Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/XfWuMprgOvxWHMHO8_JDIl8KZY8.roa
File: XfWuMprgOvxWHMHO8_JDIl8KZY8.roa (raw, json)
Hash identifier: lioKsXQ9zayHMP2T6CbQBp2IjbXkTNDRgV4O6N5BKOk=
Subject key identifier: 5D:F5:AE:32:9A:E0:3A:FC:56:1C:C1:CE:F3:F2:43:22:5F:0A:65:8F
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 01856C785C68FD4D1D77AD023E6E2E169A24
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/XfWuMprgOvxWHMHO8_JDIl8KZY8.roa
Signing time: Sun 01 Jan 2023 08:35:05 +0000
ROA not before: Sun 01 Jan 2023 08:35:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 91.239.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Jan 2023 01:03:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:5c:68:fd:4d:1d:77:ad:02:3e:6e:2e:16:9a:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Jan 1 08:35:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5df5ae329ae03afc561cc1cef3f243225f0a658f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f9:e3:11:33:cd:f3:bc:ce:20:63:ff:52:55:
f4:00:e6:f3:29:13:95:09:3d:9d:b1:64:e9:15:75:
89:08:3a:63:25:68:0f:c9:95:4b:27:8a:46:f8:cb:
e1:fd:e5:57:5e:6e:ca:73:0b:85:a8:dc:26:50:9e:
91:dd:0a:b4:10:17:92:a4:f2:2a:a9:db:5d:54:cb:
2a:7b:15:b0:c3:e7:58:13:26:cf:18:3b:eb:a1:e9:
2e:1b:d6:3b:f6:87:70:ee:0a:be:10:16:5f:3d:f1:
9f:da:98:4c:24:72:53:25:b1:c6:5a:f5:0e:27:5b:
f4:68:e2:5e:52:47:98:7b:14:d2:9d:df:c6:4b:ac:
56:e1:3d:bd:e3:01:61:ed:03:f1:3d:06:dc:c7:8f:
6c:2a:d4:de:c5:e6:31:9d:58:81:d1:6f:22:14:a0:
03:69:89:2a:af:91:90:01:84:ba:7b:e6:58:81:fd:
e0:9d:1c:d7:fa:78:b6:fd:b3:65:fb:d7:3b:cb:c3:
3c:2f:c5:5d:fd:07:1a:c8:20:fa:91:e9:44:8f:5a:
7a:37:3b:4b:61:18:c3:a6:88:b6:74:81:19:75:1e:
a6:a7:dc:fa:8e:3e:1c:81:3b:14:0e:a6:de:e1:ae:
c6:ae:55:7e:35:41:a3:06:3f:ba:c8:18:85:a9:c2:
ce:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F5:AE:32:9A:E0:3A:FC:56:1C:C1:CE:F3:F2:43:22:5F:0A:65:8F
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/XfWuMprgOvxWHMHO8_JDIl8KZY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.148.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:6a:0a:b9:b1:14:13:85:31:dc:ef:e7:43:6f:23:01:48:2c:
53:b0:1d:a6:c8:98:31:a7:f2:34:3d:2a:c9:0b:d3:d6:2a:84:
aa:14:57:da:f4:7d:a1:80:e5:17:fa:9a:b7:8e:5c:70:22:db:
3b:d4:a7:13:d4:5a:e8:7e:01:8c:b1:0a:12:a5:72:25:c5:c1:
5a:db:a8:8c:42:a2:6e:d9:79:d7:e4:7a:27:5e:e0:07:b6:f0:
4d:cc:f8:95:19:1c:e9:c6:08:75:bd:54:68:99:9b:34:43:c5:
c7:48:da:28:b2:aa:12:88:3a:af:5e:56:b4:c9:93:ed:c7:fe:
e5:78:96:b0:19:bc:01:3b:db:06:52:26:7e:ea:c7:61:c0:68:
de:ce:94:16:f2:eb:2a:d5:8d:af:4e:18:12:03:43:2d:3f:13:
8b:fb:01:df:c4:59:62:aa:6e:11:f7:66:22:b5:00:8d:b0:45:
d1:02:b8:92:b6:1d:83:4c:41:ae:f6:b2:90:e3:9c:be:3a:88:
45:04:fb:73:14:29:f1:53:16:a2:a6:35:4c:a3:c9:a9:e9:31:
fc:47:a0:f1:8e:c2:37:6c:ff:8b:c6:c2:a0:43:56:53:d5:99:
d8:ca:f0:4a:3e:0c:cc:30:47:72:88:03:09:b5:37:31:94:dc:
54:fb:0c:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseFxo/U0dd60CPm4uFpokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjMwMTAxMDgzNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGY1YWUzMjlhZTAzYWZjNTYxY2MxY2VmM2YyNDMyMjVmMGE2NThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvnjETPN87zOIGP/UlX0AObzKROV
CT2dsWTpFXWJCDpjJWgPyZVLJ4pG+Mvh/eVXXm7KcwuFqNwmUJ6R3Qq0EBeSpPIq
qdtdVMsqexWww+dYEybPGDvroekuG9Y79odw7gq+EBZfPfGf2phMJHJTJbHGWvUO
J1v0aOJeUkeYexTSnd/GS6xW4T294wFh7QPxPQbcx49sKtTexeYxnViB0W8iFKAD
aYkqr5GQAYS6e+ZYgf3gnRzX+ni2/bNl+9c7y8M8L8Vd/QcayCD6kelEj1p6NztL
YRjDpoi2dIEZdR6mp9z6jj4cgTsUDqbe4a7GrlV+NUGjBj+6yBiFqcLOwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF31rjKa4Dr8VhzBzvPyQyJfCmWPMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvWGZXdU1wcmdPdnhXSE1ITzhfSkRJbDhLWlk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW++UMA0G
CSqGSIb3DQEBCwUAA4IBAQCqagq5sRQThTHc7+dDbyMBSCxTsB2myJgxp/I0PSrJ
C9PWKoSqFFfa9H2hgOUX+pq3jlxwIts71KcT1FrofgGMsQoSpXIlxcFa26iMQqJu
2XnX5HonXuAHtvBNzPiVGRzpxgh1vVRomZs0Q8XHSNoosqoSiDqvXla0yZPtx/7l
eJawGbwBO9sGUiZ+6sdhwGjezpQW8usq1Y2vThgSA0MtPxOL+wHfxFliqm4R92Yi
tQCNsEXRAriSth2DTEGu9rKQ45y+OohFBPtzFCnxUxaipjVMo8mp6TH8R6DxjsI3
bP+LxsKgQ1ZT1ZnYyvBKPgzMMEdyiAMJtTcxlNxU+wyB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:43 2024 by rpki-client on console-ams.rpki-client.org