Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/bYjwzcmPfDBRRfpqyMqsFYTetoA.roa
File: bYjwzcmPfDBRRfpqyMqsFYTetoA.roa (raw, json)
Hash identifier: FMmIJw8eKCNbOm9q2cZ+0+qqtplploFbs9m6AcM3dF0=
Subject key identifier: 6D:88:F0:CD:C9:8F:7C:30:51:45:FA:6A:C8:CA:AC:15:84:DE:B6:80
Certificate issuer: /CN=d6dbaa1b52f3a73289ff768acb7baa7f387f955f
Certificate serial: 01856B255A125EF9896687DB4CAC9BA336E6
Authority key identifier: D6:DB:AA:1B:52:F3:A7:32:89:FF:76:8A:CB:7B:AA:7F:38:7F:95:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/bYjwzcmPfDBRRfpqyMqsFYTetoA.roa
Signing time: Sun 01 Jan 2023 02:24:48 +0000
ROA not before: Sun 01 Jan 2023 02:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29802
IP address blocks: 91.208.0.0/24 maxlen: 24
91.208.16.0/24 maxlen: 24
91.208.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:25:5a:12:5e:f9:89:66:87:db:4c:ac:9b:a3:36:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6dbaa1b52f3a73289ff768acb7baa7f387f955f
Validity
Not Before: Jan 1 02:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d88f0cdc98f7c305145fa6ac8caac1584deb680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0e:9e:6b:86:e5:05:dd:42:89:61:88:db:9e:
f2:cc:69:95:54:a0:98:d7:72:21:9d:6d:92:ba:c7:
c5:47:7e:a7:a8:8c:14:24:03:18:c1:35:8f:a3:0d:
91:ce:41:cd:8d:e3:36:03:52:fe:17:6b:88:94:fb:
71:3a:7d:05:80:c7:c6:10:df:ad:a1:d8:0f:4c:8a:
c6:21:ab:79:4e:de:9f:be:36:79:a5:a2:25:a4:80:
07:4f:17:8a:8c:c9:8b:12:51:3d:ba:af:fe:9a:2f:
5a:c3:31:98:6a:aa:e3:2c:25:e8:fe:8a:7f:28:6a:
7a:06:ae:47:c7:4b:7d:42:1c:5d:78:8c:99:ed:00:
b1:0c:01:db:33:83:f5:da:61:e6:71:ff:b8:46:c8:
45:13:20:77:0f:e9:46:2d:13:4b:bf:11:f1:69:76:
e6:68:9e:72:03:90:d9:8f:b2:ed:4b:0d:d6:0c:3b:
8c:db:f2:2f:8d:b1:56:85:44:e5:34:3b:49:04:71:
ec:42:b6:bd:7f:79:1f:8a:8b:70:c5:a0:a0:f0:a3:
08:be:b9:83:54:e6:a4:b6:45:13:da:56:62:89:40:
a6:91:21:d3:0b:e3:d2:43:55:1e:11:1f:59:8d:97:
4d:f0:63:19:b2:53:3c:13:49:09:0d:07:7f:ed:6b:
5e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:88:F0:CD:C9:8F:7C:30:51:45:FA:6A:C8:CA:AC:15:84:DE:B6:80
X509v3 Authority Key Identifier:
keyid:D6:DB:AA:1B:52:F3:A7:32:89:FF:76:8A:CB:7B:AA:7F:38:7F:95:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/bYjwzcmPfDBRRfpqyMqsFYTetoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.0.0/24
91.208.16.0/24
91.208.19.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:fa:dc:da:34:b4:71:9c:aa:21:3d:d4:0e:42:d2:93:43:5f:
d0:a0:72:9e:a8:f5:3b:0e:01:ed:4f:09:32:a6:33:2b:bc:c3:
dc:ad:2d:09:2f:b1:33:ee:5c:18:92:19:3e:3e:be:3a:f7:75:
63:ac:b5:9f:bd:04:e8:75:b1:07:78:99:0a:1d:44:10:f8:5b:
bd:f3:77:99:16:6f:31:3c:a3:c7:a6:41:0f:27:60:5d:c8:1d:
06:d7:eb:49:73:ea:fa:14:25:22:ce:cf:e1:22:9f:d1:d0:10:
f8:d2:0c:41:bb:2a:90:fc:52:11:80:88:27:6c:03:16:df:fc:
88:aa:11:90:ea:20:4b:ff:41:aa:68:89:dc:e8:c3:9f:48:e1:
db:a6:30:f5:86:79:ef:7c:c5:c9:30:ea:2d:41:ca:a0:aa:6d:
75:f9:1d:9d:26:37:a2:9f:1f:5b:01:fa:07:92:06:ca:67:a8:
ef:65:08:d7:16:12:c5:30:f8:4b:40:86:3e:fc:76:5e:bd:92:
55:69:97:2c:e2:7c:fd:f0:42:1f:76:da:f3:bf:28:81:e2:ec:
00:8d:d7:40:aa:75:8d:08:6f:41:78:a7:5e:eb:10:c4:ac:ff:
7e:3d:9c:4d:0a:15:1c:48:4e:1d:b4:be:00:f3:0d:f1:c8:12:
26:f2:ac:dd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVrJVoSXvmJZofbTKybozbmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZGJhYTFiNTJmM2E3MzI4OWZmNzY4YWNiN2JhYTdmMzg3
Zjk1NWYwHhcNMjMwMTAxMDIyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDg4ZjBjZGM5OGY3YzMwNTE0NWZhNmFjOGNhYWMxNTg0ZGViNjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ6ea4blBd1CiWGI257yzGmVVKCY
13IhnW2SusfFR36nqIwUJAMYwTWPow2RzkHNjeM2A1L+F2uIlPtxOn0FgMfGEN+t
odgPTIrGIat5Tt6fvjZ5paIlpIAHTxeKjMmLElE9uq/+mi9awzGYaqrjLCXo/op/
KGp6Bq5Hx0t9QhxdeIyZ7QCxDAHbM4P12mHmcf+4RshFEyB3D+lGLRNLvxHxaXbm
aJ5yA5DZj7LtSw3WDDuM2/IvjbFWhUTlNDtJBHHsQra9f3kfiotwxaCg8KMIvrmD
VOaktkUT2lZiiUCmkSHTC+PSQ1UeER9ZjZdN8GMZslM8E0kJDQd/7WteVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG2I8M3Jj3wwUUX6asjKrBWE3raAMB8GA1UdIwQY
MBaAFNbbqhtS86cyif92ist7qn84f5VfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXR1cUcxTHpwektKXzNhS3kzdXFmemhfbFY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9iMGI2ZTctM2UyMy00NDI2LThjODQt
ZmFiODNkNDAzNTU4LzEvYllqd3pjbVBmREJSUmZwcXlNcXNGWVRldG9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9iMGI2ZTctM2UyMy00NDI2LThjODQtZmFiODNkNDAzNTU4
LzEvMXR1cUcxTHpwektKXzNhS3kzdXFmemhfbFY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9AAAwQA
W9AQAwQAW9ATMA0GCSqGSIb3DQEBCwUAA4IBAQAa+tzaNLRxnKohPdQOQtKTQ1/Q
oHKeqPU7DgHtTwkypjMrvMPcrS0JL7Ez7lwYkhk+Pr4693VjrLWfvQTodbEHeJkK
HUQQ+Fu983eZFm8xPKPHpkEPJ2BdyB0G1+tJc+r6FCUizs/hIp/R0BD40gxBuyqQ
/FIRgIgnbAMW3/yIqhGQ6iBL/0GqaInc6MOfSOHbpjD1hnnvfMXJMOotQcqgqm11
+R2dJjeinx9bAfoHkgbKZ6jvZQjXFhLFMPhLQIY+/HZevZJVaZcs4nz98EIfdtrz
vyiB4uwAjddAqnWNCG9BeKde6xDErP9+PZxNChUcSE4dtL4A8w3xyBIm8qzd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:57 2024 by rpki-client on console-ams.rpki-client.org