Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/Z-TMAc5Qdzv-UTZdUheH4-a1ukI.roa
File: Z-TMAc5Qdzv-UTZdUheH4-a1ukI.roa (raw, json)
Hash identifier: YNllFhq4YG4/l3mLrnvY9KaPwBdrOnN03r42Viuv0hk=
Subject key identifier: 67:E4:CC:01:CE:50:77:3B:FE:51:36:5D:52:17:87:E3:E6:B5:BA:42
Certificate issuer: /CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Certificate serial: 01857328139ACECD7E2720E6DACD79117A28
Authority key identifier: F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/Z-TMAc5Qdzv-UTZdUheH4-a1ukI.roa
Signing time: Mon 02 Jan 2023 15:44:44 +0000
ROA not before: Mon 02 Jan 2023 15:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52223
IP address blocks: 91.245.233.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:13:9a:ce:cd:7e:27:20:e6:da:cd:79:11:7a:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Validity
Not Before: Jan 2 15:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67e4cc01ce50773bfe51365d521787e3e6b5ba42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:08:19:87:59:06:01:e2:cd:6d:47:dc:8e:87:
68:c4:c0:6f:f4:88:ad:85:42:89:64:7b:f2:af:68:
bf:00:fe:f3:87:5e:07:00:6f:ae:c8:af:b5:1d:0d:
46:dc:b2:85:8b:01:38:67:ea:f4:79:60:70:76:67:
9d:de:e3:2f:b0:1f:ea:ba:53:ba:fd:78:99:1a:76:
bb:fc:2e:75:20:24:1e:82:ce:e9:1e:5c:33:f9:be:
e3:24:21:f2:7d:da:1e:c1:a0:83:4f:ef:fd:f9:a3:
a9:ea:6d:7b:1e:df:f6:26:d9:48:89:8b:a7:e6:f7:
df:7e:08:95:62:29:e9:c0:5e:fc:73:95:2c:f0:4d:
47:7c:61:f8:0a:6e:f1:bd:48:dd:93:a8:97:8d:c9:
c6:43:32:a0:c6:44:4d:ab:13:7f:f0:4f:ed:20:43:
18:b3:a0:1e:4a:a7:be:08:3d:e7:58:cf:42:6c:24:
48:92:73:c2:1c:5f:90:8a:7c:c5:fd:b9:b9:f3:a8:
dc:cd:fb:f0:9e:2f:e7:0e:10:f1:35:08:92:0c:5d:
c7:19:98:cd:53:1e:16:90:a2:0d:af:99:21:a4:9a:
80:51:fb:b1:54:35:4b:76:4c:71:75:64:75:20:0a:
5a:61:7d:b9:ed:f9:e5:83:3b:01:94:92:23:ca:c1:
4c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E4:CC:01:CE:50:77:3B:FE:51:36:5D:52:17:87:E3:E6:B5:BA:42
X509v3 Authority Key Identifier:
keyid:F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/Z-TMAc5Qdzv-UTZdUheH4-a1ukI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.233.0/24
Signature Algorithm: sha256WithRSAEncryption
84:7a:4f:fa:31:82:e4:93:64:c0:31:1e:af:3c:b8:0f:b6:46:
1f:42:d1:d8:f6:92:7a:58:bd:0e:1a:e2:d5:ee:26:5c:c7:3e:
70:ec:89:f4:b8:96:33:24:a3:aa:73:da:50:8c:73:c4:1c:38:
02:68:b7:bc:69:c7:ac:d5:53:7d:58:16:88:73:0f:27:bb:a5:
17:1d:2b:fd:ff:c0:cd:c2:2c:ba:aa:e8:6c:67:c4:27:a0:fe:
c7:39:07:85:7b:65:b6:d2:65:39:fa:44:9f:93:c0:72:39:63:
ec:cd:db:a5:d0:c3:bd:2e:5d:e0:e6:e0:84:96:f5:0a:ef:37:
17:1b:51:a8:f5:98:54:45:60:57:75:b5:0b:39:db:41:f0:4b:
23:82:e1:9d:59:a9:c3:23:6c:80:1c:00:27:ae:58:f9:38:e4:
43:b3:73:10:ce:dc:99:20:41:e6:86:55:18:b3:30:68:85:cf:
cf:a5:5c:c2:d3:e1:e2:01:a9:f4:e6:0f:e7:4f:da:2b:46:87:
52:68:84:db:c8:78:ab:1a:ba:16:9d:24:b3:65:25:df:aa:ff:
16:b7:20:87:e0:46:11:45:9d:0b:d9:bf:c9:fd:c5:3c:0c:fc:
16:c7:68:fe:9d:00:07:55:91:58:a0:3d:35:5d:59:aa:81:85:
63:0e:06:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzKBOazs1+JyDm2s15EXooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNTIxMTI4Y2Y2MzRhYTZhZmE3ZWY1MmQ1MzFmM2ZjZDU1
NjI4ZjkwHhcNMjMwMTAyMTU0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2U0Y2MwMWNlNTA3NzNiZmU1MTM2NWQ1MjE3ODdlM2U2YjViYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwgZh1kGAeLNbUfcjodoxMBv9Iit
hUKJZHvyr2i/AP7zh14HAG+uyK+1HQ1G3LKFiwE4Z+r0eWBwdmed3uMvsB/qulO6
/XiZGna7/C51ICQegs7pHlwz+b7jJCHyfdoewaCDT+/9+aOp6m17Ht/2JtlIiYun
5vfffgiVYinpwF78c5Us8E1HfGH4Cm7xvUjdk6iXjcnGQzKgxkRNqxN/8E/tIEMY
s6AeSqe+CD3nWM9CbCRIknPCHF+QinzF/bm586jczfvwni/nDhDxNQiSDF3HGZjN
Ux4WkKINr5khpJqAUfuxVDVLdkxxdWR1IApaYX257fnlgzsBlJIjysFMnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGfkzAHOUHc7/lE2XVIXh+PmtbpCMB8GA1UdIwQY
MBaAFPBSESjPY0qmr6fvUtUx8/zVVij5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUt
ZTQ0MTliNjQyMTJlLzEvWi1UTUFjNVFkenYtVVRaZFVoZUg0LWExdWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUtZTQ0MTliNjQyMTJl
LzEvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/XpMA0G
CSqGSIb3DQEBCwUAA4IBAQCEek/6MYLkk2TAMR6vPLgPtkYfQtHY9pJ6WL0OGuLV
7iZcxz5w7In0uJYzJKOqc9pQjHPEHDgCaLe8aces1VN9WBaIcw8nu6UXHSv9/8DN
wiy6quhsZ8QnoP7HOQeFe2W20mU5+kSfk8ByOWPszdul0MO9Ll3g5uCElvUK7zcX
G1Go9ZhURWBXdbULOdtB8EsjguGdWanDI2yAHAAnrlj5OORDs3MQztyZIEHmhlUY
szBohc/PpVzC0+HiAan05g/nT9orRodSaITbyHirGroWnSSzZSXfqv8WtyCH4EYR
RZ0L2b/J/cU8DPwWx2j+nQAHVZFYoD01XVmqgYVjDga3
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:38 2024 by rpki-client on console-fra.rpki-client.org