Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3f27b3-7110-4d8c-a0d8-03109c15510d/1/H1_fIXuvL2bL59OOsOYZniB5TE8.roa
File: H1_fIXuvL2bL59OOsOYZniB5TE8.roa (raw, json)
Hash identifier: S3pofEZb3he4sox7UrVdGxEHwOHQiF5s23aEf5d2uks=
Subject key identifier: 1F:5F:DF:21:7B:AF:2F:66:CB:E7:D3:8E:B0:E6:19:9E:20:79:4C:4F
Certificate issuer: /CN=60599373b0b6f04319d08becb5ad5792a13bda92
Certificate serial: 01856EAFCCA2B0753DC521F6DC5EC9EB651C
Authority key identifier: 60:59:93:73:B0:B6:F0:43:19:D0:8B:EC:B5:AD:57:92:A1:3B:DA:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFmTc7C28EMZ0Ivsta1XkqE72pI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/3f27b3-7110-4d8c-a0d8-03109c15510d/1/H1_fIXuvL2bL59OOsOYZniB5TE8.roa
Signing time: Sun 01 Jan 2023 18:54:52 +0000
ROA not before: Sun 01 Jan 2023 18:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44801
IP address blocks: 91.199.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:cc:a2:b0:75:3d:c5:21:f6:dc:5e:c9:eb:65:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60599373b0b6f04319d08becb5ad5792a13bda92
Validity
Not Before: Jan 1 18:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f5fdf217baf2f66cbe7d38eb0e6199e20794c4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cf:b5:4e:f2:08:cb:60:77:20:6a:ee:0a:6b:
a5:35:b6:47:82:1d:79:cd:35:28:5f:c3:9a:45:b3:
94:b9:d3:76:8d:56:6c:f4:b9:9b:db:1d:fc:5e:1d:
da:b1:99:c4:42:8b:44:2d:4f:fa:6b:90:a6:87:45:
a1:e8:65:97:00:6c:5a:2b:f4:a1:bb:cc:f6:7d:fe:
a2:cb:45:78:a7:5a:ae:3c:76:98:9d:13:9c:94:01:
87:d4:c6:2e:7a:1a:a6:91:be:55:0f:1d:0b:0a:04:
f6:40:ff:91:e1:5b:7f:a6:b0:60:a9:8f:6d:1b:44:
ef:16:5a:32:83:65:e0:ca:b3:8c:dc:11:a7:88:dc:
59:5c:cc:4b:c6:0a:73:77:02:ab:5e:b3:5f:a1:fa:
3d:a6:b1:3e:08:67:d2:63:6b:da:4d:4d:78:ed:9c:
a3:7f:e3:62:8c:53:45:0f:94:9a:66:20:19:ea:8c:
28:40:d1:07:6e:7e:5e:bc:94:01:8e:f3:bf:4e:7b:
f7:da:c0:b2:67:28:71:cf:ca:50:d2:57:c6:48:9c:
60:49:78:62:e2:fc:7c:6f:27:a5:71:58:14:04:51:
5e:13:07:27:c7:26:8e:69:2f:c6:f0:e3:01:d6:ba:
47:4b:07:18:44:74:fe:03:60:28:0d:8f:6a:ff:43:
3c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:5F:DF:21:7B:AF:2F:66:CB:E7:D3:8E:B0:E6:19:9E:20:79:4C:4F
X509v3 Authority Key Identifier:
keyid:60:59:93:73:B0:B6:F0:43:19:D0:8B:EC:B5:AD:57:92:A1:3B:DA:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFmTc7C28EMZ0Ivsta1XkqE72pI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3f27b3-7110-4d8c-a0d8-03109c15510d/1/H1_fIXuvL2bL59OOsOYZniB5TE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3f27b3-7110-4d8c-a0d8-03109c15510d/1/YFmTc7C28EMZ0Ivsta1XkqE72pI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.252.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:7f:74:37:75:3c:25:7f:5f:92:4c:f3:91:90:bb:5a:ea:7d:
f5:a2:5b:8f:d1:3e:06:31:6a:c3:a7:42:21:69:d5:64:03:4b:
80:4d:2b:56:d4:40:fc:d8:b3:7f:a7:5b:3d:e2:c4:24:87:ea:
42:2c:f2:f6:d3:31:94:cf:e2:cf:f8:0d:2c:3f:b8:67:d4:80:
e5:35:dc:e9:d2:71:74:ae:79:76:6f:bf:c2:52:91:89:dc:73:
8c:fa:e8:1e:a2:ce:6a:83:57:21:df:e3:b2:1b:3c:2f:0b:b8:
e7:02:24:54:0e:29:14:6b:da:45:01:d3:6a:06:d8:b8:45:d4:
65:7c:c5:ee:3c:df:8f:92:fb:a6:00:a7:59:c7:ee:90:73:c9:
b9:ee:cd:52:e2:62:5e:43:bc:b9:da:bb:31:b1:b5:a1:52:66:
43:c9:fd:5f:aa:69:40:d6:66:33:e7:ba:0a:a6:e6:36:fe:a1:
09:6b:5e:d8:7f:e5:90:c7:e6:5f:0e:e4:e2:11:a3:83:49:6a:
06:8b:35:89:7c:78:2e:ba:ab:34:74:23:df:5b:73:c0:19:c2:
fe:87:f0:2c:5b:55:20:cc:28:09:c8:ba:5b:13:89:d6:31:3d:
e6:e1:2f:13:53:0b:37:6b:ef:33:e6:55:35:06:c3:e9:34:63:
5a:68:74:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur8yisHU9xSH23F7J62UcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTk5MzczYjBiNmYwNDMxOWQwOGJlY2I1YWQ1NzkyYTEz
YmRhOTIwHhcNMjMwMTAxMTg1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjVmZGYyMTdiYWYyZjY2Y2JlN2QzOGViMGU2MTk5ZTIwNzk0YzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps+1TvIIy2B3IGruCmulNbZHgh15
zTUoX8OaRbOUudN2jVZs9Lmb2x38Xh3asZnEQotELU/6a5Cmh0Wh6GWXAGxaK/Sh
u8z2ff6iy0V4p1quPHaYnROclAGH1MYuehqmkb5VDx0LCgT2QP+R4Vt/prBgqY9t
G0TvFloyg2XgyrOM3BGniNxZXMxLxgpzdwKrXrNfofo9prE+CGfSY2vaTU147Zyj
f+NijFNFD5SaZiAZ6owoQNEHbn5evJQBjvO/Tnv32sCyZyhxz8pQ0lfGSJxgSXhi
4vx8byelcVgUBFFeEwcnxyaOaS/G8OMB1rpHSwcYRHT+A2AoDY9q/0M8EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB9f3yF7ry9my+fTjrDmGZ4geUxPMB8GA1UdIwQY
MBaAFGBZk3OwtvBDGdCL7LWtV5KhO9qSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZtVGM3QzI4RU1aMEl2c3RhMVhrcUU3MnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zZjI3YjMtNzExMC00ZDhjLWEwZDgt
MDMxMDljMTU1MTBkLzEvSDFfZklYdXZMMmJMNTlPT3NPWVpuaUI1VEU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zZjI3YjMtNzExMC00ZDhjLWEwZDgtMDMxMDljMTU1MTBk
LzEvWUZtVGM3QzI4RU1aMEl2c3RhMVhrcUU3MnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8f8MA0G
CSqGSIb3DQEBCwUAA4IBAQA8f3Q3dTwlf1+STPORkLta6n31oluP0T4GMWrDp0Ih
adVkA0uATStW1ED82LN/p1s94sQkh+pCLPL20zGUz+LP+A0sP7hn1IDlNdzp0nF0
rnl2b7/CUpGJ3HOM+ugeos5qg1ch3+OyGzwvC7jnAiRUDikUa9pFAdNqBti4RdRl
fMXuPN+PkvumAKdZx+6Qc8m57s1S4mJeQ7y52rsxsbWhUmZDyf1fqmlA1mYz57oK
puY2/qEJa17Yf+WQx+ZfDuTiEaODSWoGizWJfHguuqs0dCPfW3PAGcL+h/AsW1Ug
zCgJyLpbE4nWMT3m4S8TUws3a+8z5lU1BsPpNGNaaHRm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:06 2024 by rpki-client on console-ams.rpki-client.org