Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/ab9881-be13-49a5-92c3-85730532bd9a/1/lZ0hsbT57m0dNajcGjo4QS321q8.roa
File: lZ0hsbT57m0dNajcGjo4QS321q8.roa (raw, json)
Hash identifier: 2Ug1LlCC6seeuwPWZEDcjTr4lSTOo1liHzjtXZyBvik=
Subject key identifier: 95:9D:21:B1:B4:F9:EE:6D:1D:35:A8:DC:1A:3A:38:41:2D:F6:D6:AF
Certificate issuer: /CN=aa9156880773616f7c223aeddd33b5456101c1a1
Certificate serial: 018572BA70607F8BDADE3573D94F9E7E1B47
Authority key identifier: AA:91:56:88:07:73:61:6F:7C:22:3A:ED:DD:33:B5:45:61:01:C1:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qpFWiAdzYW98Ijrt3TO1RWEBwaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/ab9881-be13-49a5-92c3-85730532bd9a/1/lZ0hsbT57m0dNajcGjo4QS321q8.roa
Signing time: Mon 02 Jan 2023 13:44:59 +0000
ROA not before: Mon 02 Jan 2023 13:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8423
IP address blocks: 91.198.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:70:60:7f:8b:da:de:35:73:d9:4f:9e:7e:1b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa9156880773616f7c223aeddd33b5456101c1a1
Validity
Not Before: Jan 2 13:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=959d21b1b4f9ee6d1d35a8dc1a3a38412df6d6af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4f:1a:73:09:65:93:8a:64:de:ad:60:f8:6f:
fd:95:57:6b:ca:a3:0b:7f:96:24:08:6b:4b:53:96:
b0:bf:ba:6e:71:57:f6:29:a1:f5:01:d7:87:94:92:
10:37:8e:11:c5:f6:c1:7a:08:1a:12:12:43:24:ff:
9f:5d:39:ff:d0:a4:a1:f7:44:35:8a:fb:ef:9e:4f:
cf:15:f6:6e:ad:04:c9:44:ef:4f:43:4d:1b:15:5d:
41:c7:16:d2:8d:cc:ae:61:61:64:a6:0e:9e:08:35:
6d:38:fa:49:01:3d:79:ae:50:38:b6:9e:a2:a1:75:
b6:63:6b:59:f7:3b:d0:4a:9a:4d:3d:58:98:de:80:
38:ef:55:c8:b3:cd:25:b6:12:88:a3:8f:bc:d3:95:
ce:e5:ec:2e:2e:9c:7a:c5:1f:4d:b7:b5:85:a9:ac:
c5:bc:4e:ac:78:ce:0a:d7:35:a0:24:2d:c0:7c:07:
0d:79:ae:5b:9a:7d:f9:8d:78:8e:3e:26:53:11:53:
61:38:df:2f:fd:60:c2:06:45:91:b9:96:bb:be:cd:
2c:50:a5:5d:ef:6f:1d:2a:a0:05:90:ce:89:10:89:
40:e5:9e:d6:50:b4:75:9a:5e:ac:a2:52:fe:0c:7b:
4b:e1:9e:b0:af:63:da:9d:13:55:eb:f4:3a:2d:67:
36:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9D:21:B1:B4:F9:EE:6D:1D:35:A8:DC:1A:3A:38:41:2D:F6:D6:AF
X509v3 Authority Key Identifier:
keyid:AA:91:56:88:07:73:61:6F:7C:22:3A:ED:DD:33:B5:45:61:01:C1:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qpFWiAdzYW98Ijrt3TO1RWEBwaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ab9881-be13-49a5-92c3-85730532bd9a/1/lZ0hsbT57m0dNajcGjo4QS321q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ab9881-be13-49a5-92c3-85730532bd9a/1/qpFWiAdzYW98Ijrt3TO1RWEBwaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.59.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:60:c1:e5:b5:d9:86:81:60:5f:79:6b:4e:bb:2b:56:96:9d:
de:81:55:b9:83:6a:6f:81:7c:ad:ec:1a:83:c9:e2:ed:97:c5:
da:ee:3f:ce:15:10:0b:30:e6:8b:5e:6f:c1:24:5d:5e:d1:04:
da:6f:f0:9e:d1:95:30:13:1f:88:da:8e:1c:7f:a3:0f:85:20:
b3:66:c3:df:e3:0a:28:d3:f8:a2:14:88:5e:6f:c1:bc:a3:2f:
ab:6e:7f:d1:a3:47:40:51:9a:54:91:3a:53:b0:07:4c:b9:cc:
8e:d7:df:6d:27:6e:b8:b1:2b:97:b3:13:41:30:77:ef:17:b3:
12:29:e9:27:01:b6:32:56:e0:23:d8:b2:43:cf:6a:f5:96:e3:
62:d3:4a:91:40:73:0f:1a:06:94:cd:08:e5:3d:52:e6:b3:98:
76:fe:29:a4:5a:5b:9d:52:e6:f1:2b:c6:3b:af:ee:5a:23:db:
66:31:49:6c:fb:7d:02:d6:7f:d0:dc:e0:af:54:07:98:30:3c:
6d:17:cb:61:cc:3e:a2:34:cf:55:41:1e:43:6d:18:1e:74:28:
b9:95:1a:3f:84:7d:28:98:b9:77:0d:99:a9:fe:10:4e:b0:e1:
dc:95:01:d9:d5:c0:8f:3e:d3:4e:b7:79:1a:0a:77:53:2d:b0:
f2:fa:70:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyunBgf4va3jVz2U+efhtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOTE1Njg4MDc3MzYxNmY3YzIyM2FlZGRkMzNiNTQ1NjEw
MWMxYTEwHhcNMjMwMTAyMTM0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTlkMjFiMWI0ZjllZTZkMWQzNWE4ZGMxYTNhMzg0MTJkZjZkNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk8acwllk4pk3q1g+G/9lVdryqML
f5YkCGtLU5awv7pucVf2KaH1AdeHlJIQN44RxfbBeggaEhJDJP+fXTn/0KSh90Q1
ivvvnk/PFfZurQTJRO9PQ00bFV1BxxbSjcyuYWFkpg6eCDVtOPpJAT15rlA4tp6i
oXW2Y2tZ9zvQSppNPViY3oA471XIs80lthKIo4+805XO5ewuLpx6xR9Nt7WFqazF
vE6seM4K1zWgJC3AfAcNea5bmn35jXiOPiZTEVNhON8v/WDCBkWRuZa7vs0sUKVd
728dKqAFkM6JEIlA5Z7WULR1ml6solL+DHtL4Z6wr2PanRNV6/Q6LWc2/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWdIbG0+e5tHTWo3Bo6OEEt9tavMB8GA1UdIwQY
MBaAFKqRVogHc2FvfCI67d0ztUVhAcGhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXBGV2lBZHpZVzk4SWpydDNUTzFSV0VCd2FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9hYjk4ODEtYmUxMy00OWE1LTkyYzMt
ODU3MzA1MzJiZDlhLzEvbFowaHNiVDU3bTBkTmFqY0dqbzRRUzMyMXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9hYjk4ODEtYmUxMy00OWE1LTkyYzMtODU3MzA1MzJiZDlh
LzEvcXBGV2lBZHpZVzk4SWpydDNUTzFSV0VCd2FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8Y7MA0G
CSqGSIb3DQEBCwUAA4IBAQCbYMHltdmGgWBfeWtOuytWlp3egVW5g2pvgXyt7BqD
yeLtl8Xa7j/OFRALMOaLXm/BJF1e0QTab/Ce0ZUwEx+I2o4cf6MPhSCzZsPf4woo
0/iiFIheb8G8oy+rbn/Ro0dAUZpUkTpTsAdMucyO199tJ264sSuXsxNBMHfvF7MS
KeknAbYyVuAj2LJDz2r1luNi00qRQHMPGgaUzQjlPVLms5h2/imkWludUubxK8Y7
r+5aI9tmMUls+30C1n/Q3OCvVAeYMDxtF8thzD6iNM9VQR5DbRgedCi5lRo/hH0o
mLl3DZmp/hBOsOHclQHZ1cCPPtNOt3kaCndTLbDy+nCa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:06 2024 by rpki-client on console-ams.rpki-client.org