Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/bZBQlOHRdyGIjVj50pbhOmaQ2xo.roa
File: bZBQlOHRdyGIjVj50pbhOmaQ2xo.roa (raw, json)
Hash identifier: /Yd1sqjx+ecF7cfKszilRR04KSNq00RrdmupHlmaVUs=
Subject key identifier: 6D:90:50:94:E1:D1:77:21:88:8D:58:F9:D2:96:E1:3A:66:90:DB:1A
Certificate issuer: /CN=1a93849bff337df8b8b0bd1ae252ee6119d8a61f
Certificate serial: 018570DE4112C83D3965B405305906D00D8C
Authority key identifier: 1A:93:84:9B:FF:33:7D:F8:B8:B0:BD:1A:E2:52:EE:61:19:D8:A6:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpOEm_8zffi4sL0a4lLuYRnYph8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/bZBQlOHRdyGIjVj50pbhOmaQ2xo.roa
Signing time: Mon 02 Jan 2023 05:04:51 +0000
ROA not before: Mon 02 Jan 2023 05:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 195.46.38.0/24 maxlen: 24
91.213.115.0/24 maxlen: 24
91.241.6.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:41:12:c8:3d:39:65:b4:05:30:59:06:d0:0d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a93849bff337df8b8b0bd1ae252ee6119d8a61f
Validity
Not Before: Jan 2 05:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d905094e1d17721888d58f9d296e13a6690db1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:35:d8:01:c6:33:15:e3:78:a6:7b:5a:fa:c1:
8b:9c:d4:63:5d:f9:57:ca:4a:97:7d:89:fa:26:ff:
ec:e3:8b:23:b3:77:fe:6e:4b:90:48:e4:fb:bb:92:
61:44:0f:f2:69:88:4e:66:52:8d:73:17:c4:e4:06:
58:91:4b:5e:a0:85:bd:e3:f6:d7:cf:17:a6:ef:81:
4c:e1:ee:98:a7:aa:ed:dc:66:b2:38:79:f4:ff:f5:
6a:aa:98:68:c2:4c:b8:09:8c:5e:53:a3:3e:b4:aa:
c9:5f:5f:e2:61:47:2a:fe:e0:dd:eb:10:0d:71:91:
97:29:16:d2:2a:42:b5:22:b3:2e:81:45:64:8d:b1:
d5:bd:44:1f:a6:7c:6f:8b:8f:63:8e:aa:45:85:dd:
c8:28:c1:a5:cd:e4:3d:4e:84:b9:67:5e:ab:63:1c:
db:35:6a:00:d1:69:4f:aa:55:fb:2b:82:2a:6d:63:
04:3d:20:ad:27:22:82:2c:37:c8:6f:ab:ff:c5:a1:
6d:0a:93:b7:2d:50:f2:cc:85:c2:d6:ad:42:f6:57:
b3:e3:56:51:04:b4:49:2e:a4:f2:8d:25:8f:e8:9c:
06:ac:56:7c:a0:ac:7a:64:fd:3f:a5:01:b6:bd:2e:
2e:25:7d:47:c6:7e:cf:de:77:fe:b8:c4:f7:ca:a5:
52:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:90:50:94:E1:D1:77:21:88:8D:58:F9:D2:96:E1:3A:66:90:DB:1A
X509v3 Authority Key Identifier:
keyid:1A:93:84:9B:FF:33:7D:F8:B8:B0:BD:1A:E2:52:EE:61:19:D8:A6:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpOEm_8zffi4sL0a4lLuYRnYph8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/bZBQlOHRdyGIjVj50pbhOmaQ2xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/GpOEm_8zffi4sL0a4lLuYRnYph8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.115.0/24
91.241.6.0/23
195.46.38.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:4c:3c:b9:7a:9e:5b:f3:78:68:2c:14:f7:e2:64:7d:34:15:
5f:42:e9:93:b3:b8:35:b8:c2:ec:d7:46:44:90:bf:68:ab:52:
42:6b:32:cf:7d:fb:00:31:f7:ef:ef:a8:f8:bd:64:50:2f:2b:
8d:d1:59:c4:9c:6d:1b:c2:61:e5:b1:c4:5c:85:cd:cd:5c:c2:
c8:f2:2a:e1:de:4c:20:77:b4:9a:2a:a4:21:f3:9d:a0:02:c4:
ad:a5:5e:87:51:fc:7f:73:1d:ba:0a:ec:76:46:9a:c5:bd:d1:
64:b1:fb:5f:6e:08:18:af:85:80:f0:97:58:f6:f9:04:05:97:
2f:4f:4c:32:89:5e:f8:84:48:37:e0:72:1c:18:38:62:1f:33:
ae:51:0c:10:ec:a1:7f:5b:d4:d5:79:52:77:bf:3b:96:b1:74:
82:43:6b:c7:a9:df:69:e0:91:a4:44:09:a3:b6:c7:1a:e4:20:
52:2a:b8:c3:44:fc:e2:6f:18:15:2f:2a:a6:22:57:2a:ca:59:
41:54:df:32:79:15:4c:7d:27:50:ba:2d:0b:a5:12:cc:17:5b:
74:47:55:a5:bf:b5:8c:22:a7:22:31:70:aa:2f:d4:8c:64:5f:
9e:0e:b6:4d:ad:24:6b:1d:e5:13:65:e6:2c:81:a7:48:ba:88:
6a:1d:9e:cc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw3kESyD05ZbQFMFkG0A2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOTM4NDliZmYzMzdkZjhiOGIwYmQxYWUyNTJlZTYxMTlk
OGE2MWYwHhcNMjMwMTAyMDUwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDkwNTA5NGUxZDE3NzIxODg4ZDU4ZjlkMjk2ZTEzYTY2OTBkYjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjXYAcYzFeN4pnta+sGLnNRjXflX
ykqXfYn6Jv/s44sjs3f+bkuQSOT7u5JhRA/yaYhOZlKNcxfE5AZYkUteoIW94/bX
zxem74FM4e6Yp6rt3GayOHn0//Vqqphowky4CYxeU6M+tKrJX1/iYUcq/uDd6xAN
cZGXKRbSKkK1IrMugUVkjbHVvUQfpnxvi49jjqpFhd3IKMGlzeQ9ToS5Z16rYxzb
NWoA0WlPqlX7K4IqbWMEPSCtJyKCLDfIb6v/xaFtCpO3LVDyzIXC1q1C9lez41ZR
BLRJLqTyjSWP6JwGrFZ8oKx6ZP0/pQG2vS4uJX1Hxn7P3nf+uMT3yqVSdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG2QUJTh0XchiI1Y+dKW4TpmkNsaMB8GA1UdIwQY
MBaAFBqThJv/M334uLC9GuJS7mEZ2KYfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3BPRW1fOHpmZmk0c0wwYTRsTHVZUm5ZcGg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9kNDQ5N2EtMTFmMi00OWFjLWFlZjkt
NDNlNjdkNWQwYTg1LzEvYlpCUWxPSFJkeUdJalZqNTBwYmhPbWFRMnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9kNDQ5N2EtMTFmMi00OWFjLWFlZjktNDNlNjdkNWQwYTg1
LzEvR3BPRW1fOHpmZmk0c0wwYTRsTHVZUm5ZcGg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9VzAwQB
W/EGAwQAwy4mMA0GCSqGSIb3DQEBCwUAA4IBAQBvTDy5ep5b83hoLBT34mR9NBVf
QumTs7g1uMLs10ZEkL9oq1JCazLPffsAMffv76j4vWRQLyuN0VnEnG0bwmHlscRc
hc3NXMLI8irh3kwgd7SaKqQh852gAsStpV6HUfx/cx26Cux2RprFvdFksftfbggY
r4WA8JdY9vkEBZcvT0wyiV74hEg34HIcGDhiHzOuUQwQ7KF/W9TVeVJ3vzuWsXSC
Q2vHqd9p4JGkRAmjtsca5CBSKrjDRPzibxgVLyqmIlcqyllBVN8yeRVMfSdQui0L
pRLMF1t0R1Wlv7WMIqciMXCqL9SMZF+eDrZNrSRrHeUTZeYsgadIuohqHZ7M
-----END CERTIFICATE-----
Generated at Wed Sep 13 08:32:24 2023 by rpki-client on console-ams.rpki-client.org