Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/CQ9szlySGewAUIdwRAQhhle9x_Q.roa
File: CQ9szlySGewAUIdwRAQhhle9x_Q.roa (raw, json)
Hash identifier: hfW6lw5Zu/0soAdQrcZfAnOqQ6tjxfClzjXQPNCYb2Q=
Subject key identifier: 09:0F:6C:CE:5C:92:19:EC:00:50:87:70:44:04:21:86:57:BD:C7:F4
Certificate issuer: /CN=28cb5f3fb957251aad4ba09d0bab7352b74bb07d
Certificate serial: 01856B0A3D5F3C1088D8A6A920BB801918CB
Authority key identifier: 28:CB:5F:3F:B9:57:25:1A:AD:4B:A0:9D:0B:AB:73:52:B7:4B:B0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/CQ9szlySGewAUIdwRAQhhle9x_Q.roa
Signing time: Sun 01 Jan 2023 01:55:11 +0000
ROA not before: Sun 01 Jan 2023 01:55:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43911
IP address blocks: 91.195.220.0/23 maxlen: 23
2001:67c:220::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:0a:3d:5f:3c:10:88:d8:a6:a9:20:bb:80:19:18:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28cb5f3fb957251aad4ba09d0bab7352b74bb07d
Validity
Not Before: Jan 1 01:55:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=090f6cce5c9219ec005087704404218657bdc7f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:87:a3:30:52:0c:64:6d:2f:7d:e8:3c:e4:d9:
7e:12:4e:8e:7d:bc:ad:a2:00:97:c6:b8:90:87:3e:
e9:06:42:7f:ae:75:f4:15:bb:02:bd:42:d3:c6:bd:
72:1c:a4:13:02:4f:39:be:85:a3:bd:32:ae:08:1e:
1f:0f:14:6f:48:87:b5:87:88:66:5c:f7:e2:90:fd:
3b:41:4a:51:18:38:11:6e:ec:21:54:53:99:22:8e:
80:51:11:33:6e:9a:6a:a9:92:1d:40:1b:d6:7e:28:
28:7a:9e:12:e8:c5:44:ce:11:1b:d1:c9:13:59:f3:
2f:d7:27:ba:68:cc:1e:d7:55:02:20:be:70:72:b1:
c7:cb:d6:b4:77:15:ca:2f:5a:36:b8:1c:4f:4d:a0:
29:4a:d6:ce:c9:db:95:d3:40:8d:a5:4f:4c:fe:90:
0e:f3:64:e9:90:32:d8:7d:5b:9a:49:08:b9:dc:b1:
d7:cf:09:e4:f3:de:15:5f:45:91:57:9a:29:dc:16:
1c:0a:f7:27:f8:bf:87:2c:53:fd:ce:23:4b:e9:f1:
45:a9:56:bc:e4:87:39:b4:93:5a:22:5c:c1:ac:0a:
5c:2a:6d:a4:0d:8b:6e:0b:82:74:43:72:39:aa:fd:
5f:62:cd:73:ec:bd:0d:51:74:01:ef:19:08:88:18:
89:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:0F:6C:CE:5C:92:19:EC:00:50:87:70:44:04:21:86:57:BD:C7:F4
X509v3 Authority Key Identifier:
keyid:28:CB:5F:3F:B9:57:25:1A:AD:4B:A0:9D:0B:AB:73:52:B7:4B:B0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/CQ9szlySGewAUIdwRAQhhle9x_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.220.0/23
IPv6:
2001:67c:220::/48
Signature Algorithm: sha256WithRSAEncryption
99:c5:0a:99:dd:9d:25:28:6b:1e:fa:00:84:cb:34:61:17:a5:
c6:fa:32:89:3f:54:08:bf:3f:ef:4a:6b:2c:04:09:4f:16:58:
6e:d7:4f:73:3f:cb:8b:47:5e:39:29:c0:dd:cf:78:58:a9:8b:
e9:26:d4:80:87:1c:c0:ef:fe:7e:d0:9a:e9:cb:c1:01:95:9f:
26:2a:07:d3:9f:cb:78:ec:1e:70:ba:07:f2:84:0e:33:a2:44:
7c:b2:e8:70:09:f8:7a:4e:ff:74:c3:60:bf:e5:96:1a:d2:d3:
41:df:65:b3:74:38:fb:44:25:b3:1d:4a:3f:04:68:bf:87:dd:
cd:8e:29:47:8a:a6:35:3b:f9:e1:1c:8e:be:bd:4e:31:ea:62:
ab:1b:fb:8e:fc:fa:df:bf:a3:29:f3:2d:ce:8d:d0:5c:52:f7:
ea:f4:f4:3f:45:89:19:d4:8e:b7:9d:5a:7c:90:51:3c:80:1b:
e7:f4:a2:66:aa:c8:89:88:82:59:ae:f7:50:4e:00:31:7a:0a:
34:c5:2b:58:11:e3:99:ea:fb:3a:09:e7:23:ea:9f:ca:49:b9:
e7:21:7a:ab:db:ff:03:d8:b8:fd:66:51:1f:18:d1:28:84:5d:
87:a6:dd:54:97:13:f4:b7:2f:62:1c:61:6c:92:2b:81:66:b8:
e5:36:93:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrCj1fPBCI2KapILuAGRjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Y2I1ZjNmYjk1NzI1MWFhZDRiYTA5ZDBiYWI3MzUyYjc0
YmIwN2QwHhcNMjMwMTAxMDE1NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTBmNmNjZTVjOTIxOWVjMDA1MDg3NzA0NDA0MjE4NjU3YmRjN2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IejMFIMZG0vfeg85Nl+Ek6Ofbyt
ogCXxriQhz7pBkJ/rnX0FbsCvULTxr1yHKQTAk85voWjvTKuCB4fDxRvSIe1h4hm
XPfikP07QUpRGDgRbuwhVFOZIo6AUREzbppqqZIdQBvWfigoep4S6MVEzhEb0ckT
WfMv1ye6aMwe11UCIL5wcrHHy9a0dxXKL1o2uBxPTaApStbOyduV00CNpU9M/pAO
82TpkDLYfVuaSQi53LHXzwnk894VX0WRV5op3BYcCvcn+L+HLFP9ziNL6fFFqVa8
5Ic5tJNaIlzBrApcKm2kDYtuC4J0Q3I5qv1fYs1z7L0NUXQB7xkIiBiJcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAkPbM5ckhnsAFCHcEQEIYZXvcf0MB8GA1UdIwQY
MBaAFCjLXz+5VyUarUugnQurc1K3S7B9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9lNjYzMmItMWZiZi00OTZmLWIzNTUt
MTUzNmZjNzgzODVkLzEvQ1E5c3pseVNHZXdBVUlkd1JBUWhobGU5eF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9lNjYzMmItMWZiZi00OTZmLWIzNTUtMTUzNmZjNzgzODVk
LzEvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8PcMA8E
AgACMAkDBwAgAQZ8AiAwDQYJKoZIhvcNAQELBQADggEBAJnFCpndnSUoax76AITL
NGEXpcb6Mok/VAi/P+9KaywECU8WWG7XT3M/y4tHXjkpwN3PeFipi+km1ICHHMDv
/n7QmunLwQGVnyYqB9Ofy3jsHnC6B/KEDjOiRHyy6HAJ+HpO/3TDYL/llhrS00Hf
ZbN0OPtEJbMdSj8EaL+H3c2OKUeKpjU7+eEcjr69TjHqYqsb+478+t+/oynzLc6N
0FxS9+r09D9FiRnUjredWnyQUTyAG+f0omaqyImIglmu91BOADF6CjTFK1gR45nq
+zoJ5yPqn8pJuecheqvb/wPYuP1mUR8Y0SiEXYem3VSXE/S3L2IcYWySK4FmuOU2
kx0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:55 2024 by rpki-client on console-fra.rpki-client.org