Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/c3cda5-8a64-4290-a23d-a634791440ca/1/D8lNM37d8yRYMSnEwCp_EvYTJEM.roa
File: D8lNM37d8yRYMSnEwCp_EvYTJEM.roa (raw, json)
Hash identifier: cJs+93/n7eDXEdnEnYbJsCTdAkC08xmK/1hblxdRiEI=
Subject key identifier: 0F:C9:4D:33:7E:DD:F3:24:58:31:29:C4:C0:2A:7F:12:F6:13:24:43
Certificate issuer: /CN=35e3d4bf1bc0f81728205e51de097cf383a0cdc9
Certificate serial: 01856EC1FC81A287B5DCF885D4CFE7BACDCC
Authority key identifier: 35:E3:D4:BF:1B:C0:F8:17:28:20:5E:51:DE:09:7C:F3:83:A0:CD:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NePUvxvA-BcoIF5R3gl884Ogzck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/c3cda5-8a64-4290-a23d-a634791440ca/1/D8lNM37d8yRYMSnEwCp_EvYTJEM.roa
Signing time: Sun 01 Jan 2023 19:14:44 +0000
ROA not before: Sun 01 Jan 2023 19:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 91.231.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c1:fc:81:a2:87:b5:dc:f8:85:d4:cf:e7:ba:cd:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35e3d4bf1bc0f81728205e51de097cf383a0cdc9
Validity
Not Before: Jan 1 19:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fc94d337eddf324583129c4c02a7f12f6132443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0d:7b:dd:0d:4b:47:e5:fc:c0:a8:8e:70:0e:
af:d6:07:43:1d:96:66:35:8a:96:44:7c:67:47:88:
36:35:7a:9f:2e:8e:e8:01:3a:40:66:bd:04:73:82:
4c:70:34:53:34:2b:0a:0d:25:7f:0f:b7:42:97:41:
56:59:38:40:97:eb:63:b4:21:8f:e3:cd:b5:7f:b9:
d2:77:c9:4e:89:af:c6:99:4e:51:1e:55:37:1a:b4:
73:e9:af:63:cb:48:f2:d0:72:9a:fe:af:11:52:b9:
36:32:6d:57:b7:6e:c4:90:b0:07:54:73:32:dd:c5:
7a:2b:57:c9:89:6c:50:d9:97:35:c7:8c:52:f3:67:
cd:14:f6:25:7f:aa:55:0e:6d:93:34:38:95:4d:ea:
00:f6:41:0f:43:ec:7d:1a:1f:53:b7:23:ca:a8:e7:
ed:e5:44:bb:4c:cd:48:90:8d:c9:3b:e3:75:14:79:
e2:bf:1a:ca:50:7b:81:b1:5f:16:24:a7:6b:67:62:
c8:ba:80:3d:f8:53:ce:d1:12:af:8f:37:0b:5d:fb:
c6:b9:c3:76:35:af:3c:35:d8:61:12:d4:5c:a7:5e:
e8:9e:48:05:19:e9:49:9d:a5:fb:a7:ee:12:cf:de:
2e:49:45:b5:b7:04:5a:bd:3c:df:af:a8:42:4f:fb:
3b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:C9:4D:33:7E:DD:F3:24:58:31:29:C4:C0:2A:7F:12:F6:13:24:43
X509v3 Authority Key Identifier:
keyid:35:E3:D4:BF:1B:C0:F8:17:28:20:5E:51:DE:09:7C:F3:83:A0:CD:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NePUvxvA-BcoIF5R3gl884Ogzck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/c3cda5-8a64-4290-a23d-a634791440ca/1/D8lNM37d8yRYMSnEwCp_EvYTJEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/c3cda5-8a64-4290-a23d-a634791440ca/1/NePUvxvA-BcoIF5R3gl884Ogzck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.35.0/24
Signature Algorithm: sha256WithRSAEncryption
53:b9:c6:fc:2a:de:a3:3f:ac:01:65:71:fd:ad:29:ee:23:fb:
71:8d:98:84:ff:00:e0:95:ce:40:19:91:ec:1f:18:2f:0a:48:
51:2f:95:a4:7a:d3:10:5b:3b:ce:6a:5f:0a:15:7d:8e:d9:20:
c4:27:be:02:b9:52:86:6b:d4:7c:f4:ad:23:cc:04:69:47:f6:
0f:8c:1d:b3:b5:5a:96:8b:cb:20:87:32:23:da:d5:ea:8d:dd:
cd:17:3c:8b:6a:a4:27:c6:79:b3:b7:f5:4b:21:6f:42:89:ea:
18:79:e7:a5:53:bf:1b:d8:ff:90:d1:81:8f:2c:30:b0:45:26:
2c:9e:3e:18:e4:61:65:83:bd:bb:fd:ba:b0:46:65:15:c5:a2:
ae:ed:a1:53:39:32:a6:d2:62:db:8f:54:4f:dd:48:f0:e9:31:
91:93:81:4b:cf:01:f0:75:90:5f:a4:96:37:fc:15:39:d1:76:
0a:ae:c4:62:11:e4:b1:5c:df:61:71:93:a8:b7:91:e7:3e:8d:
94:86:41:e4:4b:cd:1e:56:26:bc:80:64:d1:f3:8b:69:51:20:
2b:87:40:db:20:4b:e0:70:f2:a7:27:7b:e3:c8:34:ed:45:40:
89:fe:11:80:1a:2e:0b:53:60:33:bd:10:be:4c:0e:ac:6d:19:
07:90:58:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwfyBooe13PiF1M/nus3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZTNkNGJmMWJjMGY4MTcyODIwNWU1MWRlMDk3Y2YzODNh
MGNkYzkwHhcNMjMwMTAxMTkxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmM5NGQzMzdlZGRmMzI0NTgzMTI5YzRjMDJhN2YxMmY2MTMyNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoA173Q1LR+X8wKiOcA6v1gdDHZZm
NYqWRHxnR4g2NXqfLo7oATpAZr0Ec4JMcDRTNCsKDSV/D7dCl0FWWThAl+tjtCGP
4821f7nSd8lOia/GmU5RHlU3GrRz6a9jy0jy0HKa/q8RUrk2Mm1Xt27EkLAHVHMy
3cV6K1fJiWxQ2Zc1x4xS82fNFPYlf6pVDm2TNDiVTeoA9kEPQ+x9Gh9TtyPKqOft
5US7TM1IkI3JO+N1FHnivxrKUHuBsV8WJKdrZ2LIuoA9+FPO0RKvjzcLXfvGucN2
Na88NdhhEtRcp17onkgFGelJnaX7p+4Sz94uSUW1twRavTzfr6hCT/s7bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA/JTTN+3fMkWDEpxMAqfxL2EyRDMB8GA1UdIwQY
MBaAFDXj1L8bwPgXKCBeUd4JfPODoM3JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmVQVXZ4dkEtQmNvSUY1UjNnbDg4NE9nemNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9jM2NkYTUtOGE2NC00MjkwLWEyM2Qt
YTYzNDc5MTQ0MGNhLzEvRDhsTk0zN2Q4eVJZTVNuRXdDcF9FdllUSkVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9jM2NkYTUtOGE2NC00MjkwLWEyM2QtYTYzNDc5MTQ0MGNh
LzEvTmVQVXZ4dkEtQmNvSUY1UjNnbDg4NE9nemNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+cjMA0G
CSqGSIb3DQEBCwUAA4IBAQBTucb8Kt6jP6wBZXH9rSnuI/txjZiE/wDglc5AGZHs
HxgvCkhRL5WketMQWzvOal8KFX2O2SDEJ74CuVKGa9R89K0jzARpR/YPjB2ztVqW
i8sghzIj2tXqjd3NFzyLaqQnxnmzt/VLIW9CieoYeeelU78b2P+Q0YGPLDCwRSYs
nj4Y5GFlg727/bqwRmUVxaKu7aFTOTKm0mLbj1RP3Ujw6TGRk4FLzwHwdZBfpJY3
/BU50XYKrsRiEeSxXN9hcZOot5HnPo2UhkHkS80eVia8gGTR84tpUSArh0DbIEvg
cPKnJ3vjyDTtRUCJ/hGAGi4LU2AzvRC+TA6sbRkHkFir
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:28 2024 by rpki-client on console-ams.rpki-client.org