Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/h2oZedK3KSECSff-sPohZY6Bhwc.roa
File: h2oZedK3KSECSff-sPohZY6Bhwc.roa (raw, json)
Hash identifier: IR4yqmjOufd48z6GX+0WVUXQHPjNNnGZf9cJLFH+n9A=
Subject key identifier: 87:6A:19:79:D2:B7:29:21:02:49:F7:FE:B0:FA:21:65:8E:81:87:07
Certificate issuer: /CN=217b7ab062bc828b348d05306e65354748b9d6d6
Certificate serial: 018801A45E2D5AFE7AAEFBFFC81902058D3F
Authority key identifier: 21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/h2oZedK3KSECSff-sPohZY6Bhwc.roa
Signing time: Tue 09 May 2023 17:52:09 +0000
ROA not before: Tue 09 May 2023 17:52:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49778
IP address blocks: 91.219.23.32/27 maxlen: 27
91.219.23.0/24 maxlen: 24
2a12:70c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 25 May 2023 23:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:01:a4:5e:2d:5a:fe:7a:ae:fb:ff:c8:19:02:05:8d:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=217b7ab062bc828b348d05306e65354748b9d6d6
Validity
Not Before: May 9 17:52:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=876a1979d2b729210249f7feb0fa21658e818707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:86:11:72:e8:23:b8:71:ab:fc:0c:8f:95:6d:
c3:74:ac:f6:2a:41:da:55:2d:b6:fb:c8:f1:6a:46:
44:5a:e1:7d:05:7f:03:3b:e2:7a:a2:8f:5e:7c:6a:
06:b9:bf:90:3f:56:0c:e4:d9:47:81:bd:f0:a9:8e:
1e:c9:71:20:45:43:32:0c:6c:b3:8f:18:87:37:e3:
61:e3:b2:0d:d3:d3:fe:68:df:dd:26:bd:02:13:a7:
da:45:4b:d9:ed:d5:cd:f4:57:dc:56:7c:ae:5a:42:
c0:5d:2f:ff:fc:07:a7:1d:17:df:2c:c0:3e:31:39:
3b:09:38:7b:b2:04:15:50:7a:92:29:9c:da:94:80:
c5:cc:24:5b:2d:bd:36:78:3e:30:e5:f3:89:03:02:
a0:30:b4:5f:ca:12:d5:04:38:90:ff:c1:2d:c6:dc:
26:f1:6b:cf:dc:e1:d4:77:6f:3d:c1:55:b2:17:f4:
df:6c:04:4d:b3:31:34:de:86:42:c6:f6:e6:0a:e0:
21:bb:54:61:cc:ea:7b:e9:03:4d:c3:69:a4:5d:4e:
de:5f:8b:0a:2c:fe:16:64:84:86:f8:41:a5:24:c9:
87:af:a2:c6:58:25:52:a1:9b:8b:6b:5f:9f:0d:74:
57:be:cf:e7:a5:7a:28:1d:49:20:2a:fb:59:1b:2c:
47:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:6A:19:79:D2:B7:29:21:02:49:F7:FE:B0:FA:21:65:8E:81:87:07
X509v3 Authority Key Identifier:
keyid:21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/h2oZedK3KSECSff-sPohZY6Bhwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/IXt6sGK8gos0jQUwbmU1R0i51tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.23.0/24
IPv6:
2a12:70c0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:63:72:8e:c0:61:c7:16:d2:d4:bd:1b:72:38:f1:e5:40:fe:
07:59:c4:e2:f3:d8:19:66:c5:8f:1c:b4:26:00:50:fc:ce:4f:
8f:16:73:9d:64:0e:cb:55:48:5e:f1:5c:57:7b:eb:62:b0:7f:
53:69:28:24:a8:cb:de:38:11:b1:5c:e6:54:8a:3f:33:fb:d3:
98:67:71:8d:0e:77:e2:e6:64:57:54:48:bf:14:96:5a:c3:0f:
da:b4:00:d4:18:16:ce:4e:25:4c:09:7c:c2:ac:3c:6e:0f:40:
55:1d:f0:6d:1d:77:ec:ea:9a:17:ca:eb:4f:7d:48:0f:8c:6a:
24:ef:6b:1c:b2:6f:ae:12:79:16:d4:e0:77:2f:59:16:7b:00:
1d:65:1c:91:67:7e:28:0a:f7:34:95:80:93:fd:46:6d:55:31:
c7:89:f7:45:7a:d0:07:da:c8:0d:f7:f0:05:7e:a3:41:71:1d:
f0:b4:0c:04:d4:99:91:38:20:fc:64:92:ab:00:6e:9e:5e:56:
f8:db:78:bf:a6:57:81:ed:e1:67:53:29:65:9c:e0:22:23:a6:
85:71:c7:2e:3a:e1:0a:f4:66:ea:ba:92:8f:47:59:92:8a:b5:
3a:5d:0a:84:e4:b2:d0:78:ea:4e:4e:64:2d:8e:16:ec:d7:20:
69:c9:e8:6a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYgBpF4tWv56rvv/yBkCBY0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxN2I3YWIwNjJiYzgyOGIzNDhkMDUzMDZlNjUzNTQ3NDhi
OWQ2ZDYwHhcNMjMwNTA5MTc1MjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzZhMTk3OWQyYjcyOTIxMDI0OWY3ZmViMGZhMjE2NThlODE4NzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoYRcugjuHGr/AyPlW3DdKz2KkHa
VS22+8jxakZEWuF9BX8DO+J6oo9efGoGub+QP1YM5NlHgb3wqY4eyXEgRUMyDGyz
jxiHN+Nh47IN09P+aN/dJr0CE6faRUvZ7dXN9FfcVnyuWkLAXS///AenHRffLMA+
MTk7CTh7sgQVUHqSKZzalIDFzCRbLb02eD4w5fOJAwKgMLRfyhLVBDiQ/8Etxtwm
8WvP3OHUd289wVWyF/TfbARNszE03oZCxvbmCuAhu1RhzOp76QNNw2mkXU7eX4sK
LP4WZISG+EGlJMmHr6LGWCVSoZuLa1+fDXRXvs/npXooHUkgKvtZGyxHTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIdqGXnStykhAkn3/rD6IWWOgYcHMB8GA1UdIwQY
MBaAFCF7erBivIKLNI0FMG5lNUdIudbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYt
NTViNjU5Y2Q4MmJiLzEvaDJvWmVkSzNLU0VDU2ZmLXNQb2haWTZCaHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYtNTViNjU5Y2Q4MmJi
LzEvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9sXMA0E
AgACMAcDBQMqEnDAMA0GCSqGSIb3DQEBCwUAA4IBAQBvY3KOwGHHFtLUvRtyOPHl
QP4HWcTi89gZZsWPHLQmAFD8zk+PFnOdZA7LVUhe8VxXe+tisH9TaSgkqMveOBGx
XOZUij8z+9OYZ3GNDnfi5mRXVEi/FJZaww/atADUGBbOTiVMCXzCrDxuD0BVHfBt
HXfs6poXyutPfUgPjGok72scsm+uEnkW1OB3L1kWewAdZRyRZ34oCvc0lYCT/UZt
VTHHifdFetAH2sgN9/AFfqNBcR3wtAwE1JmROCD8ZJKrAG6eXlb423i/pleB7eFn
UyllnOAiI6aFcccuOuEK9GbqupKPR1mSirU6XQqE5LLQeOpOTmQtjhbs1yBpyehq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:43 2024 by rpki-client on console-ams.rpki-client.org