Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8ec60b-9cc1-4e5e-9f2e-ae05ae1291f2/1/rbFWp0B7tW_z7MBhM1I3iy1ge2I.roa
File: rbFWp0B7tW_z7MBhM1I3iy1ge2I.roa (raw, json)
Hash identifier: aIR8OgqLqo4C6JK3GSreBRVczU+gnUF5iQgGS4oJN7k=
Subject key identifier: AD:B1:56:A7:40:7B:B5:6F:F3:EC:C0:61:33:52:37:8B:2D:60:7B:62
Certificate issuer: /CN=607d7b0e5fe6d69b4d797dec3d112c47b8a19224
Certificate serial: 01856D4AD3064769CE23DCDA42A7B863691E
Authority key identifier: 60:7D:7B:0E:5F:E6:D6:9B:4D:79:7D:EC:3D:11:2C:47:B8:A1:92:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YH17Dl_m1ptNeX3sPREsR7ihkiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8ec60b-9cc1-4e5e-9f2e-ae05ae1291f2/1/rbFWp0B7tW_z7MBhM1I3iy1ge2I.roa
Signing time: Sun 01 Jan 2023 12:24:58 +0000
ROA not before: Sun 01 Jan 2023 12:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51903
IP address blocks: 194.106.218.0/23 maxlen: 23
91.221.124.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:d3:06:47:69:ce:23:dc:da:42:a7:b8:63:69:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=607d7b0e5fe6d69b4d797dec3d112c47b8a19224
Validity
Not Before: Jan 1 12:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=adb156a7407bb56ff3ecc0613352378b2d607b62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:06:cf:6f:56:4c:02:51:e5:63:f5:44:c7:d5:
96:5e:f8:40:21:2d:03:b3:28:66:31:c1:12:8c:e1:
ed:2d:66:88:48:dd:8f:b2:80:f9:0f:09:4a:53:0f:
7d:f6:80:ab:d2:17:ef:0e:f7:5b:a6:50:4f:75:13:
d3:5c:ef:55:2f:82:1f:ff:90:af:28:bf:2e:9e:11:
9c:0b:03:85:8b:43:c1:60:5f:c4:8f:27:c2:ce:7b:
74:e7:2b:c8:ff:83:43:de:ec:46:75:46:b5:8f:4f:
81:f9:53:e1:9f:4e:f2:a8:a0:f2:bc:81:ed:9d:63:
94:8d:27:6b:3a:fc:4e:2f:19:b8:cc:6f:13:b6:33:
93:9b:38:4e:47:b4:ea:d1:2b:fc:a4:81:f4:e6:bf:
7d:92:3e:63:fe:12:34:36:94:9a:64:33:eb:89:4b:
78:84:49:57:46:aa:39:20:9f:44:ec:e4:70:b4:58:
da:6c:9d:3f:b5:5d:cc:66:81:59:b6:fd:11:a8:0e:
67:55:11:c4:40:83:6c:d7:0f:9c:c5:7f:3e:86:ce:
69:3c:b9:05:47:b1:c8:e6:32:45:0d:da:4d:74:eb:
0e:f4:63:79:85:b8:28:5c:39:2f:f5:96:64:7a:8d:
10:57:a6:9c:e3:4b:2f:fc:ea:5b:6a:d6:56:bd:8a:
12:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B1:56:A7:40:7B:B5:6F:F3:EC:C0:61:33:52:37:8B:2D:60:7B:62
X509v3 Authority Key Identifier:
keyid:60:7D:7B:0E:5F:E6:D6:9B:4D:79:7D:EC:3D:11:2C:47:B8:A1:92:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YH17Dl_m1ptNeX3sPREsR7ihkiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8ec60b-9cc1-4e5e-9f2e-ae05ae1291f2/1/rbFWp0B7tW_z7MBhM1I3iy1ge2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8ec60b-9cc1-4e5e-9f2e-ae05ae1291f2/1/YH17Dl_m1ptNeX3sPREsR7ihkiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.124.0/23
194.106.218.0/23
Signature Algorithm: sha256WithRSAEncryption
39:d6:d8:7e:bd:19:ba:c2:f8:9c:56:ed:d0:b4:25:ff:3f:b4:
41:a5:8f:d7:7d:7e:00:04:5d:53:90:ee:c8:82:08:51:4b:08:
e6:3f:30:cc:fb:19:81:d1:71:31:f5:f7:8b:6a:7d:df:eb:99:
7e:08:50:76:79:7a:99:88:bb:3e:ad:f3:f7:3b:d9:ab:ef:ec:
31:6b:fd:8f:5c:ba:7c:51:2d:32:e5:09:99:36:f1:5c:fc:c9:
11:3e:eb:9e:fe:7e:df:86:64:8e:ff:88:5a:4a:84:92:d8:4b:
75:b9:62:46:42:19:a7:41:0a:5e:50:e1:00:25:50:30:01:1a:
18:e8:4e:86:5e:ec:b7:fc:3c:88:32:62:df:96:b6:30:63:ce:
63:33:c4:98:3a:cb:8d:fd:42:8c:83:2d:1a:d7:6d:50:e7:94:
5b:95:c9:13:22:04:aa:63:9e:ad:93:b5:43:2b:59:e7:4a:6d:
4a:87:46:aa:e5:1a:40:f9:33:fc:90:dd:af:f9:00:43:29:e9:
a8:72:06:c2:1a:60:35:d1:b6:56:f0:ed:b6:d6:93:c7:41:ba:
35:61:fd:b5:81:5f:cc:d0:10:82:0b:44:1a:92:f8:2c:d9:5f:
61:46:51:73:e0:d8:6a:83:60:fc:96:41:84:d0:ad:27:ab:9a:
f5:51:b8:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtStMGR2nOI9zaQqe4Y2keMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwN2Q3YjBlNWZlNmQ2OWI0ZDc5N2RlYzNkMTEyYzQ3Yjhh
MTkyMjQwHhcNMjMwMTAxMTIyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGIxNTZhNzQwN2JiNTZmZjNlY2MwNjEzMzUyMzc4YjJkNjA3YjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAbPb1ZMAlHlY/VEx9WWXvhAIS0D
syhmMcESjOHtLWaISN2PsoD5DwlKUw999oCr0hfvDvdbplBPdRPTXO9VL4If/5Cv
KL8unhGcCwOFi0PBYF/EjyfCznt05yvI/4ND3uxGdUa1j0+B+VPhn07yqKDyvIHt
nWOUjSdrOvxOLxm4zG8TtjOTmzhOR7Tq0Sv8pIH05r99kj5j/hI0NpSaZDPriUt4
hElXRqo5IJ9E7ORwtFjabJ0/tV3MZoFZtv0RqA5nVRHEQINs1w+cxX8+hs5pPLkF
R7HI5jJFDdpNdOsO9GN5hbgoXDkv9ZZkeo0QV6ac40sv/OpbatZWvYoSGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK2xVqdAe7Vv8+zAYTNSN4stYHtiMB8GA1UdIwQY
MBaAFGB9ew5f5tabTXl97D0RLEe4oZIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUgxN0RsX20xcHROZVgzc1BSRXNSN2loa2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZWM2MGItOWNjMS00ZTVlLTlmMmUt
YWUwNWFlMTI5MWYyLzEvcmJGV3AwQjd0V196N01CaE0xSTNpeTFnZTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZWM2MGItOWNjMS00ZTVlLTlmMmUtYWUwNWFlMTI5MWYy
LzEvWUgxN0RsX20xcHROZVgzc1BSRXNSN2loa2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW918AwQB
wmraMA0GCSqGSIb3DQEBCwUAA4IBAQA51th+vRm6wvicVu3QtCX/P7RBpY/XfX4A
BF1TkO7IgghRSwjmPzDM+xmB0XEx9feLan3f65l+CFB2eXqZiLs+rfP3O9mr7+wx
a/2PXLp8US0y5QmZNvFc/MkRPuue/n7fhmSO/4haSoSS2Et1uWJGQhmnQQpeUOEA
JVAwARoY6E6GXuy3/DyIMmLflrYwY85jM8SYOsuN/UKMgy0a121Q55RblckTIgSq
Y56tk7VDK1nnSm1Kh0aq5RpA+TP8kN2v+QBDKemocgbCGmA10bZW8O221pPHQbo1
Yf21gV/M0BCCC0Qakvgs2V9hRlFz4Nhqg2D8lkGE0K0nq5r1UbgG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org