Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/0f1695-7ad6-4d24-806d-b5cd13d9184c/1/_2GD3SeVrjoPBk6BmPaXYSVR4i4.roa
File: _2GD3SeVrjoPBk6BmPaXYSVR4i4.roa (raw, json)
Hash identifier: uiERu2sXgEeUQUlwBcP+9FZVjVXTW1TOvKaYX8f9WkI=
Subject key identifier: FF:61:83:DD:27:95:AE:3A:0F:06:4E:81:98:F6:97:61:25:51:E2:2E
Certificate issuer: /CN=b9e7f71bcf52ed6d05b7eb3b741ec7906e77dcca
Certificate serial: 01856CAEFA7174C68E81B04CC3120AC00F72
Authority key identifier: B9:E7:F7:1B:CF:52:ED:6D:05:B7:EB:3B:74:1E:C7:90:6E:77:DC:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uef3G89S7W0Ft-s7dB7HkG533Mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/0f1695-7ad6-4d24-806d-b5cd13d9184c/1/_2GD3SeVrjoPBk6BmPaXYSVR4i4.roa
Signing time: Sun 01 Jan 2023 09:34:44 +0000
ROA not before: Sun 01 Jan 2023 09:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28865
IP address blocks: 91.235.105.0/24 maxlen: 24
91.235.104.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:fa:71:74:c6:8e:81:b0:4c:c3:12:0a:c0:0f:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e7f71bcf52ed6d05b7eb3b741ec7906e77dcca
Validity
Not Before: Jan 1 09:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff6183dd2795ae3a0f064e8198f697612551e22e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:24:a5:81:e5:f0:13:16:58:24:39:e6:ac:e9:
b9:60:44:ad:87:f6:97:30:ee:70:4c:1f:ca:e0:77:
dd:96:ff:c9:34:09:c5:c7:5d:97:ef:c4:59:e0:e4:
ed:17:23:b5:26:bd:25:e8:08:52:97:d1:7c:6c:50:
58:13:ec:42:c0:c7:50:42:7d:1c:1b:a4:d5:e6:2f:
a5:7f:ad:0e:cc:44:30:27:de:f8:86:36:a5:6b:e6:
07:78:c2:b6:c1:f1:b6:c0:f7:7f:05:6d:95:10:d3:
d7:b6:ef:15:02:45:26:1d:28:03:51:d8:c7:59:2d:
53:cb:41:fc:4b:d5:39:2f:28:1e:89:7d:33:36:b9:
72:7a:d4:4a:2e:5c:36:d0:ec:2d:5a:bb:35:c5:8b:
5d:cc:3e:0b:58:6e:67:f2:98:aa:06:4f:42:8d:27:
17:21:c7:f3:77:81:e7:7a:e0:c3:e5:5a:06:e9:5c:
f6:62:14:3a:58:e4:b4:91:17:ad:f5:b5:d9:fe:6b:
91:d9:78:db:24:96:6b:df:7e:9a:46:54:52:ab:0e:
18:37:1c:37:59:14:6c:5a:90:f7:2b:89:1f:5b:3e:
9c:6c:a4:3a:37:f7:ce:21:5a:72:63:92:0a:d3:0b:
53:cf:34:eb:3f:83:95:58:12:c6:25:03:8e:e8:fa:
2c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:61:83:DD:27:95:AE:3A:0F:06:4E:81:98:F6:97:61:25:51:E2:2E
X509v3 Authority Key Identifier:
keyid:B9:E7:F7:1B:CF:52:ED:6D:05:B7:EB:3B:74:1E:C7:90:6E:77:DC:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uef3G89S7W0Ft-s7dB7HkG533Mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0f1695-7ad6-4d24-806d-b5cd13d9184c/1/_2GD3SeVrjoPBk6BmPaXYSVR4i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0f1695-7ad6-4d24-806d-b5cd13d9184c/1/uef3G89S7W0Ft-s7dB7HkG533Mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.104.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:48:88:c8:30:88:0d:6f:f7:dc:41:37:b6:63:4d:7c:df:0a:
6a:6b:69:91:41:8a:5c:be:c3:9f:fd:98:64:77:18:7a:b4:18:
26:f8:a0:4d:51:bf:63:7d:b9:1b:5a:b0:75:ad:10:79:b0:06:
89:d7:30:f2:f4:a4:3b:1e:fa:72:67:a4:1b:19:a2:0e:01:43:
db:92:75:a3:06:49:e8:bc:df:51:99:d9:ab:7d:e4:fc:a9:35:
de:1f:43:67:0c:0f:fc:9d:c4:68:13:eb:f7:47:66:d7:39:86:
24:d6:18:2f:62:ab:4f:f2:c2:7f:a2:5f:0f:36:a3:f7:59:8d:
b6:a3:37:76:0d:63:b9:9a:4d:8f:42:dd:b0:60:32:57:c9:e6:
e6:0e:7d:72:26:12:1b:3b:96:c1:87:9f:d2:c8:10:b0:57:bf:
ab:d2:0b:14:ee:12:ac:ef:1d:93:5d:88:20:0a:a7:36:f7:80:
94:8e:81:05:0a:37:d1:6c:29:b1:94:1f:de:c7:1c:06:4c:a2:
d8:cc:e2:bd:58:67:29:14:7c:7e:d1:2d:1a:02:c5:a6:ab:4a:
35:78:5a:cb:a9:80:88:43:00:e7:29:89:ad:cd:e0:07:b8:a7:
5b:ce:1d:ef:49:e7:27:b1:6f:d4:d6:cc:33:b5:d2:c3:78:42:
35:57:36:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrvpxdMaOgbBMwxIKwA9yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTdmNzFiY2Y1MmVkNmQwNWI3ZWIzYjc0MWVjNzkwNmU3
N2RjY2EwHhcNMjMwMTAxMDkzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjYxODNkZDI3OTVhZTNhMGYwNjRlODE5OGY2OTc2MTI1NTFlMjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCSlgeXwExZYJDnmrOm5YESth/aX
MO5wTB/K4Hfdlv/JNAnFx12X78RZ4OTtFyO1Jr0l6AhSl9F8bFBYE+xCwMdQQn0c
G6TV5i+lf60OzEQwJ974hjala+YHeMK2wfG2wPd/BW2VENPXtu8VAkUmHSgDUdjH
WS1Ty0H8S9U5LygeiX0zNrlyetRKLlw20OwtWrs1xYtdzD4LWG5n8piqBk9CjScX
Icfzd4HneuDD5VoG6Vz2YhQ6WOS0kRet9bXZ/muR2XjbJJZr336aRlRSqw4YNxw3
WRRsWpD3K4kfWz6cbKQ6N/fOIVpyY5IK0wtTzzTrP4OVWBLGJQOO6PosGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9hg90nla46DwZOgZj2l2ElUeIuMB8GA1UdIwQY
MBaAFLnn9xvPUu1tBbfrO3Qex5Bud9zKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVmM0c4OVM3VzBGdC1zN2RCN0hrRzUzM01vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8wZjE2OTUtN2FkNi00ZDI0LTgwNmQt
YjVjZDEzZDkxODRjLzEvXzJHRDNTZVZyam9QQms2Qm1QYVhZU1ZSNGk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8wZjE2OTUtN2FkNi00ZDI0LTgwNmQtYjVjZDEzZDkxODRj
LzEvdWVmM0c4OVM3VzBGdC1zN2RCN0hrRzUzM01vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+toMA0G
CSqGSIb3DQEBCwUAA4IBAQC8SIjIMIgNb/fcQTe2Y0183wpqa2mRQYpcvsOf/Zhk
dxh6tBgm+KBNUb9jfbkbWrB1rRB5sAaJ1zDy9KQ7HvpyZ6QbGaIOAUPbknWjBkno
vN9RmdmrfeT8qTXeH0NnDA/8ncRoE+v3R2bXOYYk1hgvYqtP8sJ/ol8PNqP3WY22
ozd2DWO5mk2PQt2wYDJXyebmDn1yJhIbO5bBh5/SyBCwV7+r0gsU7hKs7x2TXYgg
Cqc294CUjoEFCjfRbCmxlB/exxwGTKLYzOK9WGcpFHx+0S0aAsWmq0o1eFrLqYCI
QwDnKYmtzeAHuKdbzh3vSecnsW/U1swztdLDeEI1VzZq
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:31 2024 by rpki-client on console-fra.rpki-client.org