Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/c7c207-a3ba-49c8-a894-084d4748c385/1/RDo0rVrgipQ1tX-Cf08VJ7XNJfA.roa
File: RDo0rVrgipQ1tX-Cf08VJ7XNJfA.roa (raw, json)
Hash identifier: oTvjjidQ0cBRi169FsFmHys/f96qrRE7ONCAiZjIzRk=
Subject key identifier: 44:3A:34:AD:5A:E0:8A:94:35:B5:7F:82:7F:4F:15:27:B5:CD:25:F0
Certificate issuer: /CN=81a688012c122678185fceb7e1037f0e1ed17861
Certificate serial: 01856D9D26A88CC41D2BF6FDC17498AAF413
Authority key identifier: 81:A6:88:01:2C:12:26:78:18:5F:CE:B7:E1:03:7F:0E:1E:D1:78:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaaIASwSJngYX8634QN_Dh7ReGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/c7c207-a3ba-49c8-a894-084d4748c385/1/RDo0rVrgipQ1tX-Cf08VJ7XNJfA.roa
Signing time: Sun 01 Jan 2023 13:54:53 +0000
ROA not before: Sun 01 Jan 2023 13:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51877
IP address blocks: 91.220.162.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:26:a8:8c:c4:1d:2b:f6:fd:c1:74:98:aa:f4:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a688012c122678185fceb7e1037f0e1ed17861
Validity
Not Before: Jan 1 13:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=443a34ad5ae08a9435b57f827f4f1527b5cd25f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:22:a1:4a:ac:87:c9:c7:75:55:b1:86:76:64:
3e:7b:22:30:15:5c:b5:a1:2b:b9:5e:91:fd:c7:48:
ab:dc:cf:b7:c2:11:df:e9:93:92:d2:a7:77:7f:0f:
2b:4a:52:ca:16:6b:b1:ab:00:1c:97:14:33:ff:1f:
37:c8:2b:0c:1f:75:84:ab:c5:d5:d4:cf:78:28:09:
5a:4b:ca:32:57:44:92:2e:d2:fa:da:d4:fe:f8:71:
63:86:32:2f:45:19:9e:ae:01:47:77:f6:e6:04:e3:
3d:04:88:fa:d9:a1:29:d2:7f:b2:ba:fb:91:53:c0:
80:bb:07:bc:79:af:56:19:10:9c:5f:b9:db:9e:ca:
f9:00:da:f4:49:c6:68:b3:3f:1b:a0:8f:1a:63:87:
59:ba:82:c2:73:25:08:12:3d:10:4e:30:2d:f7:65:
85:77:08:f6:4f:ac:69:be:22:4a:92:d6:5f:83:4e:
ef:9e:a4:a9:10:13:16:7b:44:d4:a7:37:c8:39:ee:
92:f1:19:e3:f7:f2:04:d8:c5:bc:00:c8:0d:2c:bb:
59:9e:6c:7f:a9:45:3c:ea:c8:53:4a:d1:d0:aa:95:
96:91:0a:00:13:29:fc:1c:fd:bb:0e:da:07:ab:9c:
77:91:0b:e3:42:5a:90:7a:98:d4:63:cd:68:50:fb:
cc:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:3A:34:AD:5A:E0:8A:94:35:B5:7F:82:7F:4F:15:27:B5:CD:25:F0
X509v3 Authority Key Identifier:
keyid:81:A6:88:01:2C:12:26:78:18:5F:CE:B7:E1:03:7F:0E:1E:D1:78:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaaIASwSJngYX8634QN_Dh7ReGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/c7c207-a3ba-49c8-a894-084d4748c385/1/RDo0rVrgipQ1tX-Cf08VJ7XNJfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/c7c207-a3ba-49c8-a894-084d4748c385/1/gaaIASwSJngYX8634QN_Dh7ReGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.162.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:3c:2f:63:23:b6:06:66:c7:1d:b1:ea:75:a9:3c:e6:18:c5:
f4:d9:69:f1:23:03:52:2f:16:e8:a8:03:8d:27:2c:7a:7c:91:
b3:91:9a:08:03:56:50:95:99:1d:aa:70:69:14:84:db:af:c0:
e9:61:69:c1:f6:6d:0a:f0:a6:f3:cf:ae:2b:ba:0b:4c:9a:23:
e2:f7:39:1d:0b:2c:c3:ea:3b:90:1a:9c:ad:17:a6:b9:d0:b7:
db:d9:67:98:33:7f:56:88:d4:d6:8d:f6:5e:1d:f6:c8:e0:81:
61:b8:07:94:da:62:17:ba:db:18:62:c0:de:37:3f:92:dd:2a:
42:64:a6:e1:82:31:26:3e:4a:3b:50:94:90:67:e5:7d:b4:ed:
4e:7f:75:ad:d1:47:9f:87:21:76:2a:b0:8e:57:3e:b0:29:e9:
fa:be:d6:9e:1e:79:6d:50:8e:13:3f:dc:20:c8:ce:cb:1a:e9:
24:af:f9:5d:ec:df:04:df:05:b8:be:45:1f:c3:24:98:99:93:
e0:4d:2d:0f:6a:9c:14:d6:a1:da:90:7b:fe:2f:bb:85:49:c0:
27:9f:9e:de:7d:65:bd:88:9c:94:22:55:d0:be:f7:05:98:d5:
2e:31:d9:5c:0e:0f:8f:4e:c9:29:fa:8d:82:f5:1d:f1:6f:e9:
56:64:97:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtnSaojMQdK/b9wXSYqvQTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTY4ODAxMmMxMjI2NzgxODVmY2ViN2UxMDM3ZjBlMWVk
MTc4NjEwHhcNMjMwMTAxMTM1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDNhMzRhZDVhZTA4YTk0MzViNTdmODI3ZjRmMTUyN2I1Y2QyNWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiKhSqyHycd1VbGGdmQ+eyIwFVy1
oSu5XpH9x0ir3M+3whHf6ZOS0qd3fw8rSlLKFmuxqwAclxQz/x83yCsMH3WEq8XV
1M94KAlaS8oyV0SSLtL62tT++HFjhjIvRRmergFHd/bmBOM9BIj62aEp0n+yuvuR
U8CAuwe8ea9WGRCcX7nbnsr5ANr0ScZosz8boI8aY4dZuoLCcyUIEj0QTjAt92WF
dwj2T6xpviJKktZfg07vnqSpEBMWe0TUpzfIOe6S8Rnj9/IE2MW8AMgNLLtZnmx/
qUU86shTStHQqpWWkQoAEyn8HP27DtoHq5x3kQvjQlqQepjUY81oUPvMzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEQ6NK1a4IqUNbV/gn9PFSe1zSXwMB8GA1UdIwQY
MBaAFIGmiAEsEiZ4GF/Ot+EDfw4e0XhhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FhSUFTd1NKbmdZWDg2MzRRTl9EaDdSZUdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9jN2MyMDctYTNiYS00OWM4LWE4OTQt
MDg0ZDQ3NDhjMzg1LzEvUkRvMHJWcmdpcFExdFgtQ2YwOFZKN1hOSmZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9jN2MyMDctYTNiYS00OWM4LWE4OTQtMDg0ZDQ3NDhjMzg1
LzEvZ2FhSUFTd1NKbmdZWDg2MzRRTl9EaDdSZUdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9yiMA0G
CSqGSIb3DQEBCwUAA4IBAQCwPC9jI7YGZscdsep1qTzmGMX02WnxIwNSLxboqAON
Jyx6fJGzkZoIA1ZQlZkdqnBpFITbr8DpYWnB9m0K8Kbzz64rugtMmiPi9zkdCyzD
6juQGpytF6a50Lfb2WeYM39WiNTWjfZeHfbI4IFhuAeU2mIXutsYYsDeNz+S3SpC
ZKbhgjEmPko7UJSQZ+V9tO1Of3Wt0UefhyF2KrCOVz6wKen6vtaeHnltUI4TP9wg
yM7LGukkr/ld7N8E3wW4vkUfwySYmZPgTS0PapwU1qHakHv+L7uFScAnn57efWW9
iJyUIlXQvvcFmNUuMdlcDg+PTskp+o2C9R3xb+lWZJeI
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:31 2024 by rpki-client on console-fra.rpki-client.org