Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/YI7ZHdNqOqmu9J9lbnPmRwt3wvw.roa
File: YI7ZHdNqOqmu9J9lbnPmRwt3wvw.roa (raw, json)
Hash identifier: 3R5z+futmfn/z01D19/6FFor5iq+HwD0NyDS7Wuq+XI=
Subject key identifier: 60:8E:D9:1D:D3:6A:3A:A9:AE:F4:9F:65:6E:73:E6:47:0B:77:C2:FC
Certificate issuer: /CN=d6dbaa1b52f3a73289ff768acb7baa7f387f955f
Certificate serial: 01856B2558BF2BA4AD44566E653526CC1B94
Authority key identifier: D6:DB:AA:1B:52:F3:A7:32:89:FF:76:8A:CB:7B:AA:7F:38:7F:95:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/YI7ZHdNqOqmu9J9lbnPmRwt3wvw.roa
Signing time: Sun 01 Jan 2023 02:24:47 +0000
ROA not before: Sun 01 Jan 2023 02:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 91.208.21.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:25:58:bf:2b:a4:ad:44:56:6e:65:35:26:cc:1b:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6dbaa1b52f3a73289ff768acb7baa7f387f955f
Validity
Not Before: Jan 1 02:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=608ed91dd36a3aa9aef49f656e73e6470b77c2fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fd:d8:b2:22:cb:0b:05:3c:8a:bd:87:f5:a8:
a9:06:53:d3:7d:46:1b:99:c3:3a:63:00:4b:54:d3:
89:1d:56:bd:b4:8a:47:e5:00:cc:0d:78:27:66:f5:
e8:9e:ed:2b:94:2b:22:a0:fe:99:2c:11:af:de:52:
37:04:f7:c4:21:34:33:bb:69:92:e1:df:e9:f0:ca:
60:90:ee:e3:78:40:bc:34:c9:75:d9:cf:49:37:38:
7a:44:da:0a:2c:61:6b:c9:27:39:0b:17:0a:e6:de:
88:f5:0f:50:bc:13:5f:03:12:7d:a7:8b:f2:85:6e:
31:42:e8:39:b5:f3:73:0b:f9:d7:e9:ba:5e:7c:98:
37:8c:a9:d5:22:f9:42:a4:ec:7d:b0:2d:22:b1:7e:
d1:81:5c:bd:e8:ca:78:1b:5e:c0:22:85:32:36:7f:
f7:fd:fc:2f:77:3a:e6:2d:07:ef:3f:b8:21:8c:91:
46:74:ec:e8:eb:9d:0f:3d:46:5f:74:8e:c4:e4:0e:
93:c9:dc:29:ba:e3:a0:d1:75:58:f6:6b:2e:da:21:
c2:33:99:5a:73:22:d6:cb:73:57:c3:15:7a:d2:a4:
49:25:d2:76:59:d9:b0:46:7e:bd:8d:77:fb:f5:bb:
28:db:a5:f8:b5:7d:11:31:92:cb:83:f2:c9:7e:f8:
41:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:8E:D9:1D:D3:6A:3A:A9:AE:F4:9F:65:6E:73:E6:47:0B:77:C2:FC
X509v3 Authority Key Identifier:
keyid:D6:DB:AA:1B:52:F3:A7:32:89:FF:76:8A:CB:7B:AA:7F:38:7F:95:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/YI7ZHdNqOqmu9J9lbnPmRwt3wvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.21.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:a1:a6:47:26:c0:9b:fa:0c:c1:80:ff:97:d7:1d:28:d3:bb:
e3:bd:78:cf:20:e4:e1:2f:21:a9:72:40:80:0c:da:79:e0:cc:
9e:44:73:cb:de:ba:e9:04:1f:c0:39:cf:de:f0:54:23:c1:23:
44:38:2c:4f:e4:f6:eb:a8:8e:68:0a:0a:71:12:e9:bf:29:44:
e9:73:68:eb:f3:53:d5:40:db:95:fc:76:2a:8c:3d:27:6d:0a:
53:fd:bd:cb:1b:1e:0b:5b:b5:78:77:2b:27:7e:83:19:a2:e7:
2c:ac:50:e1:83:b9:38:e6:19:33:b2:78:13:48:c8:16:b3:9a:
c5:d3:2a:1a:e5:65:3c:31:af:44:62:df:82:7c:21:0f:9d:99:
7f:4a:be:cc:d1:28:b1:63:8f:9c:01:b9:fa:99:49:6a:02:7e:
fd:fa:30:1c:3e:dd:df:0d:e4:9b:09:2d:01:85:8e:3a:ed:b3:
b8:4d:d8:54:9c:c5:59:fc:06:a9:e3:1f:db:df:1a:0c:a6:10:
75:6d:b1:04:a5:5a:b4:f1:ed:1b:e3:dc:3c:00:2a:ae:8f:29:
83:13:79:72:d2:5e:ce:8d:00:3f:57:5f:22:05:d8:64:0d:0a:
68:30:27:35:f8:c9:9b:1c:c3:30:b6:18:27:d8:6c:a4:ca:34:
be:4b:99:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrJVi/K6StRFZuZTUmzBuUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZGJhYTFiNTJmM2E3MzI4OWZmNzY4YWNiN2JhYTdmMzg3
Zjk1NWYwHhcNMjMwMTAxMDIyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDhlZDkxZGQzNmEzYWE5YWVmNDlmNjU2ZTczZTY0NzBiNzdjMmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/3YsiLLCwU8ir2H9aipBlPTfUYb
mcM6YwBLVNOJHVa9tIpH5QDMDXgnZvXonu0rlCsioP6ZLBGv3lI3BPfEITQzu2mS
4d/p8MpgkO7jeEC8NMl12c9JNzh6RNoKLGFrySc5CxcK5t6I9Q9QvBNfAxJ9p4vy
hW4xQug5tfNzC/nX6bpefJg3jKnVIvlCpOx9sC0isX7RgVy96Mp4G17AIoUyNn/3
/fwvdzrmLQfvP7ghjJFGdOzo650PPUZfdI7E5A6TydwpuuOg0XVY9msu2iHCM5la
cyLWy3NXwxV60qRJJdJ2WdmwRn69jXf79bso26X4tX0RMZLLg/LJfvhBlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGCO2R3TajqprvSfZW5z5kcLd8L8MB8GA1UdIwQY
MBaAFNbbqhtS86cyif92ist7qn84f5VfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXR1cUcxTHpwektKXzNhS3kzdXFmemhfbFY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9iMGI2ZTctM2UyMy00NDI2LThjODQt
ZmFiODNkNDAzNTU4LzEvWUk3WkhkTnFPcW11OUo5bGJuUG1Sd3Qzd3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9iMGI2ZTctM2UyMy00NDI2LThjODQtZmFiODNkNDAzNTU4
LzEvMXR1cUcxTHpwektKXzNhS3kzdXFmemhfbFY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9AVMA0G
CSqGSIb3DQEBCwUAA4IBAQBcoaZHJsCb+gzBgP+X1x0o07vjvXjPIOThLyGpckCA
DNp54MyeRHPL3rrpBB/AOc/e8FQjwSNEOCxP5PbrqI5oCgpxEum/KUTpc2jr81PV
QNuV/HYqjD0nbQpT/b3LGx4LW7V4dysnfoMZoucsrFDhg7k45hkzsngTSMgWs5rF
0yoa5WU8Ma9EYt+CfCEPnZl/Sr7M0SixY4+cAbn6mUlqAn79+jAcPt3fDeSbCS0B
hY467bO4TdhUnMVZ/Aap4x/b3xoMphB1bbEEpVq08e0b49w8ACqujymDE3ly0l7O
jQA/V18iBdhkDQpoMCc1+MmbHMMwthgn2GykyjS+S5mj
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:36:09 2024 by rpki-client on console-ams.rpki-client.org