Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/T_1TcD8h0D24F9BipVdyFTRGkx4.roa
File: T_1TcD8h0D24F9BipVdyFTRGkx4.roa (raw, json)
Hash identifier: JrWkMWme1/AVsCtEGmzNiGkKrqjalh91HaQ5YJIimtE=
Subject key identifier: 4F:FD:53:70:3F:21:D0:3D:B8:17:D0:62:A5:57:72:15:34:46:93:1E
Certificate issuer: /CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Certificate serial: 018750B1AF4CED69AA87D6E467C5ACC84110
Authority key identifier: 46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/T_1TcD8h0D24F9BipVdyFTRGkx4.roa
Signing time: Wed 05 Apr 2023 09:13:54 +0000
ROA not before: Wed 05 Apr 2023 09:13:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205036
IP address blocks: 91.209.58.0/24 maxlen: 24
2a0f:5fc0:beef::/48 maxlen: 48
2a0f:5fc0:b00b::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:b1:af:4c:ed:69:aa:87:d6:e4:67:c5:ac:c8:41:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Validity
Not Before: Apr 5 09:13:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ffd53703f21d03db817d062a55772153446931e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a8:12:06:78:03:27:8c:36:5e:13:ee:e2:29:
3d:80:2a:06:7a:a6:d5:ad:9e:43:1e:33:8f:dc:d3:
f9:22:c5:b9:d2:df:dc:bf:93:a8:02:fc:7a:76:eb:
d2:0f:d2:43:7f:e6:72:09:85:0a:2c:c1:da:e9:f0:
91:b3:e0:52:01:da:6b:bc:b5:9b:a6:c3:f8:2a:ee:
ea:9c:43:0c:d3:fe:1d:15:b9:50:72:29:ef:55:22:
a8:e2:bc:0a:ca:65:03:5f:0e:f5:71:29:b9:0f:2d:
ff:4a:74:ba:e0:5d:92:e7:85:38:43:6e:d3:93:dd:
98:fd:09:46:74:42:28:fb:9b:ba:bd:c9:bb:e6:7c:
31:e2:f8:70:4f:26:26:78:39:ef:b8:8e:ba:15:75:
46:f1:9c:29:16:8d:6e:d4:a2:31:13:e2:15:dd:4b:
4a:cc:e0:84:e5:78:95:2a:ea:bf:51:35:bc:b8:68:
9e:fd:33:17:37:e8:54:5a:75:fd:22:b6:ac:49:ef:
61:bc:28:a2:4a:60:53:3e:9f:de:b9:7a:86:e8:dc:
7d:a0:f2:2e:5a:6e:e0:6f:d0:ac:1e:81:c8:61:45:
0c:c6:4f:0f:04:1c:3b:57:e6:80:f2:ae:44:e4:fc:
e0:16:c5:14:7a:e1:21:13:fa:25:b8:c3:e7:aa:72:
90:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:FD:53:70:3F:21:D0:3D:B8:17:D0:62:A5:57:72:15:34:46:93:1E
X509v3 Authority Key Identifier:
keyid:46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/T_1TcD8h0D24F9BipVdyFTRGkx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/RtcTrajavPd2gcDKQtmWnkR8jqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.58.0/24
IPv6:
2a0f:5fc0:b00b::/48
2a0f:5fc0:beef::/48
Signature Algorithm: sha256WithRSAEncryption
c4:50:94:22:86:d3:17:2b:6d:98:9a:2f:0b:94:71:04:dd:97:
28:e1:dc:54:e2:3d:59:b7:f1:5c:e9:ab:0d:88:e2:94:82:31:
73:49:4f:65:4d:3c:c7:04:b6:1d:36:e2:10:93:ba:5c:23:36:
87:e6:f7:6a:8e:52:f8:3a:a0:50:08:79:a8:9d:69:14:2b:59:
d8:99:a0:28:ec:32:50:a6:3e:55:bd:bc:f5:d3:1d:8b:21:8d:
39:8b:58:51:e7:65:c7:72:4c:ab:d6:35:13:76:eb:c7:bd:6a:
d7:0e:39:aa:5f:f1:82:b7:ac:00:28:b0:c3:9f:d4:8d:d6:37:
6e:f9:d2:cc:40:99:40:5b:b0:ad:32:ac:22:9a:a0:ae:d5:5d:
c2:ff:49:94:d6:98:59:75:0b:3e:64:95:ad:ab:8c:0d:df:26:
14:4a:b8:1e:b8:d2:e7:a1:12:0e:63:c1:5b:a5:ca:1b:08:f1:
b4:6e:11:48:68:f1:81:12:5a:ac:ed:1f:24:91:5a:1d:eb:66:
d8:99:36:31:d4:cc:07:9c:9c:58:9c:61:17:79:73:7b:04:f5:
38:c6:1c:5e:47:5e:a0:72:c5:cf:16:a3:91:6c:a7:af:ad:39:
b9:e5:b1:9d:fd:80:20:e7:43:5d:97:e4:bd:7b:ce:80:c1:4d:
eb:6f:3d:39
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYdQsa9M7Wmqh9bkZ8WsyEEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDcxM2FkYThkYWJjZjc3NjgxYzBjYTQyZDk5NjllNDQ3
YzhlYTcwHhcNMjMwNDA1MDkxMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmZkNTM3MDNmMjFkMDNkYjgxN2QwNjJhNTU3NzIxNTM0NDY5MzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKgSBngDJ4w2XhPu4ik9gCoGeqbV
rZ5DHjOP3NP5IsW50t/cv5OoAvx6duvSD9JDf+ZyCYUKLMHa6fCRs+BSAdprvLWb
psP4Ku7qnEMM0/4dFblQcinvVSKo4rwKymUDXw71cSm5Dy3/SnS64F2S54U4Q27T
k92Y/QlGdEIo+5u6vcm75nwx4vhwTyYmeDnvuI66FXVG8ZwpFo1u1KIxE+IV3UtK
zOCE5XiVKuq/UTW8uGie/TMXN+hUWnX9IrasSe9hvCiiSmBTPp/euXqG6Nx9oPIu
Wm7gb9CsHoHIYUUMxk8PBBw7V+aA8q5E5PzgFsUUeuEhE/oluMPnqnKQxQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFE/9U3A/IdA9uBfQYqVXchU0RpMeMB8GA1UdIwQY
MBaAFEbXE62o2rz3doHAykLZlp5EfI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQt
YmUyMThjZWY0YTExLzEvVF8xVGNEOGgwRDI0RjlCaXBWZHlGVFJHa3g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQtYmUyMThjZWY0YTEx
LzEvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAW9E6MBgE
AgACMBIDBwAqD1/AsAsDBwAqD1/Avu8wDQYJKoZIhvcNAQELBQADggEBAMRQlCKG
0xcrbZiaLwuUcQTdlyjh3FTiPVm38Vzpqw2I4pSCMXNJT2VNPMcEth024hCTulwj
Nofm92qOUvg6oFAIeaidaRQrWdiZoCjsMlCmPlW9vPXTHYshjTmLWFHnZcdyTKvW
NRN268e9atcOOapf8YK3rAAosMOf1I3WN2750sxAmUBbsK0yrCKaoK7VXcL/SZTW
mFl1Cz5kla2rjA3fJhRKuB640uehEg5jwVulyhsI8bRuEUho8YESWqztHySRWh3r
ZtiZNjHUzAecnFicYRd5c3sE9TjGHF5HXqByxc8Wo5Fsp6+tObnlsZ39gCDnQ12X
5L17zoDBTetvPTk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:45 2024 by rpki-client on console-fra.rpki-client.org