Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/269363-b35f-422c-b076-93f486b8b961/1/ncTe7UFaoLiLbteOGtEA7DzspXQ.roa
File: ncTe7UFaoLiLbteOGtEA7DzspXQ.roa (raw, json)
Hash identifier: nLQ9uCAzKRGNjk02XV5vpp5ij0c9P57bXC9Us17vitY=
Subject key identifier: 9D:C4:DE:ED:41:5A:A0:B8:8B:6E:D7:8E:1A:D1:00:EC:3C:EC:A5:74
Certificate issuer: /CN=9a918d7d180f36e76512a41611a0b28a8b40c52e
Certificate serial: 01856E2F9F49B9CB355740115E89AD74AE4B
Authority key identifier: 9A:91:8D:7D:18:0F:36:E7:65:12:A4:16:11:A0:B2:8A:8B:40:C5:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mpGNfRgPNudlEqQWEaCyiotAxS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/269363-b35f-422c-b076-93f486b8b961/1/ncTe7UFaoLiLbteOGtEA7DzspXQ.roa
Signing time: Sun 01 Jan 2023 16:34:52 +0000
ROA not before: Sun 01 Jan 2023 16:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197416
IP address blocks: 91.220.156.0/24 maxlen: 24
2001:67c:22a8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:9f:49:b9:cb:35:57:40:11:5e:89:ad:74:ae:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a918d7d180f36e76512a41611a0b28a8b40c52e
Validity
Not Before: Jan 1 16:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dc4deed415aa0b88b6ed78e1ad100ec3ceca574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b8:e0:72:85:90:13:66:c9:e5:7f:0c:bf:a5:
7a:9c:2b:99:78:6a:7c:61:98:30:59:4e:f9:88:35:
e9:00:8f:61:3e:95:98:fa:d1:8f:94:9d:7a:56:6e:
9e:82:7c:a6:aa:6d:a5:b1:45:c8:2a:53:b1:f9:f0:
1c:eb:73:fd:fd:13:46:e0:c0:9c:db:78:6f:6c:52:
68:9f:76:66:34:33:53:30:7e:3a:78:16:17:d6:cf:
08:61:90:84:77:77:20:3a:7f:05:fe:7a:a2:74:66:
1c:e3:b9:bb:59:ad:57:89:93:b1:be:67:d3:fa:8f:
12:fd:05:ae:1a:e7:4e:74:36:6c:d6:81:85:de:ec:
42:5e:c5:a5:c0:73:d0:ff:bf:e4:d3:75:0f:5f:80:
dc:b5:27:13:9f:7e:3e:84:4f:52:ce:1a:88:16:13:
a4:77:2d:92:28:b5:4d:c2:c4:dc:22:fa:20:07:de:
4c:35:05:20:a6:1e:cf:1a:ea:c8:b1:2f:8e:6e:3c:
fe:0f:0d:57:67:c8:ee:92:ab:78:18:5a:28:84:4e:
6e:f8:1f:c3:48:f4:63:e9:c0:b4:fe:66:5b:07:c6:
7d:65:1c:4c:b1:52:79:74:ec:38:ee:68:4f:70:7f:
f5:e3:02:cb:11:eb:e8:3e:b3:c1:83:31:f9:f2:35:
c8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C4:DE:ED:41:5A:A0:B8:8B:6E:D7:8E:1A:D1:00:EC:3C:EC:A5:74
X509v3 Authority Key Identifier:
keyid:9A:91:8D:7D:18:0F:36:E7:65:12:A4:16:11:A0:B2:8A:8B:40:C5:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mpGNfRgPNudlEqQWEaCyiotAxS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/269363-b35f-422c-b076-93f486b8b961/1/ncTe7UFaoLiLbteOGtEA7DzspXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/269363-b35f-422c-b076-93f486b8b961/1/mpGNfRgPNudlEqQWEaCyiotAxS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.156.0/24
IPv6:
2001:67c:22a8::/48
Signature Algorithm: sha256WithRSAEncryption
54:f8:e9:b4:f8:88:b5:31:7b:3e:0a:a3:66:80:1d:8f:41:9a:
11:60:66:35:a5:35:f7:62:14:58:ff:e7:da:77:1e:3e:98:76:
b4:15:f6:4b:03:24:f1:70:4d:fe:22:40:be:9e:a9:95:7e:7c:
fe:09:df:45:7a:26:7f:b9:03:49:66:ba:cb:9d:3d:e0:24:1c:
ab:ce:24:0a:6e:80:c7:89:5a:48:6f:6e:ff:cb:f4:72:b9:fe:
df:4f:05:59:03:db:4e:fc:cf:01:ec:a0:b3:00:be:17:7b:f9:
12:3e:39:d5:1a:43:c5:3b:86:78:be:fc:4c:27:99:ea:4f:a8:
32:ee:03:a9:76:12:3a:80:d2:fd:70:a1:e1:62:66:11:2d:2c:
35:18:ab:62:5d:28:f0:5e:70:19:dd:9a:7b:9a:89:d9:b1:91:
cd:e9:d9:33:5e:96:34:36:26:06:3f:41:92:de:c5:db:73:e6:
7f:38:c5:96:31:66:66:2c:a9:09:43:97:6e:04:be:34:bb:61:
6b:89:af:6a:35:12:d8:2d:df:71:7d:01:41:fa:90:06:2e:88:
7f:11:58:44:0f:73:ba:cd:85:c5:64:6b:9c:9c:40:57:78:62:
9e:a5:d5:4e:89:fc:9e:90:1d:59:bd:60:f9:41:6a:57:9f:ec:
f2:d8:df:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuL59Jucs1V0ARXomtdK5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhOTE4ZDdkMTgwZjM2ZTc2NTEyYTQxNjExYTBiMjhhOGI0
MGM1MmUwHhcNMjMwMTAxMTYzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGM0ZGVlZDQxNWFhMGI4OGI2ZWQ3OGUxYWQxMDBlYzNjZWNhNTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7jgcoWQE2bJ5X8Mv6V6nCuZeGp8
YZgwWU75iDXpAI9hPpWY+tGPlJ16Vm6egnymqm2lsUXIKlOx+fAc63P9/RNG4MCc
23hvbFJon3ZmNDNTMH46eBYX1s8IYZCEd3cgOn8F/nqidGYc47m7Wa1XiZOxvmfT
+o8S/QWuGudOdDZs1oGF3uxCXsWlwHPQ/7/k03UPX4DctScTn34+hE9SzhqIFhOk
dy2SKLVNwsTcIvogB95MNQUgph7PGurIsS+Objz+Dw1XZ8jukqt4GFoohE5u+B/D
SPRj6cC0/mZbB8Z9ZRxMsVJ5dOw47mhPcH/14wLLEevoPrPBgzH58jXI5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ3E3u1BWqC4i27XjhrRAOw87KV0MB8GA1UdIwQY
MBaAFJqRjX0YDzbnZRKkFhGgsoqLQMUuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXBHTmZSZ1BOdWRsRXFRV0VhQ3lpb3RBeFM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8yNjkzNjMtYjM1Zi00MjJjLWIwNzYt
OTNmNDg2YjhiOTYxLzEvbmNUZTdVRmFvTGlMYnRlT0d0RUE3RHpzcFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8yNjkzNjMtYjM1Zi00MjJjLWIwNzYtOTNmNDg2YjhiOTYx
LzEvbXBHTmZSZ1BOdWRsRXFRV0VhQ3lpb3RBeFM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9ycMA8E
AgACMAkDBwAgAQZ8IqgwDQYJKoZIhvcNAQELBQADggEBAFT46bT4iLUxez4Ko2aA
HY9BmhFgZjWlNfdiFFj/59p3Hj6YdrQV9ksDJPFwTf4iQL6eqZV+fP4J30V6Jn+5
A0lmusudPeAkHKvOJApugMeJWkhvbv/L9HK5/t9PBVkD2078zwHsoLMAvhd7+RI+
OdUaQ8U7hni+/EwnmepPqDLuA6l2EjqA0v1woeFiZhEtLDUYq2JdKPBecBndmnua
idmxkc3p2TNeljQ2JgY/QZLexdtz5n84xZYxZmYsqQlDl24EvjS7YWuJr2o1Etgt
33F9AUH6kAYuiH8RWEQPc7rNhcVka5ycQFd4Yp6l1U6J/J6QHVm9YPlBalef7PLY
30o=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:22 2024 by rpki-client on console-fra.rpki-client.org