Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e23d30-76e3-4491-8d75-2fda4c273a48/1/jGdUHN7betOoZerMYQwbkGjvIgk.roa
File: jGdUHN7betOoZerMYQwbkGjvIgk.roa (raw, json)
Hash identifier: YyBjHi06hdQExBweGEYzoxrrDFBidK6K9lW1Imx3fP4=
Subject key identifier: 8C:67:54:1C:DE:DB:7A:D3:A8:65:EA:CC:61:0C:1B:90:68:EF:22:09
Certificate issuer: /CN=556a5fa0dcfb34433f9b860d95e2c442547c5f9c
Certificate serial: 018C90AF5308301F8E884C5E834A539722A3
Authority key identifier: 55:6A:5F:A0:DC:FB:34:43:3F:9B:86:0D:95:E2:C4:42:54:7C:5F:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VWpfoNz7NEM_m4YNleLEQlR8X5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e23d30-76e3-4491-8d75-2fda4c273a48/1/jGdUHN7betOoZerMYQwbkGjvIgk.roa
Signing time: Fri 22 Dec 2023 08:40:58 +0000
ROA not before: Fri 22 Dec 2023 08:40:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48687
IP address blocks: 151.0.52.0/22 maxlen: 24
91.240.190.0/23 maxlen: 24
91.221.136.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:90:af:53:08:30:1f:8e:88:4c:5e:83:4a:53:97:22:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=556a5fa0dcfb34433f9b860d95e2c442547c5f9c
Validity
Not Before: Dec 22 08:40:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c67541cdedb7ad3a865eacc610c1b9068ef2209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a1:88:05:55:97:43:99:99:4c:20:96:63:04:
94:41:33:62:c0:95:48:d1:16:1d:dc:ab:f1:02:89:
32:06:57:5b:75:bc:41:af:86:85:c4:e9:dd:4a:96:
95:0f:b4:5f:c3:9d:49:29:58:5d:8b:38:8e:dd:64:
1f:56:25:f5:e4:38:4d:ab:63:43:00:0a:af:f2:9f:
1c:87:da:3b:73:36:98:ec:25:44:50:1d:e4:65:d1:
cc:cd:fc:db:87:49:de:97:75:1f:b6:b5:ee:09:99:
32:84:12:64:7c:c8:e4:7d:34:64:40:7d:3f:f4:b3:
3b:9b:db:52:7b:4d:59:cb:40:5b:70:8b:cc:8e:84:
f9:f4:9f:ad:d8:d9:42:ab:37:6e:ee:62:0d:e5:aa:
44:bf:06:07:5b:23:1a:51:89:d8:eb:01:3d:76:bc:
ad:36:cb:d5:e2:30:1b:47:eb:61:90:ad:16:58:58:
90:06:1e:08:b7:9f:1f:36:73:6e:41:09:b5:98:31:
f1:7d:d7:25:3d:30:3f:05:54:87:6b:e6:79:e7:d9:
0d:24:7f:de:1f:d3:76:ce:3c:c4:d5:34:e3:1b:5c:
ef:35:3a:c9:ca:fc:ef:de:1f:09:e2:95:79:5c:10:
0c:bd:6f:17:92:be:0f:e6:c2:8a:7e:c8:38:14:41:
bb:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:67:54:1C:DE:DB:7A:D3:A8:65:EA:CC:61:0C:1B:90:68:EF:22:09
X509v3 Authority Key Identifier:
keyid:55:6A:5F:A0:DC:FB:34:43:3F:9B:86:0D:95:E2:C4:42:54:7C:5F:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VWpfoNz7NEM_m4YNleLEQlR8X5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e23d30-76e3-4491-8d75-2fda4c273a48/1/jGdUHN7betOoZerMYQwbkGjvIgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e23d30-76e3-4491-8d75-2fda4c273a48/1/VWpfoNz7NEM_m4YNleLEQlR8X5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.136.0/23
91.240.190.0/23
151.0.52.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:5a:f8:24:01:8f:7a:fe:5e:ab:5b:d9:c6:b7:d4:fa:1b:27:
aa:be:94:ac:33:21:58:dc:00:db:5d:83:29:01:24:df:17:ec:
e1:61:af:1a:a3:c8:9b:02:9c:9e:74:94:c1:5a:53:e7:97:c8:
5c:5a:7c:5f:2f:4c:21:7c:a7:72:ba:c0:59:07:35:bc:a7:82:
eb:8c:a9:e8:09:a7:60:b2:47:c5:ad:42:54:4b:c8:c3:b1:94:
60:dc:14:4b:1c:a9:4f:00:64:50:24:61:fc:bc:d8:2c:69:2c:
19:5d:ca:d0:80:a1:97:92:6b:d1:ed:7e:d5:aa:8d:63:9a:7f:
8c:ef:bc:fb:97:0b:22:8e:fe:80:c1:1e:00:5f:53:15:b7:68:
02:11:62:67:69:c7:70:af:ae:03:72:3d:90:4c:b6:6b:11:3a:
8c:ca:70:b4:09:d1:75:8d:b7:9c:c8:6a:73:a1:65:44:04:13:
84:ac:11:1b:28:02:f4:a9:d6:d9:4d:6c:59:12:2e:8c:81:a4:
c4:63:78:7b:c6:d2:84:bb:63:09:5d:e7:3c:be:1f:ca:57:99:
9a:96:2a:c6:db:f3:42:08:84:ea:bb:6f:8a:d2:a9:7e:0d:ed:
ba:b5:30:80:4b:07:34:4c:d3:92:cf:b1:21:fc:da:9a:6a:8c:
a0:06:fc:96
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyQr1MIMB+OiExeg0pTlyKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NmE1ZmEwZGNmYjM0NDMzZjliODYwZDk1ZTJjNDQyNTQ3
YzVmOWMwHhcNMjMxMjIyMDg0MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzY3NTQxY2RlZGI3YWQzYTg2NWVhY2M2MTBjMWI5MDY4ZWYyMjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaGIBVWXQ5mZTCCWYwSUQTNiwJVI
0RYd3KvxAokyBldbdbxBr4aFxOndSpaVD7Rfw51JKVhdiziO3WQfViX15DhNq2ND
AAqv8p8ch9o7czaY7CVEUB3kZdHMzfzbh0nel3UftrXuCZkyhBJkfMjkfTRkQH0/
9LM7m9tSe01Zy0BbcIvMjoT59J+t2NlCqzdu7mIN5apEvwYHWyMaUYnY6wE9dryt
NsvV4jAbR+thkK0WWFiQBh4It58fNnNuQQm1mDHxfdclPTA/BVSHa+Z559kNJH/e
H9N2zjzE1TTjG1zvNTrJyvzv3h8J4pV5XBAMvW8Xkr4P5sKKfsg4FEG7ywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIxnVBze23rTqGXqzGEMG5Bo7yIJMB8GA1UdIwQY
MBaAFFVqX6Dc+zRDP5uGDZXixEJUfF+cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVldwZm9OejdORU1fbTRZTmxlTEVRbFI4WDV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lMjNkMzAtNzZlMy00NDkxLThkNzUt
MmZkYTRjMjczYTQ4LzEvakdkVUhON2JldE9vWmVyTVlRd2JrR2p2SWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lMjNkMzAtNzZlMy00NDkxLThkNzUtMmZkYTRjMjczYTQ4
LzEvVldwZm9OejdORU1fbTRZTmxlTEVRbFI4WDV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW92IAwQB
W/C+AwQClwA0MA0GCSqGSIb3DQEBCwUAA4IBAQAPWvgkAY96/l6rW9nGt9T6Gyeq
vpSsMyFY3ADbXYMpASTfF+zhYa8ao8ibApyedJTBWlPnl8hcWnxfL0whfKdyusBZ
BzW8p4LrjKnoCadgskfFrUJUS8jDsZRg3BRLHKlPAGRQJGH8vNgsaSwZXcrQgKGX
kmvR7X7Vqo1jmn+M77z7lwsijv6AwR4AX1MVt2gCEWJnacdwr64Dcj2QTLZrETqM
ynC0CdF1jbecyGpzoWVEBBOErBEbKAL0qdbZTWxZEi6MgaTEY3h7xtKEu2MJXec8
vh/KV5malirG2/NCCITqu2+K0ql+De26tTCASwc0TNOSz7Eh/NqaaoygBvyW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:14 2024 by rpki-client on console-ams.rpki-client.org