Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/594569-6f18-460a-a196-ffcd477349fc/1/cQDstZ_purbkb_WyLDPVWOeR9VQ.roa
File: cQDstZ_purbkb_WyLDPVWOeR9VQ.roa (raw, json)
Hash identifier: fPujjKR+IvIHLKB5djhQX4PFO6F4J973NJx8RZMxpQM=
Subject key identifier: 71:00:EC:B5:9F:E9:BA:B6:E4:6F:F5:B2:2C:33:D5:58:E7:91:F5:54
Certificate issuer: /CN=291d83c3f4b877cf7d084cb530c4a9e36fcf7ad0
Certificate serial: 01856D38669368FECD44644433239B922234
Authority key identifier: 29:1D:83:C3:F4:B8:77:CF:7D:08:4C:B5:30:C4:A9:E3:6F:CF:7A:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KR2Dw_S4d899CEy1MMSp42_PetA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/594569-6f18-460a-a196-ffcd477349fc/1/cQDstZ_purbkb_WyLDPVWOeR9VQ.roa
Signing time: Sun 01 Jan 2023 12:04:50 +0000
ROA not before: Sun 01 Jan 2023 12:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30367
IP address blocks: 91.213.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:66:93:68:fe:cd:44:64:44:33:23:9b:92:22:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291d83c3f4b877cf7d084cb530c4a9e36fcf7ad0
Validity
Not Before: Jan 1 12:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7100ecb59fe9bab6e46ff5b22c33d558e791f554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f2:14:47:f0:65:3f:de:74:ab:1c:23:6a:ab:
c0:e7:9b:e9:8c:f3:74:d5:63:02:cc:c9:11:bd:81:
01:f9:45:65:20:ae:58:51:04:a8:c8:1d:df:ea:be:
20:0d:2b:9e:16:42:63:f1:1e:d3:d7:9d:b9:22:51:
04:a5:47:c2:46:2a:b4:fb:1a:76:39:19:2b:03:62:
17:71:55:e7:c2:4e:e7:f5:16:da:43:9a:27:db:25:
3e:8f:c1:86:18:19:cc:93:c1:f8:1a:e6:82:df:93:
82:eb:01:6a:10:7f:ad:64:2e:ac:b0:c1:c0:96:b0:
c1:a0:80:38:76:ee:07:4e:f6:f3:db:95:b0:ce:cf:
58:ae:6a:f6:38:5a:69:2b:8b:23:2f:8b:37:44:86:
5d:35:57:ad:ea:ed:c8:8b:11:f4:f8:56:b1:4a:6c:
a5:1f:42:7c:e3:d7:07:e4:5d:fb:4f:33:e6:ab:b0:
4e:c5:59:e2:87:82:f6:98:dd:c0:68:3e:e5:82:24:
f8:82:be:f1:55:75:aa:1b:d9:c1:19:bb:c1:a5:45:
e2:c4:69:2c:fa:a8:61:d1:5b:1a:37:fd:1d:5a:bc:
f8:58:d9:b6:95:55:52:c5:84:52:a6:93:92:2b:3f:
25:7f:1a:0a:1d:d0:80:04:84:21:39:95:ad:a4:67:
ee:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:00:EC:B5:9F:E9:BA:B6:E4:6F:F5:B2:2C:33:D5:58:E7:91:F5:54
X509v3 Authority Key Identifier:
keyid:29:1D:83:C3:F4:B8:77:CF:7D:08:4C:B5:30:C4:A9:E3:6F:CF:7A:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KR2Dw_S4d899CEy1MMSp42_PetA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/594569-6f18-460a-a196-ffcd477349fc/1/cQDstZ_purbkb_WyLDPVWOeR9VQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/594569-6f18-460a-a196-ffcd477349fc/1/KR2Dw_S4d899CEy1MMSp42_PetA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.3.0/24
Signature Algorithm: sha256WithRSAEncryption
41:0d:f0:15:01:64:bd:99:89:fb:25:6c:8f:05:bf:0e:d2:93:
55:54:5e:15:0d:59:3b:88:e4:86:5b:d2:8a:a8:e7:95:a2:71:
ff:32:71:01:b4:70:eb:be:dc:bc:ce:a4:91:77:2a:b7:eb:b0:
47:13:8c:9a:f2:6c:cb:62:12:6d:04:50:57:98:51:2d:0c:60:
be:b7:ff:d6:6d:4a:d4:1d:39:7a:bc:c4:7d:97:e9:42:72:86:
b0:d3:9c:47:9f:96:74:d3:b5:1b:6c:3d:03:7f:21:bf:14:eb:
dd:58:b9:f6:9c:b7:6f:6c:d6:b4:9f:73:9a:fb:c4:ea:9e:75:
61:07:93:11:73:70:e7:b0:4e:75:0f:e2:a1:f0:70:12:fb:1a:
1d:97:36:e3:6e:d7:b5:12:59:99:9d:19:e9:93:b8:50:31:17:
68:1f:40:06:38:1b:bc:ae:9d:f2:59:35:2c:e1:71:6b:c5:6f:
d3:ba:69:78:94:38:65:e7:d6:e4:c3:52:1c:a9:12:45:4e:e0:
be:50:c8:8d:01:35:24:d3:26:96:ec:43:71:9f:fb:d8:9d:a7:
cb:e4:1c:54:cd:28:83:75:b9:21:23:a0:e9:30:75:26:96:e4:
82:be:a2:ab:31:5a:a8:34:d4:06:d1:c6:24:5b:4e:f9:17:01:
64:88:71:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtOGaTaP7NRGREMyObkiI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MWQ4M2MzZjRiODc3Y2Y3ZDA4NGNiNTMwYzRhOWUzNmZj
ZjdhZDAwHhcNMjMwMTAxMTIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTAwZWNiNTlmZTliYWI2ZTQ2ZmY1YjIyYzMzZDU1OGU3OTFmNTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvIUR/BlP950qxwjaqvA55vpjPN0
1WMCzMkRvYEB+UVlIK5YUQSoyB3f6r4gDSueFkJj8R7T1525IlEEpUfCRiq0+xp2
ORkrA2IXcVXnwk7n9RbaQ5on2yU+j8GGGBnMk8H4GuaC35OC6wFqEH+tZC6ssMHA
lrDBoIA4du4HTvbz25Wwzs9Yrmr2OFppK4sjL4s3RIZdNVet6u3IixH0+FaxSmyl
H0J849cH5F37TzPmq7BOxVnih4L2mN3AaD7lgiT4gr7xVXWqG9nBGbvBpUXixGks
+qhh0VsaN/0dWrz4WNm2lVVSxYRSppOSKz8lfxoKHdCABIQhOZWtpGfugQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHEA7LWf6bq25G/1siwz1VjnkfVUMB8GA1UdIwQY
MBaAFCkdg8P0uHfPfQhMtTDEqeNvz3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1IyRHdfUzRkODk5Q0V5MU1NU3A0Ml9QZXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS81OTQ1NjktNmYxOC00NjBhLWExOTYt
ZmZjZDQ3NzM0OWZjLzEvY1FEc3RaX3B1cmJrYl9XeUxEUFZXT2VSOVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS81OTQ1NjktNmYxOC00NjBhLWExOTYtZmZjZDQ3NzM0OWZj
LzEvS1IyRHdfUzRkODk5Q0V5MU1NU3A0Ml9QZXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9UDMA0G
CSqGSIb3DQEBCwUAA4IBAQBBDfAVAWS9mYn7JWyPBb8O0pNVVF4VDVk7iOSGW9KK
qOeVonH/MnEBtHDrvty8zqSRdyq367BHE4ya8mzLYhJtBFBXmFEtDGC+t//WbUrU
HTl6vMR9l+lCcoaw05xHn5Z007UbbD0DfyG/FOvdWLn2nLdvbNa0n3Oa+8TqnnVh
B5MRc3DnsE51D+Kh8HAS+xodlzbjbte1ElmZnRnpk7hQMRdoH0AGOBu8rp3yWTUs
4XFrxW/Tuml4lDhl59bkw1IcqRJFTuC+UMiNATUk0yaW7ENxn/vYnafL5BxUzSiD
dbkhI6DpMHUmluSCvqKrMVqoNNQG0cYkW075FwFkiHH3
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:17 2024 by rpki-client on console-fra.rpki-client.org