Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/p17x7ll3PgEtk52AKAswhYIB3AM.roa
File: p17x7ll3PgEtk52AKAswhYIB3AM.roa (raw, json)
Hash identifier: FjydKsTvBcZgYsn4yYz6JR8jVwYMgye9O54pZPGezRQ=
Subject key identifier: A7:5E:F1:EE:59:77:3E:01:2D:93:9D:80:28:0B:30:85:82:01:DC:03
Certificate issuer: /CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Certificate serial: 01856BB805327D7297755253DAD5F2F985C3
Authority key identifier: 91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/p17x7ll3PgEtk52AKAswhYIB3AM.roa
Signing time: Sun 01 Jan 2023 05:05:00 +0000
ROA not before: Sun 01 Jan 2023 05:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201268
IP address blocks: 91.221.248.0/24 maxlen: 24
91.221.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:b8:05:32:7d:72:97:75:52:53:da:d5:f2:f9:85:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Validity
Not Before: Jan 1 05:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a75ef1ee59773e012d939d80280b30858201dc03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:72:be:05:5f:32:72:2d:d4:41:22:e7:35:62:
a1:2f:b8:c2:41:1a:d5:95:61:df:aa:95:09:04:02:
59:4e:b4:bf:4d:f3:14:63:2a:9c:23:d7:86:bc:28:
1c:6e:49:92:7d:bc:79:a5:7f:50:73:bc:9e:81:49:
0e:23:64:20:97:ad:ff:66:5b:c6:09:20:4f:8f:7f:
cf:dd:1b:cd:da:23:44:dc:15:0b:e5:05:73:fa:e4:
ec:40:0d:83:94:fb:d7:bd:05:cb:70:8e:15:40:6c:
f4:4e:6e:92:80:1a:ae:4d:dd:74:55:a8:a5:4b:63:
ca:54:fa:96:13:27:e7:2f:06:95:65:26:f1:1e:27:
24:ae:bc:4a:0c:11:60:de:dc:15:b7:a7:af:67:ef:
24:8c:87:55:78:6c:4f:d0:c6:b3:eb:01:4d:0d:72:
2f:ec:40:67:87:2e:8c:46:a2:27:ef:86:4f:9a:01:
30:69:ce:8e:5a:0f:7e:d5:cc:00:b4:7d:47:b0:25:
98:c5:f8:01:d9:ad:ac:60:0a:9b:1e:ef:a9:a0:92:
b1:07:55:60:11:b7:8b:03:8b:b8:a9:a5:c7:e8:f4:
5e:38:4e:b1:23:2a:6a:cf:3b:59:a2:4b:14:a2:ec:
73:d5:a9:b1:b4:3d:b0:ad:98:8d:a2:0b:62:e3:64:
fb:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:5E:F1:EE:59:77:3E:01:2D:93:9D:80:28:0B:30:85:82:01:DC:03
X509v3 Authority Key Identifier:
keyid:91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/p17x7ll3PgEtk52AKAswhYIB3AM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.248.0/23
Signature Algorithm: sha256WithRSAEncryption
44:07:fb:5d:a1:99:a7:5f:7a:27:e1:e3:08:ff:8b:7b:eb:ca:
63:55:60:78:ca:61:22:1a:77:14:d9:29:f9:16:78:94:d9:51:
7e:94:5a:01:d0:c7:bc:cf:75:54:e4:60:4b:6d:28:aa:d2:66:
12:64:ff:64:40:1d:2b:de:5d:34:de:b9:7b:49:4d:52:fc:cb:
69:38:ff:ad:07:79:34:82:92:5c:47:52:e2:52:6d:de:5d:b8:
b7:38:23:9f:90:15:a1:d7:d6:46:a5:73:de:8d:b1:22:b5:4e:
41:f3:34:24:fe:c8:80:38:58:96:67:8c:0b:1f:05:e2:79:6e:
6d:00:a5:46:02:fe:cb:d6:3e:01:ad:71:11:2d:22:e9:47:9f:
16:81:ca:1a:ba:12:8d:5e:af:f1:2c:77:55:19:11:d9:f6:b8:
67:7f:03:6d:27:3c:67:76:da:de:79:e5:9c:3a:0b:29:36:d8:
b3:36:99:da:fd:e3:8b:45:65:80:b6:b1:12:7a:55:19:b3:1a:
0a:84:1f:82:c5:90:a1:5c:77:93:6e:f8:95:ef:91:7e:e0:50:
f7:8a:f9:93:27:76:9d:18:e4:ce:85:7e:29:f6:71:25:06:ae:
01:09:34:a2:76:e4:f4:54:c8:c6:bb:fe:1a:df:02:be:d6:84:
70:a2:d1:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVruAUyfXKXdVJT2tXy+YXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDAxYzQ3ZjAwZTY0ZjM1Y2M3NTJkMDNiMzRhNzFiNzE0
MDZiM2YwHhcNMjMwMTAxMDUwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzVlZjFlZTU5NzczZTAxMmQ5MzlkODAyODBiMzA4NTgyMDFkYzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3K+BV8yci3UQSLnNWKhL7jCQRrV
lWHfqpUJBAJZTrS/TfMUYyqcI9eGvCgcbkmSfbx5pX9Qc7yegUkOI2Qgl63/ZlvG
CSBPj3/P3RvN2iNE3BUL5QVz+uTsQA2DlPvXvQXLcI4VQGz0Tm6SgBquTd10Vail
S2PKVPqWEyfnLwaVZSbxHickrrxKDBFg3twVt6evZ+8kjIdVeGxP0Maz6wFNDXIv
7EBnhy6MRqIn74ZPmgEwac6OWg9+1cwAtH1HsCWYxfgB2a2sYAqbHu+poJKxB1Vg
EbeLA4u4qaXH6PReOE6xIypqzztZoksUouxz1amxtD2wrZiNogti42T74wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKde8e5Zdz4BLZOdgCgLMIWCAdwDMB8GA1UdIwQY
MBaAFJHQHEfwDmTzXMdS0Ds0pxtxQGs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWIt
NTZiMDA2ZWYwZDNiLzEvcDE3eDdsbDNQZ0V0azUyQUtBc3doWUlCM0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWItNTZiMDA2ZWYwZDNi
LzEva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW934MA0G
CSqGSIb3DQEBCwUAA4IBAQBEB/tdoZmnX3on4eMI/4t768pjVWB4ymEiGncU2Sn5
FniU2VF+lFoB0Me8z3VU5GBLbSiq0mYSZP9kQB0r3l003rl7SU1S/MtpOP+tB3k0
gpJcR1LiUm3eXbi3OCOfkBWh19ZGpXPejbEitU5B8zQk/siAOFiWZ4wLHwXieW5t
AKVGAv7L1j4BrXERLSLpR58WgcoauhKNXq/xLHdVGRHZ9rhnfwNtJzxndtreeeWc
OgspNtizNpna/eOLRWWAtrESelUZsxoKhB+CxZChXHeTbviV75F+4FD3ivmTJ3ad
GOTOhX4p9nElBq4BCTSiduT0VMjGu/4a3wK+1oRwotFq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:52 2024 by rpki-client on console-ams.rpki-client.org