Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/1sPhR1TIZrNKdkrA_tk6xoT4jnc.roa
File: 1sPhR1TIZrNKdkrA_tk6xoT4jnc.roa (raw, json)
Hash identifier: AbaFQiJeTztxjjBLpgroIOxXDEfKUB35LUuirsUDBlk=
Subject key identifier: D6:C3:E1:47:54:C8:66:B3:4A:76:4A:C0:FE:D9:3A:C6:84:F8:8E:77
Certificate issuer: /CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Certificate serial: 01856E1438069863EF952B29089FA3211515
Authority key identifier: 01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/1sPhR1TIZrNKdkrA_tk6xoT4jnc.roa
Signing time: Sun 01 Jan 2023 16:04:56 +0000
ROA not before: Sun 01 Jan 2023 16:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201942
IP address blocks: 91.126.152.0/21 maxlen: 21
91.126.160.0/20 maxlen: 20
91.126.64.0/22 maxlen: 22
91.126.80.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:38:06:98:63:ef:95:2b:29:08:9f:a3:21:15:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Validity
Not Before: Jan 1 16:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6c3e14754c866b34a764ac0fed93ac684f88e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4e:2e:bf:1e:5e:1b:67:86:63:12:86:2b:8e:
f9:a6:9e:43:67:b4:e9:e7:47:45:4f:f1:6f:33:1d:
69:22:6d:1e:fe:b4:37:ee:52:82:8d:d3:41:fa:73:
24:37:2f:69:72:9a:52:9f:4c:d1:95:29:9f:65:8e:
e8:4f:ba:c2:60:fa:9d:2f:54:2c:27:9f:32:60:ac:
15:98:d6:ce:66:2c:34:d1:b4:21:18:6d:21:47:2e:
9e:79:60:32:84:79:23:78:4d:12:4a:cb:8c:e8:11:
de:47:03:b7:1c:6f:22:3e:52:c5:6b:57:95:93:0b:
eb:03:a8:43:63:f3:e5:6e:79:e5:cd:bc:47:50:01:
66:db:1a:a5:75:be:e6:1a:ae:82:ed:70:6e:bb:a1:
b2:a3:23:47:00:48:57:51:ea:cd:75:1f:be:45:17:
c7:6a:49:e5:c9:32:c5:73:ac:42:a1:61:ca:13:9c:
c4:a5:c4:d7:d5:81:ce:ad:67:51:b8:38:44:48:41:
3d:bd:95:a4:56:60:e7:7e:9d:0a:03:d2:cc:57:e3:
c1:45:dc:b2:57:8e:61:6d:ab:f8:63:db:0e:0f:15:
58:ec:ad:a9:1c:30:57:38:5e:d2:91:a3:fe:b4:2f:
3b:e6:f3:90:a0:16:46:22:16:6c:e9:4f:3b:13:27:
89:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:C3:E1:47:54:C8:66:B3:4A:76:4A:C0:FE:D9:3A:C6:84:F8:8E:77
X509v3 Authority Key Identifier:
keyid:01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/1sPhR1TIZrNKdkrA_tk6xoT4jnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.126.64.0/22
91.126.80.0/21
91.126.152.0-91.126.175.255
Signature Algorithm: sha256WithRSAEncryption
69:68:82:91:35:bb:21:46:64:93:d5:17:dc:39:ae:c3:0e:d1:
a8:32:fe:2f:aa:c2:69:4c:e9:65:b3:e9:18:fc:f1:dd:9d:b8:
3a:3a:6f:14:9c:39:b5:32:c2:8d:33:2f:4f:c7:7d:62:af:97:
18:0c:a1:ba:ca:c5:8e:23:54:e5:5d:a5:dd:9b:58:05:d3:49:
2b:d8:30:fa:da:dc:31:1c:de:14:1e:39:13:ba:05:40:cb:16:
67:f1:c5:32:b6:71:24:73:58:1d:b3:e1:7f:72:3b:52:bf:47:
29:d4:57:9d:c2:a8:84:c4:3b:95:e1:9f:c9:c2:27:40:4f:dd:
db:f6:23:7a:95:05:d8:e4:2e:24:78:96:99:02:37:ab:32:54:
77:69:bc:3c:d9:89:68:55:08:1a:e0:57:79:a7:9b:52:b5:66:
c9:6b:ea:62:14:d3:ea:ee:6b:7c:83:fb:47:53:98:82:5f:92:
7e:a2:5f:0c:3d:95:b4:87:bb:d8:92:e4:ef:6e:3e:2d:46:60:
7b:ff:b0:bd:c9:d3:cd:b8:c7:6d:87:99:e6:bc:fe:d5:be:50:
74:99:9a:a4:49:94:08:09:65:76:d0:a7:7b:87:7e:34:44:ee:
70:35:45:8c:ca:07:6c:fe:71:0d:f6:0e:b6:24:5c:99:a7:10:
c5:e3:11:31
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVuFDgGmGPvlSspCJ+jIRUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNzBhMTY5YjZjZDQxMTAyMjI3OWU5ZmY5OTdmMTM0ZmY1
NGFiMWMwHhcNMjMwMTAxMTYwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmMzZTE0NzU0Yzg2NmIzNGE3NjRhYzBmZWQ5M2FjNjg0Zjg4ZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiE4uvx5eG2eGYxKGK475pp5DZ7Tp
50dFT/FvMx1pIm0e/rQ37lKCjdNB+nMkNy9pcppSn0zRlSmfZY7oT7rCYPqdL1Qs
J58yYKwVmNbOZiw00bQhGG0hRy6eeWAyhHkjeE0SSsuM6BHeRwO3HG8iPlLFa1eV
kwvrA6hDY/PlbnnlzbxHUAFm2xqldb7mGq6C7XBuu6GyoyNHAEhXUerNdR++RRfH
aknlyTLFc6xCoWHKE5zEpcTX1YHOrWdRuDhESEE9vZWkVmDnfp0KA9LMV+PBRdyy
V45hbav4Y9sODxVY7K2pHDBXOF7SkaP+tC875vOQoBZGIhZs6U87EyeJEQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNbD4UdUyGazSnZKwP7ZOsaE+I53MB8GA1UdIwQY
MBaAFAFwoWm2zUEQIieen/mX8TT/VKscMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVhDaGFiYk5RUkFpSjU2Zi1aZnhOUDlVcXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xZTc3N2YtOTg2Yi00ZTM0LThkODEt
N2Q0YmIyMzgwNDg3LzEvMXNQaFIxVElack5LZGtyQV90azZ4b1Q0am5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xZTc3N2YtOTg2Yi00ZTM0LThkODEtN2Q0YmIyMzgwNDg3
LzEvQVhDaGFiYk5RUkFpSjU2Zi1aZnhOUDlVcXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCW35AAwQD
W35QMAwDBANbfpgDBARbfqAwDQYJKoZIhvcNAQELBQADggEBAGlogpE1uyFGZJPV
F9w5rsMO0agy/i+qwmlM6WWz6Rj88d2duDo6bxScObUywo0zL0/HfWKvlxgMobrK
xY4jVOVdpd2bWAXTSSvYMPra3DEc3hQeORO6BUDLFmfxxTK2cSRzWB2z4X9yO1K/
RynUV53CqITEO5Xhn8nCJ0BP3dv2I3qVBdjkLiR4lpkCN6syVHdpvDzZiWhVCBrg
V3mnm1K1Zslr6mIU0+rua3yD+0dTmIJfkn6iXww9lbSHu9iS5O9uPi1GYHv/sL3J
0824x22Hmea8/tW+UHSZmqRJlAgJZXbQp3uHfjRE7nA1RYzKB2z+cQ32DrYkXJmn
EMXjETE=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:37 2024 by rpki-client on console-fra.rpki-client.org