Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/155fa2-8007-4967-ad02-42cf5d51e418/1/9WAIbvAUKT-emcdSCBzkj0pdNTA.roa
File: 9WAIbvAUKT-emcdSCBzkj0pdNTA.roa (raw, json)
Hash identifier: +ZUDmphksn07j5dspVUDmqHzSpkPfZmiqzVrAomn/GU=
Subject key identifier: F5:60:08:6E:F0:14:29:3F:9E:99:C7:52:08:1C:E4:8F:4A:5D:35:30
Certificate issuer: /CN=be254e1b5cd452868df2e1992d88d07609fc4c92
Certificate serial: 01856F390ADD263613AB1B66DE09585D5AEE
Authority key identifier: BE:25:4E:1B:5C:D4:52:86:8D:F2:E1:99:2D:88:D0:76:09:FC:4C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/viVOG1zUUoaN8uGZLYjQdgn8TJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/155fa2-8007-4967-ad02-42cf5d51e418/1/9WAIbvAUKT-emcdSCBzkj0pdNTA.roa
Signing time: Sun 01 Jan 2023 21:24:47 +0000
ROA not before: Sun 01 Jan 2023 21:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197482
IP address blocks: 91.221.198.0/23 maxlen: 23
91.221.198.0/24 maxlen: 24
91.221.199.0/24 maxlen: 24
91.236.50.0/24 maxlen: 24
91.236.51.0/24 maxlen: 24
91.236.48.0/22 maxlen: 22
91.236.48.0/24 maxlen: 24
91.236.49.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:0a:dd:26:36:13:ab:1b:66:de:09:58:5d:5a:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be254e1b5cd452868df2e1992d88d07609fc4c92
Validity
Not Before: Jan 1 21:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f560086ef014293f9e99c752081ce48f4a5d3530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3c:61:2d:b8:f2:2b:fc:29:f9:8c:38:91:7b:
29:36:9b:26:3c:ff:84:bd:26:82:c4:9f:fe:a2:c8:
bd:e2:b3:a1:d7:94:50:d3:aa:47:f5:0d:14:47:91:
f1:8d:1a:d6:49:eb:b6:af:6a:f8:70:cb:cd:13:99:
56:60:e7:a1:13:64:96:3c:93:69:2b:0d:52:20:a9:
25:e1:f0:fc:17:81:b8:d1:40:29:39:b0:43:dc:d3:
58:a4:ab:b4:65:8a:f8:b0:01:85:db:8d:53:d9:4a:
ca:3f:ff:36:ea:22:93:06:65:f1:d2:98:70:c5:b4:
03:fe:1b:ee:ab:1e:aa:54:26:a3:da:be:d6:ba:34:
0a:b1:3d:99:30:55:21:7d:33:b2:b3:3c:90:77:9b:
f6:68:f5:09:47:05:1d:5a:9e:b8:c3:b8:55:77:96:
6d:5b:36:08:80:e3:23:e6:eb:e0:87:78:ad:7d:6d:
1a:00:c4:6b:ba:64:a7:fe:ad:77:e7:2f:52:d7:a9:
86:f4:cf:cc:b6:3c:48:a8:04:aa:08:f1:04:10:0f:
0b:a0:21:b8:27:40:45:e1:12:80:88:fc:2c:88:4c:
46:fe:b6:d0:89:d6:00:1c:7e:87:5b:3d:82:3b:6d:
e3:8b:49:64:14:b0:cf:ed:be:9a:84:b6:4b:ef:a3:
52:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:60:08:6E:F0:14:29:3F:9E:99:C7:52:08:1C:E4:8F:4A:5D:35:30
X509v3 Authority Key Identifier:
keyid:BE:25:4E:1B:5C:D4:52:86:8D:F2:E1:99:2D:88:D0:76:09:FC:4C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/viVOG1zUUoaN8uGZLYjQdgn8TJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/155fa2-8007-4967-ad02-42cf5d51e418/1/9WAIbvAUKT-emcdSCBzkj0pdNTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/155fa2-8007-4967-ad02-42cf5d51e418/1/viVOG1zUUoaN8uGZLYjQdgn8TJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.198.0/23
91.236.48.0/22
Signature Algorithm: sha256WithRSAEncryption
21:7f:f7:02:c0:75:57:f2:e5:c6:fe:7d:5c:72:52:3f:bc:6a:
32:23:18:2e:e1:b2:7c:71:ed:9a:da:0b:4a:bc:65:dc:b5:c9:
20:44:aa:6e:ab:20:e2:23:5c:89:92:db:38:d7:bf:c2:de:48:
95:c5:36:8c:b9:bb:4b:df:8e:34:26:be:07:62:49:9c:b3:4b:
ac:39:e1:c3:59:08:3f:3e:5b:83:d5:c1:97:53:6c:b7:d3:52:
d4:58:07:06:18:1c:40:9b:5e:33:aa:1b:2f:9c:d6:b4:51:ff:
78:9a:ea:b3:b0:cb:72:e9:31:48:6c:ec:9b:75:d7:46:52:5c:
24:03:83:bc:dc:e5:75:47:fa:94:51:37:c5:ec:14:d1:23:f3:
81:2e:07:d3:2a:b1:77:c4:56:cc:a3:7d:ea:8d:03:9b:f5:21:
c3:31:ac:74:5a:5a:cf:a5:83:fe:20:42:2d:ff:75:5a:ed:1f:
ed:ba:15:c6:8e:71:eb:21:3c:ad:01:48:e8:95:b3:1c:7e:6c:
a0:be:ea:74:34:7e:f5:c9:6f:6d:be:83:c8:15:42:19:79:51:
a5:15:39:97:07:7a:b9:7a:79:af:0e:45:81:53:b7:08:db:ab:
b2:71:4a:13:2c:ff:ee:6a:3b:6e:f3:db:b9:41:f7:c9:1c:5b:
c5:59:34:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvOQrdJjYTqxtm3glYXVruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMjU0ZTFiNWNkNDUyODY4ZGYyZTE5OTJkODhkMDc2MDlm
YzRjOTIwHhcNMjMwMTAxMjEyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTYwMDg2ZWYwMTQyOTNmOWU5OWM3NTIwODFjZTQ4ZjRhNWQzNTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTxhLbjyK/wp+Yw4kXspNpsmPP+E
vSaCxJ/+osi94rOh15RQ06pH9Q0UR5HxjRrWSeu2r2r4cMvNE5lWYOehE2SWPJNp
Kw1SIKkl4fD8F4G40UApObBD3NNYpKu0ZYr4sAGF241T2UrKP/826iKTBmXx0phw
xbQD/hvuqx6qVCaj2r7WujQKsT2ZMFUhfTOyszyQd5v2aPUJRwUdWp64w7hVd5Zt
WzYIgOMj5uvgh3itfW0aAMRrumSn/q135y9S16mG9M/MtjxIqASqCPEEEA8LoCG4
J0BF4RKAiPwsiExG/rbQidYAHH6HWz2CO23ji0lkFLDP7b6ahLZL76NSuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPVgCG7wFCk/npnHUggc5I9KXTUwMB8GA1UdIwQY
MBaAFL4lThtc1FKGjfLhmS2I0HYJ/EySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmlWT0cxelVVb2FOOHVHWkxZalFkZ244VEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xNTVmYTItODAwNy00OTY3LWFkMDIt
NDJjZjVkNTFlNDE4LzEvOVdBSWJ2QVVLVC1lbWNkU0NCemtqMHBkTlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xNTVmYTItODAwNy00OTY3LWFkMDItNDJjZjVkNTFlNDE4
LzEvdmlWT0cxelVVb2FOOHVHWkxZalFkZ244VEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW93GAwQC
W+wwMA0GCSqGSIb3DQEBCwUAA4IBAQAhf/cCwHVX8uXG/n1cclI/vGoyIxgu4bJ8
ce2a2gtKvGXctckgRKpuqyDiI1yJkts417/C3kiVxTaMubtL3440Jr4HYkmcs0us
OeHDWQg/PluD1cGXU2y301LUWAcGGBxAm14zqhsvnNa0Uf94muqzsMty6TFIbOyb
dddGUlwkA4O83OV1R/qUUTfF7BTRI/OBLgfTKrF3xFbMo33qjQOb9SHDMax0WlrP
pYP+IEIt/3Va7R/tuhXGjnHrITytAUjolbMcfmygvup0NH71yW9tvoPIFUIZeVGl
FTmXB3q5enmvDkWBU7cI26uycUoTLP/uajtu89u5QffJHFvFWTRN
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:40 2024 by rpki-client on console-ams.rpki-client.org