Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/0y3CFF_uo-7enXmRsHW5zHYBThU.roa
File: 0y3CFF_uo-7enXmRsHW5zHYBThU.roa (raw, json)
Hash identifier: ajhuRqe4yVoHioHHcMMsZgMhMMEPGgYP0t8GKuYs94Q=
Subject key identifier: D3:2D:C2:14:5F:EE:A3:EE:DE:9D:79:91:B0:75:B9:CC:76:01:4E:15
Certificate issuer: /CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Certificate serial: 018570D52899B913B6062DF9A1E09AC6D729
Authority key identifier: F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/0y3CFF_uo-7enXmRsHW5zHYBThU.roa
Signing time: Mon 02 Jan 2023 04:54:55 +0000
ROA not before: Mon 02 Jan 2023 04:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 266260
IP address blocks: 91.123.0.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:28:99:b9:13:b6:06:2d:f9:a1:e0:9a:c6:d7:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Validity
Not Before: Jan 2 04:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d32dc2145feea3eede9d7991b075b9cc76014e15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6b:05:23:39:c4:de:a4:dc:c2:df:d8:93:24:
08:d7:99:fb:ba:c8:38:d5:c8:f9:83:72:72:a1:78:
4e:ad:e5:e5:dc:7e:96:90:f4:ff:e8:bb:0a:a7:20:
12:ed:7b:5d:9b:9f:55:a7:6e:85:89:cc:5d:8a:be:
9b:2c:6f:c9:a0:92:81:0d:78:c9:67:49:26:b4:cc:
6d:5c:b8:07:e4:99:2d:80:2c:43:af:34:ce:6f:5a:
22:c8:fc:db:37:8e:ff:7c:ad:a0:72:6f:32:c3:22:
d8:e3:00:35:c2:86:38:31:c0:5d:cb:70:c6:1d:c1:
4b:86:7c:49:e6:78:a1:0e:90:26:f7:2f:60:9d:ee:
31:58:94:96:db:33:9a:67:08:4c:80:ad:2f:02:cb:
84:94:d2:5f:a5:44:c7:b2:de:b9:8b:16:c8:55:5f:
1d:35:a9:ad:bd:7c:2b:cb:de:90:40:b2:87:c0:8e:
e8:8b:d4:7f:d2:b0:b7:87:ba:f6:8a:13:58:89:9f:
b5:cc:83:dc:1c:01:a3:e5:9f:25:8d:b4:3a:95:c5:
57:c0:e3:6f:b8:46:69:9d:4a:b4:30:a0:7d:a0:ed:
0d:5b:f0:0a:b1:e6:be:ab:b0:8f:9a:46:42:e2:49:
d6:9b:1e:9d:fb:61:68:14:84:f0:f3:4e:44:93:df:
14:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:2D:C2:14:5F:EE:A3:EE:DE:9D:79:91:B0:75:B9:CC:76:01:4E:15
X509v3 Authority Key Identifier:
keyid:F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/0y3CFF_uo-7enXmRsHW5zHYBThU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.123.0.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:f9:48:48:15:2d:94:e6:0b:f3:49:c9:aa:db:44:e5:a0:85:
fc:af:aa:23:25:bb:1b:09:c7:f4:44:dc:a8:8b:f9:d5:b2:d0:
4e:37:e5:be:8f:96:79:c9:46:1d:7c:36:aa:92:c6:eb:ee:1b:
92:da:d1:1f:07:ee:90:32:46:92:fb:34:84:74:03:bb:54:4f:
d8:47:cb:3d:c8:20:f1:09:48:7f:db:3c:3f:f6:ce:54:ad:da:
e3:99:83:f2:8b:03:c4:f2:09:0a:28:86:5e:fa:b4:d7:ee:6f:
69:1d:12:e1:21:40:e4:d0:1a:f6:77:04:60:ea:d8:00:b4:ec:
9e:18:a0:e0:5d:ad:c8:f7:3b:56:25:bd:94:d2:2e:76:cc:66:
2d:cf:c0:e2:23:de:75:eb:bc:86:bd:b0:15:e0:e3:28:95:bf:
44:09:65:dc:41:ac:8f:91:41:6e:5e:89:f1:b6:88:2d:50:6c:
89:38:23:58:a1:51:29:d2:89:38:97:94:c7:1b:36:e8:bd:3b:
af:54:79:21:a9:57:e6:03:30:6b:65:1e:75:02:bf:fa:f8:69:
96:19:5b:5a:1e:98:9e:a4:6d:ea:61:8c:d8:61:8f:40:16:82:
60:63:4a:df:40:e3:07:e4:af:16:61:47:3c:b7:7f:5d:3c:48:
4e:1a:0d:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1SiZuRO2Bi35oeCaxtcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2M3YTQ0NzQ4MmU1N2IwNjA0YmFiYjgyYTUyNDA5Y2Rl
M2IzNmQwHhcNMjMwMTAyMDQ1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzJkYzIxNDVmZWVhM2VlZGU5ZDc5OTFiMDc1YjljYzc2MDE0ZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWsFIznE3qTcwt/YkyQI15n7usg4
1cj5g3JyoXhOreXl3H6WkPT/6LsKpyAS7Xtdm59Vp26Ficxdir6bLG/JoJKBDXjJ
Z0kmtMxtXLgH5JktgCxDrzTOb1oiyPzbN47/fK2gcm8ywyLY4wA1woY4McBdy3DG
HcFLhnxJ5nihDpAm9y9gne4xWJSW2zOaZwhMgK0vAsuElNJfpUTHst65ixbIVV8d
NamtvXwry96QQLKHwI7oi9R/0rC3h7r2ihNYiZ+1zIPcHAGj5Z8ljbQ6lcVXwONv
uEZpnUq0MKB9oO0NW/AKsea+q7CPmkZC4knWmx6d+2FoFITw805Ek98UswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNMtwhRf7qPu3p15kbB1ucx2AU4VMB8GA1UdIwQY
MBaAFPDMekR0guV7BgS6u4KlJAnN47NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUt
ZmEzMmQyZDUyOTY4LzEvMHkzQ0ZGX3VvLTdlblhtUnNIVzV6SFlCVGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUtZmEzMmQyZDUyOTY4
LzEvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW3sAMA0G
CSqGSIb3DQEBCwUAA4IBAQBL+UhIFS2U5gvzScmq20TloIX8r6ojJbsbCcf0RNyo
i/nVstBON+W+j5Z5yUYdfDaqksbr7huS2tEfB+6QMkaS+zSEdAO7VE/YR8s9yCDx
CUh/2zw/9s5UrdrjmYPyiwPE8gkKKIZe+rTX7m9pHRLhIUDk0Br2dwRg6tgAtOye
GKDgXa3I9ztWJb2U0i52zGYtz8DiI95167yGvbAV4OMolb9ECWXcQayPkUFuXonx
togtUGyJOCNYoVEp0ok4l5THGzbovTuvVHkhqVfmAzBrZR51Ar/6+GmWGVtaHpie
pG3qYYzYYY9AFoJgY0rfQOMH5K8WYUc8t39dPEhOGg1Y
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-fra.rpki-client.org