Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/396709-20e1-4f7d-963e-3b5e83f626e3/1/i7CRq0OICY5zQMo2LmmOB3BStB4.roa
File: i7CRq0OICY5zQMo2LmmOB3BStB4.roa (raw, json)
Hash identifier: NehqhDhrIUPiZJUzeYTWn9gh5VeHMXSSo5J+3o5drpk=
Subject key identifier: 8B:B0:91:AB:43:88:09:8E:73:40:CA:36:2E:69:8E:07:70:52:B4:1E
Certificate issuer: /CN=33710cf81d21777a98d3d999dc1e6eae055f7c3c
Certificate serial: 01856F14A46159F34B46C929B40C0193E24D
Authority key identifier: 33:71:0C:F8:1D:21:77:7A:98:D3:D9:99:DC:1E:6E:AE:05:5F:7C:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M3EM-B0hd3qY09mZ3B5urgVffDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/396709-20e1-4f7d-963e-3b5e83f626e3/1/i7CRq0OICY5zQMo2LmmOB3BStB4.roa
Signing time: Sun 01 Jan 2023 20:45:01 +0000
ROA not before: Sun 01 Jan 2023 20:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47698
IP address blocks: 91.206.174.0/23 maxlen: 23
91.208.103.0/24 maxlen: 24
2001:67c:394::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:a4:61:59:f3:4b:46:c9:29:b4:0c:01:93:e2:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33710cf81d21777a98d3d999dc1e6eae055f7c3c
Validity
Not Before: Jan 1 20:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bb091ab4388098e7340ca362e698e077052b41e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:59:f0:ac:c5:95:3c:b4:c7:f2:6f:4e:48:53:
66:c3:99:4c:b5:7e:44:18:b3:b3:15:03:35:05:f2:
fb:3a:a3:09:5f:ae:f6:8b:ff:bd:3f:c4:85:39:13:
c8:cd:ff:c7:ca:43:39:b4:7a:71:66:c3:d2:ba:0c:
cf:dd:e7:f1:91:33:29:85:d6:de:7a:bb:40:12:6d:
83:60:a4:6d:6a:f0:5a:57:42:94:28:ee:fa:7b:f6:
2e:4d:48:f1:b5:39:30:e6:3a:6c:94:dd:6f:16:7a:
dd:80:5b:17:62:b3:a8:73:bb:f9:c7:97:fb:54:2a:
b6:53:10:52:46:84:25:b3:33:1b:30:38:f0:4b:f1:
06:f6:dd:21:1b:cb:1f:7e:9c:da:27:7a:75:58:d9:
f7:df:8d:40:07:12:ce:f2:c2:01:1f:2a:9e:0b:bf:
a5:3e:37:d7:ed:21:2e:be:cd:5b:7b:47:66:4a:e8:
00:bd:bf:08:7d:a1:a6:33:45:62:76:78:3b:e8:5f:
6f:04:91:8b:d5:1c:89:c7:69:6f:b9:f5:46:26:04:
a2:41:f9:e3:4d:b8:43:97:12:ab:6a:f5:39:3f:bc:
b5:39:dd:63:75:5b:a0:0d:b9:6b:fe:eb:a9:ef:1e:
a8:d1:62:92:d4:e7:4f:72:2b:20:bb:31:f9:62:b1:
d2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B0:91:AB:43:88:09:8E:73:40:CA:36:2E:69:8E:07:70:52:B4:1E
X509v3 Authority Key Identifier:
keyid:33:71:0C:F8:1D:21:77:7A:98:D3:D9:99:DC:1E:6E:AE:05:5F:7C:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M3EM-B0hd3qY09mZ3B5urgVffDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/396709-20e1-4f7d-963e-3b5e83f626e3/1/i7CRq0OICY5zQMo2LmmOB3BStB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/396709-20e1-4f7d-963e-3b5e83f626e3/1/M3EM-B0hd3qY09mZ3B5urgVffDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.174.0/23
91.208.103.0/24
IPv6:
2001:67c:394::/48
Signature Algorithm: sha256WithRSAEncryption
3c:8b:a5:69:75:9b:15:b7:ae:da:23:86:d0:a9:92:32:6d:50:
7c:cb:a7:78:ed:c3:56:57:7d:f5:9e:af:93:7a:76:79:72:04:
54:27:32:4b:59:db:55:01:1e:64:e0:92:97:5e:58:c2:91:77:
95:96:fb:e9:25:67:85:a6:0b:d1:e1:93:0c:74:71:df:0e:86:
9d:0f:0d:c2:d5:ee:5d:d2:bc:6e:7e:88:c8:e2:90:61:90:bd:
1e:53:2b:06:cf:53:48:f4:12:98:36:5b:e3:ee:2d:79:b5:c3:
a5:79:0d:7c:7e:74:cb:92:5d:a2:90:c4:ee:0b:0b:e5:de:eb:
a8:76:46:ed:68:06:67:00:10:93:e8:b3:93:8e:fb:14:0f:85:
98:4c:bc:3e:81:37:5c:a8:ae:56:1b:f2:25:69:e9:8c:38:8b:
d1:9e:53:fe:4b:2a:16:10:48:d4:e3:42:18:49:fb:ea:37:60:
26:41:e9:35:89:d7:6d:b7:a2:1d:28:d0:36:99:f1:8b:09:3c:
d5:84:33:fe:8b:b2:57:dc:96:21:89:28:91:3a:2a:28:81:b5:
f1:81:77:b1:c0:7a:3f:6d:57:01:b3:62:6e:3e:13:0a:df:ea:
41:2a:8b:c3:aa:73:12:2c:d7:50:c5:a0:ab:08:88:0a:4d:da:
37:1f:bf:3a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvFKRhWfNLRskptAwBk+JNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNzEwY2Y4MWQyMTc3N2E5OGQzZDk5OWRjMWU2ZWFlMDU1
ZjdjM2MwHhcNMjMwMTAxMjA0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmIwOTFhYjQzODgwOThlNzM0MGNhMzYyZTY5OGUwNzcwNTJiNDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglnwrMWVPLTH8m9OSFNmw5lMtX5E
GLOzFQM1BfL7OqMJX672i/+9P8SFORPIzf/HykM5tHpxZsPSugzP3efxkTMphdbe
ertAEm2DYKRtavBaV0KUKO76e/YuTUjxtTkw5jpslN1vFnrdgFsXYrOoc7v5x5f7
VCq2UxBSRoQlszMbMDjwS/EG9t0hG8sffpzaJ3p1WNn3341ABxLO8sIBHyqeC7+l
PjfX7SEuvs1be0dmSugAvb8IfaGmM0Vidng76F9vBJGL1RyJx2lvufVGJgSiQfnj
TbhDlxKravU5P7y1Od1jdVugDblr/uup7x6o0WKS1OdPcisguzH5YrHSPwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIuwkatDiAmOc0DKNi5pjgdwUrQeMB8GA1UdIwQY
MBaAFDNxDPgdIXd6mNPZmdwebq4FX3w8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTNFTS1CMGhkM3FZMDltWjNCNXVyZ1ZmZkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zOTY3MDktMjBlMS00ZjdkLTk2M2Ut
M2I1ZTgzZjYyNmUzLzEvaTdDUnEwT0lDWTV6UU1vMkxtbU9CM0JTdEI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zOTY3MDktMjBlMS00ZjdkLTk2M2UtM2I1ZTgzZjYyNmUz
LzEvTTNFTS1CMGhkM3FZMDltWjNCNXVyZ1ZmZkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBW86uAwQA
W9BnMA8EAgACMAkDBwAgAQZ8A5QwDQYJKoZIhvcNAQELBQADggEBADyLpWl1mxW3
rtojhtCpkjJtUHzLp3jtw1ZXffWer5N6dnlyBFQnMktZ21UBHmTgkpdeWMKRd5WW
++klZ4WmC9Hhkwx0cd8Ohp0PDcLV7l3SvG5+iMjikGGQvR5TKwbPU0j0Epg2W+Pu
LXm1w6V5DXx+dMuSXaKQxO4LC+Xe66h2Ru1oBmcAEJPos5OO+xQPhZhMvD6BN1yo
rlYb8iVp6Yw4i9GeU/5LKhYQSNTjQhhJ++o3YCZB6TWJ1223oh0o0DaZ8YsJPNWE
M/6LslfcliGJKJE6KiiBtfGBd7HAej9tVwGzYm4+Ewrf6kEqi8OqcxIs11DFoKsI
iApN2jcfvzo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:17 2024 by rpki-client on console-ams.rpki-client.org