Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/0aeda7-6d3a-418e-96d5-1ca2d55e2061/1/CkyQ10L0DVgtIfctfor7bdQXdHo.roa
File: CkyQ10L0DVgtIfctfor7bdQXdHo.roa (raw, json)
Hash identifier: u2kjpx3SNLgc1GFoDjYDwhzCBmy/MV02eXeaLY1z7AU=
Subject key identifier: 0A:4C:90:D7:42:F4:0D:58:2D:21:F7:2D:7E:8A:FB:6D:D4:17:74:7A
Certificate issuer: /CN=d4459dd6f7ccecfebeb434fc08db8e22d4569c23
Certificate serial: 018B8977EB5DE95E356C9AA96B4A3CF3B1A4
Authority key identifier: D4:45:9D:D6:F7:CC:EC:FE:BE:B4:34:FC:08:DB:8E:22:D4:56:9C:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EWd1vfM7P6-tDT8CNuOItRWnCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/0aeda7-6d3a-418e-96d5-1ca2d55e2061/1/CkyQ10L0DVgtIfctfor7bdQXdHo.roa
Signing time: Wed 01 Nov 2023 06:00:19 +0000
ROA not before: Wed 01 Nov 2023 06:00:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 91.223.67.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:89:77:eb:5d:e9:5e:35:6c:9a:a9:6b:4a:3c:f3:b1:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4459dd6f7ccecfebeb434fc08db8e22d4569c23
Validity
Not Before: Nov 1 06:00:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a4c90d742f40d582d21f72d7e8afb6dd417747a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c0:1c:aa:e9:ad:92:fd:d9:7d:5d:eb:d3:6a:
bd:71:48:e4:0c:20:09:f6:a6:f6:aa:f6:9f:06:b5:
02:bb:7e:35:86:50:11:c3:c3:c7:44:3c:c5:bc:0b:
ed:5b:f8:cb:d3:67:b1:6c:e6:c8:a0:0e:a0:29:97:
54:f6:ea:ab:b6:34:04:1b:6b:1b:80:8b:35:71:4b:
69:de:6c:da:de:cc:4b:91:34:15:39:60:bb:6e:8f:
f2:90:aa:7d:6b:58:ea:d7:5b:34:4a:70:0c:a0:66:
30:46:89:e0:3c:8f:55:48:44:c5:ef:3a:ed:de:0b:
13:54:3f:8a:ea:0d:58:dd:0d:f7:02:ce:6a:c5:e9:
51:3c:c9:80:01:d6:88:ac:8c:cf:bd:9c:0c:5f:c3:
f9:c3:b8:88:64:5d:8f:21:67:54:fc:f7:32:b9:c4:
4b:76:d5:93:23:19:e7:17:af:c9:d1:70:c9:3d:76:
a0:f4:e2:a6:5f:45:1e:6d:df:48:7a:9a:14:de:b6:
d5:b6:5a:81:d8:b2:cc:5f:df:5f:9e:b0:d8:00:c8:
4d:ab:b9:3d:9d:2d:3d:af:b2:c9:66:b9:ce:34:16:
af:c3:75:bf:e7:73:e3:93:86:f8:df:08:1b:cc:60:
e2:34:b4:c8:ca:55:0b:3c:c0:aa:db:7a:5d:18:a2:
71:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:4C:90:D7:42:F4:0D:58:2D:21:F7:2D:7E:8A:FB:6D:D4:17:74:7A
X509v3 Authority Key Identifier:
keyid:D4:45:9D:D6:F7:CC:EC:FE:BE:B4:34:FC:08:DB:8E:22:D4:56:9C:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EWd1vfM7P6-tDT8CNuOItRWnCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/0aeda7-6d3a-418e-96d5-1ca2d55e2061/1/CkyQ10L0DVgtIfctfor7bdQXdHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/0aeda7-6d3a-418e-96d5-1ca2d55e2061/1/1EWd1vfM7P6-tDT8CNuOItRWnCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.67.0/24
Signature Algorithm: sha256WithRSAEncryption
82:fd:ee:e0:48:a0:85:89:c8:96:a9:63:e1:bd:d6:34:50:12:
3c:7e:6e:bc:9b:21:a5:b8:d7:97:2d:4e:a4:20:ec:79:63:21:
29:10:97:37:1b:74:44:05:54:b7:3b:3d:ba:49:f6:02:e7:52:
0c:b4:e7:08:74:4a:6c:b8:d6:d6:a4:eb:ef:d6:19:e3:28:71:
05:4b:80:a9:69:69:e9:a0:17:3b:fc:7e:f2:46:1a:91:75:c8:
2d:fc:00:24:a6:b4:95:a6:27:bb:05:7d:52:45:c5:06:e3:ec:
60:3e:8c:f9:b1:bf:b0:56:ed:eb:e0:f2:24:6f:2b:ed:c7:02:
bd:26:39:b8:49:fc:0b:78:5a:b3:66:59:65:60:14:a0:1a:4f:
84:d7:19:09:86:f1:1f:5a:af:62:3f:3a:57:56:99:79:be:4a:
24:40:7c:a9:2b:64:7a:b7:ac:44:d3:7d:10:90:86:1a:91:a9:
a7:97:2a:5f:b1:f1:fc:b7:79:66:f6:b0:89:77:11:d1:85:42:
af:88:de:1d:5d:7e:6b:b2:5e:eb:81:38:a5:5f:89:e1:96:ac:
c8:7f:28:b8:f4:51:63:ba:58:8b:91:c4:56:9a:03:85:85:f9:
c6:2b:2f:3e:2b:26:2f:88:43:4f:e0:42:bd:0f:90:0b:b6:95:
92:26:17:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuJd+td6V41bJqpa0o887GkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NDU5ZGQ2ZjdjY2VjZmViZWI0MzRmYzA4ZGI4ZTIyZDQ1
NjljMjMwHhcNMjMxMTAxMDYwMDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTRjOTBkNzQyZjQwZDU4MmQyMWY3MmQ3ZThhZmI2ZGQ0MTc3NDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMAcqumtkv3ZfV3r02q9cUjkDCAJ
9qb2qvafBrUCu341hlARw8PHRDzFvAvtW/jL02exbObIoA6gKZdU9uqrtjQEG2sb
gIs1cUtp3mza3sxLkTQVOWC7bo/ykKp9a1jq11s0SnAMoGYwRongPI9VSETF7zrt
3gsTVD+K6g1Y3Q33As5qxelRPMmAAdaIrIzPvZwMX8P5w7iIZF2PIWdU/PcyucRL
dtWTIxnnF6/J0XDJPXag9OKmX0Uebd9IepoU3rbVtlqB2LLMX99fnrDYAMhNq7k9
nS09r7LJZrnONBavw3W/53Pjk4b43wgbzGDiNLTIylULPMCq23pdGKJxCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFApMkNdC9A1YLSH3LX6K+23UF3R6MB8GA1UdIwQY
MBaAFNRFndb3zOz+vrQ0/AjbjiLUVpwjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUVXZDF2Zk03UDYtdERUOENOdU9JdFJXbkNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8wYWVkYTctNmQzYS00MThlLTk2ZDUt
MWNhMmQ1NWUyMDYxLzEvQ2t5UTEwTDBEVmd0SWZjdGZvcjdiZFFYZEhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8wYWVkYTctNmQzYS00MThlLTk2ZDUtMWNhMmQ1NWUyMDYx
LzEvMUVXZDF2Zk03UDYtdERUOENOdU9JdFJXbkNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW99DMA0G
CSqGSIb3DQEBCwUAA4IBAQCC/e7gSKCFiciWqWPhvdY0UBI8fm68myGluNeXLU6k
IOx5YyEpEJc3G3REBVS3Oz26SfYC51IMtOcIdEpsuNbWpOvv1hnjKHEFS4CpaWnp
oBc7/H7yRhqRdcgt/AAkprSVpie7BX1SRcUG4+xgPoz5sb+wVu3r4PIkbyvtxwK9
Jjm4SfwLeFqzZlllYBSgGk+E1xkJhvEfWq9iPzpXVpl5vkokQHypK2R6t6xE030Q
kIYakamnlypfsfH8t3lm9rCJdxHRhUKviN4dXX5rsl7rgTilX4nhlqzIfyi49FFj
uliLkcRWmgOFhfnGKy8+KyYviENP4EK9D5ALtpWSJher
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:38 2024 by rpki-client on console-ams.rpki-client.org