Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/acb956-e1b5-4682-80b8-e7232f8448b0/1/1tGHY3BH348SBcPpoDwlv-c9vuk.roa
File: 1tGHY3BH348SBcPpoDwlv-c9vuk.roa (raw, json)
Hash identifier: krQwa767i5T0gLZ5rA5h15qRXCU4hIzKzxI7phpY2gg=
Subject key identifier: D6:D1:87:63:70:47:DF:8F:12:05:C3:E9:A0:3C:25:BF:E7:3D:BE:E9
Certificate issuer: /CN=877c20737116bc6d5e5b224931cf13dd7f79f95b
Certificate serial: 01856F548260283325AEEE1DD99A33EFF903
Authority key identifier: 87:7C:20:73:71:16:BC:6D:5E:5B:22:49:31:CF:13:DD:7F:79:F9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3wgc3EWvG1eWyJJMc8T3X95-Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/acb956-e1b5-4682-80b8-e7232f8448b0/1/1tGHY3BH348SBcPpoDwlv-c9vuk.roa
Signing time: Sun 01 Jan 2023 21:54:47 +0000
ROA not before: Sun 01 Jan 2023 21:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60555
IP address blocks: 93.113.254.0/24 maxlen: 24
185.13.212.0/23 maxlen: 23
91.217.114.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:82:60:28:33:25:ae:ee:1d:d9:9a:33:ef:f9:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=877c20737116bc6d5e5b224931cf13dd7f79f95b
Validity
Not Before: Jan 1 21:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6d187637047df8f1205c3e9a03c25bfe73dbee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f1:f8:07:aa:86:f0:7d:67:62:b1:85:ac:ad:
da:c9:84:44:8a:d2:b7:6b:ae:64:93:f3:36:31:16:
b7:34:0c:aa:1b:4e:95:e5:ca:55:c6:e6:1d:2d:f3:
75:d5:4f:6e:ec:4a:b5:6c:76:26:18:18:f2:f5:e7:
08:4d:c7:9c:70:b8:5a:80:92:c8:1e:4f:b5:e3:b8:
a9:0f:91:21:35:73:55:b1:bf:7b:c2:8a:45:24:30:
a0:fa:99:2c:dc:fe:7c:af:d3:2b:78:d8:4a:d4:26:
3e:58:46:a5:65:9d:0d:36:f8:ac:63:ab:f5:a4:2b:
0c:53:ae:12:f4:b4:3c:81:93:a0:09:c5:1e:15:1e:
c6:8b:5a:82:77:f6:78:5c:53:e0:a4:6c:ed:ac:43:
1c:39:ab:5f:4a:cb:db:1f:cb:78:cd:b8:ba:74:63:
ed:12:32:9c:74:ea:99:3a:72:fb:74:83:38:14:2e:
ce:e4:33:e5:0e:30:a6:41:b1:b5:5a:3c:11:e5:90:
39:97:cc:c7:5d:45:77:2d:ac:21:3b:6e:39:80:40:
76:49:ff:6a:03:07:eb:71:7a:ab:e9:e0:62:b5:e5:
32:95:cd:33:bf:d4:44:0e:78:e4:08:c7:ad:98:29:
78:99:c6:7a:9e:5b:fb:4c:3f:b5:e2:1b:1c:14:d6:
6f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D1:87:63:70:47:DF:8F:12:05:C3:E9:A0:3C:25:BF:E7:3D:BE:E9
X509v3 Authority Key Identifier:
keyid:87:7C:20:73:71:16:BC:6D:5E:5B:22:49:31:CF:13:DD:7F:79:F9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3wgc3EWvG1eWyJJMc8T3X95-Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/acb956-e1b5-4682-80b8-e7232f8448b0/1/1tGHY3BH348SBcPpoDwlv-c9vuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/acb956-e1b5-4682-80b8-e7232f8448b0/1/h3wgc3EWvG1eWyJJMc8T3X95-Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.114.0/23
93.113.254.0/24
185.13.212.0/23
Signature Algorithm: sha256WithRSAEncryption
c3:06:58:52:6f:ae:17:28:26:a1:6d:a5:d3:98:34:70:fc:36:
05:71:00:5b:e0:0f:f2:6f:42:9f:29:53:2d:2c:ac:82:13:a4:
3c:50:8e:a2:19:f8:16:b6:94:e7:aa:26:12:ec:8d:13:af:60:
d9:4f:10:87:25:4b:4e:0c:e2:f4:52:cc:ae:a2:db:e8:c2:38:
5b:e1:9e:0d:85:79:f1:87:6a:fd:ab:e7:60:23:dd:f2:7d:28:
5a:56:15:07:f8:c7:5d:80:91:9b:5b:1b:c3:9a:6e:83:54:02:
63:0e:81:08:08:27:f1:99:4c:75:c3:62:05:3a:71:56:81:15:
c2:0e:44:f0:bb:fb:36:ef:e3:30:e8:7d:ba:0f:ce:b8:5e:25:
9d:22:ce:09:d4:94:0e:b0:6f:79:e0:00:09:7d:bc:ba:3a:4d:
c5:f2:bd:c1:37:86:2f:6c:d9:de:ad:f5:0f:39:be:50:96:9c:
2f:df:30:46:6f:71:db:ba:7c:63:ce:64:33:f8:a8:07:b8:ca:
b1:8d:cf:7f:d2:ad:a1:67:e2:2d:eb:f5:a6:e9:12:b0:86:4b:
73:4f:8a:b1:78:03:62:30:e9:50:15:8c:24:2c:8c:f1:49:10:
8c:12:d1:e2:22:bc:cd:da:56:7c:61:cb:c5:64:ba:13:34:ac:
49:6e:a8:90
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvVIJgKDMlru4d2Zoz7/kDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3N2MyMDczNzExNmJjNmQ1ZTViMjI0OTMxY2YxM2RkN2Y3
OWY5NWIwHhcNMjMwMTAxMjE1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQxODc2MzcwNDdkZjhmMTIwNWMzZTlhMDNjMjViZmU3M2RiZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPH4B6qG8H1nYrGFrK3ayYREitK3
a65kk/M2MRa3NAyqG06V5cpVxuYdLfN11U9u7Eq1bHYmGBjy9ecITceccLhagJLI
Hk+147ipD5EhNXNVsb97wopFJDCg+pks3P58r9MreNhK1CY+WEalZZ0NNvisY6v1
pCsMU64S9LQ8gZOgCcUeFR7Gi1qCd/Z4XFPgpGztrEMcOatfSsvbH8t4zbi6dGPt
EjKcdOqZOnL7dIM4FC7O5DPlDjCmQbG1WjwR5ZA5l8zHXUV3LawhO245gEB2Sf9q
AwfrcXqr6eBiteUylc0zv9REDnjkCMetmCl4mcZ6nlv7TD+14hscFNZvKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNbRh2NwR9+PEgXD6aA8Jb/nPb7pMB8GA1UdIwQY
MBaAFId8IHNxFrxtXlsiSTHPE91/eflbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDN3Z2MzRVd2RzFlV3lKSk1jOFQzWDk1LVZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hY2I5NTYtZTFiNS00NjgyLTgwYjgt
ZTcyMzJmODQ0OGIwLzEvMXRHSFkzQkgzNDhTQmNQcG9Ed2x2LWM5dnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hY2I5NTYtZTFiNS00NjgyLTgwYjgtZTcyMzJmODQ0OGIw
LzEvaDN3Z2MzRVd2RzFlV3lKSk1jOFQzWDk1LVZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW9lyAwQA
XXH+AwQBuQ3UMA0GCSqGSIb3DQEBCwUAA4IBAQDDBlhSb64XKCahbaXTmDRw/DYF
cQBb4A/yb0KfKVMtLKyCE6Q8UI6iGfgWtpTnqiYS7I0Tr2DZTxCHJUtODOL0Usyu
otvowjhb4Z4NhXnxh2r9q+dgI93yfShaVhUH+MddgJGbWxvDmm6DVAJjDoEICCfx
mUx1w2IFOnFWgRXCDkTwu/s27+Mw6H26D864XiWdIs4J1JQOsG954AAJfby6Ok3F
8r3BN4YvbNnerfUPOb5Qlpwv3zBGb3HbunxjzmQz+KgHuMqxjc9/0q2hZ+It6/Wm
6RKwhktzT4qxeANiMOlQFYwkLIzxSRCMEtHiIrzN2lZ8YcvFZLoTNKxJbqiQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:43 2024 by rpki-client on console-fra.rpki-client.org