Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/49bef1-401a-48d2-8746-267275e92570/1/2Tkxn48ACPzCyLSkxMRZqeRHotY.roa
File: 2Tkxn48ACPzCyLSkxMRZqeRHotY.roa (raw, json)
Hash identifier: MVhHysLhsz5r9rc0c9phRswe5orJANYrKb809pRs8gY=
Subject key identifier: D9:39:31:9F:8F:00:08:FC:C2:C8:B4:A4:C4:C4:59:A9:E4:47:A2:D6
Certificate issuer: /CN=2ebb3624b82f0e1e538b00919f442d200c7e3cd2
Certificate serial: 018B3CEF6F6541F17CA19A43B077314FA231
Authority key identifier: 2E:BB:36:24:B8:2F:0E:1E:53:8B:00:91:9F:44:2D:20:0C:7E:3C:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lrs2JLgvDh5TiwCRn0QtIAx-PNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/49bef1-401a-48d2-8746-267275e92570/1/2Tkxn48ACPzCyLSkxMRZqeRHotY.roa
Signing time: Tue 17 Oct 2023 09:20:06 +0000
ROA not before: Tue 17 Oct 2023 09:20:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31673
IP address blocks: 91.231.4.0/23 maxlen: 24
91.231.6.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:ef:6f:65:41:f1:7c:a1:9a:43:b0:77:31:4f:a2:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ebb3624b82f0e1e538b00919f442d200c7e3cd2
Validity
Not Before: Oct 17 09:20:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d939319f8f0008fcc2c8b4a4c4c459a9e447a2d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1a:a6:d7:3e:86:b9:de:a5:fd:bf:d6:d2:12:
45:67:7d:c4:7d:e7:21:ba:ad:98:0a:c3:d8:43:c1:
53:a7:e6:fe:4c:cf:8e:ef:a7:8b:16:5a:17:7e:7b:
de:da:87:31:8a:aa:6e:e5:e6:6c:af:14:6f:79:a4:
94:9c:e3:fa:0b:89:2a:ea:ea:08:65:b0:50:36:1f:
32:fe:ca:c1:02:7f:31:6c:98:89:3a:7f:a3:a9:21:
79:b9:44:4d:64:8e:e0:14:cf:38:3e:b1:7b:84:5d:
5c:8e:14:f7:15:81:c1:73:1a:8e:17:85:5d:95:bc:
cc:1f:e4:7e:97:95:b4:06:06:32:de:35:24:ad:b3:
a6:4a:bf:1c:fd:8f:56:cd:6b:a1:a7:4c:f2:f3:8d:
8f:42:90:a7:64:26:95:0a:de:32:6e:e4:13:e7:a0:
8c:76:ea:71:3b:dd:4c:b2:3f:a2:43:2e:6d:cc:1e:
b9:5e:a6:ec:bf:e1:06:39:77:2f:1e:f0:32:b0:ac:
24:e7:ae:06:c4:08:de:3b:e0:f8:60:c2:22:8d:0d:
9b:9d:d2:ed:fc:ca:4b:78:56:fc:55:81:a6:dc:a7:
eb:30:ed:ee:4c:e2:67:14:5c:3f:ba:ea:84:31:d9:
4c:f3:37:63:41:0b:09:0a:2f:41:cb:89:e1:f3:38:
7a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:39:31:9F:8F:00:08:FC:C2:C8:B4:A4:C4:C4:59:A9:E4:47:A2:D6
X509v3 Authority Key Identifier:
keyid:2E:BB:36:24:B8:2F:0E:1E:53:8B:00:91:9F:44:2D:20:0C:7E:3C:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lrs2JLgvDh5TiwCRn0QtIAx-PNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/49bef1-401a-48d2-8746-267275e92570/1/2Tkxn48ACPzCyLSkxMRZqeRHotY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/49bef1-401a-48d2-8746-267275e92570/1/Lrs2JLgvDh5TiwCRn0QtIAx-PNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.4.0-91.231.6.255
Signature Algorithm: sha256WithRSAEncryption
d4:a2:f1:87:cb:9b:10:27:4e:32:89:6d:ab:bc:2e:e0:2a:9a:
73:2e:27:d5:c0:1c:4e:c9:c1:6a:17:00:38:0f:7a:df:27:0f:
d3:3c:82:4d:3f:92:bf:35:72:31:69:2a:8d:eb:04:a4:fe:80:
65:b8:da:23:0c:39:54:5b:49:81:ae:cf:39:7c:5b:e8:29:57:
dc:8c:24:39:d1:ff:b6:2c:56:76:f7:8f:aa:aa:b7:63:db:35:
c9:47:16:35:31:67:b5:24:c5:c5:54:ae:b0:8a:17:09:7d:72:
1c:2e:6d:c8:c6:ce:2a:9b:9a:dd:31:a7:b2:8e:5c:60:c9:db:
1d:ef:e4:e2:2f:ac:c8:e6:f7:0a:ef:e2:09:66:fe:ab:14:5c:
e1:0e:96:50:ed:bc:c8:da:b0:a4:8f:9b:cd:d6:5f:25:3b:d0:
58:b7:d2:99:cd:ae:0e:7b:0b:3c:ef:7b:cb:df:57:9a:68:2a:
e9:b3:50:35:73:d9:48:7a:55:38:31:38:4f:02:28:2d:76:89:
62:2e:7b:25:db:5d:a6:6c:8a:7e:43:ff:a6:e0:33:f3:85:f5:
cb:b3:fd:d3:c3:74:46:08:9a:2b:6e:01:f5:14:c1:6d:b5:e2:
7c:fe:b9:79:9b:b9:41:f9:c7:9c:a2:29:f0:ac:4a:c4:68:33:
76:cf:a3:81
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYs8729lQfF8oZpDsHcxT6IxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYmIzNjI0YjgyZjBlMWU1MzhiMDA5MTlmNDQyZDIwMGM3
ZTNjZDIwHhcNMjMxMDE3MDkyMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTM5MzE5ZjhmMDAwOGZjYzJjOGI0YTRjNGM0NTlhOWU0NDdhMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBqm1z6Gud6l/b/W0hJFZ33Efech
uq2YCsPYQ8FTp+b+TM+O76eLFloXfnve2ocxiqpu5eZsrxRveaSUnOP6C4kq6uoI
ZbBQNh8y/srBAn8xbJiJOn+jqSF5uURNZI7gFM84PrF7hF1cjhT3FYHBcxqOF4Vd
lbzMH+R+l5W0BgYy3jUkrbOmSr8c/Y9WzWuhp0zy842PQpCnZCaVCt4ybuQT56CM
dupxO91Msj+iQy5tzB65Xqbsv+EGOXcvHvAysKwk564GxAjeO+D4YMIijQ2bndLt
/MpLeFb8VYGm3KfrMO3uTOJnFFw/uuqEMdlM8zdjQQsJCi9By4nh8zh6fQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNk5MZ+PAAj8wsi0pMTEWankR6LWMB8GA1UdIwQY
MBaAFC67NiS4Lw4eU4sAkZ9ELSAMfjzSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHJzMkpMZ3ZEaDVUaXdDUm4wUXRJQXgtUE5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80OWJlZjEtNDAxYS00OGQyLTg3NDYt
MjY3Mjc1ZTkyNTcwLzEvMlRreG40OEFDUHpDeUxTa3hNUlpxZVJIb3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC80OWJlZjEtNDAxYS00OGQyLTg3NDYtMjY3Mjc1ZTkyNTcw
LzEvTHJzMkpMZ3ZEaDVUaXdDUm4wUXRJQXgtUE5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJb5wQD
BABb5wYwDQYJKoZIhvcNAQELBQADggEBANSi8YfLmxAnTjKJbau8LuAqmnMuJ9XA
HE7JwWoXADgPet8nD9M8gk0/kr81cjFpKo3rBKT+gGW42iMMOVRbSYGuzzl8W+gp
V9yMJDnR/7YsVnb3j6qqt2PbNclHFjUxZ7UkxcVUrrCKFwl9chwubcjGziqbmt0x
p7KOXGDJ2x3v5OIvrMjm9wrv4glm/qsUXOEOllDtvMjasKSPm83WXyU70Fi30pnN
rg57Czzve8vfV5poKumzUDVz2Uh6VTgxOE8CKC12iWIueyXbXaZsin5D/6bgM/OF
9cuz/dPDdEYImituAfUUwW214nz+uXmbuUH5x5yiKfCsSsRoM3bPo4E=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:56 2024 by rpki-client on console-ams.rpki-client.org