Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/sN583JGTFBcxVF5c9kAZrK2vYMU.roa
File: sN583JGTFBcxVF5c9kAZrK2vYMU.roa (raw, json)
Hash identifier: V2ispjRJjHic6GEwjRANLuVJXZ77fCksOjlegfxMsFs=
Subject key identifier: B0:DE:7C:DC:91:93:14:17:31:54:5E:5C:F6:40:19:AC:AD:AF:60:C5
Certificate issuer: /CN=035e5285dedc35ab63527048b366ee553806ce04
Certificate serial: 01856F14E6E2C8FFC885DCB3AB435F932E56
Authority key identifier: 03:5E:52:85:DE:DC:35:AB:63:52:70:48:B3:66:EE:55:38:06:CE:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A15Shd7cNatjUnBIs2buVTgGzgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/sN583JGTFBcxVF5c9kAZrK2vYMU.roa
Signing time: Sun 01 Jan 2023 20:45:18 +0000
ROA not before: Sun 01 Jan 2023 20:45:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31463
IP address blocks: 91.213.208.0/24 maxlen: 24
91.213.217.0/24 maxlen: 24
91.213.215.0/24 maxlen: 24
91.213.220.0/24 maxlen: 24
2a0f:64c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:e6:e2:c8:ff:c8:85:dc:b3:ab:43:5f:93:2e:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=035e5285dedc35ab63527048b366ee553806ce04
Validity
Not Before: Jan 1 20:45:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0de7cdc9193141731545e5cf64019acadaf60c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0c:e8:16:e0:b6:0a:8c:d3:f6:c1:76:a1:40:
88:ae:ff:86:85:1c:26:22:00:a1:e1:d9:1a:e8:7a:
49:1f:de:72:c8:81:9f:69:00:07:37:be:8b:01:0e:
8a:01:1f:3b:a8:da:d1:01:be:7e:fa:0a:83:e5:67:
19:87:d4:35:a0:a7:d2:17:53:b2:d7:72:a1:95:ca:
34:6f:8c:86:0d:59:7b:e5:9e:5f:07:4b:f4:3b:ab:
b2:bf:f0:57:3c:be:cb:2d:42:51:02:a1:d8:94:8a:
90:ff:a1:68:44:c8:7e:23:cf:8b:76:ef:d0:01:99:
57:2b:41:be:6c:99:5e:bb:ee:59:1b:ac:50:ba:d9:
9d:9d:67:8c:73:c0:1a:14:bc:a9:6e:6b:e6:34:b7:
be:44:3d:92:51:98:2c:58:5b:fd:f3:d5:54:c5:4d:
ab:a5:38:a5:43:cd:4a:08:ee:2b:c5:c9:fd:92:8d:
3b:d6:01:62:d7:82:37:c6:8e:0e:03:6e:c9:c7:ec:
a3:f8:d9:ee:2a:06:28:bb:13:dc:f7:84:20:13:00:
6f:c1:c5:85:05:7e:d9:36:a7:f2:4a:ff:80:df:5b:
3d:0e:a1:ea:ea:0c:b5:ac:dd:ba:37:42:ce:ab:a7:
9d:9c:ac:78:2f:f5:81:b0:f0:e5:05:7c:95:33:0a:
82:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:DE:7C:DC:91:93:14:17:31:54:5E:5C:F6:40:19:AC:AD:AF:60:C5
X509v3 Authority Key Identifier:
keyid:03:5E:52:85:DE:DC:35:AB:63:52:70:48:B3:66:EE:55:38:06:CE:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A15Shd7cNatjUnBIs2buVTgGzgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/sN583JGTFBcxVF5c9kAZrK2vYMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/A15Shd7cNatjUnBIs2buVTgGzgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.208.0/24
91.213.215.0/24
91.213.217.0/24
91.213.220.0/24
IPv6:
2a0f:64c0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:bb:a4:23:55:35:ff:73:1c:68:a9:97:78:1a:4c:65:a5:9a:
cf:b1:66:8f:70:2c:e8:c0:14:d1:d2:1d:d9:e2:11:af:5d:e7:
4a:cc:6f:d6:aa:ed:ea:ee:df:55:1c:ff:04:45:4c:5c:d2:a0:
fb:60:e5:01:62:aa:46:04:0a:a5:61:a4:88:fc:97:9c:6f:00:
83:c0:74:21:20:6b:a3:76:3f:fd:18:6d:8f:8b:7c:86:e1:54:
b9:99:ca:0f:14:46:3d:56:cc:95:7d:cf:85:4d:b0:5c:a6:80:
d4:e1:71:c1:27:0f:77:a8:8e:82:df:c8:00:bf:b7:a3:8b:db:
73:de:de:d3:ef:60:c1:8a:03:36:f2:25:65:51:b8:f9:23:1e:
44:33:0c:23:17:c2:16:3b:3f:b9:3a:0d:df:13:d5:92:72:f5:
cf:59:12:2a:04:dc:35:09:32:2d:50:ab:44:8f:9c:43:e0:f6:
bb:63:d0:32:e8:18:93:2a:26:26:f0:19:cc:5d:b9:e5:35:23:
ce:94:6f:33:37:ec:36:31:9a:61:b1:c0:a1:e1:5f:f5:34:61:
0d:ff:7d:42:a9:30:18:b7:30:f5:d4:df:33:4d:b9:a0:d8:cc:
cd:3b:82:9e:b0:43:75:68:62:d1:fb:ca:af:c8:47:9a:89:41:
07:37:08:5c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVvFObiyP/Ihdyzq0Nfky5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNWU1Mjg1ZGVkYzM1YWI2MzUyNzA0OGIzNjZlZTU1Mzgw
NmNlMDQwHhcNMjMwMTAxMjA0NTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGRlN2NkYzkxOTMxNDE3MzE1NDVlNWNmNjQwMTlhY2FkYWY2MGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwzoFuC2CozT9sF2oUCIrv+GhRwm
IgCh4dka6HpJH95yyIGfaQAHN76LAQ6KAR87qNrRAb5++gqD5WcZh9Q1oKfSF1Oy
13Khlco0b4yGDVl75Z5fB0v0O6uyv/BXPL7LLUJRAqHYlIqQ/6FoRMh+I8+Ldu/Q
AZlXK0G+bJleu+5ZG6xQutmdnWeMc8AaFLypbmvmNLe+RD2SUZgsWFv989VUxU2r
pTilQ81KCO4rxcn9ko071gFi14I3xo4OA27Jx+yj+NnuKgYouxPc94QgEwBvwcWF
BX7ZNqfySv+A31s9DqHq6gy1rN26N0LOq6ednKx4L/WBsPDlBXyVMwqCMQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLDefNyRkxQXMVReXPZAGaytr2DFMB8GA1UdIwQY
MBaAFANeUoXe3DWrY1JwSLNm7lU4Bs4EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTE1U2hkN2NOYXRqVW5CSXMyYnVWVGdHemdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mMTk0NGItMTAxYS00MTgxLWEzNmIt
MmMyNzA3NzM2ZmRiLzEvc041ODNKR1RGQmN4VkY1YzlrQVpySzJ2WU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mMTk0NGItMTAxYS00MTgxLWEzNmItMmMyNzA3NzM2ZmRi
LzEvQTE1U2hkN2NOYXRqVW5CSXMyYnVWVGdHemdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9XQAwQA
W9XXAwQAW9XZAwQAW9XcMA0EAgACMAcDBQMqD2TAMA0GCSqGSIb3DQEBCwUAA4IB
AQBMu6QjVTX/cxxoqZd4GkxlpZrPsWaPcCzowBTR0h3Z4hGvXedKzG/Wqu3q7t9V
HP8ERUxc0qD7YOUBYqpGBAqlYaSI/JecbwCDwHQhIGujdj/9GG2Pi3yG4VS5mcoP
FEY9VsyVfc+FTbBcpoDU4XHBJw93qI6C38gAv7eji9tz3t7T72DBigM28iVlUbj5
Ix5EMwwjF8IWOz+5Og3fE9WScvXPWRIqBNw1CTItUKtEj5xD4Pa7Y9Ay6BiTKiYm
8BnMXbnlNSPOlG8zN+w2MZphscCh4V/1NGEN/31CqTAYtzD11N8zTbmg2MzNO4Ke
sEN1aGLR+8qvyEeaiUEHNwhc
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:17 2024 by rpki-client on console-ams.rpki-client.org