Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/pTvmjDFJ6IFwK8oKoi2N9kOlzRk.roa
File: pTvmjDFJ6IFwK8oKoi2N9kOlzRk.roa (raw, json)
Hash identifier: 3DQYq4xvRRkCQJS/Z+QzaVFbxsg0/g0ba8+93YwwWRM=
Subject key identifier: A5:3B:E6:8C:31:49:E8:81:70:2B:CA:0A:A2:2D:8D:F6:43:A5:CD:19
Certificate issuer: /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial: 018692C9D22B620023C0D94DA4D82B386F87
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/pTvmjDFJ6IFwK8oKoi2N9kOlzRk.roa
Signing time: Mon 27 Feb 2023 12:12:25 +0000
ROA not before: Mon 27 Feb 2023 12:12:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48031
IP address blocks: 194.15.114.0/24 maxlen: 24
91.213.8.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:c9:d2:2b:62:00:23:c0:d9:4d:a4:d8:2b:38:6f:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Validity
Not Before: Feb 27 12:12:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a53be68c3149e881702bca0aa22d8df643a5cd19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9b:60:4c:17:e6:d2:27:5a:ee:20:b9:e4:69:
8a:22:e8:8b:1c:ca:d3:84:81:74:26:9c:d5:ac:c6:
37:68:d8:6f:7c:4e:0a:c4:00:6e:61:c1:ef:a7:36:
4a:b1:0d:a5:13:20:95:7f:ce:b8:fe:dc:48:f0:75:
09:b8:27:81:a2:62:be:f3:aa:a4:28:0e:9f:3d:f3:
ff:37:aa:c0:6b:e3:87:b8:4b:49:7f:1b:5a:2d:22:
5b:91:fe:c7:fc:db:44:98:ec:67:e2:bb:20:a8:62:
7d:30:14:fe:59:3a:c8:63:5d:e7:18:b3:8c:13:af:
ed:47:2f:d1:28:bc:7e:02:df:75:a9:1a:ec:f9:02:
90:d9:cf:0c:c1:cd:d4:11:54:08:ad:4e:1f:da:a4:
0e:cb:9e:82:55:90:64:ad:29:94:0a:2d:cf:3e:de:
1d:5e:92:82:7d:db:a5:47:81:07:bd:90:83:10:6a:
9f:ec:c1:32:62:66:8f:fc:91:80:45:9e:89:c0:f7:
10:82:a1:1d:d6:d5:c5:36:55:b4:23:24:77:73:53:
9d:78:f1:a6:30:26:46:2f:1b:49:c9:14:a5:64:02:
e3:a0:f5:07:bb:93:61:d1:b5:6d:7c:63:a9:48:a3:
ff:ee:47:69:a8:95:b7:2d:28:5b:17:e6:56:97:2f:
cd:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:3B:E6:8C:31:49:E8:81:70:2B:CA:0A:A2:2D:8D:F6:43:A5:CD:19
X509v3 Authority Key Identifier:
keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/pTvmjDFJ6IFwK8oKoi2N9kOlzRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.8.0/24
194.15.114.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:63:8a:1a:1a:47:db:5a:46:05:59:60:b5:fd:16:45:72:a7:
64:19:b4:5a:af:78:8a:0e:95:58:f4:e4:f1:fb:1d:7a:43:4b:
ce:f7:e5:1a:c5:f9:c3:03:b4:ba:e9:6c:47:a5:af:b1:8e:d0:
e8:5d:6f:04:4f:e1:bd:09:be:20:95:1b:bc:71:8a:86:41:43:
19:67:63:ce:3b:89:1b:22:46:fc:2c:83:8f:95:ca:ce:8e:26:
ab:be:8c:5a:f0:8d:23:1e:6a:f9:9a:eb:f3:04:a1:d7:62:f0:
1a:ea:be:b0:59:c6:4e:67:20:6b:72:d9:08:36:26:21:d8:2e:
9a:62:3c:c7:63:8d:fe:30:86:69:56:9a:5b:1f:bb:5a:93:dd:
9d:90:39:cc:ba:d6:c1:8b:7a:64:c8:36:02:43:a6:8f:8e:55:
38:9c:76:45:aa:5b:6a:0e:38:81:3b:03:30:72:87:54:ef:d6:
a9:de:6e:4a:73:42:52:3e:b1:ee:e9:04:21:e7:02:f4:7d:57:
41:54:d9:0f:1d:ef:1e:30:a8:d2:88:96:db:59:7b:a3:6c:e1:
17:b7:e4:9b:75:97:5e:11:60:cd:1b:ca:02:fc:ed:be:07:20:
10:a1:dc:21:d9:49:86:a8:4b:d2:0f:26:e1:01:9a:ca:2c:c3:
09:36:0e:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYaSydIrYgAjwNlNpNgrOG+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGM5YzU1ZTE1OTdlODg1NjRkYWY1NjdlNWE0NjY1OTc4
YzdiODUwHhcNMjMwMjI3MTIxMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTNiZTY4YzMxNDllODgxNzAyYmNhMGFhMjJkOGRmNjQzYTVjZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtptgTBfm0ida7iC55GmKIuiLHMrT
hIF0JpzVrMY3aNhvfE4KxABuYcHvpzZKsQ2lEyCVf864/txI8HUJuCeBomK+86qk
KA6fPfP/N6rAa+OHuEtJfxtaLSJbkf7H/NtEmOxn4rsgqGJ9MBT+WTrIY13nGLOM
E6/tRy/RKLx+At91qRrs+QKQ2c8Mwc3UEVQIrU4f2qQOy56CVZBkrSmUCi3PPt4d
XpKCfdulR4EHvZCDEGqf7MEyYmaP/JGARZ6JwPcQgqEd1tXFNlW0IyR3c1OdePGm
MCZGLxtJyRSlZALjoPUHu5Nh0bVtfGOpSKP/7kdpqJW3LShbF+ZWly/NyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKU75owxSeiBcCvKCqItjfZDpc0ZMB8GA1UdIwQY
MBaAFIXcnFXhWX6IVk2vVn5aRmWXjHuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0Mjkt
ODZlYTE5ZDI5MTYzLzEvcFR2bWpERko2SUZ3SzhvS29pMk45a09selJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0MjktODZlYTE5ZDI5MTYz
LzEvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9UIAwQA
wg9yMA0GCSqGSIb3DQEBCwUAA4IBAQAOY4oaGkfbWkYFWWC1/RZFcqdkGbRar3iK
DpVY9OTx+x16Q0vO9+UaxfnDA7S66WxHpa+xjtDoXW8ET+G9Cb4glRu8cYqGQUMZ
Z2POO4kbIkb8LIOPlcrOjiarvoxa8I0jHmr5muvzBKHXYvAa6r6wWcZOZyBrctkI
NiYh2C6aYjzHY43+MIZpVppbH7tak92dkDnMutbBi3pkyDYCQ6aPjlU4nHZFqltq
DjiBOwMwcodU79ap3m5Kc0JSPrHu6QQh5wL0fVdBVNkPHe8eMKjSiJbbWXujbOEX
t+SbdZdeEWDNG8oC/O2+ByAQodwh2UmGqEvSDybhAZrKLMMJNg7G
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:38 2024 by rpki-client on console-fra.rpki-client.org