Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/49bef1-401a-48d2-8746-267275e92570/1/DhFx8Ugrp_il_cKqBjaDUcGuHLg.roa
File: DhFx8Ugrp_il_cKqBjaDUcGuHLg.roa (raw, json)
Hash identifier: VgHZUQ9uMppwjBnaJ2+oBY+Xe5J0N8oh2/4/dS5vSuo=
Subject key identifier: 0E:11:71:F1:48:2B:A7:F8:A5:FD:C2:AA:06:36:83:51:C1:AE:1C:B8
Certificate issuer: /CN=2ebb3624b82f0e1e538b00919f442d200c7e3cd2
Certificate serial: 018B3CF40363664B6C7BF3C37762783B1BB8
Authority key identifier: 2E:BB:36:24:B8:2F:0E:1E:53:8B:00:91:9F:44:2D:20:0C:7E:3C:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lrs2JLgvDh5TiwCRn0QtIAx-PNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/49bef1-401a-48d2-8746-267275e92570/1/DhFx8Ugrp_il_cKqBjaDUcGuHLg.roa
Signing time: Tue 17 Oct 2023 09:25:06 +0000
ROA not before: Tue 17 Oct 2023 09:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57146
IP address blocks: 91.231.4.0/23 maxlen: 24
91.231.6.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:f4:03:63:66:4b:6c:7b:f3:c3:77:62:78:3b:1b:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ebb3624b82f0e1e538b00919f442d200c7e3cd2
Validity
Not Before: Oct 17 09:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e1171f1482ba7f8a5fdc2aa06368351c1ae1cb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e7:e2:ea:f4:ea:01:ad:99:ec:53:ec:e0:69:
8d:8a:b4:24:36:03:10:d8:55:8b:8a:03:3c:74:cf:
5d:10:cf:a2:4e:1e:70:6b:e6:fa:54:05:97:fc:a8:
b5:ee:5e:7b:04:5c:a0:8c:86:5b:2a:36:12:b6:c8:
b8:2b:42:87:79:6a:92:94:48:cf:1c:a0:3d:eb:24:
18:17:c7:59:41:d5:21:97:39:7d:4b:1d:c5:fd:8d:
29:9d:05:c5:35:d3:f7:81:31:2f:0a:0c:4e:3b:e7:
a0:78:37:5f:7c:78:9e:a2:d6:71:e1:ca:ba:c3:02:
88:ca:46:82:f2:5f:5e:1c:d3:28:03:d4:59:6b:f8:
63:0c:de:e2:b1:cb:7d:3c:63:d6:6a:c4:d5:56:f6:
5e:6c:1c:ef:6d:11:83:cf:93:1f:4d:83:5c:82:64:
86:2c:9b:54:bb:f2:9a:05:65:f3:e6:f7:eb:a0:5d:
62:18:50:2d:e5:67:fd:c8:ea:1a:f9:21:05:0e:df:
19:95:cf:4d:e7:3a:10:29:49:a4:fb:b4:67:99:20:
91:8e:95:6a:2f:2f:24:ab:d7:4d:67:3b:07:5f:bb:
86:d4:88:6c:73:67:96:b6:b1:2a:f1:21:4c:37:54:
69:d1:ac:fd:96:89:b8:ee:8b:e8:27:a0:14:52:68:
cb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:11:71:F1:48:2B:A7:F8:A5:FD:C2:AA:06:36:83:51:C1:AE:1C:B8
X509v3 Authority Key Identifier:
keyid:2E:BB:36:24:B8:2F:0E:1E:53:8B:00:91:9F:44:2D:20:0C:7E:3C:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lrs2JLgvDh5TiwCRn0QtIAx-PNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/49bef1-401a-48d2-8746-267275e92570/1/DhFx8Ugrp_il_cKqBjaDUcGuHLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/49bef1-401a-48d2-8746-267275e92570/1/Lrs2JLgvDh5TiwCRn0QtIAx-PNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.4.0-91.231.6.255
Signature Algorithm: sha256WithRSAEncryption
c9:47:2e:4f:e4:93:c3:27:24:55:ca:fa:19:74:bb:75:53:b7:
82:21:4e:4e:23:13:49:74:17:53:97:1d:63:af:21:ea:63:0a:
21:9f:6f:6c:83:21:e1:23:ba:cf:39:f0:02:5a:1f:02:4b:87:
a8:c4:cd:5f:7d:81:df:82:1e:c0:8d:12:fb:49:93:d4:ff:e5:
32:10:d2:df:9f:aa:66:a3:46:8e:f6:37:ba:fd:a1:dc:b1:4e:
c8:ce:32:55:1d:f1:27:a7:c5:96:27:9c:21:99:6c:a9:ec:48:
59:df:34:5c:35:4e:5c:9f:ab:91:90:2d:18:fa:0d:19:a7:ab:
a2:3b:cd:35:c3:f3:00:a1:bf:1e:12:f9:ba:a1:72:15:c7:07:
71:17:02:38:01:ad:5c:ff:58:93:8b:50:5d:bf:4c:c7:40:37:
82:87:d4:c0:9a:c4:d7:c0:81:99:81:23:f7:76:79:3a:a6:24:
46:a2:11:79:1a:bd:a8:72:a9:11:52:b3:27:31:8a:b1:04:9d:
3e:e7:c9:f1:99:41:98:62:18:bb:69:73:20:d0:0b:85:ab:b7:
ff:17:71:61:b3:20:18:ec:1b:4e:99:59:1c:b0:79:0b:5e:62:
ad:75:91:db:61:77:0c:01:58:79:78:94:9d:37:dd:17:61:86:
85:09:1f:6f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYs89ANjZktse/PDd2J4Oxu4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYmIzNjI0YjgyZjBlMWU1MzhiMDA5MTlmNDQyZDIwMGM3
ZTNjZDIwHhcNMjMxMDE3MDkyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTExNzFmMTQ4MmJhN2Y4YTVmZGMyYWEwNjM2ODM1MWMxYWUxY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoefi6vTqAa2Z7FPs4GmNirQkNgMQ
2FWLigM8dM9dEM+iTh5wa+b6VAWX/Ki17l57BFygjIZbKjYStsi4K0KHeWqSlEjP
HKA96yQYF8dZQdUhlzl9Sx3F/Y0pnQXFNdP3gTEvCgxOO+egeDdffHieotZx4cq6
wwKIykaC8l9eHNMoA9RZa/hjDN7isct9PGPWasTVVvZebBzvbRGDz5MfTYNcgmSG
LJtUu/KaBWXz5vfroF1iGFAt5Wf9yOoa+SEFDt8Zlc9N5zoQKUmk+7RnmSCRjpVq
Ly8kq9dNZzsHX7uG1Ihsc2eWtrEq8SFMN1Rp0az9lom47ovoJ6AUUmjLZQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA4RcfFIK6f4pf3CqgY2g1HBrhy4MB8GA1UdIwQY
MBaAFC67NiS4Lw4eU4sAkZ9ELSAMfjzSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHJzMkpMZ3ZEaDVUaXdDUm4wUXRJQXgtUE5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80OWJlZjEtNDAxYS00OGQyLTg3NDYt
MjY3Mjc1ZTkyNTcwLzEvRGhGeDhVZ3JwX2lsX2NLcUJqYURVY0d1SExnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC80OWJlZjEtNDAxYS00OGQyLTg3NDYtMjY3Mjc1ZTkyNTcw
LzEvTHJzMkpMZ3ZEaDVUaXdDUm4wUXRJQXgtUE5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJb5wQD
BABb5wYwDQYJKoZIhvcNAQELBQADggEBAMlHLk/kk8MnJFXK+hl0u3VTt4IhTk4j
E0l0F1OXHWOvIepjCiGfb2yDIeEjus858AJaHwJLh6jEzV99gd+CHsCNEvtJk9T/
5TIQ0t+fqmajRo72N7r9odyxTsjOMlUd8SenxZYnnCGZbKnsSFnfNFw1Tlyfq5GQ
LRj6DRmnq6I7zTXD8wChvx4S+bqhchXHB3EXAjgBrVz/WJOLUF2/TMdAN4KH1MCa
xNfAgZmBI/d2eTqmJEaiEXkavahyqRFSsycxirEEnT7nyfGZQZhiGLtpcyDQC4Wr
t/8XcWGzIBjsG06ZWRyweQteYq11kdthdwwBWHl4lJ033RdhhoUJH28=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:41 2024 by rpki-client on console-fra.rpki-client.org