Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/nm9SXFX1MaGK3bvGv2JwdEmpr78.roa
File: nm9SXFX1MaGK3bvGv2JwdEmpr78.roa (raw, json)
Hash identifier: 2f/tXVsbRkl4tuyt9FJjCq9jnZXo/+j5hAasOzje9Co=
Subject key identifier: 9E:6F:52:5C:55:F5:31:A1:8A:DD:BB:C6:BF:62:70:74:49:A9:AF:BF
Certificate issuer: /CN=6f85a4d564283a7fddf6345697d6bc3373a32246
Certificate serial: 0185704BBBB995A2FA7DF5EBDB66D2B5084B
Authority key identifier: 6F:85:A4:D5:64:28:3A:7F:DD:F6:34:56:97:D6:BC:33:73:A3:22:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Wk1WQoOn_d9jRWl9a8M3OjIkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/nm9SXFX1MaGK3bvGv2JwdEmpr78.roa
Signing time: Mon 02 Jan 2023 02:24:49 +0000
ROA not before: Mon 02 Jan 2023 02:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197302
IP address blocks: 91.223.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:bb:b9:95:a2:fa:7d:f5:eb:db:66:d2:b5:08:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f85a4d564283a7fddf6345697d6bc3373a32246
Validity
Not Before: Jan 2 02:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e6f525c55f531a18addbbc6bf62707449a9afbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:cc:d0:cc:4f:e0:94:dd:53:91:fa:2c:42:7a:
68:4d:b6:19:3a:9c:34:cf:e5:1b:6c:73:2f:ec:d2:
b7:fc:e2:0a:b4:33:db:e0:bc:89:72:b0:3d:1b:bc:
cf:9c:c7:56:49:96:f9:99:68:e1:2c:16:82:ac:6c:
c7:a6:5c:7b:fe:30:e8:31:3b:98:bd:50:8b:ff:21:
7f:0b:91:be:71:d8:a0:e9:cf:56:ff:81:84:da:80:
1b:4a:c4:ed:96:b1:5a:ce:08:16:e1:50:cd:76:ba:
7f:71:fa:78:06:a4:74:8f:a0:ed:f0:9b:8d:e9:3a:
14:4e:44:f0:7e:49:a7:75:64:9b:5a:d5:41:2d:16:
a0:ee:57:71:62:25:de:56:82:f0:e1:cb:32:d4:f3:
22:27:48:85:08:19:de:1a:e1:a9:59:e3:a1:d1:1a:
b7:9b:0e:7c:31:83:73:07:37:f0:ef:22:78:b6:4e:
d8:56:de:95:27:19:b0:d0:87:9d:06:2e:c4:9c:c7:
57:12:ad:fe:3a:be:4d:10:6f:55:d9:32:c0:48:4a:
f7:84:49:ea:d8:8a:72:90:1d:05:4a:06:79:f0:11:
d5:b0:e0:69:7c:fe:56:08:29:e4:4a:d8:72:68:9a:
c0:32:11:15:1a:fe:7c:3d:8d:2d:0c:d4:0d:e1:29:
81:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:6F:52:5C:55:F5:31:A1:8A:DD:BB:C6:BF:62:70:74:49:A9:AF:BF
X509v3 Authority Key Identifier:
keyid:6F:85:A4:D5:64:28:3A:7F:DD:F6:34:56:97:D6:BC:33:73:A3:22:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Wk1WQoOn_d9jRWl9a8M3OjIkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/nm9SXFX1MaGK3bvGv2JwdEmpr78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/b4Wk1WQoOn_d9jRWl9a8M3OjIkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.124.0/24
Signature Algorithm: sha256WithRSAEncryption
87:7d:4d:7b:12:49:b0:2a:b7:0d:72:3f:d0:61:df:52:9e:b9:
45:72:5f:05:91:27:89:de:b6:1f:21:ea:29:97:dc:ab:ad:3c:
f2:65:59:4a:39:b0:6b:ab:ec:79:1b:cb:0f:0f:4d:04:85:5c:
d6:95:01:0b:b3:42:c6:70:13:23:5f:61:5b:87:b7:6b:4a:6b:
b7:c7:37:7d:13:c0:f6:45:d9:eb:6e:32:79:6f:50:1e:dc:a5:
d9:1e:ea:01:c3:8f:b0:58:75:f3:3c:f1:a8:31:25:b6:d0:cf:
4d:e0:a0:54:58:bf:29:57:b8:fb:1f:c3:f8:f4:a5:83:54:5d:
8d:9c:c1:73:b6:48:55:16:be:6d:f4:51:07:5c:07:f6:f6:98:
41:fc:af:c3:8b:0a:4a:c5:33:eb:4c:34:c8:7f:b8:04:19:8a:
d7:af:c6:f7:97:1c:38:47:c7:08:70:fb:f8:c1:5f:90:81:64:
53:4e:28:0e:5c:4f:e0:3b:b9:58:76:62:cf:df:2d:a5:1a:0c:
fb:2e:04:74:63:3e:51:84:67:09:98:bf:c1:4e:82:b0:29:b5:
b9:85:2d:c5:6d:b1:93:22:75:ab:cf:51:06:a2:3c:96:ee:62:
ca:a3:e4:b6:20:80:f0:2f:bb:e4:c0:13:45:c1:83:87:01:72:
55:47:47:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS7u5laL6ffXr22bStQhLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODVhNGQ1NjQyODNhN2ZkZGY2MzQ1Njk3ZDZiYzMzNzNh
MzIyNDYwHhcNMjMwMTAyMDIyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTZmNTI1YzU1ZjUzMWExOGFkZGJiYzZiZjYyNzA3NDQ5YTlhZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8zQzE/glN1TkfosQnpoTbYZOpw0
z+UbbHMv7NK3/OIKtDPb4LyJcrA9G7zPnMdWSZb5mWjhLBaCrGzHplx7/jDoMTuY
vVCL/yF/C5G+cdig6c9W/4GE2oAbSsTtlrFazggW4VDNdrp/cfp4BqR0j6Dt8JuN
6ToUTkTwfkmndWSbWtVBLRag7ldxYiXeVoLw4csy1PMiJ0iFCBneGuGpWeOh0Rq3
mw58MYNzBzfw7yJ4tk7YVt6VJxmw0IedBi7EnMdXEq3+Or5NEG9V2TLASEr3hEnq
2IpykB0FSgZ58BHVsOBpfP5WCCnkSthyaJrAMhEVGv58PY0tDNQN4SmBkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5vUlxV9TGhit27xr9icHRJqa+/MB8GA1UdIwQY
MBaAFG+FpNVkKDp/3fY0VpfWvDNzoyJGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRXazFXUW9Pbl9kOWpSV2w5YThNM09qSWtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC85OGRmZmEtODEwYi00OWI1LWFkZGQt
MDYxZmMxYWViMTU4LzEvbm05U1hGWDFNYUdLM2J2R3YySndkRW1wcjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC85OGRmZmEtODEwYi00OWI1LWFkZGQtMDYxZmMxYWViMTU4
LzEvYjRXazFXUW9Pbl9kOWpSV2w5YThNM09qSWtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW998MA0G
CSqGSIb3DQEBCwUAA4IBAQCHfU17EkmwKrcNcj/QYd9SnrlFcl8FkSeJ3rYfIeop
l9yrrTzyZVlKObBrq+x5G8sPD00EhVzWlQELs0LGcBMjX2Fbh7drSmu3xzd9E8D2
RdnrbjJ5b1Ae3KXZHuoBw4+wWHXzPPGoMSW20M9N4KBUWL8pV7j7H8P49KWDVF2N
nMFztkhVFr5t9FEHXAf29phB/K/DiwpKxTPrTDTIf7gEGYrXr8b3lxw4R8cIcPv4
wV+QgWRTTigOXE/gO7lYdmLP3y2lGgz7LgR0Yz5RhGcJmL/BToKwKbW5hS3FbbGT
InWrz1EGojyW7mLKo+S2IIDwL7vkwBNFwYOHAXJVR0ci
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:34 2024 by rpki-client on console-fra.rpki-client.org