Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/1-5R5PCQfCxMB-jlnhb2PdA9bAA.roa
File: 1-5R5PCQfCxMB-jlnhb2PdA9bAA.roa (raw, json)
Hash identifier: B7TQs/WIZ+U0ppp4DRdHa9OJ4/1m3FusCgt5HmMLmmY=
Subject key identifier: D7:EE:51:E4:F0:90:7C:2C:4C:07:E8:E5:9E:16:F6:3D:D0:3D:6C:00
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 01856DAF63613EB9FA1D85E5C475BAC1AE30
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/1-5R5PCQfCxMB-jlnhb2PdA9bAA.roa
Signing time: Sun 01 Jan 2023 14:14:48 +0000
ROA not before: Sun 01 Jan 2023 14:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60707
IP address blocks: 213.142.143.0/24 maxlen: 24
91.151.83.0/24 maxlen: 24
91.151.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Dec 2023 15:08:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:63:61:3e:b9:fa:1d:85:e5:c4:75:ba:c1:ae:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 1 14:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7ee51e4f0907c2c4c07e8e59e16f63dd03d6c00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ac:9c:94:36:b4:7c:13:07:be:95:6d:24:77:
7e:6e:9a:7a:65:9c:e3:81:03:5b:8c:c2:e1:0d:9b:
9a:f4:40:21:5e:01:81:da:1d:72:1a:70:8c:2d:6f:
27:eb:52:52:fa:d9:43:a9:8d:e6:e7:5d:ff:37:fb:
c4:c8:95:a0:b0:70:17:b6:3f:0b:9a:38:9b:19:33:
11:67:81:eb:a0:3b:79:29:cc:15:ef:9a:b3:32:92:
4e:83:f1:9d:d6:cf:62:14:01:32:2e:51:b3:2e:ab:
b9:33:8b:34:18:4d:dc:86:11:73:76:15:a2:f3:b1:
aa:35:df:17:63:cb:b6:f8:8f:91:e6:b7:a3:5c:2b:
93:fa:17:cc:bf:42:97:1c:3d:85:16:7a:d4:f6:90:
f3:fd:f3:15:93:9a:55:01:36:d2:2c:93:8c:fe:c9:
af:dd:81:f3:7a:3c:52:06:99:55:e8:d0:a3:38:39:
e3:26:86:a4:fd:38:43:ec:42:c2:91:6f:fa:d5:6a:
09:ff:65:71:e7:f1:a2:74:63:f8:6f:c0:50:08:80:
1c:3f:ac:7e:31:a1:ed:c4:8b:49:a9:94:e6:13:2c:
03:0e:07:07:ec:3a:27:e1:a7:08:5e:cd:cc:95:65:
4b:f1:9d:8d:73:ee:8a:a3:62:f3:d9:36:89:cf:a5:
87:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:EE:51:E4:F0:90:7C:2C:4C:07:E8:E5:9E:16:F6:3D:D0:3D:6C:00
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/1-5R5PCQfCxMB-jlnhb2PdA9bAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.83.0-91.151.84.255
213.142.143.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:2f:47:32:c2:da:af:a3:3a:80:d1:6b:74:25:26:e6:cd:ef:
32:24:35:ee:e9:9f:b5:b8:30:e3:14:0c:ab:ba:be:d1:33:32:
8a:b9:79:e6:d4:1b:7c:36:59:e5:ad:0c:bd:03:a4:12:f4:33:
2b:28:b2:a7:da:40:77:30:df:c9:a4:8e:e2:ed:92:88:04:d9:
fb:3b:f2:ac:fb:c5:b6:87:a0:59:f8:26:2d:b0:2a:09:62:24:
18:16:40:c7:51:c5:5e:52:a2:5a:57:5d:a6:20:7d:b6:ac:d1:
72:4f:f7:17:76:ec:47:9e:7c:13:15:79:b9:49:3e:5e:58:04:
14:91:65:ef:c6:11:44:a2:5d:5e:0e:1b:1d:3b:23:f8:13:9a:
e6:a7:a8:75:4c:c6:0d:60:dd:30:17:2d:eb:54:d1:30:62:75:
ae:ee:59:39:1d:b6:d4:2d:42:11:04:f5:fc:ae:55:6b:a7:e5:
5c:ce:ab:ce:c5:e4:e2:8a:97:6e:e6:0a:40:d0:bc:8f:34:0a:
6e:87:39:5a:08:19:00:32:ae:6e:b5:b3:bd:12:2b:15:f8:02:
b6:18:c1:7c:49:a6:38:ac:39:2e:1b:ac:ef:5c:77:f6:09:73:
72:62:10:c1:d3:67:f8:3a:20:17:b2:ee:00:95:a8:30:b1:6c:
cf:06:b5:62
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVtr2NhPrn6HYXlxHW6wa4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMwMTAxMTQxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2VlNTFlNGYwOTA3YzJjNGMwN2U4ZTU5ZTE2ZjYzZGQwM2Q2YzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqyclDa0fBMHvpVtJHd+bpp6ZZzj
gQNbjMLhDZua9EAhXgGB2h1yGnCMLW8n61JS+tlDqY3m513/N/vEyJWgsHAXtj8L
mjibGTMRZ4HroDt5KcwV75qzMpJOg/Gd1s9iFAEyLlGzLqu5M4s0GE3chhFzdhWi
87GqNd8XY8u2+I+R5rejXCuT+hfMv0KXHD2FFnrU9pDz/fMVk5pVATbSLJOM/smv
3YHzejxSBplV6NCjODnjJoak/ThD7ELCkW/61WoJ/2Vx5/GidGP4b8BQCIAcP6x+
MaHtxItJqZTmEywDDgcH7Don4acIXs3MlWVL8Z2Nc+6Ko2Lz2TaJz6WHQQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNfuUeTwkHwsTAfo5Z4W9j3QPWwAMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvMS01UjVQQ1FmQ3hNQi1qbG5oYjJQZEE5YkFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABbl1MD
BABbl1QDBADVjo8wDQYJKoZIhvcNAQELBQADggEBAI0vRzLC2q+jOoDRa3QlJubN
7zIkNe7pn7W4MOMUDKu6vtEzMoq5eebUG3w2WeWtDL0DpBL0MysosqfaQHcw38mk
juLtkogE2fs78qz7xbaHoFn4Ji2wKgliJBgWQMdRxV5SolpXXaYgfbas0XJP9xd2
7EeefBMVeblJPl5YBBSRZe/GEUSiXV4OGx07I/gTmuanqHVMxg1g3TAXLetU0TBi
da7uWTkdttQtQhEE9fyuVWun5VzOq87F5OKKl27mCkDQvI80Cm6HOVoIGQAyrm61
s70SKxX4ArYYwXxJpjisOS4brO9cd/YJc3JiEMHTZ/g6IBey7gCVqDCxbM8GtWI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:04 2024 by rpki-client on console-fra.rpki-client.org