Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/9c091b-f879-43f7-9020-f5b94959c9f7/1/RIYoUxE84ElbvP_2OYZrfQFTi9Q.roa
File: RIYoUxE84ElbvP_2OYZrfQFTi9Q.roa (raw, json)
Hash identifier: RWUe3gpTmn7ZwfeCPeeIuil1RJ/SoIiBDCH/6nuvCF8=
Subject key identifier: 44:86:28:53:11:3C:E0:49:5B:BC:FF:F6:39:86:6B:7D:01:53:8B:D4
Certificate issuer: /CN=d2b11159b72d4015ed867b42b784381e5d955a8f
Certificate serial: 01857039757B178BDF0774C18D27FE231999
Authority key identifier: D2:B1:11:59:B7:2D:40:15:ED:86:7B:42:B7:84:38:1E:5D:95:5A:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0rERWbctQBXthntCt4Q4Hl2VWo8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/9c091b-f879-43f7-9020-f5b94959c9f7/1/RIYoUxE84ElbvP_2OYZrfQFTi9Q.roa
Signing time: Mon 02 Jan 2023 02:04:51 +0000
ROA not before: Mon 02 Jan 2023 02:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60396
IP address blocks: 91.209.0.0/24 maxlen: 24
2001:67c:2e74::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:75:7b:17:8b:df:07:74:c1:8d:27:fe:23:19:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2b11159b72d4015ed867b42b784381e5d955a8f
Validity
Not Before: Jan 2 02:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44862853113ce0495bbcfff639866b7d01538bd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:27:65:a2:ce:6c:65:e1:c0:a7:cd:3e:3a:b4:
1b:69:84:73:0c:35:72:f8:ed:12:a4:85:74:d6:68:
f9:0e:fe:98:90:c2:93:6a:93:cc:f9:52:37:77:80:
42:70:31:f5:e7:84:f8:cd:10:3a:c9:e8:3b:3d:ae:
89:7d:1a:83:a4:7b:fc:78:c8:86:5c:90:6b:cd:cc:
46:bf:f0:43:72:a5:c8:ed:21:a6:93:1a:d2:e1:9f:
f7:54:aa:4a:e2:c7:62:70:5c:b9:d2:ec:bd:63:57:
ab:f8:d4:d8:ba:37:a3:76:f2:bb:ee:d5:ee:c6:42:
fd:80:c1:04:e5:a1:ab:55:81:da:a5:d8:8e:95:c4:
74:f1:cd:a8:98:59:51:94:c4:79:01:b2:db:c1:89:
4d:b2:6d:a8:83:ce:52:bb:24:22:3e:fb:2b:07:21:
bb:a2:78:d3:cd:a9:fb:a1:c0:ca:72:c4:ea:84:67:
1b:a4:41:dd:c8:3d:88:81:8e:69:d2:3b:45:e0:27:
a9:17:5c:80:3d:5c:31:32:59:b9:08:6e:91:3e:3b:
cf:89:ff:f3:d7:be:1c:bc:30:8b:f4:1d:e9:1c:6b:
31:80:5b:e0:4c:1d:45:9b:02:fa:1b:3e:31:f9:21:
52:58:18:52:c7:4e:ea:ef:6a:b0:34:43:4e:79:db:
cf:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:86:28:53:11:3C:E0:49:5B:BC:FF:F6:39:86:6B:7D:01:53:8B:D4
X509v3 Authority Key Identifier:
keyid:D2:B1:11:59:B7:2D:40:15:ED:86:7B:42:B7:84:38:1E:5D:95:5A:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0rERWbctQBXthntCt4Q4Hl2VWo8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/9c091b-f879-43f7-9020-f5b94959c9f7/1/RIYoUxE84ElbvP_2OYZrfQFTi9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/9c091b-f879-43f7-9020-f5b94959c9f7/1/0rERWbctQBXthntCt4Q4Hl2VWo8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.0.0/24
IPv6:
2001:67c:2e74::/48
Signature Algorithm: sha256WithRSAEncryption
30:18:37:7e:26:eb:c9:f3:34:5b:7a:a4:af:1f:c3:b1:8b:61:
5b:92:b5:7a:b2:72:c7:2f:bc:c5:b8:79:d6:0f:38:61:12:3d:
4a:a5:2c:f2:f8:53:e5:ac:a4:44:69:66:4b:81:0f:1a:f2:8f:
7e:ca:26:8a:57:f9:9f:57:e0:eb:b7:ee:bb:04:91:32:aa:8b:
2e:5c:c0:f3:9e:ab:99:e3:a2:23:4f:36:f3:1a:68:50:ba:d2:
a9:a2:aa:b6:63:e3:46:f1:18:e2:e0:0f:4c:15:e7:25:f5:79:
67:cb:68:2b:71:42:45:0b:1b:a0:f9:fe:f0:91:99:2e:d6:dc:
b8:72:f0:42:59:f7:dd:90:88:7e:64:09:d4:d9:e2:fa:17:b6:
5e:30:f2:1b:6b:06:d5:0d:01:fb:7b:5a:42:fb:e9:b9:40:d6:
f0:55:b9:ac:79:21:dd:f6:cf:ad:57:e0:b4:95:9e:78:0a:78:
98:14:61:6c:7d:0d:5f:2b:12:05:16:1a:98:a8:00:23:0f:57:
91:b2:ba:50:28:87:53:58:f0:fa:aa:10:47:5e:74:4d:b7:fb:
5f:9f:dd:b0:06:c2:ba:16:01:07:76:f7:1e:6d:22:61:ae:79:
30:aa:d6:a1:f1:44:80:34:e0:82:e6:45:fd:0a:4b:a6:4d:ff:
07:8d:93:d6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwOXV7F4vfB3TBjSf+IxmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYjExMTU5YjcyZDQwMTVlZDg2N2I0MmI3ODQzODFlNWQ5
NTVhOGYwHhcNMjMwMTAyMDIwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDg2Mjg1MzExM2NlMDQ5NWJiY2ZmZjYzOTg2NmI3ZDAxNTM4YmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Sdlos5sZeHAp80+OrQbaYRzDDVy
+O0SpIV01mj5Dv6YkMKTapPM+VI3d4BCcDH154T4zRA6yeg7Pa6JfRqDpHv8eMiG
XJBrzcxGv/BDcqXI7SGmkxrS4Z/3VKpK4sdicFy50uy9Y1er+NTYujejdvK77tXu
xkL9gMEE5aGrVYHapdiOlcR08c2omFlRlMR5AbLbwYlNsm2og85SuyQiPvsrByG7
onjTzan7ocDKcsTqhGcbpEHdyD2IgY5p0jtF4CepF1yAPVwxMlm5CG6RPjvPif/z
174cvDCL9B3pHGsxgFvgTB1FmwL6Gz4x+SFSWBhSx07q72qwNENOedvPIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFESGKFMRPOBJW7z/9jmGa30BU4vUMB8GA1UdIwQY
MBaAFNKxEVm3LUAV7YZ7QreEOB5dlVqPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHJFUldiY3RRQlh0aG50Q3Q0UTRIbDJWV284LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy85YzA5MWItZjg3OS00M2Y3LTkwMjAt
ZjViOTQ5NTljOWY3LzEvUklZb1V4RTg0RWxidlBfMk9ZWnJmUUZUaTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy85YzA5MWItZjg3OS00M2Y3LTkwMjAtZjViOTQ5NTljOWY3
LzEvMHJFUldiY3RRQlh0aG50Q3Q0UTRIbDJWV284LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9EAMA8E
AgACMAkDBwAgAQZ8LnQwDQYJKoZIhvcNAQELBQADggEBADAYN34m68nzNFt6pK8f
w7GLYVuStXqycscvvMW4edYPOGESPUqlLPL4U+WspERpZkuBDxryj37KJopX+Z9X
4Ou37rsEkTKqiy5cwPOeq5njoiNPNvMaaFC60qmiqrZj40bxGOLgD0wV5yX1eWfL
aCtxQkULG6D5/vCRmS7W3Lhy8EJZ992QiH5kCdTZ4voXtl4w8htrBtUNAft7WkL7
6blA1vBVuax5Id32z61X4LSVnngKeJgUYWx9DV8rEgUWGpioACMPV5GyulAoh1NY
8PqqEEdedE23+1+f3bAGwroWAQd29x5tImGueTCq1qHxRIA04ILmRf0KS6ZN/weN
k9Y=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:57 2024 by rpki-client on console-ams.rpki-client.org