Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/uh1AJ3XE-jSbDHUMFZlQ048678g.roa
File: uh1AJ3XE-jSbDHUMFZlQ048678g.roa (raw, json)
Hash identifier: jM3VtYOmjErNmOzfCtwt1cHxLLq14Rn94EaW84WCTuM=
Subject key identifier: BA:1D:40:27:75:C4:FA:34:9B:0C:75:0C:15:99:50:D3:8F:3A:EF:C8
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 018B37366E775C3AAD726974AB876A00761F
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/uh1AJ3XE-jSbDHUMFZlQ048678g.roa
Signing time: Mon 16 Oct 2023 06:39:55 +0000
ROA not before: Mon 16 Oct 2023 06:39:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 91.149.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:36:6e:77:5c:3a:ad:72:69:74:ab:87:6a:00:76:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Oct 16 06:39:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba1d402775c4fa349b0c750c159950d38f3aefc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:2e:ef:2f:cd:ae:02:f7:ba:bd:78:83:95:39:
96:dc:cd:dc:f3:1c:1e:73:fa:20:50:54:44:cf:8a:
e0:af:4e:4f:02:80:24:d6:bc:2f:23:5b:dc:ef:51:
f8:90:e6:b2:fd:d9:61:e2:d1:8c:e0:3c:c7:63:5c:
b8:54:9c:ce:06:4d:49:94:89:0e:88:47:d2:04:bd:
b3:6e:1f:bb:c5:44:59:09:01:0f:b7:59:73:15:fe:
da:b7:07:7b:5f:b3:21:54:cb:74:cd:85:30:f0:75:
6a:6f:2c:08:29:52:36:b1:07:55:a6:db:96:06:bb:
06:1a:c3:97:0a:c9:2c:0f:61:3a:d1:fd:61:ee:83:
af:ae:47:9a:e4:28:b4:d5:92:31:8b:4e:04:07:ff:
ed:73:47:a7:59:35:32:54:8f:fe:e8:5e:21:bf:00:
1a:00:55:1f:2f:b7:96:7e:56:76:3a:0a:e8:fd:d0:
cc:26:b2:f3:60:91:f3:d2:b9:49:59:05:e7:dc:fc:
d7:14:34:e5:e5:55:dd:b6:4a:e4:05:b4:52:04:0b:
a4:02:cf:e3:7a:5d:65:9b:6b:e4:65:d4:ec:66:ba:
dd:11:b4:b5:dc:57:4d:ed:47:c8:7b:91:ef:69:d1:
1d:78:5c:63:73:31:0d:1d:ea:04:d7:3e:d5:12:2b:
0d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:1D:40:27:75:C4:FA:34:9B:0C:75:0C:15:99:50:D3:8F:3A:EF:C8
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/uh1AJ3XE-jSbDHUMFZlQ048678g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.221.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:d5:27:b8:d2:cb:74:c6:3f:03:38:e2:f7:a7:48:82:f3:4a:
db:9d:0e:e8:05:f3:b7:3a:6e:ce:60:54:a0:7b:75:18:fb:e0:
be:78:e5:a2:e1:fa:6d:10:6a:b0:90:a1:8d:73:92:ac:4d:aa:
da:ce:06:4d:b3:90:5d:cb:8f:d5:cc:88:a2:53:d9:fa:aa:0b:
15:b9:d7:b5:da:a2:1a:84:5d:78:9d:b3:13:65:7b:cb:2e:90:
c9:09:e9:2c:05:b8:6f:6f:63:4d:46:8a:b1:7a:83:a8:02:8a:
2c:d7:92:b0:10:24:b6:ba:e0:51:98:3a:75:94:83:c6:66:e5:
8b:51:04:03:c9:ba:fe:fd:dc:dd:01:96:6c:47:82:b5:1f:c7:
63:e0:78:b0:71:7a:34:b1:fc:40:5e:3e:cb:0e:a5:77:8f:7f:
70:fe:e2:bd:ec:b1:09:c2:31:a7:65:ad:9f:79:45:5b:84:e5:
f7:79:5c:66:28:05:7c:3c:fb:c2:17:3b:63:e2:4a:b1:57:6a:
e3:3e:c2:a7:54:84:b0:9f:7c:ef:8b:78:95:da:10:ee:69:8a:
55:eb:26:07:6f:29:6c:58:a2:8f:80:96:b0:7c:e4:73:26:45:
f9:98:cd:9a:8a:5c:84:66:bf:e3:40:35:a6:05:fe:73:21:ef:
2b:46:14:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs3Nm53XDqtcml0q4dqAHYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjMxMDE2MDYzOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTFkNDAyNzc1YzRmYTM0OWIwYzc1MGMxNTk5NTBkMzhmM2FlZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4S7vL82uAve6vXiDlTmW3M3c8xwe
c/ogUFREz4rgr05PAoAk1rwvI1vc71H4kOay/dlh4tGM4DzHY1y4VJzOBk1JlIkO
iEfSBL2zbh+7xURZCQEPt1lzFf7atwd7X7MhVMt0zYUw8HVqbywIKVI2sQdVptuW
BrsGGsOXCsksD2E60f1h7oOvrkea5Ci01ZIxi04EB//tc0enWTUyVI/+6F4hvwAa
AFUfL7eWflZ2Ogro/dDMJrLzYJHz0rlJWQXn3PzXFDTl5VXdtkrkBbRSBAukAs/j
el1lm2vkZdTsZrrdEbS13FdN7UfIe5HvadEdeFxjczENHeoE1z7VEisN1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLodQCd1xPo0mwx1DBWZUNOPOu/IMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvdWgxQUozWEUtalNiREhVTUZabFEwNDg2NzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW5XdMA0G
CSqGSIb3DQEBCwUAA4IBAQCP1Se40st0xj8DOOL3p0iC80rbnQ7oBfO3Om7OYFSg
e3UY++C+eOWi4fptEGqwkKGNc5KsTarazgZNs5Bdy4/VzIiiU9n6qgsVude12qIa
hF14nbMTZXvLLpDJCeksBbhvb2NNRoqxeoOoAoos15KwECS2uuBRmDp1lIPGZuWL
UQQDybr+/dzdAZZsR4K1H8dj4HiwcXo0sfxAXj7LDqV3j39w/uK97LEJwjGnZa2f
eUVbhOX3eVxmKAV8PPvCFztj4kqxV2rjPsKnVISwn3zvi3iV2hDuaYpV6yYHbyls
WKKPgJawfORzJkX5mM2ailyEZr/jQDWmBf5zIe8rRhRB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:21 2024 by rpki-client on console-fra.rpki-client.org