Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/aYL_XGoUDl17YF4w2IqS9sGr42w.roa
File: aYL_XGoUDl17YF4w2IqS9sGr42w.roa (raw, json)
Hash identifier: DR1vtXkbqi967Wfk707CBB0f19XskH1PuI1M3XMzBMc=
Subject key identifier: 69:82:FF:5C:6A:14:0E:5D:7B:60:5E:30:D8:8A:92:F6:C1:AB:E3:6C
Certificate issuer: /CN=d098e907c63457e6ca6281dfe297d972bffda805
Certificate serial: 01857079BAA85A599EAD0EED5603DE37ECBB
Authority key identifier: D0:98:E9:07:C6:34:57:E6:CA:62:81:DF:E2:97:D9:72:BF:FD:A8:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/aYL_XGoUDl17YF4w2IqS9sGr42w.roa
Signing time: Mon 02 Jan 2023 03:15:03 +0000
ROA not before: Mon 02 Jan 2023 03:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39114
IP address blocks: 185.91.15.0/24 maxlen: 24
185.91.12.0/24 maxlen: 24
185.91.12.0/22 maxlen: 22
185.91.13.0/24 maxlen: 24
185.91.14.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:ba:a8:5a:59:9e:ad:0e:ed:56:03:de:37:ec:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d098e907c63457e6ca6281dfe297d972bffda805
Validity
Not Before: Jan 2 03:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6982ff5c6a140e5d7b605e30d88a92f6c1abe36c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d7:82:39:a2:c2:e7:f6:00:78:01:84:80:9a:
20:d2:08:8c:c3:94:24:b7:4a:a4:cd:cb:dc:22:de:
33:c5:77:1d:9e:e2:3e:a0:0b:69:3e:c7:ed:f9:d0:
bf:9e:07:9f:fc:65:44:b4:ee:10:36:78:45:cb:6c:
4c:04:f8:1d:02:76:cc:f9:ea:d0:60:10:89:21:ef:
28:49:64:d2:bb:38:c2:8e:ec:11:ac:15:b8:b8:70:
5d:a9:fd:d6:c3:d7:44:b3:e5:4f:8b:f6:e6:a4:a3:
1d:81:00:31:ec:c5:e5:dd:60:1a:8a:e7:5f:16:d2:
1e:ef:3a:8d:0c:a0:67:a4:e0:d9:30:67:13:90:44:
26:5d:4b:14:0e:dd:03:0b:ff:c6:2f:bd:c3:f5:5a:
18:c8:06:f9:c6:81:7d:80:73:12:b2:71:ea:26:9f:
36:31:ac:d7:a3:c9:c9:ac:6a:b1:9d:63:7a:c7:57:
12:af:04:d5:ab:5a:d1:f2:c5:39:cb:a6:2d:40:f1:
93:08:f6:60:bc:10:49:85:de:c2:07:b3:6a:1e:6c:
0e:0b:e0:a7:52:ac:77:ed:ac:1b:4b:ff:de:d3:fb:
55:cb:ed:9f:a8:36:3f:c4:e4:8a:41:04:7d:14:07:
12:a7:82:89:1c:cb:fa:1c:3c:19:b6:da:53:80:3b:
ab:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:82:FF:5C:6A:14:0E:5D:7B:60:5E:30:D8:8A:92:F6:C1:AB:E3:6C
X509v3 Authority Key Identifier:
keyid:D0:98:E9:07:C6:34:57:E6:CA:62:81:DF:E2:97:D9:72:BF:FD:A8:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/aYL_XGoUDl17YF4w2IqS9sGr42w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.12.0/22
Signature Algorithm: sha256WithRSAEncryption
12:4f:b4:27:1d:91:45:c6:0a:fd:0e:48:71:4c:8c:b3:17:5a:
1b:28:81:0a:9b:90:0e:7a:77:2b:41:a1:ac:47:c8:8a:2d:01:
ef:2a:e8:02:ed:fb:eb:cf:45:83:7c:44:b7:a7:91:c2:45:2e:
62:3a:a6:8f:12:04:61:66:49:a7:59:c5:55:41:90:39:94:92:
13:a5:f4:1a:70:c2:77:a6:23:05:50:3d:56:e8:62:69:07:b5:
a2:86:38:ff:86:c3:1f:9d:a6:8e:b3:d7:d1:58:c8:17:f7:22:
b1:73:9c:9b:73:a1:dd:c8:5d:61:ed:82:27:40:77:35:f7:c7:
5f:d3:d2:46:33:b5:65:a1:7b:40:50:32:04:d0:0f:88:57:68:
97:b5:fc:df:c9:21:e3:22:e1:3c:15:3d:76:bd:29:ab:33:1a:
05:ec:33:a4:14:79:46:9b:9a:16:19:9d:ca:36:dc:2a:4b:d5:
64:7a:75:c9:52:63:d0:61:5b:fb:a5:80:3f:88:d1:10:5e:5e:
4e:ad:fb:22:ae:9b:27:3b:08:29:22:a5:7c:fa:16:29:3e:61:
00:14:45:28:89:a4:93:ae:62:82:65:4c:0a:aa:55:a5:5f:1b:
6d:d0:57:9c:e9:81:e6:1e:9f:b1:a4:78:88:5b:51:68:fe:61:
a7:5a:59:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwebqoWlmerQ7tVgPeN+y7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOThlOTA3YzYzNDU3ZTZjYTYyODFkZmUyOTdkOTcyYmZm
ZGE4MDUwHhcNMjMwMTAyMDMxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTgyZmY1YzZhMTQwZTVkN2I2MDVlMzBkODhhOTJmNmMxYWJlMzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9eCOaLC5/YAeAGEgJog0giMw5Qk
t0qkzcvcIt4zxXcdnuI+oAtpPsft+dC/ngef/GVEtO4QNnhFy2xMBPgdAnbM+erQ
YBCJIe8oSWTSuzjCjuwRrBW4uHBdqf3Ww9dEs+VPi/bmpKMdgQAx7MXl3WAaiudf
FtIe7zqNDKBnpODZMGcTkEQmXUsUDt0DC//GL73D9VoYyAb5xoF9gHMSsnHqJp82
MazXo8nJrGqxnWN6x1cSrwTVq1rR8sU5y6YtQPGTCPZgvBBJhd7CB7NqHmwOC+Cn
Uqx37awbS//e0/tVy+2fqDY/xOSKQQR9FAcSp4KJHMv6HDwZttpTgDur8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmC/1xqFA5de2BeMNiKkvbBq+NsMB8GA1UdIwQY
MBaAFNCY6QfGNFfmymKB3+KX2XK//agFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEpqcEI4WTBWLWJLWW9IZjRwZlpjcl85cUFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9jNjNiNmMtNmFhZC00YTc0LTgwN2Mt
MTBlMTNkNDNmMGRkLzEvYVlMX1hHb1VEbDE3WUY0dzJJcVM5c0dyNDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9jNjNiNmMtNmFhZC00YTc0LTgwN2MtMTBlMTNkNDNmMGRk
LzEvMEpqcEI4WTBWLWJLWW9IZjRwZlpjcl85cUFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVsMMA0G
CSqGSIb3DQEBCwUAA4IBAQAST7QnHZFFxgr9DkhxTIyzF1obKIEKm5AOencrQaGs
R8iKLQHvKugC7fvrz0WDfES3p5HCRS5iOqaPEgRhZkmnWcVVQZA5lJITpfQacMJ3
piMFUD1W6GJpB7Wihjj/hsMfnaaOs9fRWMgX9yKxc5ybc6HdyF1h7YInQHc198df
09JGM7VloXtAUDIE0A+IV2iXtfzfySHjIuE8FT12vSmrMxoF7DOkFHlGm5oWGZ3K
NtwqS9VkenXJUmPQYVv7pYA/iNEQXl5OrfsirpsnOwgpIqV8+hYpPmEAFEUoiaST
rmKCZUwKqlWlXxtt0Fec6YHmHp+xpHiIW1Fo/mGnWlk2
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:51 2024 by rpki-client on console-ams.rpki-client.org