Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/L4-ZmxdD1bX54Ngy4tkO56W9sXk.roa
File: L4-ZmxdD1bX54Ngy4tkO56W9sXk.roa (raw, json)
Hash identifier: E+zR9OdDZT6myxreD+fNLfPOM6TvBGGHTZdUzxj4eys=
Subject key identifier: 2F:8F:99:9B:17:43:D5:B5:F9:E0:D8:32:E2:D9:0E:E7:A5:BD:B1:79
Certificate issuer: /CN=601dc00f9a481b415086b143a7dd4cda1ffb2470
Certificate serial: 01856E6FD91248D45751171BC65AD8C42EBE
Authority key identifier: 60:1D:C0:0F:9A:48:1B:41:50:86:B1:43:A7:DD:4C:DA:1F:FB:24:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YB3AD5pIG0FQhrFDp91M2h_7JHA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/L4-ZmxdD1bX54Ngy4tkO56W9sXk.roa
Signing time: Sun 01 Jan 2023 17:45:01 +0000
ROA not before: Sun 01 Jan 2023 17:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57354
IP address blocks: 91.231.218.0/23 maxlen: 32
185.228.132.0/22 maxlen: 32
2a0d:1600::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:d9:12:48:d4:57:51:17:1b:c6:5a:d8:c4:2e:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=601dc00f9a481b415086b143a7dd4cda1ffb2470
Validity
Not Before: Jan 1 17:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f8f999b1743d5b5f9e0d832e2d90ee7a5bdb179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ec:9b:86:b6:dc:c3:58:94:b6:50:48:e7:c6:
44:12:04:24:ac:13:99:71:e3:82:62:2b:2d:f8:cb:
e4:54:a3:ef:cf:45:e1:9d:74:62:d1:0b:7e:82:a7:
3f:e8:ee:9b:15:46:78:a0:da:45:c5:4b:13:ba:9b:
da:12:e3:5e:17:cd:26:5a:2d:54:85:11:18:58:6a:
59:49:2c:e1:5e:4d:26:9c:7b:41:3d:e9:fc:da:ad:
21:79:dc:31:2b:5b:ef:0f:70:df:ca:bc:f1:39:d2:
88:48:bc:df:e9:85:ad:0d:2a:e3:e2:84:04:a1:1c:
07:17:3d:7c:e0:89:17:f9:21:31:fe:ba:74:a6:64:
55:4f:50:83:3c:6b:a2:8d:71:8d:1f:22:33:52:38:
94:68:ad:05:88:f7:a2:3b:7c:87:3f:f6:ea:14:5b:
eb:05:30:b7:bc:ac:72:54:22:d6:fa:28:73:b8:af:
e0:72:60:bc:f8:c2:3b:7d:d3:56:fc:87:a1:5a:10:
d6:25:ed:34:64:81:11:f4:42:5b:c0:a1:a5:f5:57:
49:8d:bd:3a:9e:eb:1e:28:0e:55:80:a2:65:04:0d:
16:10:2f:fc:99:75:6b:3e:bf:d5:03:6d:f9:43:e0:
34:8c:6d:ef:bb:55:dd:fc:50:3c:2f:57:49:f3:52:
18:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:8F:99:9B:17:43:D5:B5:F9:E0:D8:32:E2:D9:0E:E7:A5:BD:B1:79
X509v3 Authority Key Identifier:
keyid:60:1D:C0:0F:9A:48:1B:41:50:86:B1:43:A7:DD:4C:DA:1F:FB:24:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YB3AD5pIG0FQhrFDp91M2h_7JHA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/L4-ZmxdD1bX54Ngy4tkO56W9sXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/YB3AD5pIG0FQhrFDp91M2h_7JHA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.218.0/23
185.228.132.0/22
IPv6:
2a0d:1600::/32
Signature Algorithm: sha256WithRSAEncryption
3c:15:2f:05:e3:f4:f3:e7:06:27:d5:e3:a9:67:b9:6e:7b:d3:
44:4d:6a:b4:69:a7:35:9d:05:a5:de:0e:3c:29:04:20:b5:41:
57:0f:9b:2a:6b:f3:f7:b9:c8:57:22:6a:ff:79:64:27:4d:d5:
5d:f1:c3:0f:e7:4a:46:9e:2b:00:c0:8f:b7:0c:21:af:0d:0d:
54:39:bf:98:a3:e0:5f:f5:f9:f7:a6:fe:df:46:4d:17:81:b2:
2f:3e:67:78:ac:88:4d:e1:29:56:97:6c:e2:89:9d:99:a1:2f:
5f:32:79:1c:68:fc:b6:7d:dd:45:a8:c6:1e:1e:94:aa:db:2a:
b5:d3:6b:f3:fc:f3:a9:7a:f2:00:7f:0d:a2:ab:d2:b3:dc:ed:
45:c8:7c:ff:53:02:0a:b6:cc:06:e8:c4:ae:f8:ad:89:c4:b3:
aa:fd:6f:04:45:6e:0f:71:29:bf:54:93:3c:65:d9:29:60:41:
cb:cb:06:08:cc:63:21:57:eb:94:5e:de:4b:14:50:7d:1e:f0:
3f:ae:78:31:f0:68:2d:d9:9b:31:f8:5e:72:07:13:60:cc:cc:
9f:8d:6d:4b:28:c2:e5:56:22:b4:8b:70:53:ef:67:3e:f9:3c:
e1:4f:d3:1c:f7:26:39:0c:4d:93:f6:2e:4e:d0:bb:72:8b:74:
68:c1:3a:df
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVub9kSSNRXURcbxlrYxC6+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMWRjMDBmOWE0ODFiNDE1MDg2YjE0M2E3ZGQ0Y2RhMWZm
YjI0NzAwHhcNMjMwMTAxMTc0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjhmOTk5YjE3NDNkNWI1ZjllMGQ4MzJlMmQ5MGVlN2E1YmRiMTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreybhrbcw1iUtlBI58ZEEgQkrBOZ
ceOCYist+MvkVKPvz0XhnXRi0Qt+gqc/6O6bFUZ4oNpFxUsTupvaEuNeF80mWi1U
hREYWGpZSSzhXk0mnHtBPen82q0hedwxK1vvD3DfyrzxOdKISLzf6YWtDSrj4oQE
oRwHFz184IkX+SEx/rp0pmRVT1CDPGuijXGNHyIzUjiUaK0FiPeiO3yHP/bqFFvr
BTC3vKxyVCLW+ihzuK/gcmC8+MI7fdNW/IehWhDWJe00ZIER9EJbwKGl9VdJjb06
nuseKA5VgKJlBA0WEC/8mXVrPr/VA235Q+A0jG3vu1Xd/FA8L1dJ81IYJwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC+PmZsXQ9W1+eDYMuLZDuelvbF5MB8GA1UdIwQY
MBaAFGAdwA+aSBtBUIaxQ6fdTNof+yRwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUIzQUQ1cElHMEZRaHJGRHA5MU0yaF83SkhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9hYjJiMjUtMmExMy00MWYwLWI5YzUt
ZmJhNDliMGNkZGVkLzEvTDQtWm14ZEQxYlg1NE5neTR0a081Nlc5c1hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9hYjJiMjUtMmExMy00MWYwLWI5YzUtZmJhNDliMGNkZGVk
LzEvWUIzQUQ1cElHMEZRaHJGRHA5MU0yaF83SkhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW+faAwQC
ueSEMA0EAgACMAcDBQAqDRYAMA0GCSqGSIb3DQEBCwUAA4IBAQA8FS8F4/Tz5wYn
1eOpZ7lue9NETWq0aac1nQWl3g48KQQgtUFXD5sqa/P3uchXImr/eWQnTdVd8cMP
50pGnisAwI+3DCGvDQ1UOb+Yo+Bf9fn3pv7fRk0XgbIvPmd4rIhN4SlWl2ziiZ2Z
oS9fMnkcaPy2fd1FqMYeHpSq2yq102vz/POpevIAfw2iq9Kz3O1FyHz/UwIKtswG
6MSu+K2JxLOq/W8ERW4PcSm/VJM8ZdkpYEHLywYIzGMhV+uUXt5LFFB9HvA/rngx
8Ggt2Zsx+F5yBxNgzMyfjW1LKMLlViK0i3BT72c++TzhT9Mc9yY5DE2T9i5O0Lty
i3RowTrf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:29 2024 by rpki-client on console-ams.rpki-client.org