Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/czuam8qAdfeWDr9pgUU4YlZBCdg.roa
File: czuam8qAdfeWDr9pgUU4YlZBCdg.roa (raw, json)
Hash identifier: eq2p9u1Z5h1LeXlSQLXeQA6gpHmOqVSIhbTUdfxbsiw=
Subject key identifier: 73:3B:9A:9B:CA:80:75:F7:96:0E:BF:69:81:45:38:62:56:41:09:D8
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 018CC26D7DC30EBCF1EBF4CB979F67C24BB9
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/czuam8qAdfeWDr9pgUU4YlZBCdg.roa
Signing time: Mon 01 Jan 2024 00:30:04 +0000
ROA not before: Mon 01 Jan 2024 00:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 91.149.231.0/24 maxlen: 24
91.149.230.0/24 maxlen: 24
91.149.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jul 2024 15:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:7d:c3:0e:bc:f1:eb:f4:cb:97:9f:67:c2:4b:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Jan 1 00:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=733b9a9bca8075f7960ebf6981453862564109d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fd:79:4e:00:06:37:12:b8:6e:25:9e:d4:7b:
2d:d2:28:32:db:2b:84:40:a3:4d:c1:42:ee:c8:62:
06:fb:fd:ab:57:74:7b:47:ef:1c:1a:14:55:88:f4:
65:f4:18:b9:67:31:7e:95:66:ce:0c:aa:77:94:65:
b6:ea:88:37:24:42:6c:c3:93:ad:51:a3:3a:c3:fd:
47:bb:74:0c:48:f6:6e:7a:e3:65:ce:6c:7e:27:fe:
dd:5f:b7:92:fd:d4:a9:84:35:0f:32:0b:ce:6b:70:
17:a7:d2:70:dc:d3:22:5a:29:1d:6b:d9:f5:49:ed:
bf:8c:67:c7:85:73:5b:5f:bd:a2:f2:18:7e:17:5a:
82:63:ba:7c:74:ad:c2:71:1d:9a:f6:75:35:1b:a5:
a3:fe:dc:c0:c7:4c:05:ad:b7:0f:69:b5:40:1b:d2:
de:27:9f:91:30:51:bd:fd:a9:33:48:f1:c8:98:33:
7f:c0:bc:9a:59:b1:3a:c1:cb:95:72:52:e7:ac:33:
c9:59:c4:e7:ab:1c:0d:9f:8c:17:86:91:18:7e:74:
1d:09:dc:71:22:46:2c:36:6a:6f:e6:69:70:d8:a4:
4c:b9:9e:6a:ad:41:80:2e:b1:e8:d4:d1:08:3d:dc:
00:2a:78:bd:fa:bb:1c:39:e0:91:ce:23:eb:7a:3c:
a5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:3B:9A:9B:CA:80:75:F7:96:0E:BF:69:81:45:38:62:56:41:09:D8
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/czuam8qAdfeWDr9pgUU4YlZBCdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.229.0-91.149.231.255
Signature Algorithm: sha256WithRSAEncryption
b8:19:9b:06:f7:04:14:8b:5f:6c:c6:6f:92:da:95:05:b7:ea:
54:6e:e6:55:fe:c4:ec:17:e8:9d:26:c4:a0:30:92:11:40:cd:
e6:bf:68:f9:ae:dc:c2:9f:9a:b2:ff:e0:0b:1a:93:36:8e:bb:
2b:fe:46:07:96:f2:83:1c:a2:0f:04:ef:1f:f7:44:db:05:6f:
fe:4e:26:84:06:f0:76:f1:01:e3:65:b0:24:a9:98:10:67:b0:
73:49:01:23:a4:11:1a:b5:ff:b4:9e:d2:c7:f2:74:7c:2e:be:
e9:58:2b:2f:fc:bb:bd:c8:1c:c2:34:ee:ec:66:fd:dd:31:86:
88:31:30:4a:69:d6:c9:b9:f9:6a:b2:32:d3:c5:c3:23:94:78:
86:9d:c7:90:7c:4c:8c:38:f2:33:22:e0:5f:ed:e7:69:d8:03:
fa:45:d3:49:75:6b:e8:47:2c:5b:71:f8:91:9e:8a:4e:56:81:
25:43:1e:a8:20:cd:dd:e8:e9:e0:97:81:13:51:70:4e:36:fa:
97:51:75:d6:ea:b0:b8:11:a6:8a:93:b1:a8:20:92:99:a3:7f:
8e:91:be:6f:50:9c:b5:82:a4:a2:c6:91:8c:70:1f:bf:b7:a9:
57:3e:ac:0d:4a:95:e0:51:53:27:bd:63:13:b0:29:d8:6b:3e:
62:77:3a:28
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzCbX3DDrzx6/TLl59nwku5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjQwMTAxMDAzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzNiOWE5YmNhODA3NWY3OTYwZWJmNjk4MTQ1Mzg2MjU2NDEwOWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlf15TgAGNxK4biWe1Hst0igy2yuE
QKNNwULuyGIG+/2rV3R7R+8cGhRViPRl9Bi5ZzF+lWbODKp3lGW26og3JEJsw5Ot
UaM6w/1Hu3QMSPZueuNlzmx+J/7dX7eS/dSphDUPMgvOa3AXp9Jw3NMiWikda9n1
Se2/jGfHhXNbX72i8hh+F1qCY7p8dK3CcR2a9nU1G6Wj/tzAx0wFrbcPabVAG9Le
J5+RMFG9/akzSPHImDN/wLyaWbE6wcuVclLnrDPJWcTnqxwNn4wXhpEYfnQdCdxx
IkYsNmpv5mlw2KRMuZ5qrUGALrHo1NEIPdwAKni9+rscOeCRziPrejylNwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHM7mpvKgHX3lg6/aYFFOGJWQQnYMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvY3p1YW04cUFkZmVXRHI5cGdVVTRZbFpCQ2RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABbleUD
BANbleAwDQYJKoZIhvcNAQELBQADggEBALgZmwb3BBSLX2zGb5LalQW36lRu5lX+
xOwX6J0mxKAwkhFAzea/aPmu3MKfmrL/4AsakzaOuyv+RgeW8oMcog8E7x/3RNsF
b/5OJoQG8HbxAeNlsCSpmBBnsHNJASOkERq1/7Se0sfydHwuvulYKy/8u73IHMI0
7uxm/d0xhogxMEpp1sm5+WqyMtPFwyOUeIadx5B8TIw48jMi4F/t52nYA/pF00l1
a+hHLFtx+JGeik5WgSVDHqggzd3o6eCXgRNRcE42+pdRddbqsLgRpoqTsaggkpmj
f46Rvm9QnLWCpKLGkYxwH7+3qVc+rA1KleBRUye9YxOwKdhrPmJ3Oig=
-----END CERTIFICATE-----
Generated at Mon Jul 8 17:41:00 2024 by rpki-client on console-ams.rpki-client.org