Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/17c02b-d735-41ca-8229-0cddf79ee90f/1/JSiOzuFmYnJB-QFyun0QBjFDUU0.roa
File: JSiOzuFmYnJB-QFyun0QBjFDUU0.roa (raw, json)
Hash identifier: RZ6nKuu3YiwXxx7RhUD1pg2+Fr4XHXDuE3QbrUv1D9g=
Subject key identifier: 25:28:8E:CE:E1:66:62:72:41:F9:01:72:BA:7D:10:06:31:43:51:4D
Certificate issuer: /CN=5173386f36728184aa003b1d9639fe39c4a12aa9
Certificate serial: 01856DAF4F0E344E92060E8FFAC0F76F954E
Authority key identifier: 51:73:38:6F:36:72:81:84:AA:00:3B:1D:96:39:FE:39:C4:A1:2A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UXM4bzZygYSqADsdljn-OcShKqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/17c02b-d735-41ca-8229-0cddf79ee90f/1/JSiOzuFmYnJB-QFyun0QBjFDUU0.roa
Signing time: Sun 01 Jan 2023 14:14:43 +0000
ROA not before: Sun 01 Jan 2023 14:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47772
IP address blocks: 91.208.145.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:4f:0e:34:4e:92:06:0e:8f:fa:c0:f7:6f:95:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5173386f36728184aa003b1d9639fe39c4a12aa9
Validity
Not Before: Jan 1 14:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25288ecee166627241f90172ba7d10063143514d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3e:eb:29:18:78:d1:30:8d:d2:c5:e3:8d:12:
93:14:5b:00:b6:43:47:20:9b:c5:14:f4:c7:33:04:
e9:3a:4e:b1:75:9d:9d:76:23:43:72:b8:15:ab:76:
32:22:ea:81:d4:9c:b3:34:86:54:9b:33:86:e3:07:
d9:d6:d3:10:e9:07:50:fe:62:8c:5e:b3:55:dc:73:
44:7e:c5:3d:f0:db:79:d2:08:1b:93:1c:a6:d7:ea:
66:a9:3a:7e:73:5f:ae:65:ca:6a:ac:ba:9c:06:3b:
2c:33:0e:c7:8d:54:ef:e1:89:57:15:a1:3f:b1:29:
36:dc:63:2c:c4:a5:40:a5:f0:11:2f:c6:03:c1:a1:
98:9b:84:00:07:df:67:a3:db:20:41:ac:9f:39:9a:
f2:85:f2:f1:27:a7:18:db:bd:69:5b:2b:e5:2b:de:
57:b2:a5:37:bd:ba:74:fa:82:c1:90:80:63:5f:81:
bd:b6:41:39:3d:f3:ed:c6:39:ec:45:cf:4e:4f:c3:
fd:9a:df:0c:bf:8d:52:e1:d4:0b:34:b0:a4:4c:0b:
0d:52:e8:15:a0:7c:5a:f6:39:99:81:56:3f:fa:62:
49:11:b0:38:18:8c:ca:4d:19:b9:d4:e4:ca:40:96:
91:10:3b:f6:20:cb:82:70:94:7a:d4:dd:9b:f4:03:
64:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:28:8E:CE:E1:66:62:72:41:F9:01:72:BA:7D:10:06:31:43:51:4D
X509v3 Authority Key Identifier:
keyid:51:73:38:6F:36:72:81:84:AA:00:3B:1D:96:39:FE:39:C4:A1:2A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UXM4bzZygYSqADsdljn-OcShKqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/17c02b-d735-41ca-8229-0cddf79ee90f/1/JSiOzuFmYnJB-QFyun0QBjFDUU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/17c02b-d735-41ca-8229-0cddf79ee90f/1/UXM4bzZygYSqADsdljn-OcShKqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.145.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:91:98:a8:42:16:42:f6:bc:70:88:bf:58:91:c4:53:00:ba:
5f:bd:53:89:ca:b6:a4:7a:fc:19:99:cb:7d:b1:8a:2b:75:31:
1d:01:d9:a7:9a:23:43:03:e1:3a:e5:3b:e0:c4:e3:10:87:52:
e1:9a:1c:9d:75:a3:0a:c3:c8:0d:33:7f:d9:4d:65:cc:e9:d9:
11:8f:da:d3:ff:d0:9e:99:1b:f8:af:19:b7:16:85:5c:cc:9f:
7e:79:21:20:e3:ad:c7:84:d1:88:83:92:b4:54:24:33:8a:b2:
0c:6e:ac:65:ab:b3:91:33:94:7c:8e:b5:c1:0b:29:09:28:0c:
70:88:f1:38:bb:dc:c7:5a:95:7b:8b:90:99:bd:19:48:e7:c9:
bd:aa:85:27:f6:a9:f9:c6:e6:38:a2:e3:0b:70:1b:26:a1:f0:
15:1e:07:eb:75:c2:a7:62:6b:93:1d:a6:30:14:2a:50:b9:d8:
cc:7b:31:1c:f8:0a:61:13:75:3f:12:6f:c3:10:f7:86:c4:50:
2e:ae:b3:5c:7c:5e:f0:d2:19:12:60:87:8b:9c:3b:6d:8d:9b:
4b:a9:ea:ff:8d:19:fe:e9:a9:67:45:db:ad:25:ef:84:11:85:
d1:76:d4:39:39:d1:6a:75:66:4d:9a:e8:e1:42:4d:b2:5c:cc:
c9:67:d4:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtr08ONE6SBg6P+sD3b5VOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNzMzODZmMzY3MjgxODRhYTAwM2IxZDk2MzlmZTM5YzRh
MTJhYTkwHhcNMjMwMTAxMTQxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTI4OGVjZWUxNjY2MjcyNDFmOTAxNzJiYTdkMTAwNjMxNDM1MTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwj7rKRh40TCN0sXjjRKTFFsAtkNH
IJvFFPTHMwTpOk6xdZ2ddiNDcrgVq3YyIuqB1JyzNIZUmzOG4wfZ1tMQ6QdQ/mKM
XrNV3HNEfsU98Nt50ggbkxym1+pmqTp+c1+uZcpqrLqcBjssMw7HjVTv4YlXFaE/
sSk23GMsxKVApfARL8YDwaGYm4QAB99no9sgQayfOZryhfLxJ6cY271pWyvlK95X
sqU3vbp0+oLBkIBjX4G9tkE5PfPtxjnsRc9OT8P9mt8Mv41S4dQLNLCkTAsNUugV
oHxa9jmZgVY/+mJJEbA4GIzKTRm51OTKQJaREDv2IMuCcJR61N2b9ANk5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCUojs7hZmJyQfkBcrp9EAYxQ1FNMB8GA1UdIwQY
MBaAFFFzOG82coGEqgA7HZY5/jnEoSqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVhNNGJ6WnlnWVNxQURzZGxqbi1PY1NoS3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xN2MwMmItZDczNS00MWNhLTgyMjkt
MGNkZGY3OWVlOTBmLzEvSlNpT3p1Rm1ZbkpCLVFGeXVuMFFCakZEVVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xN2MwMmItZDczNS00MWNhLTgyMjktMGNkZGY3OWVlOTBm
LzEvVVhNNGJ6WnlnWVNxQURzZGxqbi1PY1NoS3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9CRMA0G
CSqGSIb3DQEBCwUAA4IBAQDKkZioQhZC9rxwiL9YkcRTALpfvVOJyrakevwZmct9
sYordTEdAdmnmiNDA+E65TvgxOMQh1LhmhyddaMKw8gNM3/ZTWXM6dkRj9rT/9Ce
mRv4rxm3FoVczJ9+eSEg463HhNGIg5K0VCQzirIMbqxlq7ORM5R8jrXBCykJKAxw
iPE4u9zHWpV7i5CZvRlI58m9qoUn9qn5xuY4ouMLcBsmofAVHgfrdcKnYmuTHaYw
FCpQudjMezEc+AphE3U/Em/DEPeGxFAurrNcfF7w0hkSYIeLnDttjZtLqer/jRn+
6alnRdutJe+EEYXRdtQ5OdFqdWZNmujhQk2yXMzJZ9Sl
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:33 2024 by rpki-client on console-fra.rpki-client.org