Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ce043e-2ddb-48a7-8983-9d7a8872b454/1/JG5uqPQlVVxoJ4uWtxWrdZlWZ04.roa
File: JG5uqPQlVVxoJ4uWtxWrdZlWZ04.roa (raw, json)
Hash identifier: Y/nxlniv0M7+1hILsbVomU1zRhWP5QV8/LJsgfkHbFU=
Subject key identifier: 24:6E:6E:A8:F4:25:55:5C:68:27:8B:96:B7:15:AB:75:99:56:67:4E
Certificate issuer: /CN=31921b6ff1ac449ba3e7f892cf0832d1ceb7d464
Certificate serial: 01856C4A7C5F761697857C2EACBD285831BB
Authority key identifier: 31:92:1B:6F:F1:AC:44:9B:A3:E7:F8:92:CF:08:32:D1:CE:B7:D4:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MZIbb_GsRJuj5_iSzwgy0c631GQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ce043e-2ddb-48a7-8983-9d7a8872b454/1/JG5uqPQlVVxoJ4uWtxWrdZlWZ04.roa
Signing time: Sun 01 Jan 2023 07:44:58 +0000
ROA not before: Sun 01 Jan 2023 07:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57057
IP address blocks: 91.224.66.0/23 maxlen: 23
2a01:5741::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:7c:5f:76:16:97:85:7c:2e:ac:bd:28:58:31:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31921b6ff1ac449ba3e7f892cf0832d1ceb7d464
Validity
Not Before: Jan 1 07:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=246e6ea8f425555c68278b96b715ab759956674e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a8:7a:30:07:87:5d:27:12:37:7b:9b:ca:9d:
32:a4:6e:72:e5:93:ea:f7:a2:05:43:c8:4e:f3:89:
10:63:43:8d:26:5b:6d:7f:61:1d:d9:72:60:59:0a:
f3:ef:80:f2:9d:59:cd:1c:46:26:78:48:65:ca:2b:
6b:1c:b0:22:b8:e7:1a:ec:70:02:22:67:6e:0d:0a:
c1:d2:0b:16:d7:f6:93:7a:2a:25:e4:1b:d2:1f:84:
81:fe:26:e9:d9:1e:d8:75:58:2c:ed:3d:05:a4:85:
79:9c:f5:c6:28:26:8b:bd:d9:87:4a:27:7f:48:1d:
9f:0f:5c:64:f5:7a:73:98:e4:ee:83:0b:29:34:11:
76:7f:e7:80:1b:73:b8:83:98:08:86:0a:bc:69:60:
db:ae:06:f1:51:27:9e:fa:b7:78:73:95:f5:3e:d1:
3c:38:4f:21:1f:08:1d:69:dd:f7:96:31:b5:ac:7d:
a2:8b:65:4c:eb:ca:2c:1d:32:94:41:8a:72:08:89:
bc:2d:c5:dc:7a:19:41:aa:a8:38:79:98:ed:82:ed:
a1:3c:2b:86:f1:dc:ae:d9:04:98:d3:bc:36:54:6e:
a4:5b:17:43:98:cb:e4:d1:c7:40:6c:a4:84:7e:f9:
27:0a:ab:4f:cf:93:d3:72:47:9e:4e:cb:a4:8f:b9:
f8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:6E:6E:A8:F4:25:55:5C:68:27:8B:96:B7:15:AB:75:99:56:67:4E
X509v3 Authority Key Identifier:
keyid:31:92:1B:6F:F1:AC:44:9B:A3:E7:F8:92:CF:08:32:D1:CE:B7:D4:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MZIbb_GsRJuj5_iSzwgy0c631GQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ce043e-2ddb-48a7-8983-9d7a8872b454/1/JG5uqPQlVVxoJ4uWtxWrdZlWZ04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ce043e-2ddb-48a7-8983-9d7a8872b454/1/MZIbb_GsRJuj5_iSzwgy0c631GQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.66.0/23
IPv6:
2a01:5741::/32
Signature Algorithm: sha256WithRSAEncryption
b8:c1:94:d9:cb:1a:80:49:e3:ba:fb:a2:fa:9d:b4:23:6b:a4:
4f:62:c1:5d:09:fc:07:c9:05:df:0f:72:d6:b9:af:16:2d:2e:
16:ba:9f:0b:7b:96:5c:c7:92:e0:42:ef:f2:6d:d9:64:a3:14:
22:52:f9:12:85:b0:77:03:50:f6:19:41:c9:50:e8:04:14:84:
14:28:28:7d:b4:5d:17:41:53:16:df:a3:05:9f:ef:a3:bb:7e:
5d:82:11:b2:57:ec:12:61:59:15:80:a9:ef:29:43:de:79:e7:
c2:ad:59:21:b7:ab:85:c6:c6:9b:82:df:43:39:9d:5a:8b:3f:
c2:d6:0b:bb:e5:92:a4:24:b4:d9:e1:03:ef:07:7d:61:64:9f:
76:ed:48:91:81:9f:b2:9c:a7:e0:49:9b:77:6d:5e:47:2c:f7:
1d:8f:3e:bc:1a:8a:c0:8c:6e:26:f9:2e:c1:02:18:35:30:51:
a3:87:d1:a9:06:8c:97:7c:9c:e6:4e:ff:bd:9e:64:2b:f2:c4:
d7:c1:51:03:ec:5b:d1:c1:96:fa:7c:50:66:77:37:83:09:49:
11:32:a9:e3:40:6c:ca:b4:64:32:c7:f4:6d:f5:80:93:94:ef:
18:ad:95:33:06:dd:f0:b5:85:03:04:b3:31:3c:52:e6:6d:0f:
c3:8a:58:5e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsSnxfdhaXhXwurL0oWDG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxOTIxYjZmZjFhYzQ0OWJhM2U3Zjg5MmNmMDgzMmQxY2Vi
N2Q0NjQwHhcNMjMwMTAxMDc0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDZlNmVhOGY0MjU1NTVjNjgyNzhiOTZiNzE1YWI3NTk5NTY2NzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqh6MAeHXScSN3ubyp0ypG5y5ZPq
96IFQ8hO84kQY0ONJlttf2Ed2XJgWQrz74DynVnNHEYmeEhlyitrHLAiuOca7HAC
ImduDQrB0gsW1/aTeiol5BvSH4SB/ibp2R7YdVgs7T0FpIV5nPXGKCaLvdmHSid/
SB2fD1xk9XpzmOTugwspNBF2f+eAG3O4g5gIhgq8aWDbrgbxUSee+rd4c5X1PtE8
OE8hHwgdad33ljG1rH2ii2VM68osHTKUQYpyCIm8LcXcehlBqqg4eZjtgu2hPCuG
8dyu2QSY07w2VG6kWxdDmMvk0cdAbKSEfvknCqtPz5PTckeeTsukj7n4jwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCRubqj0JVVcaCeLlrcVq3WZVmdOMB8GA1UdIwQY
MBaAFDGSG2/xrESbo+f4ks8IMtHOt9RkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVpJYmJfR3NSSnVqNV9pU3p3Z3kwYzYzMUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jZTA0M2UtMmRkYi00OGE3LTg5ODMt
OWQ3YTg4NzJiNDU0LzEvSkc1dXFQUWxWVnhvSjR1V3R4V3JkWmxXWjA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jZTA0M2UtMmRkYi00OGE3LTg5ODMtOWQ3YTg4NzJiNDU0
LzEvTVpJYmJfR3NSSnVqNV9pU3p3Z3kwYzYzMUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW+BCMA0E
AgACMAcDBQAqAVdBMA0GCSqGSIb3DQEBCwUAA4IBAQC4wZTZyxqASeO6+6L6nbQj
a6RPYsFdCfwHyQXfD3LWua8WLS4Wup8Le5Zcx5LgQu/ybdlkoxQiUvkShbB3A1D2
GUHJUOgEFIQUKCh9tF0XQVMW36MFn++ju35dghGyV+wSYVkVgKnvKUPeeefCrVkh
t6uFxsabgt9DOZ1aiz/C1gu75ZKkJLTZ4QPvB31hZJ927UiRgZ+ynKfgSZt3bV5H
LPcdjz68GorAjG4m+S7BAhg1MFGjh9GpBoyXfJzmTv+9nmQr8sTXwVED7FvRwZb6
fFBmdzeDCUkRMqnjQGzKtGQyx/Rt9YCTlO8YrZUzBt3wtYUDBLMxPFLmbQ/Dilhe
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:38 2024 by rpki-client on console-fra.rpki-client.org