Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/10KSV6xDLYkz1gXeqgDO91hAVUk.roa
File: 10KSV6xDLYkz1gXeqgDO91hAVUk.roa (raw, json)
Hash identifier: WSOzYC2k50N9glllFZyvHmnu0K99mq1hg/V5MGYrVhs=
Subject key identifier: D7:42:92:57:AC:43:2D:89:33:D6:05:DE:AA:00:CE:F7:58:40:55:49
Certificate issuer: /CN=68579722c3a0cb0c3351c595dfa3d7ead81f16bf
Certificate serial: 018CC5014488BEA137EDCF19858D3825C552
Authority key identifier: 68:57:97:22:C3:A0:CB:0C:33:51:C5:95:DF:A3:D7:EA:D8:1F:16:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aFeXIsOgywwzUcWV36PX6tgfFr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/10KSV6xDLYkz1gXeqgDO91hAVUk.roa
Signing time: Mon 01 Jan 2024 12:30:43 +0000
ROA not before: Mon 01 Jan 2024 12:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21473
IP address blocks: 91.198.196.0/24 maxlen: 24
2a0f:8840::/30 maxlen: 30
Validation: Failed, certificate revoked on Thu 29 Feb 2024 18:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:44:88:be:a1:37:ed:cf:19:85:8d:38:25:c5:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68579722c3a0cb0c3351c595dfa3d7ead81f16bf
Validity
Not Before: Jan 1 12:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7429257ac432d8933d605deaa00cef758405549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:10:08:5f:85:03:e6:17:2a:1e:45:9a:b5:c2:
78:36:ae:33:64:52:0f:60:54:0c:2c:b5:82:72:e9:
79:e1:a4:1d:0d:ff:a1:02:08:8f:65:e8:d3:0d:9e:
53:3c:f3:31:f6:ca:1e:6c:20:c1:36:fa:43:d6:d9:
e9:c2:92:9f:97:53:db:25:2b:60:cf:e7:55:dd:c7:
52:6e:1d:b1:0c:02:84:66:fe:0a:32:c3:e5:3c:06:
7c:a7:fd:8c:b8:54:75:91:81:61:be:4e:40:30:19:
c5:33:c2:f6:2f:3c:ca:c1:b5:d3:8a:ee:5c:4d:12:
23:c3:5a:ca:bb:54:b9:78:7a:92:1e:39:bc:6b:26:
a6:17:32:6d:37:86:e7:cf:d6:54:94:30:6f:21:fa:
b0:58:84:15:0e:97:3c:4c:6d:b0:fb:7a:82:91:25:
97:8c:57:d4:26:56:85:ec:b0:27:6e:0d:41:ef:79:
9e:10:4a:88:6c:bb:08:8f:77:30:2f:84:af:90:63:
3b:ec:ad:ef:2c:73:13:bd:f0:77:46:18:2d:8c:dc:
31:30:d6:13:7b:0c:79:7a:ae:49:7f:b0:c2:79:b0:
d6:45:52:b5:21:ba:38:17:24:d6:d0:b7:ad:29:cb:
ab:77:83:ac:bb:04:50:6a:9a:9f:e3:05:39:1f:2f:
6c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:42:92:57:AC:43:2D:89:33:D6:05:DE:AA:00:CE:F7:58:40:55:49
X509v3 Authority Key Identifier:
keyid:68:57:97:22:C3:A0:CB:0C:33:51:C5:95:DF:A3:D7:EA:D8:1F:16:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aFeXIsOgywwzUcWV36PX6tgfFr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/10KSV6xDLYkz1gXeqgDO91hAVUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.196.0/24
IPv6:
2a0f:8840::/30
Signature Algorithm: sha256WithRSAEncryption
aa:5b:ad:9a:5f:9d:e3:63:e3:15:c9:2d:9a:c6:a2:2f:3d:41:
f9:7d:b9:54:94:22:58:56:82:d3:cd:6a:1a:b6:e5:c0:1e:6c:
56:e5:bc:ba:81:3d:00:3f:08:c5:cb:8f:3f:15:21:39:05:2e:
e5:07:02:25:da:74:63:2c:0f:22:cc:7c:9a:cf:38:12:f1:43:
7d:a0:39:e8:dc:01:a6:c2:07:24:35:e3:82:5f:e8:1c:5b:d1:
2b:38:a9:fd:99:e5:56:20:00:60:de:2f:3c:ab:7a:4f:03:9e:
64:d2:ec:55:38:1a:f1:73:ec:aa:63:1b:3b:82:23:81:99:c7:
98:1d:2c:01:31:00:e2:52:c1:86:19:ae:84:5c:a5:45:1c:0a:
24:0f:23:e1:9e:6e:ef:32:76:06:b8:a7:58:d4:aa:3b:cf:ac:
df:36:f1:64:f3:44:05:24:02:d9:42:28:d6:c6:d0:5a:05:04:
ff:df:d8:a4:a3:4c:90:5b:85:65:43:13:70:73:5a:2f:f4:f9:
7f:7b:dd:18:73:dc:7f:62:97:b7:54:7c:31:2a:d3:1e:d1:96:
d7:b4:11:dd:29:a9:3f:bd:5d:82:36:fd:e8:b1:74:dd:fd:f8:
bc:fe:40:61:74:47:73:3b:7f:b3:fa:3f:b2:56:1c:49:ca:0b:
f1:4a:b6:5d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAUSIvqE37c8ZhY04JcVSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NTc5NzIyYzNhMGNiMGMzMzUxYzU5NWRmYTNkN2VhZDgx
ZjE2YmYwHhcNMjQwMTAxMTIzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzQyOTI1N2FjNDMyZDg5MzNkNjA1ZGVhYTAwY2VmNzU4NDA1NTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BAIX4UD5hcqHkWatcJ4Nq4zZFIP
YFQMLLWCcul54aQdDf+hAgiPZejTDZ5TPPMx9soebCDBNvpD1tnpwpKfl1PbJStg
z+dV3cdSbh2xDAKEZv4KMsPlPAZ8p/2MuFR1kYFhvk5AMBnFM8L2LzzKwbXTiu5c
TRIjw1rKu1S5eHqSHjm8ayamFzJtN4bnz9ZUlDBvIfqwWIQVDpc8TG2w+3qCkSWX
jFfUJlaF7LAnbg1B73meEEqIbLsIj3cwL4SvkGM77K3vLHMTvfB3RhgtjNwxMNYT
ewx5eq5Jf7DCebDWRVK1Ibo4FyTW0LetKcurd4OsuwRQapqf4wU5Hy9sEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNdCklesQy2JM9YF3qoAzvdYQFVJMB8GA1UdIwQY
MBaAFGhXlyLDoMsMM1HFld+j1+rYHxa/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUZlWElzT2d5d3d6VWNXVjM2UFg2dGdmRnI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9mYTgzNmMtMWNkMy00YmE3LWI1OTgt
OWY1NTk3YjU2Yjc2LzEvMTBLU1Y2eERMWWt6MWdYZXFnRE85MWhBVlVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9mYTgzNmMtMWNkMy00YmE3LWI1OTgtOWY1NTk3YjU2Yjc2
LzEvYUZlWElzT2d5d3d6VWNXVjM2UFg2dGdmRnI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW8bEMA0E
AgACMAcDBQIqD4hAMA0GCSqGSIb3DQEBCwUAA4IBAQCqW62aX53jY+MVyS2axqIv
PUH5fblUlCJYVoLTzWoatuXAHmxW5by6gT0APwjFy48/FSE5BS7lBwIl2nRjLA8i
zHyazzgS8UN9oDno3AGmwgckNeOCX+gcW9ErOKn9meVWIABg3i88q3pPA55k0uxV
OBrxc+yqYxs7giOBmceYHSwBMQDiUsGGGa6EXKVFHAokDyPhnm7vMnYGuKdY1Ko7
z6zfNvFk80QFJALZQijWxtBaBQT/39iko0yQW4VlQxNwc1ov9Pl/e90Yc9x/Ype3
VHwxKtMe0ZbXtBHdKak/vV2CNv3osXTd/fi8/kBhdEdzO3+z+j+yVhxJygvxSrZd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:56 2024 by rpki-client on console-ams.rpki-client.org