Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/563afc-b194-41fb-a7a1-6aeae63ed8fe/1/fXzwHB1FxluwWSSQBcv6gR9mhYo.roa
File: fXzwHB1FxluwWSSQBcv6gR9mhYo.roa (raw, json)
Hash identifier: CJ/ViAFAGEHumJLkPcbXTAyHr9TswOUqcusOeBgyxVI=
Subject key identifier: 7D:7C:F0:1C:1D:45:C6:5B:B0:59:24:90:05:CB:FA:81:1F:66:85:8A
Certificate issuer: /CN=e38aabea8ee29bf7c915bc3ef0bbacc27d0ecede
Certificate serial: 01857227F2371AFB008459FE57DAF59CAFC7
Authority key identifier: E3:8A:AB:EA:8E:E2:9B:F7:C9:15:BC:3E:F0:BB:AC:C2:7D:0E:CE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/44qr6o7im_fJFbw-8Luswn0Ozt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/563afc-b194-41fb-a7a1-6aeae63ed8fe/1/fXzwHB1FxluwWSSQBcv6gR9mhYo.roa
Signing time: Mon 02 Jan 2023 11:04:58 +0000
ROA not before: Mon 02 Jan 2023 11:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 91.208.124.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:f2:37:1a:fb:00:84:59:fe:57:da:f5:9c:af:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e38aabea8ee29bf7c915bc3ef0bbacc27d0ecede
Validity
Not Before: Jan 2 11:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d7cf01c1d45c65bb059249005cbfa811f66858a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ea:ce:51:a5:58:d2:74:00:f2:2c:8e:a2:d0:
72:44:4b:bc:c4:52:71:1e:5f:b9:3c:16:ad:88:36:
d4:8d:f4:28:a4:98:39:3a:31:77:6e:53:8e:bf:99:
b7:f7:19:27:61:d1:48:95:16:0b:ad:5d:34:61:4d:
00:bc:8b:84:ac:3b:47:7f:c9:00:25:eb:f2:0b:b1:
55:cb:b2:ea:ae:38:83:d9:ef:ed:c5:98:9f:b8:32:
a7:59:c6:69:87:d9:c6:5f:a0:63:91:c7:33:25:de:
8e:0a:17:f5:19:08:60:79:c8:91:e4:e2:cd:1e:99:
31:bd:b5:03:d8:8a:4d:57:29:07:50:79:8e:a5:1c:
e7:73:d6:b3:89:f3:2c:7e:c2:a3:33:d5:f6:ba:b9:
07:2e:6e:de:43:d0:0c:02:a7:4e:fd:a4:8c:91:29:
cb:d8:a2:c7:35:04:05:fd:dd:0a:b1:6c:17:57:ea:
ef:f2:94:15:db:55:79:3f:84:3c:8a:39:a5:c1:06:
1b:b2:b9:40:8a:7b:15:a6:19:73:3b:eb:dc:f1:2e:
ae:3e:9e:d5:67:c8:0e:b8:7f:04:04:37:37:2b:fa:
9e:65:17:ea:45:6b:4d:c6:16:d6:0d:96:60:b8:aa:
81:79:ed:ec:2e:a9:a5:45:bd:cd:ce:77:51:11:62:
e0:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:7C:F0:1C:1D:45:C6:5B:B0:59:24:90:05:CB:FA:81:1F:66:85:8A
X509v3 Authority Key Identifier:
keyid:E3:8A:AB:EA:8E:E2:9B:F7:C9:15:BC:3E:F0:BB:AC:C2:7D:0E:CE:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/44qr6o7im_fJFbw-8Luswn0Ozt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/563afc-b194-41fb-a7a1-6aeae63ed8fe/1/fXzwHB1FxluwWSSQBcv6gR9mhYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/563afc-b194-41fb-a7a1-6aeae63ed8fe/1/44qr6o7im_fJFbw-8Luswn0Ozt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.124.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:e3:c9:b6:fd:f5:ec:bd:af:fd:f6:4a:14:08:49:e1:04:c5:
6f:99:b1:e0:cf:a6:24:84:93:bf:aa:04:69:00:b8:5d:5a:a8:
10:d9:af:9a:9f:72:5a:44:2f:3b:f5:84:4d:30:9f:a2:f7:b7:
e9:40:bf:03:03:dd:1b:5d:11:43:52:10:4e:68:60:7b:24:e0:
80:1d:fd:28:f3:2d:c8:83:7e:0b:a9:6a:f6:b3:5c:3d:65:db:
1a:33:2a:c3:21:7a:b6:79:06:2f:38:fc:cc:e7:58:39:3c:a1:
f9:ba:74:6f:c0:f8:a5:cc:77:8b:a8:ec:1c:86:86:08:86:3c:
f0:3a:7e:7b:a1:b6:28:30:44:45:36:d6:51:bf:4d:15:99:e2:
f5:34:18:c0:42:ca:23:4d:f9:ec:42:61:5d:85:c1:22:0e:5f:
7a:34:17:43:23:af:ed:8e:0f:35:ef:a8:de:c6:9f:e8:70:83:
9a:07:3a:c4:b6:18:8d:e6:bf:2d:e9:06:6f:83:33:3f:b0:f1:
ca:d0:71:78:08:c1:6c:d9:8a:cf:c6:fe:c0:a2:79:8a:1c:ad:
3b:c3:c1:79:65:85:16:91:3b:a2:c4:19:6c:10:5f:76:47:dc:
22:05:57:95:c0:2b:82:fa:48:03:23:6b:50:65:2d:c5:59:e2:
ec:35:53:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyJ/I3GvsAhFn+V9r1nK/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzOGFhYmVhOGVlMjliZjdjOTE1YmMzZWYwYmJhY2MyN2Qw
ZWNlZGUwHhcNMjMwMTAyMTEwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDdjZjAxYzFkNDVjNjViYjA1OTI0OTAwNWNiZmE4MTFmNjY4NThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOrOUaVY0nQA8iyOotByREu8xFJx
Hl+5PBatiDbUjfQopJg5OjF3blOOv5m39xknYdFIlRYLrV00YU0AvIuErDtHf8kA
JevyC7FVy7LqrjiD2e/txZifuDKnWcZph9nGX6BjkcczJd6OChf1GQhgeciR5OLN
HpkxvbUD2IpNVykHUHmOpRznc9azifMsfsKjM9X2urkHLm7eQ9AMAqdO/aSMkSnL
2KLHNQQF/d0KsWwXV+rv8pQV21V5P4Q8ijmlwQYbsrlAinsVphlzO+vc8S6uPp7V
Z8gOuH8EBDc3K/qeZRfqRWtNxhbWDZZguKqBee3sLqmlRb3NzndREWLgmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH188BwdRcZbsFkkkAXL+oEfZoWKMB8GA1UdIwQY
MBaAFOOKq+qO4pv3yRW8PvC7rMJ9Ds7eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDRxcjZvN2ltX2ZKRmJ3LThMdXN3bjBPenQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81NjNhZmMtYjE5NC00MWZiLWE3YTEt
NmFlYWU2M2VkOGZlLzEvZlh6d0hCMUZ4bHV3V1NTUUJjdjZnUjltaFlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81NjNhZmMtYjE5NC00MWZiLWE3YTEtNmFlYWU2M2VkOGZl
LzEvNDRxcjZvN2ltX2ZKRmJ3LThMdXN3bjBPenQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9B8MA0G
CSqGSIb3DQEBCwUAA4IBAQAO48m2/fXsva/99koUCEnhBMVvmbHgz6YkhJO/qgRp
ALhdWqgQ2a+an3JaRC879YRNMJ+i97fpQL8DA90bXRFDUhBOaGB7JOCAHf0o8y3I
g34LqWr2s1w9ZdsaMyrDIXq2eQYvOPzM51g5PKH5unRvwPilzHeLqOwchoYIhjzw
On57obYoMERFNtZRv00VmeL1NBjAQsojTfnsQmFdhcEiDl96NBdDI6/tjg8176je
xp/ocIOaBzrEthiN5r8t6QZvgzM/sPHK0HF4CMFs2YrPxv7AonmKHK07w8F5ZYUW
kTuixBlsEF92R9wiBVeVwCuC+kgDI2tQZS3FWeLsNVMW
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:33 2024 by rpki-client on console-ams.rpki-client.org