Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/tzqMzUT7ylRxCZg0jzjp3Ta9KVk.roa
File: tzqMzUT7ylRxCZg0jzjp3Ta9KVk.roa (raw, json)
Hash identifier: WWSmZ1uN298QoxbJAj7gxaa/CmQoIWNMNbtuOByZNxs=
Subject key identifier: B7:3A:8C:CD:44:FB:CA:54:71:09:98:34:8F:38:E9:DD:36:BD:29:59
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 01856DC1BC3D34CDEA41C5E3F24344E746BB
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/tzqMzUT7ylRxCZg0jzjp3Ta9KVk.roa
Signing time: Sun 01 Jan 2023 14:34:51 +0000
ROA not before: Sun 01 Jan 2023 14:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 91.149.244.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:bc:3d:34:cd:ea:41:c5:e3:f2:43:44:e7:46:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Jan 1 14:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b73a8ccd44fbca54710998348f38e9dd36bd2959
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7a:51:97:75:96:67:53:9d:7a:06:20:4d:de:
de:26:2b:95:2f:68:3a:13:8d:f1:9a:10:b6:90:eb:
f0:f3:bc:cd:df:c1:4b:1b:9a:00:4d:17:83:22:52:
1c:76:18:b3:c3:be:e7:d9:d6:53:84:2c:5f:bd:65:
69:ae:b5:fc:78:cf:19:42:c6:c1:2b:da:f2:c0:a2:
db:20:a4:64:12:45:79:62:e7:be:9d:1f:ed:92:f6:
12:5c:d1:5e:84:f9:c8:c3:45:a3:ce:17:99:93:39:
c6:bf:d3:db:26:53:1d:8b:26:ca:ff:26:ff:51:82:
8a:71:88:78:ea:d5:99:10:55:00:85:19:94:55:e4:
7f:8b:ef:a9:7c:13:0c:59:17:67:90:46:58:5b:43:
4a:f5:12:73:94:47:14:68:dc:76:0c:a4:7d:4c:69:
0f:ab:cb:51:36:83:9b:42:d5:17:62:e9:f3:4d:14:
b1:ff:61:34:81:74:0a:1d:45:de:ea:dc:59:da:83:
8c:9c:ac:15:c7:db:9b:fa:9d:24:02:ac:02:ab:1f:
a9:ac:f2:a2:f9:bc:51:4b:c4:08:8a:d3:08:6b:e5:
58:d7:21:0c:f3:06:5e:b8:cf:fb:bc:15:8c:32:93:
cb:47:f6:60:a8:5f:40:c2:10:2b:fc:0d:34:34:77:
e4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:3A:8C:CD:44:FB:CA:54:71:09:98:34:8F:38:E9:DD:36:BD:29:59
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/tzqMzUT7ylRxCZg0jzjp3Ta9KVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.244.0/22
Signature Algorithm: sha256WithRSAEncryption
08:46:6a:ea:e1:79:8a:68:9e:b4:f3:e3:fe:07:55:36:4c:28:
ee:e8:72:03:34:7b:75:ad:85:a7:93:fd:d8:a9:7b:8d:c0:bb:
7d:07:0c:79:1e:e2:38:66:68:54:1d:bc:d7:56:37:19:2c:db:
f8:1e:29:aa:5a:03:3f:3a:94:30:23:78:dd:14:d7:9d:e7:f1:
bf:9b:98:84:30:a5:f5:a1:ba:bb:7a:69:2f:5b:12:b5:f2:4e:
ef:c0:03:9b:f5:fb:c2:2a:a7:8c:ef:90:56:f7:83:44:b5:0f:
74:6b:9e:fb:4b:3c:31:c6:0b:d0:59:43:47:d3:63:d7:8a:19:
31:90:a5:52:b4:0c:c3:26:89:22:45:90:da:30:75:31:91:12:
d0:a4:10:4f:40:8d:8e:5a:28:71:4b:ec:1e:f0:a6:a6:b6:0a:
b1:ac:3e:36:6d:d5:97:94:4e:91:27:67:24:25:f8:a4:26:cc:
f2:d7:78:38:15:3a:68:77:53:b5:52:93:94:d0:00:8a:9f:40:
0a:39:5b:62:a5:7e:7c:69:e5:eb:fa:82:ab:3d:71:37:38:3f:
c3:00:14:67:73:4f:0f:d3:15:e9:62:f0:a1:37:be:97:18:ff:
7a:e6:4a:bb:4e:8f:f4:f9:4e:4c:d3:06:2a:c8:b1:b0:d1:d3:
ac:4c:45:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwbw9NM3qQcXj8kNE50a7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjMwMTAxMTQzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzNhOGNjZDQ0ZmJjYTU0NzEwOTk4MzQ4ZjM4ZTlkZDM2YmQyOTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHpRl3WWZ1OdegYgTd7eJiuVL2g6
E43xmhC2kOvw87zN38FLG5oATReDIlIcdhizw77n2dZThCxfvWVprrX8eM8ZQsbB
K9rywKLbIKRkEkV5Yue+nR/tkvYSXNFehPnIw0WjzheZkznGv9PbJlMdiybK/yb/
UYKKcYh46tWZEFUAhRmUVeR/i++pfBMMWRdnkEZYW0NK9RJzlEcUaNx2DKR9TGkP
q8tRNoObQtUXYunzTRSx/2E0gXQKHUXe6txZ2oOMnKwVx9ub+p0kAqwCqx+prPKi
+bxRS8QIitMIa+VY1yEM8wZeuM/7vBWMMpPLR/ZgqF9AwhAr/A00NHfkowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLc6jM1E+8pUcQmYNI846d02vSlZMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvdHpxTXpVVDd5bFJ4Q1pnMGp6anAzVGE5S1ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW5X0MA0G
CSqGSIb3DQEBCwUAA4IBAQAIRmrq4XmKaJ608+P+B1U2TCju6HIDNHt1rYWnk/3Y
qXuNwLt9Bwx5HuI4ZmhUHbzXVjcZLNv4HimqWgM/OpQwI3jdFNed5/G/m5iEMKX1
obq7emkvWxK18k7vwAOb9fvCKqeM75BW94NEtQ90a577SzwxxgvQWUNH02PXihkx
kKVStAzDJokiRZDaMHUxkRLQpBBPQI2OWihxS+we8KamtgqxrD42bdWXlE6RJ2ck
JfikJszy13g4FTpod1O1UpOU0ACKn0AKOVtipX58aeXr+oKrPXE3OD/DABRnc08P
0xXpYvChN76XGP965kq7To/0+U5M0wYqyLGw0dOsTEW3
-----END CERTIFICATE-----
Generated at Tue Sep 5 12:07:44 2023 by rpki-client on console-fra.rpki-client.org