Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/a4d378-485c-4b51-a726-ea8411d572ae/1/3H9HsK8XRuRLJWYSz6WuPPVKoz8.roa
File: 3H9HsK8XRuRLJWYSz6WuPPVKoz8.roa (raw, json)
Hash identifier: Pk3Df0NeheuAUq3UEj42JiXIwnIwi1idVbVHdQQ8t+s=
Subject key identifier: DC:7F:47:B0:AF:17:46:E4:4B:25:66:12:CF:A5:AE:3C:F5:4A:A3:3F
Certificate issuer: /CN=f5f80738351dcfc75af996993a2929c37134a208
Certificate serial: 018572A7F2ACC1F3BB3C651B7491B53091A3
Authority key identifier: F5:F8:07:38:35:1D:CF:C7:5A:F9:96:99:3A:29:29:C3:71:34:A2:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fgHODUdz8da-ZaZOikpw3E0ogg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/a4d378-485c-4b51-a726-ea8411d572ae/1/3H9HsK8XRuRLJWYSz6WuPPVKoz8.roa
Signing time: Mon 02 Jan 2023 13:24:47 +0000
ROA not before: Mon 02 Jan 2023 13:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39497
IP address blocks: 91.198.52.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a7:f2:ac:c1:f3:bb:3c:65:1b:74:91:b5:30:91:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5f80738351dcfc75af996993a2929c37134a208
Validity
Not Before: Jan 2 13:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc7f47b0af1746e44b256612cfa5ae3cf54aa33f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ef:32:8a:77:d5:32:c0:98:1a:7a:df:e9:8b:
cc:a6:e5:ce:a5:84:65:77:cd:8d:46:63:0c:5c:3d:
3e:a9:d9:c6:99:45:43:df:7f:71:76:33:14:5e:36:
09:f2:08:c5:fe:5f:21:92:49:13:b9:4b:5e:57:7e:
4f:49:50:8c:3a:2e:f1:e1:73:cc:ce:a9:97:e9:5f:
af:0d:b9:33:d1:b9:37:46:7d:92:16:c2:7b:2f:93:
c0:cf:dc:95:ee:79:bf:14:8e:d5:bf:14:c5:15:8e:
e1:01:0d:b9:72:5d:4c:e9:63:ad:ba:77:13:cd:b6:
d9:9c:e1:d5:1c:de:a3:b9:9e:25:78:ba:5c:b9:37:
a2:cb:0e:2b:ba:8b:71:dd:69:18:63:61:ea:e5:41:
ec:5e:2b:23:ce:31:b2:1c:25:30:ff:b1:48:e2:aa:
b2:43:68:b4:17:32:ab:db:48:92:79:d0:85:45:ba:
85:5c:34:eb:c1:8e:b8:3c:64:a6:95:aa:60:32:fb:
d0:c7:36:29:58:47:30:38:90:4d:de:fb:e1:c0:10:
56:17:6c:57:71:fd:15:e2:03:4e:8a:41:78:a8:12:
a1:67:ba:c0:0a:53:51:c0:ce:37:69:fe:f6:af:c6:
6d:16:a7:37:7c:e2:01:bc:67:2e:c4:7f:1c:31:57:
73:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:7F:47:B0:AF:17:46:E4:4B:25:66:12:CF:A5:AE:3C:F5:4A:A3:3F
X509v3 Authority Key Identifier:
keyid:F5:F8:07:38:35:1D:CF:C7:5A:F9:96:99:3A:29:29:C3:71:34:A2:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fgHODUdz8da-ZaZOikpw3E0ogg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/a4d378-485c-4b51-a726-ea8411d572ae/1/3H9HsK8XRuRLJWYSz6WuPPVKoz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/a4d378-485c-4b51-a726-ea8411d572ae/1/9fgHODUdz8da-ZaZOikpw3E0ogg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.52.0/24
Signature Algorithm: sha256WithRSAEncryption
71:2b:2c:f4:26:59:d8:a6:3c:9b:79:09:53:d5:98:00:07:c5:
5b:ec:60:e2:b6:7b:3d:91:f7:3d:3b:ea:e7:ca:8a:b0:5a:d7:
c5:40:b3:40:59:d5:5d:5f:a8:2f:f1:1f:a5:aa:6d:b8:0f:ff:
95:c3:8a:67:6c:ec:ef:64:ec:b6:fe:c2:94:38:c5:58:7e:21:
f5:eb:25:77:e7:4a:63:29:a6:11:55:b2:c3:d9:73:d0:2b:ab:
e5:4c:ec:d6:9e:27:60:ea:9b:e9:fa:dc:d0:da:ac:a1:8f:d6:
91:ca:f4:14:a1:3b:ed:1d:e5:7c:7a:ca:ee:6d:f6:10:72:3e:
a0:7f:fd:ff:76:4b:90:d2:ba:47:f7:24:1f:87:a0:f2:f1:47:
7f:a7:c1:3b:1e:7d:ce:11:f9:f3:4a:c5:63:d6:90:93:4c:6a:
be:c1:1e:f3:19:03:f5:fa:b4:1b:fc:06:33:2a:10:c1:24:0a:
b4:8f:51:ec:fa:a8:b0:b9:a1:20:05:29:49:18:8d:96:74:36:
55:77:e1:66:3f:1b:ed:d8:ae:26:8f:c0:43:ca:ca:03:8a:5c:
8b:80:4a:2e:5a:51:17:3d:fc:59:0f:ad:5f:bc:58:46:fa:bd:
a8:ff:c1:23:26:66:5c:18:69:44:f0:52:9c:24:7a:00:e9:b1:
79:ce:cc:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyp/KswfO7PGUbdJG1MJGjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZjgwNzM4MzUxZGNmYzc1YWY5OTY5OTNhMjkyOWMzNzEz
NGEyMDgwHhcNMjMwMTAyMTMyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzdmNDdiMGFmMTc0NmU0NGIyNTY2MTJjZmE1YWUzY2Y1NGFhMzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+8yinfVMsCYGnrf6YvMpuXOpYRl
d82NRmMMXD0+qdnGmUVD339xdjMUXjYJ8gjF/l8hkkkTuUteV35PSVCMOi7x4XPM
zqmX6V+vDbkz0bk3Rn2SFsJ7L5PAz9yV7nm/FI7VvxTFFY7hAQ25cl1M6WOtuncT
zbbZnOHVHN6juZ4leLpcuTeiyw4ruotx3WkYY2Hq5UHsXisjzjGyHCUw/7FI4qqy
Q2i0FzKr20iSedCFRbqFXDTrwY64PGSmlapgMvvQxzYpWEcwOJBN3vvhwBBWF2xX
cf0V4gNOikF4qBKhZ7rAClNRwM43af72r8ZtFqc3fOIBvGcuxH8cMVdz7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNx/R7CvF0bkSyVmEs+lrjz1SqM/MB8GA1UdIwQY
MBaAFPX4Bzg1Hc/HWvmWmTopKcNxNKIIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZnSE9EVWR6OGRhLVphWk9pa3B3M0Uwb2dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9hNGQzNzgtNDg1Yy00YjUxLWE3MjYt
ZWE4NDExZDU3MmFlLzEvM0g5SHNLOFhSdVJMSldZU3o2V3VQUFZLb3o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9hNGQzNzgtNDg1Yy00YjUxLWE3MjYtZWE4NDExZDU3MmFl
LzEvOWZnSE9EVWR6OGRhLVphWk9pa3B3M0Uwb2dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8Y0MA0G
CSqGSIb3DQEBCwUAA4IBAQBxKyz0JlnYpjybeQlT1ZgAB8Vb7GDitns9kfc9O+rn
yoqwWtfFQLNAWdVdX6gv8R+lqm24D/+Vw4pnbOzvZOy2/sKUOMVYfiH16yV350pj
KaYRVbLD2XPQK6vlTOzWnidg6pvp+tzQ2qyhj9aRyvQUoTvtHeV8esrubfYQcj6g
f/3/dkuQ0rpH9yQfh6Dy8Ud/p8E7Hn3OEfnzSsVj1pCTTGq+wR7zGQP1+rQb/AYz
KhDBJAq0j1Hs+qiwuaEgBSlJGI2WdDZVd+FmPxvt2K4mj8BDysoDilyLgEouWlEX
PfxZD61fvFhG+r2o/8EjJmZcGGlE8FKcJHoA6bF5zsz8
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:36 2024 by rpki-client on console-ams.rpki-client.org