Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/kEr3s0aFdOincNjv7X2lZ6bY390.roa
File: kEr3s0aFdOincNjv7X2lZ6bY390.roa (raw, json)
Hash identifier: SS2/r9FBXjWV2vgCXEn2joXa/ri0ondqEYmSgcmr6UQ=
Subject key identifier: 90:4A:F7:B3:46:85:74:E8:A7:70:D8:EF:ED:7D:A5:67:A6:D8:DF:DD
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 018723BC50E22531FDED35A8AF37491DC709
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/kEr3s0aFdOincNjv7X2lZ6bY390.roa
Signing time: Mon 27 Mar 2023 15:42:36 +0000
ROA not before: Mon 27 Mar 2023 15:42:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 91.149.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 May 2023 13:55:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:23:bc:50:e2:25:31:fd:ed:35:a8:af:37:49:1d:c7:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Mar 27 15:42:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=904af7b3468574e8a770d8efed7da567a6d8dfdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:39:6c:e6:a8:fa:a5:d4:ef:ed:13:98:e9:cb:
6e:a3:23:47:a0:57:0d:1a:30:4a:22:40:87:76:ab:
6a:b5:fe:f9:d9:c2:d7:2a:32:aa:b0:40:6b:3a:b9:
31:b8:0c:6b:cb:fc:ae:57:92:1d:c9:52:c5:65:da:
a9:d7:1e:a3:08:00:0f:2a:1f:c1:d3:38:26:e9:bd:
fe:c0:09:b7:d0:1b:fd:c0:00:5b:7d:01:bf:2b:20:
ed:67:88:13:60:f3:79:44:35:12:fd:2b:54:3b:2e:
13:c2:69:5d:88:38:35:27:e5:e6:55:4e:a4:68:6c:
e0:09:0b:d6:67:d8:8c:f7:e3:27:cf:59:bc:da:64:
08:6d:cb:07:0d:45:da:cf:a2:7d:a2:e6:77:7b:96:
49:d5:9c:f3:81:a4:b5:61:c2:48:1d:1f:60:c5:ee:
8b:11:13:2c:79:60:51:16:25:fc:5b:3b:b3:c2:40:
2a:cc:0f:46:f6:a6:89:48:d1:30:f5:00:49:7d:a1:
1b:40:68:cc:51:a4:d4:15:c2:a5:12:f7:9f:e5:dc:
25:42:08:bf:32:a2:c2:74:80:16:fa:d1:9d:7d:b8:
7e:68:56:dd:86:28:3b:5f:0a:8f:97:c8:fa:10:17:
5b:4e:0f:3f:5b:33:4b:d5:10:18:9b:b3:63:f0:83:
6c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4A:F7:B3:46:85:74:E8:A7:70:D8:EF:ED:7D:A5:67:A6:D8:DF:DD
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/kEr3s0aFdOincNjv7X2lZ6bY390.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.221.0/24
Signature Algorithm: sha256WithRSAEncryption
01:53:7f:ea:ca:00:88:cb:b8:29:30:e5:2e:72:94:98:75:0c:
cf:4a:d2:1f:2e:5a:6b:cf:d9:35:59:52:f8:b8:b5:b9:14:cf:
66:57:29:cd:13:81:ce:55:1e:86:0c:47:1c:bd:b5:bc:e6:25:
6a:60:d0:a3:90:c8:2a:61:51:5c:42:60:7c:7a:44:c7:5d:3f:
f0:14:dc:80:26:34:0f:3d:d9:74:b6:bf:88:ec:5a:ea:55:44:
6e:b6:dc:0a:ad:e2:c9:5c:53:69:8d:b9:e0:bb:b1:0c:88:a1:
c0:63:5d:6b:05:4a:d5:8d:0a:2e:10:82:8e:36:48:b1:13:65:
66:7d:6a:50:38:c5:ba:50:a3:42:7f:05:32:b3:c0:15:7f:d3:
db:7b:38:7f:d7:7e:56:a9:07:cc:01:20:6b:2b:59:a6:58:a4:
a2:ad:c7:9b:f6:c8:37:8b:e8:f3:a1:1c:75:b4:a4:32:4c:92:
8c:b0:5d:51:f4:71:10:ce:52:83:5d:56:c5:41:56:09:ab:55:
c4:ba:7e:0a:97:69:32:bf:53:a5:5e:88:5c:ae:e6:5f:24:35:
d9:a4:1a:f3:50:f8:dd:b8:16:6f:55:68:41:fa:87:38:ac:3a:
d1:f6:5d:58:bc:fd:7a:ab:55:c7:79:3d:19:ea:11:e3:a5:c3:
05:85:54:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcjvFDiJTH97TWorzdJHccJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjMwMzI3MTU0MjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDRhZjdiMzQ2ODU3NGU4YTc3MGQ4ZWZlZDdkYTU2N2E2ZDhkZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijls5qj6pdTv7ROY6ctuoyNHoFcN
GjBKIkCHdqtqtf752cLXKjKqsEBrOrkxuAxry/yuV5IdyVLFZdqp1x6jCAAPKh/B
0zgm6b3+wAm30Bv9wABbfQG/KyDtZ4gTYPN5RDUS/StUOy4TwmldiDg1J+XmVU6k
aGzgCQvWZ9iM9+Mnz1m82mQIbcsHDUXaz6J9ouZ3e5ZJ1ZzzgaS1YcJIHR9gxe6L
ERMseWBRFiX8WzuzwkAqzA9G9qaJSNEw9QBJfaEbQGjMUaTUFcKlEvef5dwlQgi/
MqLCdIAW+tGdfbh+aFbdhig7XwqPl8j6EBdbTg8/WzNL1RAYm7Nj8INsXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJBK97NGhXTop3DY7+19pWem2N/dMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEva0VyM3MwYUZkT2luY05qdjdYMmxaNmJZMzkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW5XdMA0G
CSqGSIb3DQEBCwUAA4IBAQABU3/qygCIy7gpMOUucpSYdQzPStIfLlprz9k1WVL4
uLW5FM9mVynNE4HOVR6GDEccvbW85iVqYNCjkMgqYVFcQmB8ekTHXT/wFNyAJjQP
Pdl0tr+I7FrqVURuttwKreLJXFNpjbngu7EMiKHAY11rBUrVjQouEIKONkixE2Vm
fWpQOMW6UKNCfwUys8AVf9Pbezh/135WqQfMASBrK1mmWKSirceb9sg3i+jzoRx1
tKQyTJKMsF1R9HEQzlKDXVbFQVYJq1XEun4Kl2kyv1OlXohcruZfJDXZpBrzUPjd
uBZvVWhB+oc4rDrR9l1YvP16q1XHeT0Z6hHjpcMFhVQc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:16 2024 by rpki-client on console-ams.rpki-client.org