Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/9b733e-9839-4f6f-b4b6-ff5aa9eef4e2/1/KU6qlqdlxaLpouCbYMUg9BRQ35Q.roa
File: KU6qlqdlxaLpouCbYMUg9BRQ35Q.roa (raw, json)
Hash identifier: tiRRXgRrVDOB5rSEz/ZS4HmDIwvhuyW1z8XLwTsUCsQ=
Subject key identifier: 29:4E:AA:96:A7:65:C5:A2:E9:A2:E0:9B:60:C5:20:F4:14:50:DF:94
Certificate issuer: /CN=bb4098e0fdedb612f239da524a04b5e0dea4c53f
Certificate serial: 01856D53EA80B241E082C1BFE0C901C6DA90
Authority key identifier: BB:40:98:E0:FD:ED:B6:12:F2:39:DA:52:4A:04:B5:E0:DE:A4:C5:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0CY4P3tthLyOdpSSgS14N6kxT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/9b733e-9839-4f6f-b4b6-ff5aa9eef4e2/1/KU6qlqdlxaLpouCbYMUg9BRQ35Q.roa
Signing time: Sun 01 Jan 2023 12:34:54 +0000
ROA not before: Sun 01 Jan 2023 12:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42223
IP address blocks: 91.233.15.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:ea:80:b2:41:e0:82:c1:bf:e0:c9:01:c6:da:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb4098e0fdedb612f239da524a04b5e0dea4c53f
Validity
Not Before: Jan 1 12:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=294eaa96a765c5a2e9a2e09b60c520f41450df94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e2:2b:52:5f:5b:e1:d5:92:84:82:22:32:61:
74:92:f7:89:6e:85:bb:91:ce:06:19:bd:09:3a:30:
ad:7f:62:76:47:f7:9f:2f:cb:b2:47:24:2d:4c:77:
03:c3:7c:ca:60:be:be:a0:e5:10:5e:b0:62:40:03:
7d:53:c4:46:b0:60:36:45:20:b1:f8:11:f7:af:5e:
d2:b5:f5:e7:f1:14:88:0b:2e:a7:37:9b:e0:d1:68:
72:f3:0f:45:40:df:c2:0d:6e:ed:4c:50:1c:3e:91:
4a:37:57:fd:7a:5e:97:af:5f:7b:ba:e5:e5:d7:bb:
3e:b5:c5:5e:0b:10:7b:a6:5d:f3:31:5d:5f:2b:ec:
f2:de:f3:33:5b:12:51:26:1a:48:c2:80:91:a6:20:
35:97:ff:8d:10:8b:45:14:d2:a5:6a:12:ef:43:c8:
ee:d9:2a:16:c6:ef:27:3d:d4:0a:db:40:d1:37:e4:
fa:04:aa:0b:cf:82:2f:f4:7c:fc:b5:58:81:02:48:
9a:f6:03:d5:24:69:1b:5c:83:09:39:44:42:ea:8b:
2b:ba:e3:57:4e:d9:c0:5a:26:f8:d4:65:67:b6:79:
35:2c:ff:1e:22:7f:bb:72:0f:c3:05:3d:7f:a8:64:
23:7d:c8:88:44:13:8e:f4:d2:fd:7c:df:ec:b2:8e:
08:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:4E:AA:96:A7:65:C5:A2:E9:A2:E0:9B:60:C5:20:F4:14:50:DF:94
X509v3 Authority Key Identifier:
keyid:BB:40:98:E0:FD:ED:B6:12:F2:39:DA:52:4A:04:B5:E0:DE:A4:C5:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0CY4P3tthLyOdpSSgS14N6kxT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9b733e-9839-4f6f-b4b6-ff5aa9eef4e2/1/KU6qlqdlxaLpouCbYMUg9BRQ35Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9b733e-9839-4f6f-b4b6-ff5aa9eef4e2/1/u0CY4P3tthLyOdpSSgS14N6kxT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.15.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:a8:c1:ff:e1:ac:00:ba:bb:81:86:f8:df:ce:c1:2d:2e:db:
1a:24:67:b6:21:41:a5:dd:8c:65:54:a5:18:5c:20:89:d5:42:
c5:f1:2e:28:40:21:4d:b6:c4:7b:1f:8c:94:eb:e4:d9:ab:93:
49:3a:f5:eb:5f:47:9b:91:20:87:97:46:13:37:23:6f:1c:e3:
45:60:5e:b9:42:4a:69:61:09:a0:d7:44:06:41:87:2d:2b:cc:
2a:d3:8a:26:01:ff:e6:60:e3:3f:82:34:b4:c1:93:88:6a:b2:
bc:0b:8e:19:af:60:cf:16:2f:1a:bc:d8:a9:9a:cf:e4:95:0a:
ba:f7:40:2c:15:a0:98:29:27:71:4b:c9:a2:8b:0b:aa:3b:bc:
ee:ec:a4:a6:69:be:de:27:c8:f9:45:1b:44:86:b1:18:39:5a:
6a:8e:59:4b:8d:bf:80:a8:d9:9e:b8:58:50:2a:24:94:56:26:
d1:93:fd:89:40:11:61:0e:f5:ef:bd:4a:d9:d4:9a:85:b8:6d:
3f:e5:54:80:e7:46:88:ab:06:08:c6:91:55:db:28:e7:eb:c5:
1d:27:b3:53:90:71:41:36:3b:30:7e:0a:b0:79:a5:10:17:57:
9a:fb:a3:9c:ee:49:b0:1f:f6:93:be:5c:36:0c:18:f3:15:e5:
c6:7e:34:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU+qAskHggsG/4MkBxtqQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDA5OGUwZmRlZGI2MTJmMjM5ZGE1MjRhMDRiNWUwZGVh
NGM1M2YwHhcNMjMwMTAxMTIzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTRlYWE5NmE3NjVjNWEyZTlhMmUwOWI2MGM1MjBmNDE0NTBkZjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseIrUl9b4dWShIIiMmF0kveJboW7
kc4GGb0JOjCtf2J2R/efL8uyRyQtTHcDw3zKYL6+oOUQXrBiQAN9U8RGsGA2RSCx
+BH3r17StfXn8RSICy6nN5vg0Why8w9FQN/CDW7tTFAcPpFKN1f9el6Xr197uuXl
17s+tcVeCxB7pl3zMV1fK+zy3vMzWxJRJhpIwoCRpiA1l/+NEItFFNKlahLvQ8ju
2SoWxu8nPdQK20DRN+T6BKoLz4Iv9Hz8tViBAkia9gPVJGkbXIMJOURC6osruuNX
TtnAWib41GVntnk1LP8eIn+7cg/DBT1/qGQjfciIRBOO9NL9fN/sso4IjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClOqpanZcWi6aLgm2DFIPQUUN+UMB8GA1UdIwQY
MBaAFLtAmOD97bYS8jnaUkoEteDepMU/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBDWTRQM3R0aEx5T2RwU1NnUzE0TjZreFQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi85YjczM2UtOTgzOS00ZjZmLWI0YjYt
ZmY1YWE5ZWVmNGUyLzEvS1U2cWxxZGx4YUxwb3VDYllNVWc5QlJRMzVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi85YjczM2UtOTgzOS00ZjZmLWI0YjYtZmY1YWE5ZWVmNGUy
LzEvdTBDWTRQM3R0aEx5T2RwU1NnUzE0TjZreFQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+kPMA0G
CSqGSIb3DQEBCwUAA4IBAQAMqMH/4awAuruBhvjfzsEtLtsaJGe2IUGl3YxlVKUY
XCCJ1ULF8S4oQCFNtsR7H4yU6+TZq5NJOvXrX0ebkSCHl0YTNyNvHONFYF65Qkpp
YQmg10QGQYctK8wq04omAf/mYOM/gjS0wZOIarK8C44Zr2DPFi8avNipms/klQq6
90AsFaCYKSdxS8miiwuqO7zu7KSmab7eJ8j5RRtEhrEYOVpqjllLjb+AqNmeuFhQ
KiSUVibRk/2JQBFhDvXvvUrZ1JqFuG0/5VSA50aIqwYIxpFV2yjn68UdJ7NTkHFB
NjswfgqweaUQF1ea+6Oc7kmwH/aTvlw2DBjzFeXGfjSa
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:53:01 2024 by rpki-client on console-fra.rpki-client.org