Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/5NuTDb_vBoyfnHcFY1lH8yplRp0.roa
File: 5NuTDb_vBoyfnHcFY1lH8yplRp0.roa (raw, json)
Hash identifier: SfTGYfj3pVPij7gvTbBHh0SeZJlDm5CjULps6vzerJg=
Subject key identifier: E4:DB:93:0D:BF:EF:06:8C:9F:9C:77:05:63:59:47:F3:2A:65:46:9D
Certificate issuer: /CN=b1c3ec539f23ee031aa396ac5ced42563884b7b3
Certificate serial: 0187B461CE9B51090DF1B948633F21B92D8B
Authority key identifier: B1:C3:EC:53:9F:23:EE:03:1A:A3:96:AC:5C:ED:42:56:38:84:B7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/scPsU58j7gMao5asXO1CVjiEt7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/5NuTDb_vBoyfnHcFY1lH8yplRp0.roa
Signing time: Mon 24 Apr 2023 17:48:41 +0000
ROA not before: Mon 24 Apr 2023 17:48:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49127
IP address blocks: 91.220.231.0/24 maxlen: 24
2a0a:ed80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:61:ce:9b:51:09:0d:f1:b9:48:63:3f:21:b9:2d:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1c3ec539f23ee031aa396ac5ced42563884b7b3
Validity
Not Before: Apr 24 17:48:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4db930dbfef068c9f9c7705635947f32a65469d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:77:0b:19:fa:c2:06:0e:24:5e:34:6b:3e:5b:
22:b9:8a:4a:7c:31:01:80:7e:bb:4b:33:4f:d4:96:
f4:ba:60:0a:dc:eb:dc:c0:ba:5a:d0:e1:06:8a:47:
78:b2:74:df:37:31:52:e8:33:89:51:6f:3c:0b:14:
89:f6:4f:f5:ee:4b:13:88:46:e3:dc:41:8c:05:3c:
12:9b:c0:ca:ef:9a:8b:91:e0:62:f2:bc:93:74:65:
22:fa:1b:01:33:cf:12:42:95:d7:38:98:1a:67:9d:
9d:57:b6:ca:b0:af:d6:5c:98:a2:1d:e8:4d:37:5a:
6b:9f:e5:18:85:81:4e:48:1a:29:f5:db:d4:74:1f:
71:64:39:f6:60:1f:05:38:96:cd:85:cb:cf:67:58:
95:49:90:71:e4:8d:d9:35:ac:ab:80:09:96:75:d1:
d6:e8:b7:50:83:a1:6e:b8:79:bb:07:1d:40:b5:43:
83:10:41:6f:91:ee:c9:50:c7:c0:34:60:64:2d:6e:
16:7b:c1:dc:fe:6a:de:7a:73:ef:88:f2:0d:55:88:
68:65:30:3a:ae:c9:b1:1d:b8:80:6f:a5:83:a7:84:
75:94:13:55:e8:61:fb:12:ea:9b:bd:70:7d:3d:c0:
5d:cc:3a:0b:30:e9:22:93:db:b5:33:90:d4:4c:b2:
86:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:DB:93:0D:BF:EF:06:8C:9F:9C:77:05:63:59:47:F3:2A:65:46:9D
X509v3 Authority Key Identifier:
keyid:B1:C3:EC:53:9F:23:EE:03:1A:A3:96:AC:5C:ED:42:56:38:84:B7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/scPsU58j7gMao5asXO1CVjiEt7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/5NuTDb_vBoyfnHcFY1lH8yplRp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/scPsU58j7gMao5asXO1CVjiEt7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.231.0/24
IPv6:
2a0a:ed80::/29
Signature Algorithm: sha256WithRSAEncryption
6a:89:74:ed:44:d8:75:7d:34:6e:ab:4a:e0:d6:2f:39:e2:de:
8f:cd:7d:31:ec:b5:bf:69:cd:f2:51:c4:93:bd:6b:1e:83:76:
ac:91:f1:47:58:61:f9:33:ea:21:24:81:a4:8d:55:46:c9:49:
19:ff:56:28:35:83:ea:57:90:d9:72:12:29:44:0f:df:7f:8a:
e4:86:d6:9a:88:e6:11:ad:78:63:81:63:7c:d6:60:97:ee:dd:
0e:9c:d9:75:06:c3:3d:38:73:31:84:59:f6:d1:f5:16:a9:b0:
a6:43:53:ef:22:42:43:d9:12:e9:fc:0e:29:6e:48:e0:aa:f9:
cc:a2:df:47:18:5b:9d:7e:cd:49:25:29:2b:d6:3b:59:b8:6f:
d1:a8:70:0f:0d:bf:a5:1b:e5:35:5f:db:14:8e:09:a6:a9:a5:
46:e7:8c:a5:f0:75:3f:04:7e:a6:e8:ef:6c:e0:9f:c4:59:8b:
9e:e9:1b:c5:4e:4f:eb:3e:04:c7:6d:6f:71:5c:34:89:f2:7f:
2e:1c:1d:d4:11:9a:a6:bb:d1:90:ea:ad:8a:7b:97:71:9c:a8:
02:db:b5:55:51:10:52:29:fa:3a:dd:3c:05:cc:92:57:3f:ba:
a1:db:30:bf:f1:d0:3b:39:44:25:3e:30:52:e0:74:25:69:0a:
61:01:27:24
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYe0Yc6bUQkN8blIYz8huS2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYzNlYzUzOWYyM2VlMDMxYWEzOTZhYzVjZWQ0MjU2Mzg4
NGI3YjMwHhcNMjMwNDI0MTc0ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGRiOTMwZGJmZWYwNjhjOWY5Yzc3MDU2MzU5NDdmMzJhNjU0NjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApncLGfrCBg4kXjRrPlsiuYpKfDEB
gH67SzNP1Jb0umAK3OvcwLpa0OEGikd4snTfNzFS6DOJUW88CxSJ9k/17ksTiEbj
3EGMBTwSm8DK75qLkeBi8ryTdGUi+hsBM88SQpXXOJgaZ52dV7bKsK/WXJiiHehN
N1prn+UYhYFOSBop9dvUdB9xZDn2YB8FOJbNhcvPZ1iVSZBx5I3ZNayrgAmWddHW
6LdQg6FuuHm7Bx1AtUODEEFvke7JUMfANGBkLW4We8Hc/mreenPviPINVYhoZTA6
rsmxHbiAb6WDp4R1lBNV6GH7EuqbvXB9PcBdzDoLMOkik9u1M5DUTLKGyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOTbkw2/7waMn5x3BWNZR/MqZUadMB8GA1UdIwQY
MBaAFLHD7FOfI+4DGqOWrFztQlY4hLezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2NQc1U1OGo3Z01hbzVhc1hPMUNWamlFdDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8wMGRjZGYtZWM5ZC00NDQ2LTkwNWUt
NTU2MzQ3YTVmMDU2LzEvNU51VERiX3ZCb3lmbkhjRlkxbEg4eXBsUnAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8wMGRjZGYtZWM5ZC00NDQ2LTkwNWUtNTU2MzQ3YTVmMDU2
LzEvc2NQc1U1OGo3Z01hbzVhc1hPMUNWamlFdDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9znMA0E
AgACMAcDBQMqCu2AMA0GCSqGSIb3DQEBCwUAA4IBAQBqiXTtRNh1fTRuq0rg1i85
4t6PzX0x7LW/ac3yUcSTvWseg3askfFHWGH5M+ohJIGkjVVGyUkZ/1YoNYPqV5DZ
chIpRA/ff4rkhtaaiOYRrXhjgWN81mCX7t0OnNl1BsM9OHMxhFn20fUWqbCmQ1Pv
IkJD2RLp/A4pbkjgqvnMot9HGFudfs1JJSkr1jtZuG/RqHAPDb+lG+U1X9sUjgmm
qaVG54yl8HU/BH6m6O9s4J/EWYue6RvFTk/rPgTHbW9xXDSJ8n8uHB3UEZqmu9GQ
6q2Ke5dxnKgC27VVURBSKfo63TwFzJJXP7qh2zC/8dA7OUQlPjBS4HQlaQphASck
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:43 2024 by rpki-client on console-ams.rpki-client.org