Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/3dfc14-e6ab-48ca-9613-495a501c6998/1/yi1qGn51Vuxsqs2aYFooDncnp1Q.roa
File: yi1qGn51Vuxsqs2aYFooDncnp1Q.roa (raw, json)
Hash identifier: BR8VV1N00ucA7DQzYdUKq+87WveCK3H4tH6AQIRIo/k=
Subject key identifier: CA:2D:6A:1A:7E:75:56:EC:6C:AA:CD:9A:60:5A:28:0E:77:27:A7:54
Certificate issuer: /CN=b3ba47605cf367626263e57f16d0d87916ceddc8
Certificate serial: 01856E541B2E2B5E07FF4F311830DF45E1B4
Authority key identifier: B3:BA:47:60:5C:F3:67:62:62:63:E5:7F:16:D0:D8:79:16:CE:DD:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7pHYFzzZ2JiY-V_FtDYeRbO3cg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/3dfc14-e6ab-48ca-9613-495a501c6998/1/yi1qGn51Vuxsqs2aYFooDncnp1Q.roa
Signing time: Sun 01 Jan 2023 17:14:43 +0000
ROA not before: Sun 01 Jan 2023 17:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5413
IP address blocks: 91.220.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:54:1b:2e:2b:5e:07:ff:4f:31:18:30:df:45:e1:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3ba47605cf367626263e57f16d0d87916ceddc8
Validity
Not Before: Jan 1 17:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca2d6a1a7e7556ec6caacd9a605a280e7727a754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:97:2e:fa:c5:14:a3:f7:1f:53:1b:31:3b:65:
81:c0:14:bf:df:d4:c7:a3:46:7b:22:27:08:c3:85:
41:c9:a0:ab:8b:a1:7f:ea:d1:f9:d3:7f:f8:29:f5:
73:84:a3:cc:ca:c7:5d:61:a0:e4:73:23:54:dc:63:
fb:10:1d:d8:ef:28:61:9b:84:da:c0:a2:7b:09:5e:
2b:27:d5:c8:98:9b:f6:05:30:8a:b9:f4:9c:7d:54:
b3:13:e9:12:6a:33:fc:e2:77:8c:ab:8a:6c:80:08:
7a:21:2d:50:3d:41:0c:b2:04:2e:33:96:49:63:29:
af:cc:dd:a1:70:18:22:3a:f8:71:4e:20:8a:f0:4c:
27:b5:27:d6:c8:57:be:a8:8d:35:d3:0d:9c:35:4e:
c3:f2:90:92:fa:77:4c:50:67:37:ae:cb:35:5c:30:
a7:fe:13:7f:ae:fb:7d:38:75:4a:1e:ad:16:0e:23:
93:af:c6:50:e5:34:b6:8e:5c:6e:c1:00:4b:ac:09:
13:fa:0e:31:89:3b:de:7d:43:57:62:18:e2:a8:b9:
53:d5:f3:3e:65:ca:b1:19:2f:73:7b:41:75:36:04:
b0:e2:45:19:29:cf:fe:47:e3:ed:74:39:b2:96:59:
67:49:91:80:90:bb:27:15:8d:f1:50:c3:02:62:fc:
c8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:2D:6A:1A:7E:75:56:EC:6C:AA:CD:9A:60:5A:28:0E:77:27:A7:54
X509v3 Authority Key Identifier:
keyid:B3:BA:47:60:5C:F3:67:62:62:63:E5:7F:16:D0:D8:79:16:CE:DD:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7pHYFzzZ2JiY-V_FtDYeRbO3cg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3dfc14-e6ab-48ca-9613-495a501c6998/1/yi1qGn51Vuxsqs2aYFooDncnp1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3dfc14-e6ab-48ca-9613-495a501c6998/1/s7pHYFzzZ2JiY-V_FtDYeRbO3cg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.141.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:8a:20:c8:af:dc:bc:5d:e0:58:21:0f:19:2f:f0:b1:7e:54:
a5:cc:64:e1:cf:af:f7:1f:71:cd:da:51:02:10:bc:44:b0:91:
af:cf:29:b2:d0:07:33:75:4e:31:bb:ef:84:c3:71:f3:7a:ba:
68:6e:54:81:5f:d4:cb:b9:ca:72:95:b7:ab:02:a8:4a:1b:3d:
c3:4b:39:38:f2:b5:32:e9:92:05:62:18:92:79:ef:45:79:e1:
08:01:d9:24:79:90:6c:c2:41:63:7e:5f:50:b7:d1:ef:f3:73:
59:a2:bf:88:59:d6:5e:06:67:de:b7:19:0d:45:a2:d9:07:36:
80:f0:75:4c:ea:0a:4e:c8:69:53:43:a3:16:25:5a:f1:b5:57:
da:07:e6:86:61:0e:6c:f1:09:6b:6d:a4:c1:38:2b:ba:d4:d8:
f0:4a:b1:d7:45:06:af:4a:a0:06:c8:d2:6c:9d:4d:4c:96:fc:
53:3a:ee:80:af:0c:78:11:70:71:6e:4a:91:cf:9e:bb:2d:8f:
88:6a:40:70:20:a0:d0:3a:90:c7:37:3a:96:7a:17:90:51:47:
32:5e:f0:99:65:40:1b:75:68:da:e4:af:89:f2:14:10:0c:20:
54:ab:6d:0b:6c:c4:30:79:e4:90:ac:3a:04:c9:b7:d8:70:4d:
1a:de:d6:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuVBsuK14H/08xGDDfReG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYmE0NzYwNWNmMzY3NjI2MjYzZTU3ZjE2ZDBkODc5MTZj
ZWRkYzgwHhcNMjMwMTAxMTcxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTJkNmExYTdlNzU1NmVjNmNhYWNkOWE2MDVhMjgwZTc3MjdhNzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpcu+sUUo/cfUxsxO2WBwBS/39TH
o0Z7IicIw4VByaCri6F/6tH503/4KfVzhKPMysddYaDkcyNU3GP7EB3Y7yhhm4Ta
wKJ7CV4rJ9XImJv2BTCKufScfVSzE+kSajP84neMq4psgAh6IS1QPUEMsgQuM5ZJ
YymvzN2hcBgiOvhxTiCK8EwntSfWyFe+qI010w2cNU7D8pCS+ndMUGc3rss1XDCn
/hN/rvt9OHVKHq0WDiOTr8ZQ5TS2jlxuwQBLrAkT+g4xiTvefUNXYhjiqLlT1fM+
ZcqxGS9ze0F1NgSw4kUZKc/+R+PtdDmylllnSZGAkLsnFY3xUMMCYvzIowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMotahp+dVbsbKrNmmBaKA53J6dUMB8GA1UdIwQY
MBaAFLO6R2Bc82diYmPlfxbQ2HkWzt3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczdwSFlGenpaMkppWS1WX0Z0RFllUmJPM2NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8zZGZjMTQtZTZhYi00OGNhLTk2MTMt
NDk1YTUwMWM2OTk4LzEveWkxcUduNTFWdXhzcXMyYVlGb29EbmNucDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8zZGZjMTQtZTZhYi00OGNhLTk2MTMtNDk1YTUwMWM2OTk4
LzEvczdwSFlGenpaMkppWS1WX0Z0RFllUmJPM2NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9yNMA0G
CSqGSIb3DQEBCwUAA4IBAQA8iiDIr9y8XeBYIQ8ZL/CxflSlzGThz6/3H3HN2lEC
ELxEsJGvzymy0AczdU4xu++Ew3HzerpoblSBX9TLucpylberAqhKGz3DSzk48rUy
6ZIFYhiSee9FeeEIAdkkeZBswkFjfl9Qt9Hv83NZor+IWdZeBmfetxkNRaLZBzaA
8HVM6gpOyGlTQ6MWJVrxtVfaB+aGYQ5s8QlrbaTBOCu61NjwSrHXRQavSqAGyNJs
nU1MlvxTOu6Arwx4EXBxbkqRz567LY+IakBwIKDQOpDHNzqWeheQUUcyXvCZZUAb
dWja5K+J8hQQDCBUq20LbMQweeSQrDoEybfYcE0a3tbJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:47 2024 by rpki-client on console-ams.rpki-client.org