Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/kJp4xZXE8duEblfbeLxy6WK0wpM.roa
File: kJp4xZXE8duEblfbeLxy6WK0wpM.roa (raw, json)
Hash identifier: zrYbmwthBrW+xQp2eA+8I2Noo8y8w5P8owEZ8ww+dxs=
Subject key identifier: 90:9A:78:C5:95:C4:F1:DB:84:6E:57:DB:78:BC:72:E9:62:B4:C2:93
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 0189BA57B6A2BF6247ADB87C179D99D043CC
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/kJp4xZXE8duEblfbeLxy6WK0wpM.roa
Signing time: Thu 03 Aug 2023 07:40:57 +0000
ROA not before: Thu 03 Aug 2023 07:40:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198401
IP address blocks: 91.149.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:57:b6:a2:bf:62:47:ad:b8:7c:17:9d:99:d0:43:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Aug 3 07:40:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=909a78c595c4f1db846e57db78bc72e962b4c293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4c:c3:c2:36:9a:53:48:22:27:e6:8a:7e:9b:
76:42:52:69:62:f0:46:99:d7:51:d3:d0:99:ce:87:
f5:c6:8c:78:eb:bd:67:da:2b:46:43:06:b2:b4:9a:
e8:67:99:10:c7:49:f3:9c:82:29:8d:bc:93:81:8d:
a5:98:10:2a:41:9d:99:59:58:5c:b6:c7:e6:4e:7f:
72:1f:8f:db:1e:47:96:eb:c3:c2:2e:ad:1a:f4:1d:
75:ba:b9:6a:51:2c:e6:28:9e:de:ce:4f:f7:72:de:
aa:84:ea:51:50:13:0f:64:d6:b9:fd:e8:ed:78:0f:
3d:95:8c:0f:10:b7:44:23:96:aa:6c:f3:f1:67:05:
97:d9:b5:a5:dd:ae:e1:c1:ad:ae:df:87:c9:7e:24:
51:de:60:53:e8:c5:ae:88:53:28:47:b3:36:a5:51:
81:35:64:d3:27:fa:7f:ce:1c:97:60:4e:f8:b5:e9:
53:09:c9:71:50:06:21:72:c6:84:06:70:05:b1:1c:
1e:88:b3:ae:b9:f1:30:5e:ad:de:fa:a2:00:2c:bb:
ef:24:e9:52:f8:e2:7a:0d:42:cc:49:48:09:a8:15:
68:de:8d:d0:b1:2a:ea:2e:5d:d0:01:35:25:33:74:
ae:6b:1e:55:5d:3d:37:d1:4f:ea:4f:d9:6c:2e:fa:
40:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:9A:78:C5:95:C4:F1:DB:84:6E:57:DB:78:BC:72:E9:62:B4:C2:93
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/kJp4xZXE8duEblfbeLxy6WK0wpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.213.0/24
Signature Algorithm: sha256WithRSAEncryption
31:47:1f:8d:bb:7b:d4:01:45:74:7b:9b:2f:31:b7:a4:d6:e2:
f4:7a:1f:33:67:ab:d6:cc:61:f2:2a:14:8a:f8:fc:72:e5:f7:
0d:66:14:bb:fc:c8:d1:13:2d:50:36:93:5e:40:02:1a:77:25:
68:0a:ee:88:fe:d6:f2:5d:7e:3f:c4:7a:37:dd:c7:db:c1:a5:
71:d9:e9:86:a6:77:ed:80:a6:97:c3:75:72:ce:dd:a5:2c:ba:
e6:73:1f:39:9e:81:a2:5d:06:6f:0e:77:b8:38:07:9b:19:9a:
a8:50:5b:98:d5:37:f8:18:74:16:e9:45:4d:83:72:cd:a0:ef:
1c:95:22:44:0d:1c:b3:b3:01:3d:51:18:65:44:01:ef:11:27:
9c:06:ba:df:76:3c:23:72:38:1a:0b:02:3b:14:6a:07:a7:18:
33:3f:eb:8d:e4:13:a1:f9:9a:c2:4d:37:43:84:52:0b:03:d8:
ac:f9:9c:86:fd:b0:ef:76:fe:17:c2:38:5c:4d:0a:07:2c:1e:
bd:8d:ca:cd:b1:a2:6b:3d:6c:e2:e5:b1:43:07:da:bd:a5:aa:
7a:ed:a6:eb:4f:b7:b3:86:99:39:40:c6:4b:2d:34:41:7a:1a:
cb:75:3e:04:99:8d:3c:7b:5d:f4:9f:1e:ee:57:ff:3f:b1:fc:
a4:56:7e:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYm6V7aiv2JHrbh8F52Z0EPMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjMwODAzMDc0MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDlhNzhjNTk1YzRmMWRiODQ2ZTU3ZGI3OGJjNzJlOTYyYjRjMjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEzDwjaaU0giJ+aKfpt2QlJpYvBG
mddR09CZzof1xox4671n2itGQwaytJroZ5kQx0nznIIpjbyTgY2lmBAqQZ2ZWVhc
tsfmTn9yH4/bHkeW68PCLq0a9B11urlqUSzmKJ7ezk/3ct6qhOpRUBMPZNa5/ejt
eA89lYwPELdEI5aqbPPxZwWX2bWl3a7hwa2u34fJfiRR3mBT6MWuiFMoR7M2pVGB
NWTTJ/p/zhyXYE74telTCclxUAYhcsaEBnAFsRweiLOuufEwXq3e+qIALLvvJOlS
+OJ6DULMSUgJqBVo3o3QsSrqLl3QATUlM3Suax5VXT030U/qT9lsLvpAXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCaeMWVxPHbhG5X23i8culitMKTMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEva0pwNHhaWEU4ZHVFYmxmYmVMeHk2V0swd3BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW5XVMA0G
CSqGSIb3DQEBCwUAA4IBAQAxRx+Nu3vUAUV0e5svMbek1uL0eh8zZ6vWzGHyKhSK
+Pxy5fcNZhS7/MjREy1QNpNeQAIadyVoCu6I/tbyXX4/xHo33cfbwaVx2emGpnft
gKaXw3Vyzt2lLLrmcx85noGiXQZvDne4OAebGZqoUFuY1Tf4GHQW6UVNg3LNoO8c
lSJEDRyzswE9URhlRAHvESecBrrfdjwjcjgaCwI7FGoHpxgzP+uN5BOh+ZrCTTdD
hFILA9is+ZyG/bDvdv4XwjhcTQoHLB69jcrNsaJrPWzi5bFDB9q9pap67abrT7ez
hpk5QMZLLTRBehrLdT4EmY08e130nx7uV/8/sfykVn4M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:16 2024 by rpki-client on console-ams.rpki-client.org