Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/zeqOmNsXfdMQqG0Wqnhnko_GG9w.roa
File: zeqOmNsXfdMQqG0Wqnhnko_GG9w.roa (raw, json)
Hash identifier: YKiMkgZ+At/VG+sTM/Kb8q0eB5sdJxANwYzLxr65vwI=
Subject key identifier: CD:EA:8E:98:DB:17:7D:D3:10:A8:6D:16:AA:78:67:92:8F:C6:1B:DC
Certificate issuer: /CN=a1864edfa412d77a03cbf59131e3fcc03a60e188
Certificate serial: 018571D7C2DF89A1F05E5A069BD07AAA854E
Authority key identifier: A1:86:4E:DF:A4:12:D7:7A:03:CB:F5:91:31:E3:FC:C0:3A:60:E1:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYZO36QS13oDy_WRMeP8wDpg4Yg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/zeqOmNsXfdMQqG0Wqnhnko_GG9w.roa
Signing time: Mon 02 Jan 2023 09:37:23 +0000
ROA not before: Mon 02 Jan 2023 09:37:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201322
IP address blocks: 91.186.70.0/24 maxlen: 24
91.186.71.0/24 maxlen: 24
91.186.68.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:c2:df:89:a1:f0:5e:5a:06:9b:d0:7a:aa:85:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1864edfa412d77a03cbf59131e3fcc03a60e188
Validity
Not Before: Jan 2 09:37:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdea8e98db177dd310a86d16aa7867928fc61bdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:93:49:70:af:6a:c7:65:31:1e:0c:2f:82:e9:
01:56:e0:dc:ea:47:38:cc:36:8d:6e:b8:a1:e4:03:
3f:67:e4:d3:d1:0a:76:02:f8:7a:71:78:2a:cb:d6:
ce:8e:6b:d6:28:9a:12:7d:70:2b:d5:78:12:df:7e:
0b:49:e7:7b:f6:56:cc:5c:d9:4a:69:b9:70:42:48:
c9:9b:ef:8c:7a:96:46:d2:a5:d7:e9:9a:55:f8:b5:
94:6c:c3:ae:dd:d9:2f:f2:a8:9e:c9:7d:1b:07:dd:
a2:8f:03:32:bb:d9:28:07:b6:ff:2e:31:46:41:a0:
bc:e6:1b:c8:aa:5f:e6:78:3f:a1:1d:5f:47:08:4d:
20:dc:19:4a:45:df:4d:79:da:be:6f:fe:47:06:f7:
ca:2a:3f:c8:21:d4:ad:4f:26:06:e6:b3:13:9b:97:
f6:be:ac:1c:ba:91:b4:eb:f0:04:c5:66:fb:ef:d1:
29:10:7f:82:cf:60:bc:b1:20:5f:ea:b2:9f:be:14:
88:43:89:95:40:9f:80:e7:0a:02:13:3a:2d:45:b5:
10:65:e8:54:fd:53:b0:ea:66:62:8f:d2:2f:00:c5:
63:8a:13:97:fc:8d:d2:68:1e:a9:08:e8:7c:6e:23:
91:7f:02:86:ec:c3:51:9d:40:c4:95:68:58:2b:25:
f0:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:EA:8E:98:DB:17:7D:D3:10:A8:6D:16:AA:78:67:92:8F:C6:1B:DC
X509v3 Authority Key Identifier:
keyid:A1:86:4E:DF:A4:12:D7:7A:03:CB:F5:91:31:E3:FC:C0:3A:60:E1:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYZO36QS13oDy_WRMeP8wDpg4Yg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/zeqOmNsXfdMQqG0Wqnhnko_GG9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/oYZO36QS13oDy_WRMeP8wDpg4Yg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.186.68.0/22
Signature Algorithm: sha256WithRSAEncryption
34:c1:a9:af:15:87:3b:4b:b8:f4:6e:bf:92:2e:e7:75:14:36:
cc:5a:ff:39:e8:55:35:98:20:d2:ed:b1:7d:b3:49:b3:91:78:
18:46:73:65:d3:9d:40:e8:b9:ca:ef:e2:21:e6:71:b3:62:12:
60:e7:a4:63:60:35:c0:45:05:21:27:79:81:b1:a2:69:24:80:
d0:5b:58:aa:e4:14:0a:8f:81:7e:7f:9a:4c:6d:66:08:5d:f1:
a2:3f:8e:e2:dd:6f:31:f8:bb:b1:24:1c:d4:96:8b:81:c2:8b:
f0:74:f9:00:60:75:24:b5:d5:26:f1:8d:be:d2:06:c6:df:8d:
07:ee:f9:4d:0c:9f:38:fa:05:73:c4:02:b6:74:b0:96:b7:ed:
90:ef:04:e5:fa:bb:83:9c:bc:1e:9c:e4:cb:c9:71:93:88:ab:
fb:18:03:39:8e:b3:01:ab:51:02:24:03:90:2d:f5:ed:7b:4e:
04:a6:ef:ab:f1:1c:ab:05:76:6e:ef:4a:bb:4b:2c:48:27:0e:
67:22:d3:1b:96:c9:cb:a9:9d:d4:84:57:fe:d9:30:00:fe:84:
d4:9a:5f:17:40:7a:b1:dd:01:71:de:6d:e3:e1:45:dd:93:ae:
d2:41:92:38:07:f9:ef:1e:1d:9d:56:c4:d2:2c:a2:01:67:fa:
83:be:f6:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx18LfiaHwXloGm9B6qoVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODY0ZWRmYTQxMmQ3N2EwM2NiZjU5MTMxZTNmY2MwM2E2
MGUxODgwHhcNMjMwMTAyMDkzNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGVhOGU5OGRiMTc3ZGQzMTBhODZkMTZhYTc4Njc5MjhmYzYxYmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZNJcK9qx2UxHgwvgukBVuDc6kc4
zDaNbrih5AM/Z+TT0Qp2Avh6cXgqy9bOjmvWKJoSfXAr1XgS334LSed79lbMXNlK
ablwQkjJm++MepZG0qXX6ZpV+LWUbMOu3dkv8qieyX0bB92ijwMyu9koB7b/LjFG
QaC85hvIql/meD+hHV9HCE0g3BlKRd9Nedq+b/5HBvfKKj/IIdStTyYG5rMTm5f2
vqwcupG06/AExWb779EpEH+Cz2C8sSBf6rKfvhSIQ4mVQJ+A5woCEzotRbUQZehU
/VOw6mZij9IvAMVjihOX/I3SaB6pCOh8biORfwKG7MNRnUDElWhYKyXw0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM3qjpjbF33TEKhtFqp4Z5KPxhvcMB8GA1UdIwQY
MBaAFKGGTt+kEtd6A8v1kTHj/MA6YOGIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1laTzM2UVMxM29EeV9XUk1lUDh3RHBnNFlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS84YzNkNWMtYTM2Yy00ZTNmLWEwNTkt
MWE1NTc5ZThjNmMwLzEvemVxT21Oc1hmZE1RcUcwV3FuaG5rb19HRzl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS84YzNkNWMtYTM2Yy00ZTNmLWEwNTktMWE1NTc5ZThjNmMw
LzEvb1laTzM2UVMxM29EeV9XUk1lUDh3RHBnNFlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW7pEMA0G
CSqGSIb3DQEBCwUAA4IBAQA0wamvFYc7S7j0br+SLud1FDbMWv856FU1mCDS7bF9
s0mzkXgYRnNl051A6LnK7+Ih5nGzYhJg56RjYDXARQUhJ3mBsaJpJIDQW1iq5BQK
j4F+f5pMbWYIXfGiP47i3W8x+LuxJBzUlouBwovwdPkAYHUktdUm8Y2+0gbG340H
7vlNDJ84+gVzxAK2dLCWt+2Q7wTl+ruDnLwenOTLyXGTiKv7GAM5jrMBq1ECJAOQ
LfXte04Epu+r8RyrBXZu70q7SyxIJw5nItMblsnLqZ3UhFf+2TAA/oTUml8XQHqx
3QFx3m3j4UXdk67SQZI4B/nvHh2dVsTSLKIBZ/qDvvYg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:27 2024 by rpki-client on console-fra.rpki-client.org