Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/9zyZHDVhv4oGstlB65FlTPfyqp0.roa
File: 9zyZHDVhv4oGstlB65FlTPfyqp0.roa (raw, json)
Hash identifier: JP2IbpMkWUo8d8RajguYrlIQRj8OXBcG7heXRpIlKoM=
Subject key identifier: F7:3C:99:1C:35:61:BF:8A:06:B2:D9:41:EB:91:65:4C:F7:F2:AA:9D
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0185708CE076206DE26C659F1CCAF33C682B
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/9zyZHDVhv4oGstlB65FlTPfyqp0.roa
Signing time: Mon 02 Jan 2023 03:35:58 +0000
ROA not before: Mon 02 Jan 2023 03:35:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54252
IP address blocks: 91.186.200.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:e0:76:20:6d:e2:6c:65:9f:1c:ca:f3:3c:68:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 03:35:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f73c991c3561bf8a06b2d941eb91654cf7f2aa9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:db:0e:86:34:b4:4d:dc:75:2d:0e:c4:51:f2:
85:46:e0:8f:59:8b:35:ff:34:38:60:50:17:1e:6f:
97:a0:64:6d:9c:6a:62:0f:4d:98:19:54:cd:8d:e6:
4b:99:6b:f6:16:cb:52:e9:c1:5c:ce:c8:09:b0:5d:
4d:2a:1d:98:5d:c9:b8:99:49:9f:35:b4:2a:07:70:
7c:63:37:41:a8:52:67:ad:1c:d2:15:87:4c:de:e1:
38:a9:26:05:11:af:ee:68:e2:31:cc:ec:e0:52:fb:
3a:77:3f:7f:e2:5f:25:d1:f2:39:0b:26:58:aa:b6:
d2:6d:18:00:3e:c7:c0:4d:3f:4e:ce:4a:c5:7d:b3:
53:c5:ab:56:a4:d6:87:c9:17:0d:82:2f:25:a0:55:
f0:37:67:b7:cc:f3:0c:b9:ae:2c:4e:5d:0f:ee:73:
b0:67:dd:c9:c9:91:9c:66:90:d5:86:54:33:e9:57:
64:90:0b:84:2f:62:ab:b6:ae:56:f6:ec:40:de:42:
73:22:8f:91:18:5e:89:38:8c:18:d2:c7:c6:24:9b:
b4:52:ca:cd:43:ea:21:1e:fa:af:0f:0d:cd:c0:3b:
7d:54:7c:50:b1:63:2e:37:bb:03:8a:29:61:cf:08:
4b:a8:59:b0:b4:62:fe:03:33:7c:9a:7d:3c:6e:e4:
90:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:3C:99:1C:35:61:BF:8A:06:B2:D9:41:EB:91:65:4C:F7:F2:AA:9D
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/9zyZHDVhv4oGstlB65FlTPfyqp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.186.200.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:e4:7b:3e:38:0d:d9:0a:8c:cc:3b:90:bc:ab:7d:4e:5e:3c:
75:bf:c5:a0:a9:a5:c8:6d:6b:31:fe:89:54:7b:6f:6a:5a:6e:
1f:7f:f5:58:4a:f4:c4:91:3a:d8:93:bd:3b:81:ac:d2:63:aa:
03:f5:09:8f:24:57:a9:1d:34:90:dd:a1:51:3b:a8:f2:9b:cd:
34:45:49:24:4b:1f:47:c9:1a:b9:75:66:f7:c1:cd:4e:04:51:
ea:2e:58:aa:5b:3d:ea:6c:10:7d:5a:e0:be:2f:94:86:ac:c1:
31:e9:6e:58:15:11:c6:9d:ad:39:36:4e:f7:59:03:c3:ca:22:
58:de:75:0b:fc:54:9a:12:68:5e:c8:4e:b4:19:a3:fe:d1:ce:
c3:db:a0:a9:97:6f:ef:ed:cb:d2:b5:d6:9a:c8:4c:82:1e:93:
b9:ec:e9:32:47:0b:ef:c3:2c:20:f2:cd:bb:27:6d:10:28:99:
1c:17:22:03:5d:2f:7e:4a:11:80:f5:2b:39:f2:90:b2:34:3a:
27:b0:08:4e:e5:1f:5a:6d:14:ae:7b:35:4c:6b:b1:ed:d1:2d:
c4:09:af:54:56:83:87:61:68:01:a9:dd:e5:ff:08:25:a5:a0:
ff:25:fb:92:93:77:c9:a0:2e:c7:48:b3:2b:1e:47:60:58:cf:
b9:72:f2:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjOB2IG3ibGWfHMrzPGgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMTAyMDMzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzNjOTkxYzM1NjFiZjhhMDZiMmQ5NDFlYjkxNjU0Y2Y3ZjJhYTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndsOhjS0Tdx1LQ7EUfKFRuCPWYs1
/zQ4YFAXHm+XoGRtnGpiD02YGVTNjeZLmWv2FstS6cFczsgJsF1NKh2YXcm4mUmf
NbQqB3B8YzdBqFJnrRzSFYdM3uE4qSYFEa/uaOIxzOzgUvs6dz9/4l8l0fI5CyZY
qrbSbRgAPsfATT9OzkrFfbNTxatWpNaHyRcNgi8loFXwN2e3zPMMua4sTl0P7nOw
Z93JyZGcZpDVhlQz6VdkkAuEL2Krtq5W9uxA3kJzIo+RGF6JOIwY0sfGJJu0UsrN
Q+ohHvqvDw3NwDt9VHxQsWMuN7sDiilhzwhLqFmwtGL+AzN8mn08buSQAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPc8mRw1Yb+KBrLZQeuRZUz38qqdMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvOXp5WkhEVmh2NG9Hc3RsQjY1RmxUUGZ5cXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW7rIMA0G
CSqGSIb3DQEBCwUAA4IBAQA95Hs+OA3ZCozMO5C8q31OXjx1v8WgqaXIbWsx/olU
e29qWm4ff/VYSvTEkTrYk707gazSY6oD9QmPJFepHTSQ3aFRO6jym800RUkkSx9H
yRq5dWb3wc1OBFHqLliqWz3qbBB9WuC+L5SGrMEx6W5YFRHGna05Nk73WQPDyiJY
3nUL/FSaEmheyE60GaP+0c7D26Cpl2/v7cvStdaayEyCHpO57OkyRwvvwywg8s27
J20QKJkcFyIDXS9+ShGA9Ss58pCyNDonsAhO5R9abRSuezVMa7Ht0S3ECa9UVoOH
YWgBqd3l/wglpaD/JfuSk3fJoC7HSLMrHkdgWM+5cvJj
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:28 2024 by rpki-client on console-fra.rpki-client.org