Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/e28021-61d2-4a75-9c2a-b1cb03a3fd5c/1/_2gZHj85WvKy5tPQYwuj9PDvKcY.roa
File: _2gZHj85WvKy5tPQYwuj9PDvKcY.roa (raw, json)
Hash identifier: 5klpidoVJc3vKughPj4yRdIYUnsphyRgyahMvO6Vw1U=
Subject key identifier: FF:68:19:1E:3F:39:5A:F2:B2:E6:D3:D0:63:0B:A3:F4:F0:EF:29:C6
Certificate issuer: /CN=0419f197f173117b7531facb9a63896a29d9a9a0
Certificate serial: 018570674CAB954EEC4D3EBEA0E9878C512A
Authority key identifier: 04:19:F1:97:F1:73:11:7B:75:31:FA:CB:9A:63:89:6A:29:D9:A9:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BBnxl_FzEXt1MfrLmmOJainZqaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/e28021-61d2-4a75-9c2a-b1cb03a3fd5c/1/_2gZHj85WvKy5tPQYwuj9PDvKcY.roa
Signing time: Mon 02 Jan 2023 02:54:56 +0000
ROA not before: Mon 02 Jan 2023 02:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210517
IP address blocks: 91.241.52.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:4c:ab:95:4e:ec:4d:3e:be:a0:e9:87:8c:51:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0419f197f173117b7531facb9a63896a29d9a9a0
Validity
Not Before: Jan 2 02:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff68191e3f395af2b2e6d3d0630ba3f4f0ef29c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:69:22:14:b1:a4:38:98:1e:ea:24:59:89:1c:
74:c3:e8:9c:ff:e3:45:fa:71:5f:44:6f:33:6c:af:
cd:d1:88:f4:bf:06:55:5e:a4:e4:46:a3:d1:f1:2c:
c7:d9:35:e0:1c:4d:70:a5:cc:bc:1d:3d:aa:33:c2:
1a:62:e1:5d:a6:a4:6c:ab:a6:18:03:79:d6:8c:31:
51:e3:81:b4:f7:19:e4:8a:f2:cc:45:20:4d:70:17:
80:12:47:ca:ea:ed:00:13:b9:72:29:53:d6:2a:58:
6e:f1:1b:6e:5a:f7:9c:af:3d:4b:b1:12:0d:af:02:
71:79:6a:22:b0:f4:a6:68:f5:1e:f1:e2:05:df:a7:
12:5b:62:61:e5:83:cf:a5:6c:be:38:05:68:f3:34:
2c:c8:04:c6:26:f6:17:34:8e:fa:11:c2:f5:4d:65:
37:5a:83:dc:ad:2b:0d:7b:31:60:5b:82:02:f4:b9:
5a:4f:4b:78:f7:c0:2c:16:eb:96:5d:6d:a1:bd:3a:
54:9e:ee:32:fa:c8:cc:e8:07:ad:c7:b6:63:1a:d6:
c0:0d:4a:a2:f8:28:0e:69:d9:70:4b:e4:68:1b:d0:
02:e1:1e:8c:25:5a:45:7d:35:5a:bb:a8:89:e9:cc:
6c:97:9b:6e:c8:8e:d0:5e:08:f6:b1:e4:5f:d4:a1:
82:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:68:19:1E:3F:39:5A:F2:B2:E6:D3:D0:63:0B:A3:F4:F0:EF:29:C6
X509v3 Authority Key Identifier:
keyid:04:19:F1:97:F1:73:11:7B:75:31:FA:CB:9A:63:89:6A:29:D9:A9:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BBnxl_FzEXt1MfrLmmOJainZqaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/e28021-61d2-4a75-9c2a-b1cb03a3fd5c/1/_2gZHj85WvKy5tPQYwuj9PDvKcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/e28021-61d2-4a75-9c2a-b1cb03a3fd5c/1/BBnxl_FzEXt1MfrLmmOJainZqaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.52.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:25:b4:dd:b2:af:87:14:6d:03:95:41:8c:d9:71:f9:46:0f:
6f:c1:d4:d2:1c:e9:02:e1:07:8d:57:d5:b8:25:f2:58:61:76:
11:ed:8f:b3:51:ba:84:5c:db:e5:e1:f2:1f:b8:95:1f:06:6b:
24:66:ab:a6:88:48:47:04:59:14:3a:98:d3:5d:47:d1:c7:a4:
c9:f5:0c:4c:a4:c3:e0:7f:b0:1b:30:96:13:de:f5:37:17:e4:
5e:7f:d1:cf:a6:a6:3b:89:b9:1e:68:05:bd:ca:6b:b6:c5:1b:
48:24:7b:9d:72:04:f3:fa:59:c9:68:37:b0:4c:bb:61:27:31:
cf:52:7d:0c:d1:c8:d3:d9:b7:ce:ee:99:b2:7c:4c:cf:8f:1b:
79:6d:62:01:ba:20:5a:e0:9c:4e:b9:5e:a9:a2:46:7c:b0:68:
dc:45:7c:35:26:19:e7:7b:bd:12:6d:8c:ba:27:05:9e:54:f5:
34:a1:50:09:9e:d0:48:10:cc:71:6d:af:50:5f:b8:fb:64:cb:
e7:6a:9a:9b:4c:74:36:9c:e3:f3:bd:98:79:b2:99:21:b5:ce:
cf:dc:76:36:9b:6d:ec:6b:67:35:e5:54:05:cd:7e:b8:49:ec:
e4:74:c1:d2:82:12:bf:18:f2:48:7b:f2:33:17:c0:a6:b1:56:
52:b2:37:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZ0yrlU7sTT6+oOmHjFEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MTlmMTk3ZjE3MzExN2I3NTMxZmFjYjlhNjM4OTZhMjlk
OWE5YTAwHhcNMjMwMTAyMDI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjY4MTkxZTNmMzk1YWYyYjJlNmQzZDA2MzBiYTNmNGYwZWYyOWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGkiFLGkOJge6iRZiRx0w+ic/+NF
+nFfRG8zbK/N0Yj0vwZVXqTkRqPR8SzH2TXgHE1wpcy8HT2qM8IaYuFdpqRsq6YY
A3nWjDFR44G09xnkivLMRSBNcBeAEkfK6u0AE7lyKVPWKlhu8RtuWvecrz1LsRIN
rwJxeWoisPSmaPUe8eIF36cSW2Jh5YPPpWy+OAVo8zQsyATGJvYXNI76EcL1TWU3
WoPcrSsNezFgW4IC9LlaT0t498AsFuuWXW2hvTpUnu4y+sjM6Aetx7ZjGtbADUqi
+CgOadlwS+RoG9AC4R6MJVpFfTVau6iJ6cxsl5tuyI7QXgj2seRf1KGCYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9oGR4/OVrysubT0GMLo/Tw7ynGMB8GA1UdIwQY
MBaAFAQZ8ZfxcxF7dTH6y5pjiWop2amgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkJueGxfRnpFWHQxTWZyTG1tT0phaW5acWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9lMjgwMjEtNjFkMi00YTc1LTljMmEt
YjFjYjAzYTNmZDVjLzEvXzJnWkhqODVXdkt5NXRQUVl3dWo5UER2S2NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9lMjgwMjEtNjFkMi00YTc1LTljMmEtYjFjYjAzYTNmZDVj
LzEvQkJueGxfRnpFWHQxTWZyTG1tT0phaW5acWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/E0MA0G
CSqGSIb3DQEBCwUAA4IBAQBtJbTdsq+HFG0DlUGM2XH5Rg9vwdTSHOkC4QeNV9W4
JfJYYXYR7Y+zUbqEXNvl4fIfuJUfBmskZqumiEhHBFkUOpjTXUfRx6TJ9QxMpMPg
f7AbMJYT3vU3F+Ref9HPpqY7ibkeaAW9ymu2xRtIJHudcgTz+lnJaDewTLthJzHP
Un0M0cjT2bfO7pmyfEzPjxt5bWIBuiBa4JxOuV6pokZ8sGjcRXw1Jhnne70SbYy6
JwWeVPU0oVAJntBIEMxxba9QX7j7ZMvnapqbTHQ2nOPzvZh5spkhtc7P3HY2m23s
a2c15VQFzX64SezkdMHSghK/GPJIe/IzF8CmsVZSsjfz
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:35 2024 by rpki-client on console-fra.rpki-client.org