Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/52daab-6829-45fa-967e-01f4606c65ec/1/O0XtdVd2nSkRchxjTVtzqFxzzSo.roa
File: O0XtdVd2nSkRchxjTVtzqFxzzSo.roa (raw, json)
Hash identifier: sMxc3xJRdsPei/r5yuBP7G8EfBJrF+jZ9UkYpbUj2Ps=
Subject key identifier: 3B:45:ED:75:57:76:9D:29:11:72:1C:63:4D:5B:73:A8:5C:73:CD:2A
Certificate issuer: /CN=0011400d548fa21af819a0c6e23e77a6012eb5e9
Certificate serial: 01856F14C2D8D4CE03AACD9A3BFE92417428
Authority key identifier: 00:11:40:0D:54:8F:A2:1A:F8:19:A0:C6:E2:3E:77:A6:01:2E:B5:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABFADVSPohr4GaDG4j53pgEutek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/52daab-6829-45fa-967e-01f4606c65ec/1/O0XtdVd2nSkRchxjTVtzqFxzzSo.roa
Signing time: Sun 01 Jan 2023 20:45:09 +0000
ROA not before: Sun 01 Jan 2023 20:45:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210626
IP address blocks: 91.199.70.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:c2:d8:d4:ce:03:aa:cd:9a:3b:fe:92:41:74:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0011400d548fa21af819a0c6e23e77a6012eb5e9
Validity
Not Before: Jan 1 20:45:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b45ed7557769d2911721c634d5b73a85c73cd2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:46:c8:8d:c0:2c:2d:25:1b:ec:b5:b3:a0:2e:
9d:42:b1:26:4f:b9:af:87:e9:7e:20:5d:e5:6c:dd:
38:dc:ec:d1:24:92:86:6a:e9:de:7c:b3:ba:78:fe:
dd:81:9f:77:c1:58:c8:49:e0:b0:7a:28:0b:46:d0:
50:a2:2b:3d:be:ec:1a:6c:c0:01:5b:ab:9a:2f:42:
10:f3:f6:9d:ab:ac:65:84:b6:25:6f:be:ea:9d:81:
4d:d0:9b:89:b5:f3:eb:36:04:81:72:cd:06:09:24:
01:cd:de:1c:69:ab:74:36:32:97:21:3e:7c:a8:0d:
cb:cc:a6:60:20:27:c8:6e:91:89:56:04:8b:ba:2f:
52:ce:23:63:05:2d:df:8d:dd:3e:a2:7c:99:d4:60:
9b:90:2b:58:75:3f:32:44:c1:00:e5:5a:5b:0a:7e:
38:2e:66:c8:8f:8d:9c:a1:ff:4e:a5:c1:1b:0c:70:
b0:3d:63:9d:00:f2:de:ad:c7:69:8f:8d:3a:cb:e8:
4d:49:f7:9e:eb:52:e7:d3:83:14:cb:6e:dc:9d:4a:
22:73:e9:9f:62:3b:c8:42:8e:6e:b9:18:3d:12:03:
b4:12:b2:5c:bd:54:61:69:91:e6:bd:2c:fe:6d:3f:
e4:16:5a:ba:2c:d9:68:3f:a2:01:ef:a7:d7:da:88:
ea:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:45:ED:75:57:76:9D:29:11:72:1C:63:4D:5B:73:A8:5C:73:CD:2A
X509v3 Authority Key Identifier:
keyid:00:11:40:0D:54:8F:A2:1A:F8:19:A0:C6:E2:3E:77:A6:01:2E:B5:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABFADVSPohr4GaDG4j53pgEutek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52daab-6829-45fa-967e-01f4606c65ec/1/O0XtdVd2nSkRchxjTVtzqFxzzSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52daab-6829-45fa-967e-01f4606c65ec/1/ABFADVSPohr4GaDG4j53pgEutek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.70.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:76:f2:df:26:59:4b:91:98:17:59:37:8b:5b:97:1e:90:50:
97:64:10:ef:c1:be:b3:d7:0e:a8:e3:d9:b8:c7:73:e4:40:fd:
0f:88:15:e2:06:dd:3e:44:c6:37:b1:d3:d2:48:7e:2e:0e:c0:
2d:69:6e:60:57:2f:97:cc:0a:6e:64:fe:ca:fc:d4:90:8e:26:
3d:b9:22:80:e1:f6:1d:a6:36:88:be:7b:81:65:ea:13:fe:77:
52:ec:31:96:3c:f9:65:19:2e:c2:08:fe:6f:d1:59:1a:bb:51:
2c:c2:7b:34:d4:7f:8f:9c:23:29:aa:26:56:b8:f9:b8:e4:0f:
bd:1a:f3:77:97:46:3a:6f:1f:b5:80:d9:0e:19:24:32:e4:a9:
e6:72:02:f4:d6:e3:64:e9:0f:c2:27:20:7c:ab:e2:24:b1:34:
93:c6:b1:11:0a:88:87:e2:b1:5e:eb:e8:5d:de:c6:3c:4f:7a:
8a:80:1f:0b:0d:be:cd:57:53:5e:40:18:a7:7b:8a:06:df:25:
7d:0d:91:84:76:cc:03:4b:15:8d:60:5f:0e:d1:e2:1a:29:c2:
56:1a:06:1a:f1:15:18:96:43:3e:b7:2d:b5:c6:43:01:bc:81:
0d:63:ea:d3:02:e6:c0:b2:bc:4d:25:c7:39:e4:b9:71:ba:28:
56:22:20:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFMLY1M4Dqs2aO/6SQXQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMTE0MDBkNTQ4ZmEyMWFmODE5YTBjNmUyM2U3N2E2MDEy
ZWI1ZTkwHhcNMjMwMTAxMjA0NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQ1ZWQ3NTU3NzY5ZDI5MTE3MjFjNjM0ZDViNzNhODVjNzNjZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEbIjcAsLSUb7LWzoC6dQrEmT7mv
h+l+IF3lbN043OzRJJKGaunefLO6eP7dgZ93wVjISeCweigLRtBQois9vuwabMAB
W6uaL0IQ8/adq6xlhLYlb77qnYFN0JuJtfPrNgSBcs0GCSQBzd4caat0NjKXIT58
qA3LzKZgICfIbpGJVgSLui9SziNjBS3fjd0+onyZ1GCbkCtYdT8yRMEA5VpbCn44
LmbIj42cof9OpcEbDHCwPWOdAPLercdpj406y+hNSfee61Ln04MUy27cnUoic+mf
YjvIQo5uuRg9EgO0ErJcvVRhaZHmvSz+bT/kFlq6LNloP6IB76fX2ojqpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDtF7XVXdp0pEXIcY01bc6hcc80qMB8GA1UdIwQY
MBaAFAARQA1Uj6Ia+BmgxuI+d6YBLrXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUJGQURWU1BvaHI0R2FERzRqNTNwZ0V1dGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MmRhYWItNjgyOS00NWZhLTk2N2Ut
MDFmNDYwNmM2NWVjLzEvTzBYdGRWZDJuU2tSY2h4alRWdHpxRnh6elNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81MmRhYWItNjgyOS00NWZhLTk2N2UtMDFmNDYwNmM2NWVj
LzEvQUJGQURWU1BvaHI0R2FERzRqNTNwZ0V1dGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8dGMA0G
CSqGSIb3DQEBCwUAA4IBAQAddvLfJllLkZgXWTeLW5cekFCXZBDvwb6z1w6o49m4
x3PkQP0PiBXiBt0+RMY3sdPSSH4uDsAtaW5gVy+XzApuZP7K/NSQjiY9uSKA4fYd
pjaIvnuBZeoT/ndS7DGWPPllGS7CCP5v0Vkau1Eswns01H+PnCMpqiZWuPm45A+9
GvN3l0Y6bx+1gNkOGSQy5KnmcgL01uNk6Q/CJyB8q+IksTSTxrERCoiH4rFe6+hd
3sY8T3qKgB8LDb7NV1NeQBine4oG3yV9DZGEdswDSxWNYF8O0eIaKcJWGgYa8RUY
lkM+ty21xkMBvIENY+rTAubAsrxNJcc55LlxuihWIiCy
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:05 2024 by rpki-client on console-fra.rpki-client.org