Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/7sNgQFMUclPlgZS0OgcLo_ZOBnQ.roa
File: 7sNgQFMUclPlgZS0OgcLo_ZOBnQ.roa (raw, json)
Hash identifier: he3k0QKSKOahAks70dU/SVB4tqydwgMcEmiF0jTUtzY=
Subject key identifier: EE:C3:60:40:53:14:72:53:E5:81:94:B4:3A:07:0B:A3:F6:4E:06:74
Certificate issuer: /CN=59a06c187953cfc8133b2beee5f01a15e45da078
Certificate serial: 01856CCB0F2ECFB93D9FBE4E18B24C784D76
Authority key identifier: 59:A0:6C:18:79:53:CF:C8:13:3B:2B:EE:E5:F0:1A:15:E4:5D:A0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/7sNgQFMUclPlgZS0OgcLo_ZOBnQ.roa
Signing time: Sun 01 Jan 2023 10:05:25 +0000
ROA not before: Sun 01 Jan 2023 10:05:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 91.233.120.0/24 maxlen: 24
194.104.235.0/24 maxlen: 24
2a11:6740::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:0f:2e:cf:b9:3d:9f:be:4e:18:b2:4c:78:4d:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59a06c187953cfc8133b2beee5f01a15e45da078
Validity
Not Before: Jan 1 10:05:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eec3604053147253e58194b43a070ba3f64e0674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:02:eb:ef:8d:d9:b6:29:cb:9e:90:9b:7f:93:
7c:09:5a:6c:3b:a4:92:1e:8d:30:2c:e4:36:7c:de:
32:30:d3:18:51:c0:3c:07:8e:03:c3:eb:e0:b5:61:
07:9e:54:cd:08:e0:ea:ec:d4:9f:b6:9b:e6:40:71:
d9:17:83:87:ba:21:e0:6e:8b:9b:b3:6c:aa:48:e0:
48:01:9d:77:e5:6b:c2:0d:c5:c4:12:07:db:aa:80:
1a:f6:56:94:42:2d:06:59:84:c8:2c:7f:cf:ef:49:
7c:d6:21:d0:a1:5e:71:76:5a:d2:95:1f:52:df:13:
b7:fd:5e:60:28:80:b3:75:d3:b4:f1:e1:ad:45:75:
75:77:0c:99:3f:6e:4a:2d:4c:70:1e:b1:10:ef:2e:
bf:e7:52:ed:a1:90:59:56:68:c9:45:b9:38:ff:24:
36:ab:67:99:33:74:ff:a3:3f:91:dc:e2:80:38:77:
e1:03:2b:8e:47:a3:ea:57:ff:b2:f0:39:5c:ed:d4:
67:b2:db:32:24:ec:38:28:0a:80:ed:65:ac:9d:bb:
2f:12:c3:3c:7f:16:ad:a5:ac:5b:72:48:7f:e5:0e:
58:f1:ed:0c:ff:0c:12:67:b2:a1:6b:7e:5b:d0:3a:
89:a1:3c:c7:15:3b:22:c5:83:8a:ee:5f:bb:89:02:
63:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C3:60:40:53:14:72:53:E5:81:94:B4:3A:07:0B:A3:F6:4E:06:74
X509v3 Authority Key Identifier:
keyid:59:A0:6C:18:79:53:CF:C8:13:3B:2B:EE:E5:F0:1A:15:E4:5D:A0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/7sNgQFMUclPlgZS0OgcLo_ZOBnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/WaBsGHlTz8gTOyvu5fAaFeRdoHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.120.0/24
194.104.235.0/24
IPv6:
2a11:6740::/29
Signature Algorithm: sha256WithRSAEncryption
47:f6:d6:ea:97:47:90:5f:a5:e0:44:37:e6:c0:50:08:52:04:
8a:e7:c5:ae:f8:a7:45:dd:04:0e:6e:71:41:12:52:41:b6:87:
1b:03:6f:a8:ed:6b:d0:f9:53:59:85:70:7c:2f:0d:12:17:2b:
8f:67:0b:fd:26:56:aa:64:42:6b:8c:36:aa:bb:04:79:33:ba:
1d:2e:07:13:c1:96:cb:fa:da:9d:11:51:96:4b:56:8a:e4:06:
9c:6a:d0:c9:0d:d0:b3:15:e5:4f:61:88:3f:77:0f:f8:b4:e2:
4d:51:b7:57:1e:22:14:96:17:c1:87:2d:0d:74:8d:61:8d:41:
36:83:94:43:a7:82:21:bf:3b:01:d4:d6:ee:75:d3:50:a7:aa:
ee:26:41:62:0d:41:c7:86:c2:5a:91:52:2b:14:7b:84:82:d4:
4b:4a:80:c6:ea:b1:e9:d8:73:1e:48:c8:10:7a:c4:2a:64:76:
0e:25:5d:f9:43:ab:61:0e:e3:42:78:6c:a0:db:2e:81:ef:e5:
f6:aa:da:6e:6b:cc:60:17:98:e1:74:ee:28:f1:7d:7c:c6:ff:
5d:ff:d4:f5:69:0f:99:36:50:cb:6d:83:11:81:04:d8:b6:19:
a0:d5:2a:8c:f6:80:37:67:4e:85:9f:5c:5f:f9:82:99:32:c4:
1e:98:e4:1b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsyw8uz7k9n75OGLJMeE12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YTA2YzE4Nzk1M2NmYzgxMzNiMmJlZWU1ZjAxYTE1ZTQ1
ZGEwNzgwHhcNMjMwMTAxMTAwNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWMzNjA0MDUzMTQ3MjUzZTU4MTk0YjQzYTA3MGJhM2Y2NGUwNjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQLr743ZtinLnpCbf5N8CVpsO6SS
Ho0wLOQ2fN4yMNMYUcA8B44Dw+vgtWEHnlTNCODq7NSftpvmQHHZF4OHuiHgboub
s2yqSOBIAZ135WvCDcXEEgfbqoAa9laUQi0GWYTILH/P70l81iHQoV5xdlrSlR9S
3xO3/V5gKICzddO08eGtRXV1dwyZP25KLUxwHrEQ7y6/51LtoZBZVmjJRbk4/yQ2
q2eZM3T/oz+R3OKAOHfhAyuOR6PqV/+y8Dlc7dRnstsyJOw4KAqA7WWsnbsvEsM8
fxatpaxbckh/5Q5Y8e0M/wwSZ7Kha35b0DqJoTzHFTsixYOK7l+7iQJj0wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO7DYEBTFHJT5YGUtDoHC6P2TgZ0MB8GA1UdIwQY
MBaAFFmgbBh5U8/IEzsr7uXwGhXkXaB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2FCc0dIbFR6OGdUT3l2dTVmQWFGZVJkb0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85MTcwZTMtZTliMy00ZDZkLTg3ODct
ZTQ2ZWE4OWJmODQ5LzEvN3NOZ1FGTVVjbFBsZ1pTME9nY0xvX1pPQm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85MTcwZTMtZTliMy00ZDZkLTg3ODctZTQ2ZWE4OWJmODQ5
LzEvV2FCc0dIbFR6OGdUT3l2dTVmQWFGZVJkb0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW+l4AwQA
wmjrMA0EAgACMAcDBQMqEWdAMA0GCSqGSIb3DQEBCwUAA4IBAQBH9tbql0eQX6Xg
RDfmwFAIUgSK58Wu+KdF3QQObnFBElJBtocbA2+o7WvQ+VNZhXB8Lw0SFyuPZwv9
JlaqZEJrjDaquwR5M7odLgcTwZbL+tqdEVGWS1aK5AacatDJDdCzFeVPYYg/dw/4
tOJNUbdXHiIUlhfBhy0NdI1hjUE2g5RDp4IhvzsB1NbuddNQp6ruJkFiDUHHhsJa
kVIrFHuEgtRLSoDG6rHp2HMeSMgQesQqZHYOJV35Q6thDuNCeGyg2y6B7+X2qtpu
a8xgF5jhdO4o8X18xv9d/9T1aQ+ZNlDLbYMRgQTYthmg1SqM9oA3Z06Fn1xf+YKZ
MsQemOQb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:22 2024 by rpki-client on console-ams.rpki-client.org