Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/g964sp00JGxKpSuMgS6O-5cuJmE.roa
File: g964sp00JGxKpSuMgS6O-5cuJmE.roa (raw, json)
Hash identifier: gHS9DMtvsKKdrIGL0lOKfzDuJ/CenHvrjUVe55cLdqQ=
Subject key identifier: 83:DE:B8:B2:9D:34:24:6C:4A:A5:2B:8C:81:2E:8E:FB:97:2E:26:61
Certificate issuer: /CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Certificate serial: 01856C53F20C81A67A1CCE9EA6792ACD23AD
Authority key identifier: 96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/g964sp00JGxKpSuMgS6O-5cuJmE.roa
Signing time: Sun 01 Jan 2023 07:55:18 +0000
ROA not before: Sun 01 Jan 2023 07:55:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207996
IP address blocks: 91.194.139.0/24 maxlen: 24
147.78.194.0/23 maxlen: 24
2a0a:e5c0::/29 maxlen: 48
2a09:2940::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:f2:0c:81:a6:7a:1c:ce:9e:a6:79:2a:cd:23:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Validity
Not Before: Jan 1 07:55:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83deb8b29d34246c4aa52b8c812e8efb972e2661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:55:b4:82:92:24:cc:28:02:b6:2c:21:c9:3b:
12:76:7a:5a:33:32:b5:01:bb:3d:22:8f:1e:70:db:
7d:2e:27:cc:78:7a:2b:67:65:75:50:1e:db:c2:e5:
5d:27:ca:e8:de:83:2f:b6:7a:83:e4:ba:fb:df:f8:
0d:b6:c8:48:d1:73:17:81:7c:99:ca:95:a4:6d:2a:
ef:6d:39:5d:3d:da:8e:ae:cc:d1:d8:2c:3f:da:ae:
d2:ed:6f:31:48:9a:48:80:33:0a:3e:9c:e4:41:50:
18:c6:36:de:42:99:99:bc:03:09:90:09:04:60:66:
29:30:4a:ce:75:9b:bd:7f:12:3e:c1:80:63:26:cd:
41:28:1e:56:b9:39:cd:9f:d8:36:36:3a:37:c4:89:
76:75:7e:97:c9:dd:86:0d:1a:bf:eb:6d:5b:80:b6:
69:47:8b:4a:59:ff:96:de:bd:c1:ae:5c:c1:f8:f2:
8f:a2:0d:85:03:58:2b:8d:79:af:60:36:cc:09:82:
57:b1:30:c5:37:63:9a:6d:01:f5:53:6c:58:55:f7:
d1:19:75:0d:c1:dd:a7:88:a4:4b:f2:77:a0:b3:ad:
62:26:0a:58:26:33:12:ae:56:ed:a5:49:60:6c:2f:
38:41:80:4b:8d:d5:31:27:23:af:de:c0:93:60:08:
10:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:DE:B8:B2:9D:34:24:6C:4A:A5:2B:8C:81:2E:8E:FB:97:2E:26:61
X509v3 Authority Key Identifier:
keyid:96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/g964sp00JGxKpSuMgS6O-5cuJmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.139.0/24
147.78.194.0/23
IPv6:
2a09:2940::/29
2a0a:e5c0::/29
Signature Algorithm: sha256WithRSAEncryption
70:f7:26:a6:3b:ef:d9:06:a7:0f:6f:c8:b6:29:84:11:0d:a4:
ca:19:e0:e1:3b:ff:cc:9c:dd:89:02:18:42:bb:f9:1e:8c:d8:
10:af:de:b3:0a:25:5f:68:c7:e6:b7:0e:e6:da:43:cb:42:01:
6e:fd:97:1f:80:63:77:b0:45:f9:e9:33:9f:c8:a4:14:17:0a:
0d:b6:f6:2c:a4:17:18:6d:43:24:21:c8:92:7b:4f:a3:46:6f:
79:ef:5e:b8:52:31:cb:7b:a8:1e:43:de:7f:82:bb:de:2f:85:
57:e5:25:01:69:2c:f0:b7:de:b2:19:5e:1f:db:5f:cf:99:7f:
6f:56:e1:5d:54:2f:4e:2a:ca:a0:30:c2:68:3e:f2:5e:82:20:
14:a2:e7:81:a9:27:7d:55:bf:bc:70:79:d8:af:d2:dc:a9:fb:
8d:a3:3b:b4:ed:40:ff:78:bc:dc:a9:83:fe:43:48:2c:8b:32:
48:04:20:97:4d:6a:05:7b:a1:f9:f4:26:d5:1c:e7:3c:fa:20:
84:f3:9b:97:9f:8f:fb:38:6a:a4:e1:b0:93:19:f9:d3:ae:92:
2d:93:10:4b:63:4a:48:61:92:b8:eb:b5:1d:d8:66:3b:1b:77:
b1:40:88:4f:2a:9e:24:e6:a6:aa:b7:9b:8b:e1:2e:41:ee:57:
40:94:0d:a2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVsU/IMgaZ6HM6epnkqzSOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YmZjNWExNzI2NTRkZDYwMDlkYjFkODJkOTJmZmFmNzEy
MzQxMjAwHhcNMjMwMTAxMDc1NTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2RlYjhiMjlkMzQyNDZjNGFhNTJiOGM4MTJlOGVmYjk3MmUyNjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslW0gpIkzCgCtiwhyTsSdnpaMzK1
Abs9Io8ecNt9LifMeHorZ2V1UB7bwuVdJ8ro3oMvtnqD5Lr73/gNtshI0XMXgXyZ
ypWkbSrvbTldPdqOrszR2Cw/2q7S7W8xSJpIgDMKPpzkQVAYxjbeQpmZvAMJkAkE
YGYpMErOdZu9fxI+wYBjJs1BKB5WuTnNn9g2Njo3xIl2dX6Xyd2GDRq/621bgLZp
R4tKWf+W3r3BrlzB+PKPog2FA1grjXmvYDbMCYJXsTDFN2OabQH1U2xYVffRGXUN
wd2niKRL8negs61iJgpYJjMSrlbtpUlgbC84QYBLjdUxJyOv3sCTYAgQqQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIPeuLKdNCRsSqUrjIEujvuXLiZhMB8GA1UdIwQY
MBaAFJa/xaFyZU3WAJ2x2C2S/69xI0EgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmIt
YmZmYjc1N2MzMTM0LzEvZzk2NHNwMDBKR3hLcFN1TWdTNk8tNWN1Sm1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmItYmZmYjc1N2MzMTM0
LzEvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAW8KLAwQB
k07CMBQEAgACMA4DBQMqCSlAAwUDKgrlwDANBgkqhkiG9w0BAQsFAAOCAQEAcPcm
pjvv2QanD2/ItimEEQ2kyhng4Tv/zJzdiQIYQrv5HozYEK/eswolX2jH5rcO5tpD
y0IBbv2XH4Bjd7BF+ekzn8ikFBcKDbb2LKQXGG1DJCHIkntPo0Zvee9euFIxy3uo
HkPef4K73i+FV+UlAWks8LfeshleH9tfz5l/b1bhXVQvTirKoDDCaD7yXoIgFKLn
gaknfVW/vHB52K/S3Kn7jaM7tO1A/3i83KmD/kNILIsySAQgl01qBXuh+fQm1Rzn
PPoghPObl5+P+zhqpOGwkxn5066SLZMQS2NKSGGSuOu1HdhmOxt3sUCITyqeJOam
qrebi+EuQe5XQJQNog==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:34 2024 by rpki-client on console-ams.rpki-client.org