Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/srVFwfmwbGPEPt6Prhrn2-one18.roa
File: srVFwfmwbGPEPt6Prhrn2-one18.roa (raw, json)
Hash identifier: RrnlMzV7LfRQTI1N4Ks+fQg82u3t1haO/uWvVYzLuJs=
Subject key identifier: B2:B5:45:C1:F9:B0:6C:63:C4:3E:DE:8F:AE:1A:E7:DB:EA:27:7B:5F
Certificate issuer: /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Certificate serial: 01856C78457D3DDCF8FD4F8D0213D37E27D5
Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/srVFwfmwbGPEPt6Prhrn2-one18.roa
Signing time: Sun 01 Jan 2023 08:34:59 +0000
ROA not before: Sun 01 Jan 2023 08:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212337
IP address blocks: 91.220.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Feb 2023 11:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:45:7d:3d:dc:f8:fd:4f:8d:02:13:d3:7e:27:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Validity
Not Before: Jan 1 08:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2b545c1f9b06c63c43ede8fae1ae7dbea277b5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:29:62:c8:ef:be:e2:71:cf:ad:f1:b6:b0:d0:
ff:fb:9a:74:b2:c3:61:e4:33:63:41:ba:ed:ad:0d:
8a:a5:1f:ac:fc:7d:8f:d2:98:e3:af:64:c5:c8:62:
bf:94:54:5e:15:7b:9b:3f:3c:ac:61:ae:79:98:1c:
ae:1f:93:b8:7a:cf:f6:5f:a9:46:5b:f1:06:98:b6:
ab:b5:db:2e:13:1f:b4:b5:0a:63:e2:eb:d3:fe:12:
15:91:e6:2b:e7:18:da:26:a1:3c:85:b7:4d:29:77:
5c:4c:eb:da:be:d8:68:b1:c5:71:d6:25:1a:1f:3d:
51:d1:e4:10:79:d0:d8:a0:13:6c:03:2b:82:a9:01:
d0:05:31:fa:e4:74:ce:a1:5a:00:d4:e7:18:0b:34:
ff:d7:f4:99:1a:fd:fc:2f:b6:fd:bc:b0:c5:17:d0:
16:34:d6:bb:d9:ee:d6:9b:eb:b2:1a:1d:37:83:fd:
22:46:34:e9:1d:b3:b9:5d:b5:e8:a1:9a:cc:ee:a9:
e2:7b:ae:07:d3:1e:e6:ea:52:55:92:03:b1:82:43:
c9:21:08:10:b1:a8:a3:7f:9b:2e:aa:39:c7:7b:37:
d7:e6:ec:77:7d:e1:41:fa:b0:58:d6:1f:04:b5:58:
38:a7:0d:f3:04:ca:5c:4b:f6:07:1c:70:26:0d:b0:
4d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:B5:45:C1:F9:B0:6C:63:C4:3E:DE:8F:AE:1A:E7:DB:EA:27:7B:5F
X509v3 Authority Key Identifier:
keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/srVFwfmwbGPEPt6Prhrn2-one18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.171.0/24
Signature Algorithm: sha256WithRSAEncryption
55:b0:9c:c9:73:87:ad:86:06:4c:aa:af:be:f3:7e:05:07:f0:
9d:49:49:64:e0:0c:da:b9:1b:b5:a3:bf:f4:b3:3b:8a:4f:52:
20:69:19:91:00:30:54:38:08:cf:f0:f2:da:b8:6d:6c:85:cf:
71:6b:15:3b:e2:d2:3a:e2:11:08:f3:ae:1d:f9:e3:f6:a6:a9:
cc:59:1e:1a:01:43:38:d3:1f:0a:50:ae:df:4f:e5:4f:91:1a:
51:ee:77:22:a6:7d:4d:bf:3c:77:c7:74:9c:c7:04:cc:84:f2:
5f:4c:2e:6f:86:7f:da:9b:92:4d:c9:14:e9:50:45:62:a5:29:
1b:f0:df:d9:63:7f:d0:1d:e6:92:76:90:d6:7c:17:73:5c:22:
a1:62:f5:df:b7:6e:81:63:1a:b0:25:c4:75:b3:6e:69:3a:64:
c1:93:f8:82:7e:72:ff:5e:4b:a2:c4:e9:d3:ee:76:88:92:5a:
d3:db:c5:a3:83:b5:38:19:f6:17:30:4b:c5:66:ba:92:22:7e:
72:22:c6:15:c7:cf:e8:3a:e2:89:b2:24:8c:aa:c9:fd:11:5a:
54:87:db:ef:c2:92:54:75:98:1d:7d:89:7f:6f:85:f4:e2:ac:
db:cf:51:6e:10:e4:5c:e0:12:ab:70:21:67:e6:dd:15:aa:d4:
25:fc:06:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseEV9Pdz4/U+NAhPTfifVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjAwY2JhZmQyNmZlZTUwNjRmYzg5ZjMwMWRmYzhlM2Mx
ZDNjYTUwHhcNMjMwMTAxMDgzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmI1NDVjMWY5YjA2YzYzYzQzZWRlOGZhZTFhZTdkYmVhMjc3YjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiliyO++4nHPrfG2sND/+5p0ssNh
5DNjQbrtrQ2KpR+s/H2P0pjjr2TFyGK/lFReFXubPzysYa55mByuH5O4es/2X6lG
W/EGmLartdsuEx+0tQpj4uvT/hIVkeYr5xjaJqE8hbdNKXdcTOvavthoscVx1iUa
Hz1R0eQQedDYoBNsAyuCqQHQBTH65HTOoVoA1OcYCzT/1/SZGv38L7b9vLDFF9AW
NNa72e7Wm+uyGh03g/0iRjTpHbO5XbXooZrM7qnie64H0x7m6lJVkgOxgkPJIQgQ
saijf5suqjnHezfX5ux3feFB+rBY1h8EtVg4pw3zBMpcS/YHHHAmDbBNdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLK1RcH5sGxjxD7ej64a59vqJ3tfMB8GA1UdIwQY
MBaAFNNgDLr9Jv7lBk/InzAd/I48HTylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmIt
MWM2ODBhZGY3YTI2LzEvc3JWRndmbXdiR1BFUHQ2UHJocm4yLW9uZTE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmItMWM2ODBhZGY3YTI2
LzEvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9yrMA0G
CSqGSIb3DQEBCwUAA4IBAQBVsJzJc4ethgZMqq++834FB/CdSUlk4AzauRu1o7/0
szuKT1IgaRmRADBUOAjP8PLauG1shc9xaxU74tI64hEI864d+eP2pqnMWR4aAUM4
0x8KUK7fT+VPkRpR7ncipn1Nvzx3x3ScxwTMhPJfTC5vhn/am5JNyRTpUEVipSkb
8N/ZY3/QHeaSdpDWfBdzXCKhYvXft26BYxqwJcR1s25pOmTBk/iCfnL/XkuixOnT
7naIklrT28Wjg7U4GfYXMEvFZrqSIn5yIsYVx8/oOuKJsiSMqsn9EVpUh9vvwpJU
dZgdfYl/b4X04qzbz1FuEORc4BKrcCFn5t0VqtQl/AZO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:16 2024 by rpki-client on console-ams.rpki-client.org