:ff:97:36:63:d2:
0e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:89:F6:18:7A:39:11:D7:0D:82:EC:CE:0E:27:2F:E8:CB:FD:2C:02
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/_Yn2GHo5EdcNguzODicv6Mv9LAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.200.0/24
91.149.244.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:42:fb:ce:5d:65:ac:05:b8:78:45:f7:10:a1:d9:7c:d7:be:
b8:01:28:2f:76:04:ba:ba:3c:b1:c4:ac:29:bb:c2:32:8c:12:
97:ec:28:d4:8b:77:b2:b8:4e:6d:59:be:db:34:0d:2c:e7:ed:
70:ad:b1:09:b6:e2:cd:66:9b:3b:76:78:0a:b6:5f:57:e5:09:
5c:6f:9e:57:fe:3f:02:fb:a7:fe:6c:ee:0c:59:f6:07:fd:b3:
47:3a:48:a5:47:08:4f:ec:70:f6:d7:19:85:4e:a7:ed:4e:7e:
e0:3b:d9:d1:9c:f5:33:b6:8d:55:41:3d:d2:c0:03:0a:30:6b:
20:25:29:79:1c:b7:2e:7d:67:48:ac:14:2c:b9:cb:d4:e7:d4:
a8:ce:27:1e:8e:66:d7:5e:94:55:d5:5b:97:97:7a:0f:e1:83:
31:ac:ec:e3:a6:bf:58:e7:1d:6e:06:9a:2f:12:43:36:37:b0:
f5:b7:ca:a3:10:e6:8a:44:70:b0:4c:4e:4e:b1:e0:bd:96:a7:
c0:3a:84:ff:78:fd:0e:32:a0:00:12:9e:e7:0b:e1:de:11:98:
f6:0b:46:4c:a4:26:00:f2:b5:1d:89:7d:e8:17:2b:21:e4:02:
c9:a3:24:22:b4:cd:13:92:2b:c8:9d:6c:34:31:c2:b8:91:05:
0b:1c:f9:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYplJ+TCXPIMhJ3fq4AhV0UIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjMwOTA1MTE0MzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDg5ZjYxODdhMzkxMWQ3MGQ4MmVjY2UwZTI3MmZlOGNiZmQyYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhE174EW/DlSku9mKR2eMa1wE5/xM
8RS1tGNiLtAUyx7v0a//MfSVbV6AEVAChaHBB1T+52SFOVoprhWajczK68nlg2kj
GBCFAWpA/7WJ7JvnbMnaxBEg07gORtFN5WfnfIvl6sL6OuNlYk3kE5Y+UcmuVcMe
ZfA/KZU6RDZI7x6Icup+9Dam4CmmtAv3qUbDSvs8/eMuCFMLEe7hwIzWaQhu2Dpd
WoLTrHWTyFHSTvFv5hhDvLrMwkt6w9z5xnT6dmeQIYco9TxknFXr39JH+I5YG9Hw
CEbShiaGzDiXqSlaZLK895OlIclI56kt1muN0pnaZLak2um3/5c2Y9IORQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP2J9hh6ORHXDYLszg4nL+jL/SwCMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvX1luMkdIbzVFZGNOZ3V6T0RpY3Y2TXY5TEFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW5XIAwQC
W5X0MA0GCSqGSIb3DQEBCwUAA4IBAQDOQvvOXWWsBbh4RfcQodl81764ASgvdgS6
ujyxxKwpu8IyjBKX7CjUi3eyuE5tWb7bNA0s5+1wrbEJtuLNZps7dngKtl9X5Qlc
b55X/j8C+6f+bO4MWfYH/bNHOkilRwhP7HD21xmFTqftTn7gO9nRnPUzto1VQT3S
wAMKMGsgJSl5HLcufWdIrBQsucvU59SozicejmbXXpRV1VuXl3oP4YMxrOzjpr9Y
5x1uBpovEkM2N7D1t8qjEOaKRHCwTE5OseC9lqfAOoT/eP0OMqAAEp7nC+HeEZj2
C0ZMpCYA8rUdiX3oFysh5ALJoyQitM0TkivInWw0McK4kQULHPno
-----END CERTIFICATE-----
Generated at Thu Sep 7 07:40:34 2023 by rpki-client on console-ams.rpki-client.org