Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/k4EqU9_TXQZsLG1RAs0ArkmnWOw.roa
File: k4EqU9_TXQZsLG1RAs0ArkmnWOw.roa (raw, json)
Hash identifier: aQG8/nPxyFkYmiZe2KTeMEXP6SOvIQ3V3AK63fTkzBc=
Subject key identifier: 93:81:2A:53:DF:D3:5D:06:6C:2C:6D:51:02:CD:00:AE:49:A7:58:EC
Certificate issuer: /CN=34cb956ec3a14f6f5e4b76d54342fa98d59c77a6
Certificate serial: 0185702702A735C886EE8B2A6C268817D50E
Authority key identifier: 34:CB:95:6E:C3:A1:4F:6F:5E:4B:76:D5:43:42:FA:98:D5:9C:77:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/k4EqU9_TXQZsLG1RAs0ArkmnWOw.roa
Signing time: Mon 02 Jan 2023 01:44:42 +0000
ROA not before: Mon 02 Jan 2023 01:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211600
IP address blocks: 91.195.150.0/23 maxlen: 23
2001:678:2e0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 28 Aug 2023 18:16:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:27:02:a7:35:c8:86:ee:8b:2a:6c:26:88:17:d5:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34cb956ec3a14f6f5e4b76d54342fa98d59c77a6
Validity
Not Before: Jan 2 01:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93812a53dfd35d066c2c6d5102cd00ae49a758ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2b:dd:45:86:a9:06:9d:20:24:53:8f:73:70:
bd:aa:e8:68:5b:19:66:d2:66:61:cb:c7:49:19:3a:
9f:54:4f:c9:02:2e:7f:99:d4:f6:4e:67:30:5a:4b:
ee:52:c9:ff:30:ee:fd:b6:9c:11:cc:9a:c1:0b:1c:
1a:bf:51:df:28:1d:47:74:b8:b9:86:8a:30:53:97:
69:3d:4a:9c:4a:e8:ca:9f:0b:a2:d1:c5:39:4c:f5:
0e:88:f0:99:71:c8:84:67:cc:5a:2e:17:d2:62:85:
84:38:e5:b9:15:af:39:b8:fa:fa:c8:10:5e:05:3b:
fc:e3:8b:d6:66:31:e4:df:e1:3c:6e:ed:ad:72:e0:
32:c8:dd:79:0a:10:07:a9:14:2e:b9:f6:f4:ae:dc:
6b:0c:86:2b:77:7c:0e:80:8f:4a:ef:14:53:18:8d:
5b:d7:08:99:e8:01:a7:67:b3:ed:f6:18:e6:67:30:
13:e9:7e:ac:58:b0:f1:bc:b3:17:f1:d1:8b:a9:19:
d4:38:8b:bd:1e:d4:7b:35:0d:57:49:65:a5:3e:89:
0e:df:b1:46:96:81:f2:f5:a3:8e:da:07:48:50:46:
b7:79:51:4f:ff:55:94:0d:36:03:f0:40:ac:5d:d9:
38:d1:76:b1:8b:58:87:bc:9c:7d:ae:98:8f:ad:46:
af:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:81:2A:53:DF:D3:5D:06:6C:2C:6D:51:02:CD:00:AE:49:A7:58:EC
X509v3 Authority Key Identifier:
keyid:34:CB:95:6E:C3:A1:4F:6F:5E:4B:76:D5:43:42:FA:98:D5:9C:77:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/k4EqU9_TXQZsLG1RAs0ArkmnWOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.150.0/23
IPv6:
2001:678:2e0::/48
Signature Algorithm: sha256WithRSAEncryption
a6:b3:53:e9:43:ee:a0:65:c3:83:3f:2a:d5:10:cd:53:fc:72:
1e:60:d2:98:e1:c1:4c:27:28:60:c3:f7:53:a2:f2:d7:1f:f7:
bf:aa:2a:28:bb:b3:af:0b:0b:13:28:7b:46:be:1c:be:62:6f:
9b:af:f6:69:0a:2b:fb:d4:31:f6:75:2f:de:71:8f:f8:a3:90:
cb:2d:9c:de:db:84:9e:7f:bd:82:37:57:3c:0c:df:fc:fd:90:
9a:58:1f:80:ec:34:85:1f:4a:8c:00:13:58:4d:57:fd:fb:bc:
c3:f3:91:0b:71:a4:1a:19:dd:d1:22:d1:4d:e4:df:72:ad:ca:
c6:d3:6e:db:73:50:34:97:37:ab:ae:f4:a2:4a:f3:c8:00:94:
9d:fb:ec:17:48:00:7a:82:35:aa:c2:2d:1b:d4:3f:d3:9e:20:
f4:54:67:83:8a:e1:25:13:05:de:a9:31:2d:10:2d:ea:30:94:
57:01:91:2c:16:4d:da:74:e3:cd:bd:a4:c9:96:21:1f:eb:70:
8f:a0:8d:61:d4:8c:ee:10:17:3b:6d:52:82:57:ff:5c:de:09:
26:15:0c:2d:06:26:a1:19:ec:bc:b5:10:aa:7d:6a:94:61:2a:
5d:98:0b:4c:7c:58:e9:82:f0:77:50:82:ba:92:6c:a1:d2:80:
24:0b:0f:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwJwKnNciG7osqbCaIF9UOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0Y2I5NTZlYzNhMTRmNmY1ZTRiNzZkNTQzNDJmYTk4ZDU5
Yzc3YTYwHhcNMjMwMTAyMDE0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzgxMmE1M2RmZDM1ZDA2NmMyYzZkNTEwMmNkMDBhZTQ5YTc1OGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCvdRYapBp0gJFOPc3C9quhoWxlm
0mZhy8dJGTqfVE/JAi5/mdT2TmcwWkvuUsn/MO79tpwRzJrBCxwav1HfKB1HdLi5
hoowU5dpPUqcSujKnwui0cU5TPUOiPCZcciEZ8xaLhfSYoWEOOW5Fa85uPr6yBBe
BTv844vWZjHk3+E8bu2tcuAyyN15ChAHqRQuufb0rtxrDIYrd3wOgI9K7xRTGI1b
1wiZ6AGnZ7Pt9hjmZzAT6X6sWLDxvLMX8dGLqRnUOIu9HtR7NQ1XSWWlPokO37FG
loHy9aOO2gdIUEa3eVFP/1WUDTYD8ECsXdk40Xaxi1iHvJx9rpiPrUavUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJOBKlPf010GbCxtUQLNAK5Jp1jsMB8GA1UdIwQY
MBaAFDTLlW7DoU9vXkt21UNC+pjVnHemMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk11VmJzT2hUMjllUzNiVlEwTDZtTldjZDZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNGY5ZjUtMjVkNy00NWU4LWJjMjQt
OWE2ODgwODBhNTc5LzEvazRFcVU5X1RYUVpzTEcxUkFzMEFya21uV093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNGY5ZjUtMjVkNy00NWU4LWJjMjQtOWE2ODgwODBhNTc5
LzEvTk11VmJzT2hUMjllUzNiVlEwTDZtTldjZDZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8OWMA8E
AgACMAkDBwAgAQZ4AuAwDQYJKoZIhvcNAQELBQADggEBAKazU+lD7qBlw4M/KtUQ
zVP8ch5g0pjhwUwnKGDD91Oi8tcf97+qKii7s68LCxMoe0a+HL5ib5uv9mkKK/vU
MfZ1L95xj/ijkMstnN7bhJ5/vYI3VzwM3/z9kJpYH4DsNIUfSowAE1hNV/37vMPz
kQtxpBoZ3dEi0U3k33KtysbTbttzUDSXN6uu9KJK88gAlJ377BdIAHqCNarCLRvU
P9OeIPRUZ4OK4SUTBd6pMS0QLeowlFcBkSwWTdp04829pMmWIR/rcI+gjWHUjO4Q
FzttUoJX/1zeCSYVDC0GJqEZ7Ly1EKp9apRhKl2YC0x8WOmC8HdQgrqSbKHSgCQL
D/Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:43 2024 by rpki-client on console-ams.rpki-client.org