Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/g239ZcEEQEDPPpGbDtQGU72UVO8.roa
File: g239ZcEEQEDPPpGbDtQGU72UVO8.roa (raw, json)
Hash identifier: lY9tG6FI2qkw/jWjI1A85tlnfPLZAK/hQCgLUOa6xLk=
Subject key identifier: 83:6D:FD:65:C1:04:40:40:CF:3E:91:9B:0E:D4:06:53:BD:94:54:EF
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 018C6E055E9E904AF3B1CBC7D31AA91BF338
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/g239ZcEEQEDPPpGbDtQGU72UVO8.roa
Signing time: Fri 15 Dec 2023 15:08:14 +0000
ROA not before: Fri 15 Dec 2023 15:08:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60707
IP address blocks: 91.151.95.0/24 maxlen: 24
213.142.143.0/24 maxlen: 24
91.151.83.0/24 maxlen: 24
91.151.84.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6e:05:5e:9e:90:4a:f3:b1:cb:c7:d3:1a:a9:1b:f3:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Dec 15 15:08:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=836dfd65c1044040cf3e919b0ed40653bd9454ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:cf:f7:9e:5e:e7:58:3b:22:4a:b0:6b:b9:24:
57:54:14:af:d4:c0:81:c1:63:45:43:9a:ca:00:4d:
2d:c5:df:b9:78:44:55:b1:d4:03:95:24:62:d2:3b:
f3:e2:16:94:2f:02:fb:ee:ea:20:16:24:a5:4f:5a:
ea:bd:47:82:8e:43:5f:9b:6b:6d:7e:5b:a0:f4:40:
41:24:d4:71:10:99:d5:eb:7f:fb:93:f5:94:a3:57:
d1:0e:a0:1e:b0:ac:93:d5:a3:10:e8:8d:ff:57:30:
3e:45:b2:92:89:5b:69:ee:d5:6e:4c:9b:49:5b:1b:
ef:17:62:ce:5d:b6:61:f3:2e:b1:d6:81:4a:5f:70:
86:8e:9f:d5:11:06:b5:87:12:ab:64:de:6b:59:e2:
ee:3b:2b:0d:21:e0:e3:77:cc:1c:fe:25:d5:92:2f:
59:c9:3a:ad:27:e7:e7:92:c6:53:36:11:24:a6:e7:
91:07:38:8a:21:d7:22:d4:94:03:a6:ee:c5:d1:5c:
59:b6:0a:bb:cf:6c:d4:66:4a:32:c4:9e:58:ea:15:
c0:c2:c0:ae:b5:59:99:78:9c:80:3d:02:43:0c:e6:
dc:57:8b:a0:e8:74:c8:4d:d7:88:f3:95:14:41:7a:
90:de:93:fe:ef:79:1b:76:c1:55:6f:74:32:00:96:
9e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:6D:FD:65:C1:04:40:40:CF:3E:91:9B:0E:D4:06:53:BD:94:54:EF
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/g239ZcEEQEDPPpGbDtQGU72UVO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.83.0-91.151.84.255
91.151.95.0/24
213.142.143.0/24
Signature Algorithm: sha256WithRSAEncryption
e1:36:e2:6c:f6:57:df:17:13:d4:a6:bd:3d:cc:1a:e2:4f:ed:
e0:ae:0c:a0:66:28:10:d8:3d:77:e6:8e:b6:c3:8a:af:ed:51:
6b:41:00:79:e1:85:0c:9e:8b:87:bb:9f:fc:18:7a:90:14:04:
e6:91:71:a9:03:30:c7:a7:8f:9a:0e:6c:5c:9b:fb:29:6e:41:
c2:2a:dc:65:b4:0a:c6:18:f3:07:8c:31:5e:ca:8c:ec:99:30:
06:c8:9f:bf:32:a8:d0:6f:3c:37:1f:06:0f:75:c4:9a:49:57:
d7:72:4f:8d:7a:a2:0b:be:c9:be:7a:9e:5a:26:a8:15:81:e4:
79:6a:c4:6b:cc:e7:97:64:3e:e4:1f:48:3d:f4:7f:78:ad:8f:
11:6f:0e:dc:38:92:11:1b:59:ca:32:6d:5a:38:87:f0:c4:67:
e5:7b:36:29:66:fa:75:bc:a9:e8:03:82:3b:2d:c4:9f:2e:21:
b4:ac:75:db:0b:71:3b:e6:6b:c3:af:96:6e:e8:93:a6:a3:0e:
c7:f2:d4:42:0d:9f:fe:ab:48:bf:ce:de:e8:62:f9:94:75:95:
49:1d:78:be:10:ee:04:87:7f:db:5f:9f:e3:36:a9:14:98:2b:
53:56:20:85:df:88:84:b3:28:03:69:37:f3:81:6f:2d:a6:06:
ff:33:80:ca
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYxuBV6ekErzscvH0xqpG/M4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMxMjE1MTUwODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzZkZmQ2NWMxMDQ0MDQwY2YzZTkxOWIwZWQ0MDY1M2JkOTQ1NGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8/3nl7nWDsiSrBruSRXVBSv1MCB
wWNFQ5rKAE0txd+5eERVsdQDlSRi0jvz4haULwL77uogFiSlT1rqvUeCjkNfm2tt
flug9EBBJNRxEJnV63/7k/WUo1fRDqAesKyT1aMQ6I3/VzA+RbKSiVtp7tVuTJtJ
WxvvF2LOXbZh8y6x1oFKX3CGjp/VEQa1hxKrZN5rWeLuOysNIeDjd8wc/iXVki9Z
yTqtJ+fnksZTNhEkpueRBziKIdci1JQDpu7F0VxZtgq7z2zUZkoyxJ5Y6hXAwsCu
tVmZeJyAPQJDDObcV4ug6HTITdeI85UUQXqQ3pP+73kbdsFVb3QyAJaekQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFINt/WXBBEBAzz6Rmw7UBlO9lFTvMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvZzIzOVpjRUVRRURQUHBHYkR0UUdVNzJVVk84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABbl1MD
BABbl1QDBABbl18DBADVjo8wDQYJKoZIhvcNAQELBQADggEBAOE24mz2V98XE9Sm
vT3MGuJP7eCuDKBmKBDYPXfmjrbDiq/tUWtBAHnhhQyei4e7n/wYepAUBOaRcakD
MMenj5oObFyb+yluQcIq3GW0CsYY8weMMV7KjOyZMAbIn78yqNBvPDcfBg91xJpJ
V9dyT416ogu+yb56nlomqBWB5HlqxGvM55dkPuQfSD30f3itjxFvDtw4khEbWcoy
bVo4h/DEZ+V7Nilm+nW8qegDgjstxJ8uIbSsddsLcTvma8Ovlm7ok6ajDsfy1EIN
n/6rSL/O3uhi+ZR1lUkdeL4Q7gSHf9tfn+M2qRSYK1NWIIXfiISzKANpN/OBby2m
Bv8zgMo=
-----END CERTIFICATE-----
Generated at Fri Dec 15 20:07:51 2023 by rpki-client on console-ams.rpki-client.org