Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/kko9WMArv51KfQS6qnBr4PinNis.roa
File: kko9WMArv51KfQS6qnBr4PinNis.roa (raw, json)
Hash identifier: EODfSVuB6zQMML+GJfQl6jvFxztquwdchgV9R+VklEM=
Subject key identifier: 92:4A:3D:58:C0:2B:BF:9D:4A:7D:04:BA:AA:70:6B:E0:F8:A7:36:2B
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 01856DC1BF8BF264A6869B427E2BFE2F5DD4
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/kko9WMArv51KfQS6qnBr4PinNis.roa
Signing time: Sun 01 Jan 2023 14:34:52 +0000
ROA not before: Sun 01 Jan 2023 14:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 91.149.200.0/24 maxlen: 24
91.149.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 May 2023 13:55:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:bf:8b:f2:64:a6:86:9b:42:7e:2b:fe:2f:5d:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Jan 1 14:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=924a3d58c02bbf9d4a7d04baaa706be0f8a7362b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:00:b3:c0:75:db:dc:b2:ee:2a:e9:70:74:cd:
70:c5:ab:56:a6:a0:d2:6e:fe:09:4c:3c:43:f5:8b:
ac:06:9a:8c:fd:08:d1:67:46:8d:06:05:ce:c9:6e:
1c:bd:ff:83:0f:00:4b:ba:f1:97:fa:9d:d2:5d:bb:
d0:f6:d0:55:48:20:1e:2b:db:49:71:25:a4:2d:3d:
f4:f2:c2:50:90:90:b7:2e:e7:f8:a9:ba:87:05:ca:
d7:c6:20:0d:7a:34:f2:47:bc:c9:a6:65:c3:1e:56:
3e:d2:90:89:9b:73:03:ac:44:90:81:02:59:fa:26:
0d:9f:23:f9:50:98:25:3c:3f:73:44:82:45:38:4e:
36:de:89:84:53:45:f4:07:c9:28:c9:9a:2b:56:4c:
b4:16:9c:58:cf:2d:cd:6f:af:30:98:2a:35:e8:0a:
fb:c0:e8:82:12:da:de:05:22:9e:98:62:c1:25:db:
52:84:f7:15:56:7d:6f:9c:7c:2a:8f:6a:36:09:40:
ea:dc:68:13:b9:d1:51:07:86:7d:29:72:87:e7:d2:
d9:61:9a:49:5c:19:4a:d8:a1:ca:93:a3:9a:bc:b4:
1d:bf:89:6f:3b:95:ec:51:90:03:04:48:08:7e:38:
2d:bc:f7:87:87:ac:04:64:15:cb:32:be:96:71:44:
c1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:4A:3D:58:C0:2B:BF:9D:4A:7D:04:BA:AA:70:6B:E0:F8:A7:36:2B
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/kko9WMArv51KfQS6qnBr4PinNis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.200.0/24
91.149.235.0/24
Signature Algorithm: sha256WithRSAEncryption
39:3c:ea:ab:e2:12:8d:1d:d1:3e:e0:08:3b:02:74:9d:08:77:
b5:2f:63:ec:d9:57:ad:74:b8:63:70:cc:ce:54:2d:06:9f:6b:
43:52:65:e3:d4:18:b4:bd:96:9f:4f:70:a0:60:13:c2:80:21:
cf:8d:a2:03:f5:b3:e7:91:a4:70:fe:fe:3b:51:64:83:a8:83:
b3:81:a5:35:fc:fb:97:da:f0:40:85:49:49:9a:84:1d:64:5e:
75:6c:b9:bb:e9:53:9f:43:a9:07:f2:1b:23:27:c1:61:73:82:
87:39:5c:65:5c:69:5b:3e:ab:f2:6f:61:f3:60:4e:c0:99:7b:
8e:15:fd:54:e1:a2:17:67:71:b2:9a:37:3b:40:df:95:e7:d6:
88:27:95:cb:06:e6:cb:7b:e3:db:fe:5e:b2:1f:06:b1:42:ac:
7c:83:1c:af:9b:47:f7:2c:cb:cf:70:c2:dc:f3:8b:5d:1b:2d:
95:bd:8a:fc:f4:6f:1d:7d:d8:00:bb:97:7d:43:77:a1:f1:ef:
ff:e6:0c:cb:5e:1c:4a:08:82:66:c1:e1:c2:d3:9b:da:16:c4:
25:27:fa:0b:52:51:9e:8c:10:6c:60:49:6b:fe:0a:c7:ce:b3:
ca:7e:9a:dd:f1:33:4c:60:2a:9a:d0:73:1a:1b:30:ee:8e:2b:
4d:c2:4a:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtwb+L8mSmhptCfiv+L13UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjMwMTAxMTQzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjRhM2Q1OGMwMmJiZjlkNGE3ZDA0YmFhYTcwNmJlMGY4YTczNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwCzwHXb3LLuKulwdM1wxatWpqDS
bv4JTDxD9YusBpqM/QjRZ0aNBgXOyW4cvf+DDwBLuvGX+p3SXbvQ9tBVSCAeK9tJ
cSWkLT308sJQkJC3Luf4qbqHBcrXxiANejTyR7zJpmXDHlY+0pCJm3MDrESQgQJZ
+iYNnyP5UJglPD9zRIJFOE423omEU0X0B8koyZorVky0FpxYzy3Nb68wmCo16Ar7
wOiCEtreBSKemGLBJdtShPcVVn1vnHwqj2o2CUDq3GgTudFRB4Z9KXKH59LZYZpJ
XBlK2KHKk6OavLQdv4lvO5XsUZADBEgIfjgtvPeHh6wEZBXLMr6WcUTBVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJJKPVjAK7+dSn0Euqpwa+D4pzYrMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEva2tvOVdNQXJ2NTFLZlFTNnFuQnI0UGluTmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW5XIAwQA
W5XrMA0GCSqGSIb3DQEBCwUAA4IBAQA5POqr4hKNHdE+4Ag7AnSdCHe1L2Ps2Vet
dLhjcMzOVC0Gn2tDUmXj1Bi0vZafT3CgYBPCgCHPjaID9bPnkaRw/v47UWSDqIOz
gaU1/PuX2vBAhUlJmoQdZF51bLm76VOfQ6kH8hsjJ8Fhc4KHOVxlXGlbPqvyb2Hz
YE7AmXuOFf1U4aIXZ3Gymjc7QN+V59aIJ5XLBubLe+Pb/l6yHwaxQqx8gxyvm0f3
LMvPcMLc84tdGy2VvYr89G8dfdgAu5d9Q3eh8e//5gzLXhxKCIJmweHC05vaFsQl
J/oLUlGejBBsYElr/grHzrPKfprd8TNMYCqa0HMaGzDujitNwkqu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:21 2024 by rpki-client on console-fra.rpki-client.org