Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/c23b96-aeb4-4934-a550-4db984e1c831/1/48QlJBM-5QV2ynp_udNvCgAugX0.roa
File: 48QlJBM-5QV2ynp_udNvCgAugX0.roa (raw, json)
Hash identifier: D53WYYCxHMeDpG2/fpdb5XzmFJbMv6Wc2KeyqW6Ow8I=
Subject key identifier: E3:C4:25:24:13:3E:E5:05:76:CA:7A:7F:B9:D3:6F:0A:00:2E:81:7D
Certificate issuer: /CN=02324e6aa588329eac7a938fb9878d132f2a85af
Certificate serial: 0185720C8A909032CB4DE27A34DC48C69E5E
Authority key identifier: 02:32:4E:6A:A5:88:32:9E:AC:7A:93:8F:B9:87:8D:13:2F:2A:85:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjJOaqWIMp6sepOPuYeNEy8qha8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/c23b96-aeb4-4934-a550-4db984e1c831/1/48QlJBM-5QV2ynp_udNvCgAugX0.roa
Signing time: Mon 02 Jan 2023 10:35:02 +0000
ROA not before: Mon 02 Jan 2023 10:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41249
IP address blocks: 91.227.128.0/24 maxlen: 24
91.227.129.0/24 maxlen: 24
2001:67c:2260::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:8a:90:90:32:cb:4d:e2:7a:34:dc:48:c6:9e:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02324e6aa588329eac7a938fb9878d132f2a85af
Validity
Not Before: Jan 2 10:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3c42524133ee50576ca7a7fb9d36f0a002e817d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:30:aa:dc:65:ec:3b:de:39:21:ec:99:74:9d:
86:6c:b1:31:ea:6b:4d:0e:ec:49:07:5c:fa:db:f6:
c7:f9:54:9b:db:2c:f1:cf:c9:94:51:d7:fa:67:ea:
24:48:a9:70:45:e0:96:12:bc:6b:a5:2c:d6:e7:d2:
ed:f2:6c:7d:57:5e:b2:74:2e:43:a9:90:15:d5:3b:
05:4b:f0:2e:7d:ce:bf:70:d2:3a:d4:ba:d5:f3:72:
72:9a:8c:c3:47:f3:00:07:49:b8:df:f8:6e:f5:b8:
ec:f4:a7:82:55:c0:96:c5:9f:86:ea:18:89:ea:f4:
1a:d7:79:f2:7d:d3:fc:34:53:30:28:36:91:06:af:
c8:01:b1:6b:af:43:fe:2f:9f:b8:68:4f:66:8c:27:
90:16:e4:d8:d4:fd:5b:45:39:43:fe:a7:46:26:f3:
e5:da:9b:be:43:f9:81:1f:e1:f1:b7:e6:32:00:bb:
9f:26:d9:e6:72:ed:5c:d4:1c:6b:4d:4f:f5:e5:16:
1a:6e:7f:6b:c6:ba:00:2e:98:43:f1:7c:0a:25:ae:
df:ca:84:a5:4f:03:e8:8a:50:0d:6a:a3:8d:d2:3e:
0f:17:f8:60:79:17:3f:48:69:da:a8:2d:bd:85:18:
3a:15:94:a0:94:b0:8f:ac:ef:b2:eb:02:e3:76:e8:
a6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:C4:25:24:13:3E:E5:05:76:CA:7A:7F:B9:D3:6F:0A:00:2E:81:7D
X509v3 Authority Key Identifier:
keyid:02:32:4E:6A:A5:88:32:9E:AC:7A:93:8F:B9:87:8D:13:2F:2A:85:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjJOaqWIMp6sepOPuYeNEy8qha8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/c23b96-aeb4-4934-a550-4db984e1c831/1/48QlJBM-5QV2ynp_udNvCgAugX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/c23b96-aeb4-4934-a550-4db984e1c831/1/AjJOaqWIMp6sepOPuYeNEy8qha8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.128.0/23
IPv6:
2001:67c:2260::/48
Signature Algorithm: sha256WithRSAEncryption
43:16:83:94:85:c6:3f:74:91:b8:59:45:73:f7:7a:3e:1b:ef:
1d:5d:bb:a2:c3:18:fc:91:46:0e:d7:11:b1:34:c1:e9:20:00:
20:1d:e7:7e:d3:c7:0c:bb:7b:a9:25:ed:3e:13:ba:fa:62:93:
ac:7d:c6:a9:43:d4:f5:37:7d:6a:fa:6f:5a:36:8e:39:f7:88:
20:40:d7:3d:6c:57:22:a9:88:cc:e0:b9:44:61:af:3b:ec:0c:
46:54:ce:4b:62:ce:1f:71:d3:2d:c5:a7:04:2e:c9:af:08:a4:
f7:78:33:d1:72:c0:8d:9d:ad:c6:d0:86:b4:74:50:45:77:f9:
5a:b0:51:05:96:2b:47:e1:a7:03:14:38:a1:7e:64:40:70:91:
ab:0b:c6:bd:f4:37:84:9d:78:ab:1e:e3:8c:55:32:c8:ef:1b:
9e:0c:7a:ae:8c:e8:ae:f1:35:55:3f:75:d6:56:93:f9:d7:fb:
f1:dd:2e:8a:9e:8f:cc:b6:46:b7:ed:43:92:46:3a:2d:93:e5:
7b:83:2f:fe:5b:ce:1e:9d:5e:c1:a8:1e:2e:db:56:49:13:07:
f4:82:6f:8b:df:58:fc:7a:30:ca:98:ed:43:eb:da:f2:a0:25:
97:f3:8c:d0:df:61:18:83:c6:55:70:e3:51:37:9e:c4:12:4d:
6e:37:76:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyDIqQkDLLTeJ6NNxIxp5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzI0ZTZhYTU4ODMyOWVhYzdhOTM4ZmI5ODc4ZDEzMmYy
YTg1YWYwHhcNMjMwMTAyMTAzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2M0MjUyNDEzM2VlNTA1NzZjYTdhN2ZiOWQzNmYwYTAwMmU4MTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzCq3GXsO945IeyZdJ2GbLEx6mtN
DuxJB1z62/bH+VSb2yzxz8mUUdf6Z+okSKlwReCWErxrpSzW59Lt8mx9V16ydC5D
qZAV1TsFS/Aufc6/cNI61LrV83JymozDR/MAB0m43/hu9bjs9KeCVcCWxZ+G6hiJ
6vQa13nyfdP8NFMwKDaRBq/IAbFrr0P+L5+4aE9mjCeQFuTY1P1bRTlD/qdGJvPl
2pu+Q/mBH+Hxt+YyALufJtnmcu1c1BxrTU/15RYabn9rxroALphD8XwKJa7fyoSl
TwPoilANaqON0j4PF/hgeRc/SGnaqC29hRg6FZSglLCPrO+y6wLjduimkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOPEJSQTPuUFdsp6f7nTbwoALoF9MB8GA1UdIwQY
MBaAFAIyTmqliDKerHqTj7mHjRMvKoWvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpKT2FxV0lNcDZzZXBPUHVZZU5FeThxaGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9jMjNiOTYtYWViNC00OTM0LWE1NTAt
NGRiOTg0ZTFjODMxLzEvNDhRbEpCTS01UVYyeW5wX3VkTnZDZ0F1Z1gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9jMjNiOTYtYWViNC00OTM0LWE1NTAtNGRiOTg0ZTFjODMx
LzEvQWpKT2FxV0lNcDZzZXBPUHVZZU5FeThxaGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW+OAMA8E
AgACMAkDBwAgAQZ8ImAwDQYJKoZIhvcNAQELBQADggEBAEMWg5SFxj90kbhZRXP3
ej4b7x1du6LDGPyRRg7XEbE0wekgACAd537Txwy7e6kl7T4Tuvpik6x9xqlD1PU3
fWr6b1o2jjn3iCBA1z1sVyKpiMzguURhrzvsDEZUzktizh9x0y3FpwQuya8IpPd4
M9FywI2drcbQhrR0UEV3+VqwUQWWK0fhpwMUOKF+ZEBwkasLxr30N4SdeKse44xV
MsjvG54Meq6M6K7xNVU/ddZWk/nX+/HdLoqej8y2RrftQ5JGOi2T5XuDL/5bzh6d
XsGoHi7bVkkTB/SCb4vfWPx6MMqY7UPr2vKgJZfzjNDfYRiDxlVw41E3nsQSTW43
dlo=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:56 2024 by rpki-client on console-ams.rpki-client.org