Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/S6R6CH7kDoTNZNZHSkO5oxZNGh0.roa
File: S6R6CH7kDoTNZNZHSkO5oxZNGh0.roa (raw, json)
Hash identifier: 6Fgrd1K/IXf7EAjuVAUgOL+GrOffwrH4TwiV55uR39Y=
Subject key identifier: 4B:A4:7A:08:7E:E4:0E:84:CD:64:D6:47:4A:43:B9:A3:16:4D:1A:1D
Certificate issuer: /CN=1651d3ddc6add483b761ac0476269533fe7ea717
Certificate serial: 01856C783CBB3CCA6BE92E6B638799670D90
Authority key identifier: 16:51:D3:DD:C6:AD:D4:83:B7:61:AC:04:76:26:95:33:FE:7E:A7:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FlHT3cat1IO3YawEdiaVM_5-pxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/S6R6CH7kDoTNZNZHSkO5oxZNGh0.roa
Signing time: Sun 01 Jan 2023 08:34:57 +0000
ROA not before: Sun 01 Jan 2023 08:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47657
IP address blocks: 91.206.151.0/24 maxlen: 24
91.206.150.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:3c:bb:3c:ca:6b:e9:2e:6b:63:87:99:67:0d:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1651d3ddc6add483b761ac0476269533fe7ea717
Validity
Not Before: Jan 1 08:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ba47a087ee40e84cd64d6474a43b9a3164d1a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:2f:2e:f6:b3:fe:a5:6c:95:c6:97:47:ed:73:
56:4e:8c:34:02:51:89:d0:d7:4a:e0:4c:1e:8b:c7:
b8:6f:1f:7c:c9:50:fe:38:12:62:01:9e:5b:c5:d9:
8b:02:d7:35:16:0f:d9:83:d0:c5:da:37:41:c1:eb:
bd:17:36:eb:8e:0b:06:e1:87:7c:94:bd:94:c3:a7:
d5:3a:7c:f5:0d:b4:f1:8e:f8:6e:12:09:85:ad:ca:
ea:1f:8e:b2:54:26:8b:9f:48:ed:92:c4:b1:60:84:
d2:52:c1:61:e7:3a:78:db:eb:34:65:45:60:d1:15:
69:a5:11:13:08:af:b8:a6:eb:ce:5b:11:d4:bf:fe:
5a:6a:10:51:6c:c0:43:67:b9:0e:c4:d5:ce:9c:eb:
6e:73:e8:40:07:8c:b1:c6:0f:33:87:f4:c5:ba:0b:
78:50:3b:ea:36:57:d6:f4:bf:64:67:1e:a2:da:95:
b6:34:77:15:74:37:73:2e:03:99:57:d0:51:6d:dd:
f3:c7:5a:e5:1c:e8:2c:78:4d:3e:cc:87:00:3c:6b:
fd:4d:1e:6c:7a:8d:66:89:85:f4:1b:d0:f1:fb:da:
e2:9e:43:de:28:fe:d6:2b:fd:60:5d:ae:0b:69:56:
51:35:5a:3f:43:cc:56:5d:fd:11:e3:5d:64:64:f1:
0c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A4:7A:08:7E:E4:0E:84:CD:64:D6:47:4A:43:B9:A3:16:4D:1A:1D
X509v3 Authority Key Identifier:
keyid:16:51:D3:DD:C6:AD:D4:83:B7:61:AC:04:76:26:95:33:FE:7E:A7:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlHT3cat1IO3YawEdiaVM_5-pxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/S6R6CH7kDoTNZNZHSkO5oxZNGh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/FlHT3cat1IO3YawEdiaVM_5-pxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.150.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:5a:b5:e7:51:3d:a4:2e:c3:c7:db:e8:ba:d8:76:60:69:84:
6a:d1:82:78:b8:2c:72:cb:0d:8e:52:db:a0:50:8e:ec:e7:bb:
01:73:aa:b2:c2:5e:4f:d8:4c:43:d7:cf:43:5d:02:fa:88:b1:
7d:fb:ef:c1:93:51:26:1c:76:46:50:90:69:76:b1:5e:2f:c3:
81:f9:7a:06:4d:2f:45:fd:4e:0b:d3:84:e2:bd:2a:af:5b:b5:
a4:62:e5:48:23:ac:8e:a1:b9:d9:d0:9b:7f:cf:84:3b:39:7c:
48:80:15:c7:22:bf:b2:2e:0d:9a:77:18:e1:b0:9d:50:3c:7e:
81:7c:58:8e:88:ef:f5:50:a7:3b:ce:fe:dc:61:91:29:a9:a6:
8f:e5:d5:33:b6:a0:2c:83:a9:7e:35:f2:16:e7:e7:cb:d7:47:
37:da:bc:f3:0e:d3:a2:ee:2b:8c:db:bf:f3:df:5b:1b:7a:1c:
9a:04:55:9f:e5:fe:94:64:39:e6:21:03:ed:04:5a:df:02:a7:
10:06:da:9d:7d:03:90:40:8d:e6:d6:3b:bf:03:f2:eb:49:11:
e3:20:a1:0d:13:2c:79:8b:e7:c5:68:bc:78:83:19:81:a9:db:
fd:90:8b:fc:63:b8:92:01:a8:8e:a4:42:32:99:23:ea:f2:86:
80:be:c9:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseDy7PMpr6S5rY4eZZw2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTFkM2RkYzZhZGQ0ODNiNzYxYWMwNDc2MjY5NTMzZmU3
ZWE3MTcwHhcNMjMwMTAxMDgzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmE0N2EwODdlZTQwZTg0Y2Q2NGQ2NDc0YTQzYjlhMzE2NGQxYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5y8u9rP+pWyVxpdH7XNWTow0AlGJ
0NdK4Ewei8e4bx98yVD+OBJiAZ5bxdmLAtc1Fg/Zg9DF2jdBweu9FzbrjgsG4Yd8
lL2Uw6fVOnz1DbTxjvhuEgmFrcrqH46yVCaLn0jtksSxYITSUsFh5zp42+s0ZUVg
0RVppRETCK+4puvOWxHUv/5aahBRbMBDZ7kOxNXOnOtuc+hAB4yxxg8zh/TFugt4
UDvqNlfW9L9kZx6i2pW2NHcVdDdzLgOZV9BRbd3zx1rlHOgseE0+zIcAPGv9TR5s
eo1miYX0G9Dx+9rinkPeKP7WK/1gXa4LaVZRNVo/Q8xWXf0R411kZPEM7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEukegh+5A6EzWTWR0pDuaMWTRodMB8GA1UdIwQY
MBaAFBZR093GrdSDt2GsBHYmlTP+fqcXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxIVDNjYXQxSU8zWWF3RWRpYVZNXzUtcHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zMjFmNzQtMDkyZC00ZGZmLWIzMzUt
MjA1NGY2ZTYxOTIyLzEvUzZSNkNIN2tEb1ROWk5aSFNrTzVveFpOR2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zMjFmNzQtMDkyZC00ZGZmLWIzMzUtMjA1NGY2ZTYxOTIy
LzEvRmxIVDNjYXQxSU8zWWF3RWRpYVZNXzUtcHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW86WMA0G
CSqGSIb3DQEBCwUAA4IBAQB8WrXnUT2kLsPH2+i62HZgaYRq0YJ4uCxyyw2OUtug
UI7s57sBc6qywl5P2ExD189DXQL6iLF9++/Bk1EmHHZGUJBpdrFeL8OB+XoGTS9F
/U4L04TivSqvW7WkYuVII6yOobnZ0Jt/z4Q7OXxIgBXHIr+yLg2adxjhsJ1QPH6B
fFiOiO/1UKc7zv7cYZEpqaaP5dUztqAsg6l+NfIW5+fL10c32rzzDtOi7iuM27/z
31sbehyaBFWf5f6UZDnmIQPtBFrfAqcQBtqdfQOQQI3m1ju/A/LrSRHjIKENEyx5
i+fFaLx4gxmBqdv9kIv8Y7iSAaiOpEIymSPq8oaAvsnp
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:40:20 2024 by rpki-client on console-fra.rpki-client.org