Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/xIM7jaBM3inx7l26P51YMYDaJqo.roa
File: xIM7jaBM3inx7l26P51YMYDaJqo.roa (raw, json)
Hash identifier: PEv6pNzaqg+ALbDmFuhex4gyGsGa1eGx3NNlZKg0iBs=
Subject key identifier: C4:83:3B:8D:A0:4C:DE:29:F1:EE:5D:BA:3F:9D:58:31:80:DA:26:AA
Certificate issuer: /CN=e9e4dc968ed52935a04dee3b229c21ca9bfdbd7e
Certificate serial: 018B38A1239C9A698B711776E427A32F5F13
Authority key identifier: E9:E4:DC:96:8E:D5:29:35:A0:4D:EE:3B:22:9C:21:CA:9B:FD:BD:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6eTclo7VKTWgTe47Ipwhypv9vX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/xIM7jaBM3inx7l26P51YMYDaJqo.roa
Signing time: Mon 16 Oct 2023 13:16:06 +0000
ROA not before: Mon 16 Oct 2023 13:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 91.241.168.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:a1:23:9c:9a:69:8b:71:17:76:e4:27:a3:2f:5f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9e4dc968ed52935a04dee3b229c21ca9bfdbd7e
Validity
Not Before: Oct 16 13:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4833b8da04cde29f1ee5dba3f9d583180da26aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:86:0d:2d:d0:8a:7c:ef:5a:8c:3f:23:da:e0:
3c:83:66:26:9c:73:68:0c:04:24:f0:06:4f:3d:6a:
39:d5:62:4f:f0:f6:6b:3c:66:f0:33:26:b4:f9:f3:
f4:4a:8b:a6:ee:c5:f2:19:0b:0e:46:36:9c:df:75:
aa:dd:db:da:26:27:74:31:06:c4:5a:f2:4e:1d:98:
ec:69:fc:0b:d6:11:b2:cc:58:96:83:74:05:32:79:
59:d5:0c:a8:34:4f:c0:14:93:0b:b2:b8:81:23:60:
f6:b9:5d:89:86:1d:a7:cc:dd:1f:f7:56:be:da:b0:
19:a6:12:75:d4:66:93:4f:f8:3c:8b:f8:91:0b:29:
e7:f8:32:65:36:7c:cd:ad:d5:70:d5:a0:08:6a:e2:
14:5e:9b:b2:4b:c1:a6:41:36:7d:e7:d6:fc:7c:47:
8b:22:0e:d0:6a:fa:ac:a4:45:73:2d:ac:c2:8e:c4:
09:5e:8a:7f:39:b6:c1:13:98:74:3e:7a:10:aa:d7:
46:ba:74:7f:48:26:2d:77:44:5c:b7:85:93:75:59:
10:2f:ca:72:8a:bd:0c:0b:d6:e9:d4:90:c4:c2:fd:
0c:20:69:78:7a:71:01:5c:cb:ef:84:bc:1a:c4:3b:
da:f8:f3:fa:f5:72:f0:a3:a7:8c:95:d7:5b:41:d7:
02:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:83:3B:8D:A0:4C:DE:29:F1:EE:5D:BA:3F:9D:58:31:80:DA:26:AA
X509v3 Authority Key Identifier:
keyid:E9:E4:DC:96:8E:D5:29:35:A0:4D:EE:3B:22:9C:21:CA:9B:FD:BD:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6eTclo7VKTWgTe47Ipwhypv9vX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/xIM7jaBM3inx7l26P51YMYDaJqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/6eTclo7VKTWgTe47Ipwhypv9vX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.168.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:07:36:f2:6c:08:52:7a:75:d8:70:cd:2d:50:b2:02:f1:66:
c0:ca:0d:db:9f:35:48:0a:dd:5d:f3:ae:3f:a6:9c:71:c1:18:
83:a0:cb:3a:a9:3b:4a:8f:f2:4a:92:30:a5:79:8d:c5:da:37:
90:db:16:1a:7c:3b:6b:ea:ce:b9:95:77:fc:d7:d4:45:b1:60:
91:55:d7:18:00:92:ec:65:d0:6e:98:07:a0:44:f1:ee:aa:d2:
b0:e8:59:ab:f6:56:bb:2d:13:50:a8:61:3e:97:b0:1e:0e:6e:
67:a3:30:15:57:a7:8f:03:12:8d:bc:c1:f8:a5:7e:7d:62:39:
e0:68:ff:72:38:84:75:74:9a:03:bf:29:2d:2a:23:80:fb:a6:
c6:46:50:7b:1b:fc:e7:1b:3c:80:38:90:52:dd:c8:7f:83:19:
31:f7:3f:64:51:72:32:2e:bf:af:3c:8c:97:1f:86:76:58:db:
37:de:fc:41:63:39:66:19:7f:6d:59:df:7e:97:a8:f3:00:5a:
15:1d:b7:8a:c8:50:67:c8:a1:9d:61:5f:57:d3:ff:fa:82:ca:
b1:da:48:5e:e9:97:fe:9c:a6:ec:4d:8d:31:0a:59:55:0e:86:
25:af:8f:b5:d6:85:d6:7e:d2:19:5c:a3:c4:68:23:d8:ca:96:
f6:69:93:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs4oSOcmmmLcRd25CejL18TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZTRkYzk2OGVkNTI5MzVhMDRkZWUzYjIyOWMyMWNhOWJm
ZGJkN2UwHhcNMjMxMDE2MTMxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDgzM2I4ZGEwNGNkZTI5ZjFlZTVkYmEzZjlkNTgzMTgwZGEyNmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIYNLdCKfO9ajD8j2uA8g2YmnHNo
DAQk8AZPPWo51WJP8PZrPGbwMya0+fP0Soum7sXyGQsORjac33Wq3dvaJid0MQbE
WvJOHZjsafwL1hGyzFiWg3QFMnlZ1QyoNE/AFJMLsriBI2D2uV2Jhh2nzN0f91a+
2rAZphJ11GaTT/g8i/iRCynn+DJlNnzNrdVw1aAIauIUXpuyS8GmQTZ959b8fEeL
Ig7QavqspEVzLazCjsQJXop/ObbBE5h0PnoQqtdGunR/SCYtd0Rct4WTdVkQL8py
ir0MC9bp1JDEwv0MIGl4enEBXMvvhLwaxDva+PP69XLwo6eMlddbQdcC3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSDO42gTN4p8e5duj+dWDGA2iaqMB8GA1UdIwQY
MBaAFOnk3JaO1Sk1oE3uOyKcIcqb/b1+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmVUY2xvN1ZLVFdnVGU0N0lwd2h5cHY5dlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8xYTEzNGYtMDMwYS00M2U3LWIwNDEt
NmM3ODU2ZWY3YjMxLzEveElNN2phQk0zaW54N2wyNlA1MVlNWURhSnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8xYTEzNGYtMDMwYS00M2U3LWIwNDEtNmM3ODU2ZWY3YjMx
LzEvNmVUY2xvN1ZLVFdnVGU0N0lwd2h5cHY5dlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/GoMA0G
CSqGSIb3DQEBCwUAA4IBAQA/BzbybAhSenXYcM0tULIC8WbAyg3bnzVICt1d864/
ppxxwRiDoMs6qTtKj/JKkjCleY3F2jeQ2xYafDtr6s65lXf819RFsWCRVdcYAJLs
ZdBumAegRPHuqtKw6Fmr9la7LRNQqGE+l7AeDm5nozAVV6ePAxKNvMH4pX59Yjng
aP9yOIR1dJoDvyktKiOA+6bGRlB7G/znGzyAOJBS3ch/gxkx9z9kUXIyLr+vPIyX
H4Z2WNs33vxBYzlmGX9tWd9+l6jzAFoVHbeKyFBnyKGdYV9X0//6gsqx2khe6Zf+
nKbsTY0xCllVDoYlr4+11oXWftIZXKPEaCPYypb2aZPm
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:34 2024 by rpki-client on console-fra.rpki-client.org