Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/ea7121-5414-4484-9185-eec14c971c4d/1/RHfgX0-oi9_R4Ub0yG1tF8QR2p8.roa
File: RHfgX0-oi9_R4Ub0yG1tF8QR2p8.roa (raw, json)
Hash identifier: KmFyPHpJtrCK/eYHWIQSFzKSUAqGJdyjBnplGsrzadw=
Subject key identifier: 44:77:E0:5F:4F:A8:8B:DF:D1:E1:46:F4:C8:6D:6D:17:C4:11:DA:9F
Certificate issuer: /CN=c91820b50007e41c53dd6029b37954d3572f4c29
Certificate serial: 01856FF04484C1CC050B019CA6B136B5B0D1
Authority key identifier: C9:18:20:B5:00:07:E4:1C:53:DD:60:29:B3:79:54:D3:57:2F:4C:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yRggtQAH5BxT3WAps3lU01cvTCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/ea7121-5414-4484-9185-eec14c971c4d/1/RHfgX0-oi9_R4Ub0yG1tF8QR2p8.roa
Signing time: Mon 02 Jan 2023 00:44:55 +0000
ROA not before: Mon 02 Jan 2023 00:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48642
IP address blocks: 91.223.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:44:84:c1:cc:05:0b:01:9c:a6:b1:36:b5:b0:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c91820b50007e41c53dd6029b37954d3572f4c29
Validity
Not Before: Jan 2 00:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4477e05f4fa88bdfd1e146f4c86d6d17c411da9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f3:98:72:d6:e3:0a:ab:08:24:91:6f:92:27:
b1:d6:21:e7:48:dc:eb:ac:87:9d:dc:e0:1d:e3:1a:
75:11:d8:71:41:ad:9b:b4:38:50:83:da:82:dc:be:
03:e9:de:6c:67:3d:0d:c2:e9:30:52:19:95:69:c4:
00:e7:b2:d3:64:c6:11:74:2f:0b:04:c6:c3:71:d0:
69:5e:aa:b3:90:47:95:b6:0f:85:c5:83:42:39:e2:
c5:49:70:cc:c8:38:b1:99:4a:df:4a:6f:1c:b9:79:
f3:60:a6:5e:33:5a:b0:6e:95:b5:2e:91:83:a7:03:
ca:d8:06:85:b0:e1:1d:88:64:97:ef:e6:a0:43:cb:
5b:b0:82:0f:8b:98:30:30:af:42:fd:7f:a1:b6:1a:
36:97:9c:5c:64:15:db:55:70:81:95:ba:d5:8e:e4:
5b:17:55:c6:18:64:f0:9d:d4:a2:cc:fd:68:e3:62:
22:35:d1:91:9a:bd:9c:97:c8:2a:e1:51:d0:96:85:
b1:33:77:b7:4e:de:de:a1:5e:be:30:ee:93:24:4f:
69:a1:ba:48:78:1b:68:9a:04:91:63:4c:ae:ae:10:
e6:3e:64:c0:16:f7:6d:04:1a:0f:6b:96:7c:1e:58:
19:14:9e:c0:33:96:89:85:0e:55:00:c7:e4:da:ae:
e0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:77:E0:5F:4F:A8:8B:DF:D1:E1:46:F4:C8:6D:6D:17:C4:11:DA:9F
X509v3 Authority Key Identifier:
keyid:C9:18:20:B5:00:07:E4:1C:53:DD:60:29:B3:79:54:D3:57:2F:4C:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yRggtQAH5BxT3WAps3lU01cvTCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/ea7121-5414-4484-9185-eec14c971c4d/1/RHfgX0-oi9_R4Ub0yG1tF8QR2p8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/ea7121-5414-4484-9185-eec14c971c4d/1/yRggtQAH5BxT3WAps3lU01cvTCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.170.0/24
Signature Algorithm: sha256WithRSAEncryption
20:3d:5f:30:77:32:af:73:87:00:00:eb:fb:f0:bb:ad:3b:39:
49:c4:29:cb:2a:64:97:eb:be:34:b3:49:00:a5:bf:93:4e:0f:
c4:a5:d5:7d:8f:57:ec:60:a1:d1:d2:72:d4:a2:b5:8e:51:81:
a9:1b:6e:eb:d6:ef:98:af:a6:9f:ba:c4:74:09:26:c9:48:48:
11:c8:cd:27:e7:9d:df:13:90:83:11:66:5f:19:08:ad:43:59:
4e:48:60:d2:da:cc:81:2b:ff:23:ec:f3:5e:64:92:82:3c:a7:
3e:61:71:ce:4d:40:bd:91:ce:db:4c:b5:bc:56:31:ac:4c:3a:
4f:63:e7:14:1e:e9:a9:1e:a9:26:22:4f:b2:c5:6b:7c:4c:bc:
7a:57:0c:21:da:7a:63:fd:67:6c:34:9b:e8:be:48:a7:ae:06:
57:a9:b4:62:d9:0f:22:88:17:04:48:1e:25:93:d3:49:72:e9:
07:91:71:67:46:83:1e:57:a2:d0:df:b7:11:65:18:bf:1c:01:
9c:d9:23:1f:17:c5:d0:10:c5:9c:0a:01:0a:eb:75:20:1b:18:
b0:1c:03:5c:61:13:6e:8a:bd:0d:b4:40:91:56:e3:f5:7d:02:
dd:c5:10:88:1e:a0:22:55:e1:5d:5e:31:29:1d:c0:36:1c:ea:
e1:52:28:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8ESEwcwFCwGcprE2tbDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MTgyMGI1MDAwN2U0MWM1M2RkNjAyOWIzNzk1NGQzNTcy
ZjRjMjkwHhcNMjMwMTAyMDA0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDc3ZTA1ZjRmYTg4YmRmZDFlMTQ2ZjRjODZkNmQxN2M0MTFkYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/OYctbjCqsIJJFvkiex1iHnSNzr
rIed3OAd4xp1EdhxQa2btDhQg9qC3L4D6d5sZz0NwukwUhmVacQA57LTZMYRdC8L
BMbDcdBpXqqzkEeVtg+FxYNCOeLFSXDMyDixmUrfSm8cuXnzYKZeM1qwbpW1LpGD
pwPK2AaFsOEdiGSX7+agQ8tbsIIPi5gwMK9C/X+htho2l5xcZBXbVXCBlbrVjuRb
F1XGGGTwndSizP1o42IiNdGRmr2cl8gq4VHQloWxM3e3Tt7eoV6+MO6TJE9pobpI
eBtomgSRY0yurhDmPmTAFvdtBBoPa5Z8HlgZFJ7AM5aJhQ5VAMfk2q7gpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFER34F9PqIvf0eFG9MhtbRfEEdqfMB8GA1UdIwQY
MBaAFMkYILUAB+QcU91gKbN5VNNXL0wpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVJnZ3RRQUg1QnhUM1dBcHMzbFUwMWN2VENrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYTcxMjEtNTQxNC00NDg0LTkxODUt
ZWVjMTRjOTcxYzRkLzEvUkhmZ1gwLW9pOV9SNFViMHlHMXRGOFFSMnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYTcxMjEtNTQxNC00NDg0LTkxODUtZWVjMTRjOTcxYzRk
LzEveVJnZ3RRQUg1QnhUM1dBcHMzbFUwMWN2VENrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9+qMA0G
CSqGSIb3DQEBCwUAA4IBAQAgPV8wdzKvc4cAAOv78LutOzlJxCnLKmSX6740s0kA
pb+TTg/EpdV9j1fsYKHR0nLUorWOUYGpG27r1u+Yr6afusR0CSbJSEgRyM0n553f
E5CDEWZfGQitQ1lOSGDS2syBK/8j7PNeZJKCPKc+YXHOTUC9kc7bTLW8VjGsTDpP
Y+cUHumpHqkmIk+yxWt8TLx6Vwwh2npj/WdsNJvovkinrgZXqbRi2Q8iiBcESB4l
k9NJcukHkXFnRoMeV6LQ37cRZRi/HAGc2SMfF8XQEMWcCgEK63UgGxiwHANcYRNu
ir0NtECRVuP1fQLdxRCIHqAiVeFdXjEpHcA2HOrhUigC
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:18 2024 by rpki-client on console-ams.rpki-client.org