Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/c71464-ee2b-468d-84cb-56cfc60a1f1d/1/tvB3VFTC1QS8WvrAVzXJ5KliCZU.roa
File: tvB3VFTC1QS8WvrAVzXJ5KliCZU.roa (raw, json)
Hash identifier: U0rsy74xtKe184xoAUWlyFZ+BLRyAJH5jUkrBSM6k5Y=
Subject key identifier: B6:F0:77:54:54:C2:D5:04:BC:5A:FA:C0:57:35:C9:E4:A9:62:09:95
Certificate issuer: /CN=1338c2462a7593f6a5ad982a3c81241959a68911
Certificate serial: 01856F42A64CDD72E8A8CD16777AE3D45388
Authority key identifier: 13:38:C2:46:2A:75:93:F6:A5:AD:98:2A:3C:81:24:19:59:A6:89:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EzjCRip1k_alrZgqPIEkGVmmiRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/c71464-ee2b-468d-84cb-56cfc60a1f1d/1/tvB3VFTC1QS8WvrAVzXJ5KliCZU.roa
Signing time: Sun 01 Jan 2023 21:35:16 +0000
ROA not before: Sun 01 Jan 2023 21:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39855
IP address blocks: 91.212.122.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:a6:4c:dd:72:e8:a8:cd:16:77:7a:e3:d4:53:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1338c2462a7593f6a5ad982a3c81241959a68911
Validity
Not Before: Jan 1 21:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6f0775454c2d504bc5afac05735c9e4a9620995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0b:76:79:4d:61:29:5e:55:36:ac:76:9a:51:
8e:ed:78:73:1a:69:49:18:40:71:4a:7e:75:a9:b4:
ef:3d:b0:86:84:39:80:6c:33:07:28:d4:10:dc:f3:
af:e6:a8:7d:3e:81:64:ee:a2:c9:86:8e:7a:16:f6:
a8:d7:33:37:76:d7:e8:41:a2:e3:79:8c:3f:eb:fe:
36:04:e4:cc:7b:55:1d:5c:6d:62:b3:5e:07:68:dd:
65:fc:31:8a:dd:e1:88:7e:be:44:67:2c:46:07:de:
26:7a:ed:d8:b7:b8:78:00:51:c9:b4:ab:d1:00:54:
0f:9c:5e:94:05:79:05:3a:fb:3e:ba:6e:65:b9:90:
18:79:4d:80:38:0b:d9:38:f7:a7:ab:e5:c1:09:21:
76:24:04:17:0d:41:79:13:7a:cc:56:24:70:0d:c4:
54:59:2d:1d:7e:31:14:b3:c3:21:a0:3f:53:48:96:
5d:06:0a:de:64:5a:5b:27:58:23:7d:95:67:17:ec:
4c:5b:e0:e1:9f:29:10:0b:53:da:4f:45:ac:cf:47:
de:ba:9f:2e:18:ed:9f:86:3f:3e:c7:ec:95:1d:60:
4c:d7:80:33:05:02:7a:73:44:95:af:87:76:a9:68:
2f:e1:16:23:68:30:b0:79:1b:8e:4f:ce:72:31:69:
d3:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:F0:77:54:54:C2:D5:04:BC:5A:FA:C0:57:35:C9:E4:A9:62:09:95
X509v3 Authority Key Identifier:
keyid:13:38:C2:46:2A:75:93:F6:A5:AD:98:2A:3C:81:24:19:59:A6:89:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EzjCRip1k_alrZgqPIEkGVmmiRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/c71464-ee2b-468d-84cb-56cfc60a1f1d/1/tvB3VFTC1QS8WvrAVzXJ5KliCZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/c71464-ee2b-468d-84cb-56cfc60a1f1d/1/EzjCRip1k_alrZgqPIEkGVmmiRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.122.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:ef:8b:69:59:15:e7:8f:7c:5f:36:26:94:90:61:03:31:16:
4c:68:5e:13:41:8c:80:e0:de:1a:74:b9:7e:6c:c7:cc:5f:c3:
2b:48:0e:b9:83:a6:eb:4d:6a:29:94:d6:cb:cc:53:0a:c6:3e:
76:2d:32:1a:70:88:19:e3:5c:e2:69:9b:44:e2:8b:1b:27:09:
0a:2c:eb:0b:7f:f9:36:af:0b:d4:67:ff:07:82:17:9b:13:b3:
47:d3:21:a1:8f:85:b4:9a:b2:e9:ef:30:71:70:fc:89:72:9f:
46:d8:70:2e:23:4f:37:45:68:4e:5b:54:73:31:10:62:d2:e3:
49:15:cb:ac:f8:b0:d9:05:2a:5e:ba:f0:a6:9c:a3:0c:9a:fd:
07:0d:3b:52:96:4d:b3:fb:4e:f9:89:34:02:f2:b6:08:9f:d1:
15:ce:eb:1e:97:6f:58:fb:0a:e8:d6:34:17:53:c7:62:6e:b9:
c2:5c:fa:89:00:68:9e:8b:78:84:95:21:44:af:8a:29:5a:4d:
51:85:d8:7f:c8:09:ab:6c:34:c0:f8:df:df:9d:29:3e:e7:b4:
0c:60:26:ea:de:db:f9:df:85:00:46:d7:5c:b5:99:ac:59:83:
ec:08:2c:5a:dc:79:24:c8:02:bd:0b:5d:75:7d:e2:47:f2:c1:
74:20:d7:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQqZM3XLoqM0Wd3rj1FOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMzhjMjQ2MmE3NTkzZjZhNWFkOTgyYTNjODEyNDE5NTlh
Njg5MTEwHhcNMjMwMTAxMjEzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmYwNzc1NDU0YzJkNTA0YmM1YWZhYzA1NzM1YzllNGE5NjIwOTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQt2eU1hKV5VNqx2mlGO7XhzGmlJ
GEBxSn51qbTvPbCGhDmAbDMHKNQQ3POv5qh9PoFk7qLJho56Fvao1zM3dtfoQaLj
eYw/6/42BOTMe1UdXG1is14HaN1l/DGK3eGIfr5EZyxGB94meu3Yt7h4AFHJtKvR
AFQPnF6UBXkFOvs+um5luZAYeU2AOAvZOPenq+XBCSF2JAQXDUF5E3rMViRwDcRU
WS0dfjEUs8MhoD9TSJZdBgreZFpbJ1gjfZVnF+xMW+DhnykQC1PaT0Wsz0feup8u
GO2fhj8+x+yVHWBM14AzBQJ6c0SVr4d2qWgv4RYjaDCweRuOT85yMWnTLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLbwd1RUwtUEvFr6wFc1yeSpYgmVMB8GA1UdIwQY
MBaAFBM4wkYqdZP2pa2YKjyBJBlZpokRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXpqQ1JpcDFrX2FsclpncVBJRWtHVm1taVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9jNzE0NjQtZWUyYi00NjhkLTg0Y2It
NTZjZmM2MGExZjFkLzEvdHZCM1ZGVEMxUVM4V3ZyQVZ6WEo1S2xpQ1pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9jNzE0NjQtZWUyYi00NjhkLTg0Y2ItNTZjZmM2MGExZjFk
LzEvRXpqQ1JpcDFrX2FsclpncVBJRWtHVm1taVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9R6MA0G
CSqGSIb3DQEBCwUAA4IBAQCt74tpWRXnj3xfNiaUkGEDMRZMaF4TQYyA4N4adLl+
bMfMX8MrSA65g6brTWoplNbLzFMKxj52LTIacIgZ41ziaZtE4osbJwkKLOsLf/k2
rwvUZ/8HghebE7NH0yGhj4W0mrLp7zBxcPyJcp9G2HAuI083RWhOW1RzMRBi0uNJ
Fcus+LDZBSpeuvCmnKMMmv0HDTtSlk2z+075iTQC8rYIn9EVzusel29Y+wro1jQX
U8dibrnCXPqJAGiei3iElSFEr4opWk1Rhdh/yAmrbDTA+N/fnSk+57QMYCbq3tv5
34UARtdctZmsWYPsCCxa3HkkyAK9C111feJH8sF0INf/
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:40 2024 by rpki-client on console-fra.rpki-client.org