Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/atvxzmTBEIwhuTRj_B1rFr52nZI.roa
File: atvxzmTBEIwhuTRj_B1rFr52nZI.roa (raw, json)
Hash identifier: Qyqb9Nn6sS7cG1pAKvHupbJkBT7pVYmMOKzNooW2lgM=
Subject key identifier: 6A:DB:F1:CE:64:C1:10:8C:21:B9:34:63:FC:1D:6B:16:BE:76:9D:92
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 019270BC98292C9DFE81905912838860FA6F
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/atvxzmTBEIwhuTRj_B1rFr52nZI.roa
Signing time: Wed 09 Oct 2024 10:04:20 +0000
ROA not before: Wed 09 Oct 2024 10:04:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 91.234.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 09:16:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:70:bc:98:29:2c:9d:fe:81:90:59:12:83:88:60:fa:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Oct 9 10:04:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6adbf1ce64c1108c21b93463fc1d6b16be769d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:65:2d:7f:39:12:0e:a4:42:c6:24:b6:dd:8d:
67:47:12:79:65:33:06:2b:fb:08:df:97:71:ba:4d:
4e:ad:00:0e:e4:dd:4c:ef:1e:47:13:83:7b:bc:41:
17:d4:31:4c:2d:5c:70:bf:38:56:f7:77:d3:f9:0a:
b5:42:cf:59:ce:7a:6f:58:1d:8c:23:4b:7d:08:17:
f4:d7:79:14:21:29:3d:e3:dc:45:72:d3:99:4c:17:
71:a9:71:56:2c:72:b3:b9:69:94:64:fa:d7:08:d5:
ea:34:06:09:91:86:c6:9e:ae:4f:a0:63:97:7b:01:
f5:83:b8:91:f5:96:02:c5:d0:6e:8a:64:e0:28:7e:
ac:d6:d1:49:b3:00:74:c5:84:ce:c1:33:be:97:8e:
57:4f:36:65:3a:59:06:27:31:9b:6e:7f:f3:04:88:
ad:e3:f2:4a:e5:bb:79:1a:ae:ba:47:5a:ca:aa:e9:
44:01:2b:e9:1c:27:9f:35:07:f7:37:5d:12:9c:7b:
40:a5:fc:d3:81:81:08:95:8e:30:5b:0f:1c:94:82:
a5:eb:46:99:3b:36:ad:35:5f:c3:f7:d6:9c:b4:fd:
5c:c9:97:45:38:f7:1f:02:fe:ca:dd:07:c2:82:0a:
79:71:fa:06:67:f2:69:a0:b0:f9:5f:06:4e:bb:58:
70:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:DB:F1:CE:64:C1:10:8C:21:B9:34:63:FC:1D:6B:16:BE:76:9D:92
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/atvxzmTBEIwhuTRj_B1rFr52nZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.202.0/24
Signature Algorithm: sha256WithRSAEncryption
62:52:f9:82:e3:15:d8:06:f8:60:4f:84:5c:e1:c3:64:1e:6a:
c8:d5:f6:bd:37:90:fc:a9:18:63:f7:86:d7:ac:d9:51:ef:23:
55:e0:46:cf:1f:ce:0b:db:c3:08:5a:9b:bb:a8:fb:ad:75:cb:
24:04:b8:92:da:0d:90:49:25:67:66:31:11:9b:9b:ba:a5:b6:
0f:e9:80:09:a8:57:34:dc:e9:d9:79:43:5b:c1:79:53:c2:46:
7f:84:c8:f5:39:27:95:34:3f:ff:d7:4e:31:9f:78:50:fa:b6:
75:c9:21:52:6c:25:0d:5e:e8:13:02:ec:45:40:68:e9:ec:2c:
62:cf:46:7c:87:7e:5f:4e:c7:f2:2d:b5:5c:fa:09:09:b6:de:
30:5a:51:7b:2f:d0:04:e0:f6:ef:41:3a:db:95:08:e0:2b:3c:
36:2f:ea:9d:c5:99:f4:c9:88:1f:bb:6d:94:70:5a:e6:f8:9d:
68:e2:2a:cc:27:93:5e:87:89:e2:ef:e1:93:e5:89:1e:cd:ec:
9b:d6:d3:e4:60:f3:0d:07:c3:b3:f3:62:eb:7f:58:15:d3:6f:
ce:35:8e:d7:33:1c:44:47:11:c9:54:59:8d:ee:51:44:1f:f2:
3b:76:a1:c5:f4:26:e4:4f:28:7e:42:a9:2c:00:44:14:6e:00:
3c:32:7f:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJwvJgpLJ3+gZBZEoOIYPpvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjQxMDA5MTAwNDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWRiZjFjZTY0YzExMDhjMjFiOTM0NjNmYzFkNmIxNmJlNzY5ZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmUtfzkSDqRCxiS23Y1nRxJ5ZTMG
K/sI35dxuk1OrQAO5N1M7x5HE4N7vEEX1DFMLVxwvzhW93fT+Qq1Qs9ZznpvWB2M
I0t9CBf013kUISk949xFctOZTBdxqXFWLHKzuWmUZPrXCNXqNAYJkYbGnq5PoGOX
ewH1g7iR9ZYCxdBuimTgKH6s1tFJswB0xYTOwTO+l45XTzZlOlkGJzGbbn/zBIit
4/JK5bt5Gq66R1rKqulEASvpHCefNQf3N10SnHtApfzTgYEIlY4wWw8clIKl60aZ
OzatNV/D99actP1cyZdFOPcfAv7K3QfCggp5cfoGZ/JpoLD5XwZOu1hwbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGrb8c5kwRCMIbk0Y/wdaxa+dp2SMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvYXR2eHptVEJFSXdodVRSal9CMXJGcjUyblpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+rKMA0G
CSqGSIb3DQEBCwUAA4IBAQBiUvmC4xXYBvhgT4Rc4cNkHmrI1fa9N5D8qRhj94bX
rNlR7yNV4EbPH84L28MIWpu7qPutdcskBLiS2g2QSSVnZjERm5u6pbYP6YAJqFc0
3OnZeUNbwXlTwkZ/hMj1OSeVND//104xn3hQ+rZ1ySFSbCUNXugTAuxFQGjp7Cxi
z0Z8h35fTsfyLbVc+gkJtt4wWlF7L9AE4PbvQTrblQjgKzw2L+qdxZn0yYgfu22U
cFrm+J1o4irMJ5Neh4ni7+GT5Ykezeyb1tPkYPMNB8Oz82Lrf1gV02/ONY7XMxxE
RxHJVFmN7lFEH/I7dqHF9CbkTyh+QqksAEQUbgA8Mn/k
-----END CERTIFICATE-----
Generated at Tue Oct 22 11:00:17 2024 by rpki-client on console-ams.rpki-client.org