Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/syBz50sk_-sQAbPQzkGUxs6dGf0.roa
File: syBz50sk_-sQAbPQzkGUxs6dGf0.roa (raw, json)
Hash identifier: 52XrByMDUfs0pKvDu4lJ3awdu2WGuvj1gj0JIUQFJSM=
Subject key identifier: B3:20:73:E7:4B:24:FF:EB:10:01:B3:D0:CE:41:94:C6:CE:9D:19:FD
Certificate issuer: /CN=b1c3ec539f23ee031aa396ac5ced42563884b7b3
Certificate serial: 0187B461CF2A2DA467816E520D499846BB23
Authority key identifier: B1:C3:EC:53:9F:23:EE:03:1A:A3:96:AC:5C:ED:42:56:38:84:B7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/scPsU58j7gMao5asXO1CVjiEt7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/syBz50sk_-sQAbPQzkGUxs6dGf0.roa
Signing time: Mon 24 Apr 2023 17:48:41 +0000
ROA not before: Mon 24 Apr 2023 17:48:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207366
IP address blocks: 91.220.231.0/24 maxlen: 24
2a0a:ed80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:61:cf:2a:2d:a4:67:81:6e:52:0d:49:98:46:bb:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1c3ec539f23ee031aa396ac5ced42563884b7b3
Validity
Not Before: Apr 24 17:48:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b32073e74b24ffeb1001b3d0ce4194c6ce9d19fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8d:f6:87:28:17:ff:e4:b3:2c:f9:ae:0d:65:
58:fa:3f:20:ea:8b:37:df:9d:fb:17:d3:50:d7:5f:
8b:93:b6:90:0b:49:9a:9d:ff:98:87:d2:17:1b:9a:
1c:2a:90:6e:ea:6f:c6:ac:fa:f6:60:d4:5a:7a:9f:
43:fd:1c:d5:f0:6f:78:b8:95:a9:4a:a2:92:4c:4d:
22:ef:15:53:b6:05:53:a5:0b:a6:fa:57:96:81:77:
5e:42:c1:ac:f4:14:00:72:8c:f7:7c:30:2e:5b:66:
64:94:39:d7:af:1b:96:06:2f:09:39:01:d6:12:1b:
de:5a:7b:14:1b:1e:66:e1:b6:01:e9:a7:82:ad:a1:
47:9b:2d:2d:1c:12:9a:2f:44:55:94:3b:12:fa:3c:
3b:d3:b5:f0:1d:fb:0b:99:35:46:3c:3b:cf:c2:db:
1c:7b:42:8f:2b:0b:d1:a8:1b:e9:be:e2:46:f5:82:
7b:fa:24:21:43:d8:53:81:af:bc:c1:61:9b:82:d7:
0f:6c:0d:cf:91:6b:3c:d2:40:16:7a:ef:c8:34:03:
ea:97:ff:f3:6d:47:04:3a:30:2c:eb:0f:bd:73:c1:
15:9c:23:16:df:e3:9b:e6:7c:43:6f:27:31:81:9b:
2a:8a:62:d8:27:e4:e4:7f:35:87:32:f6:4e:cd:10:
90:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:20:73:E7:4B:24:FF:EB:10:01:B3:D0:CE:41:94:C6:CE:9D:19:FD
X509v3 Authority Key Identifier:
keyid:B1:C3:EC:53:9F:23:EE:03:1A:A3:96:AC:5C:ED:42:56:38:84:B7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/scPsU58j7gMao5asXO1CVjiEt7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/syBz50sk_-sQAbPQzkGUxs6dGf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/scPsU58j7gMao5asXO1CVjiEt7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.231.0/24
IPv6:
2a0a:ed80::/29
Signature Algorithm: sha256WithRSAEncryption
a1:b7:7a:af:57:61:9b:ce:48:08:57:9d:4f:3f:84:62:90:0e:
77:c2:21:f3:e8:38:ba:b4:bf:a8:7b:db:cd:6f:90:46:bc:72:
13:1e:5c:c4:cb:f2:5d:87:c7:06:59:9b:d1:3c:81:bc:a0:1c:
53:53:aa:12:e6:59:14:cc:c8:7e:3b:ce:25:89:9d:7c:e1:32:
87:ce:38:10:cc:69:ad:c5:6c:b9:14:89:6f:ec:9f:72:b0:c2:
a0:2a:1f:fc:68:28:32:a0:27:17:7a:2c:f0:2b:d4:b4:d0:10:
42:14:60:94:b1:01:b5:95:1b:7d:9a:2f:aa:dd:cc:a2:e7:bf:
89:a3:ab:13:2a:25:42:04:e8:bb:1b:d3:82:c8:ec:e7:fe:9d:
12:dd:9e:92:1e:fe:46:85:38:91:3a:58:ff:89:e0:c3:c6:ce:
69:c3:1f:10:e6:1c:41:11:f7:a7:88:16:be:e8:98:fd:58:70:
ee:49:2f:fe:8b:86:0b:ff:96:31:65:ec:e9:7b:ef:15:6d:56:
05:99:8b:7f:c8:9b:e8:ab:fa:c9:cb:df:6f:5c:14:44:84:7a:
41:b3:89:7d:f4:74:7e:d2:7e:35:37:ed:20:4e:d8:8f:17:47:
26:ed:aa:8f:a2:d7:93:97:9a:ab:53:c4:1c:37:b0:04:7c:97:
e8:81:a3:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYe0Yc8qLaRngW5SDUmYRrsjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYzNlYzUzOWYyM2VlMDMxYWEzOTZhYzVjZWQ0MjU2Mzg4
NGI3YjMwHhcNMjMwNDI0MTc0ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzIwNzNlNzRiMjRmZmViMTAwMWIzZDBjZTQxOTRjNmNlOWQxOWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo32hygX/+SzLPmuDWVY+j8g6os3
3537F9NQ11+Lk7aQC0manf+Yh9IXG5ocKpBu6m/GrPr2YNRaep9D/RzV8G94uJWp
SqKSTE0i7xVTtgVTpQum+leWgXdeQsGs9BQAcoz3fDAuW2ZklDnXrxuWBi8JOQHW
EhveWnsUGx5m4bYB6aeCraFHmy0tHBKaL0RVlDsS+jw707XwHfsLmTVGPDvPwtsc
e0KPKwvRqBvpvuJG9YJ7+iQhQ9hTga+8wWGbgtcPbA3PkWs80kAWeu/INAPql//z
bUcEOjAs6w+9c8EVnCMW3+Ob5nxDbycxgZsqimLYJ+TkfzWHMvZOzRCQNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLMgc+dLJP/rEAGz0M5BlMbOnRn9MB8GA1UdIwQY
MBaAFLHD7FOfI+4DGqOWrFztQlY4hLezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2NQc1U1OGo3Z01hbzVhc1hPMUNWamlFdDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8wMGRjZGYtZWM5ZC00NDQ2LTkwNWUt
NTU2MzQ3YTVmMDU2LzEvc3lCejUwc2tfLXNRQWJQUXprR1V4czZkR2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8wMGRjZGYtZWM5ZC00NDQ2LTkwNWUtNTU2MzQ3YTVmMDU2
LzEvc2NQc1U1OGo3Z01hbzVhc1hPMUNWamlFdDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9znMA0E
AgACMAcDBQMqCu2AMA0GCSqGSIb3DQEBCwUAA4IBAQCht3qvV2GbzkgIV51PP4Ri
kA53wiHz6Di6tL+oe9vNb5BGvHITHlzEy/Jdh8cGWZvRPIG8oBxTU6oS5lkUzMh+
O84liZ184TKHzjgQzGmtxWy5FIlv7J9ysMKgKh/8aCgyoCcXeizwK9S00BBCFGCU
sQG1lRt9mi+q3cyi57+Jo6sTKiVCBOi7G9OCyOzn/p0S3Z6SHv5GhTiROlj/ieDD
xs5pwx8Q5hxBEfeniBa+6Jj9WHDuSS/+i4YL/5YxZezpe+8VbVYFmYt/yJvoq/rJ
y99vXBREhHpBs4l99HR+0n41N+0gTtiPF0cm7aqPoteTl5qrU8QcN7AEfJfogaNv
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:21 2024 by rpki-client on console-ams.rpki-client.org