Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/df1bcc-0200-46cb-a933-66340bbff0b9/1/kszcW5WnP1sP4IhOm0e5nQF3IWE.roa
File: kszcW5WnP1sP4IhOm0e5nQF3IWE.roa (raw, json)
Hash identifier: sjixkhTxAkarlxL+Z8k4i/ma3s/5YHsSwE2Yl4LMfFY=
Subject key identifier: 92:CC:DC:5B:95:A7:3F:5B:0F:E0:88:4E:9B:47:B9:9D:01:77:21:61
Certificate issuer: /CN=1b646d42ce89d4093e4ac927a7f236f37a51abe2
Certificate serial: 01857295CDBFC24C72452BD6AA760922B0F0
Authority key identifier: 1B:64:6D:42:CE:89:D4:09:3E:4A:C9:27:A7:F2:36:F3:7A:51:AB:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2RtQs6J1Ak-Ssknp_I283pRq-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/df1bcc-0200-46cb-a933-66340bbff0b9/1/kszcW5WnP1sP4IhOm0e5nQF3IWE.roa
Signing time: Mon 02 Jan 2023 13:04:58 +0000
ROA not before: Mon 02 Jan 2023 13:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33843
IP address blocks: 91.206.46.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:cd:bf:c2:4c:72:45:2b:d6:aa:76:09:22:b0:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b646d42ce89d4093e4ac927a7f236f37a51abe2
Validity
Not Before: Jan 2 13:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92ccdc5b95a73f5b0fe0884e9b47b99d01772161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a8:80:fd:b8:30:e3:3f:22:fa:6a:7d:a8:c8:
14:34:53:df:d4:11:ee:57:56:c1:f0:37:d9:19:f0:
4b:f9:29:7e:ca:c3:48:7c:d0:e4:1a:46:69:99:92:
3d:5d:e8:4e:3d:44:d3:72:0b:98:ac:7e:19:e6:e2:
52:98:e6:15:e8:50:ed:fa:a7:01:c1:3a:dd:e8:53:
f4:f9:f3:f3:a5:08:b4:3f:94:d1:b7:a3:59:ac:b6:
25:8a:54:7d:aa:3f:a2:76:c5:ef:8c:99:f0:02:ec:
76:e0:63:e4:d7:62:4e:6d:31:81:b3:e7:dc:3a:3f:
ea:fc:b5:8a:6f:d5:bf:11:dd:38:d8:f1:b9:23:65:
9d:93:00:06:0a:8b:76:b3:87:0e:ea:27:73:9f:43:
c9:fc:60:58:69:ab:17:d4:33:32:9d:3b:18:73:4f:
a3:96:85:7d:45:d5:17:dd:55:f6:c7:5c:0a:01:27:
3a:3e:a3:97:57:ab:9b:a3:0d:6f:4d:4f:04:4c:dd:
66:a3:70:17:3f:d5:b7:31:b7:0d:09:bc:d1:44:b2:
77:72:df:39:ae:75:76:8e:89:d1:57:35:42:d8:5e:
dc:f3:e6:cc:e0:27:bb:3c:15:df:66:8e:ea:97:d7:
c7:36:e7:4e:63:47:dd:c2:29:67:3c:ef:2b:63:a9:
8e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:CC:DC:5B:95:A7:3F:5B:0F:E0:88:4E:9B:47:B9:9D:01:77:21:61
X509v3 Authority Key Identifier:
keyid:1B:64:6D:42:CE:89:D4:09:3E:4A:C9:27:A7:F2:36:F3:7A:51:AB:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2RtQs6J1Ak-Ssknp_I283pRq-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/df1bcc-0200-46cb-a933-66340bbff0b9/1/kszcW5WnP1sP4IhOm0e5nQF3IWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/df1bcc-0200-46cb-a933-66340bbff0b9/1/G2RtQs6J1Ak-Ssknp_I283pRq-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.46.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:b0:7a:50:9e:48:bc:57:67:fd:d9:de:a1:d6:73:1f:39:c6:
81:d5:93:67:f1:c7:09:6a:0d:81:ea:5d:65:a9:24:26:41:af:
f0:f2:4b:b4:95:a4:14:3b:d3:7d:b0:f7:c6:ad:44:fd:98:9a:
ed:b0:b2:29:5a:b2:54:3d:d3:dc:6d:62:fc:c3:1f:1d:84:ed:
0b:90:3a:41:14:b1:44:58:35:3b:a3:9b:15:d1:45:b4:9e:ae:
2b:59:ca:99:53:c2:5e:ed:c5:75:cc:62:93:67:a3:eb:7c:f2:
17:11:84:c6:00:72:77:dd:7b:75:2a:2c:98:45:89:e5:5f:1e:
7d:64:a5:aa:2c:de:ed:f6:d9:a1:4b:28:47:15:eb:f9:b8:ac:
b6:e4:72:07:cb:d4:12:76:d8:98:0f:52:a8:8a:61:dc:0e:bf:
f6:39:09:ce:60:83:e2:3b:24:4d:69:a5:7d:f2:8b:0b:fb:0d:
00:cd:2b:1a:e5:92:33:28:4d:17:34:c4:b0:da:7b:b4:21:dc:
48:72:cf:a0:29:36:9a:3d:95:3d:99:47:cc:95:c7:78:eb:49:
da:d1:f3:d4:58:f5:5c:06:dd:c1:b6:58:40:84:00:2b:4f:7c:
0a:24:d3:00:4d:f3:81:0b:54:1e:d3:17:a9:5f:43:1a:fb:63:
cc:e8:4f:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVylc2/wkxyRSvWqnYJIrDwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNjQ2ZDQyY2U4OWQ0MDkzZTRhYzkyN2E3ZjIzNmYzN2E1
MWFiZTIwHhcNMjMwMTAyMTMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmNjZGM1Yjk1YTczZjViMGZlMDg4NGU5YjQ3Yjk5ZDAxNzcyMTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaiA/bgw4z8i+mp9qMgUNFPf1BHu
V1bB8DfZGfBL+Sl+ysNIfNDkGkZpmZI9XehOPUTTcguYrH4Z5uJSmOYV6FDt+qcB
wTrd6FP0+fPzpQi0P5TRt6NZrLYlilR9qj+idsXvjJnwAux24GPk12JObTGBs+fc
Oj/q/LWKb9W/Ed042PG5I2WdkwAGCot2s4cO6idzn0PJ/GBYaasX1DMynTsYc0+j
loV9RdUX3VX2x1wKASc6PqOXV6ubow1vTU8ETN1mo3AXP9W3MbcNCbzRRLJ3ct85
rnV2jonRVzVC2F7c8+bM4Ce7PBXfZo7ql9fHNudOY0fdwilnPO8rY6mOkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJLM3FuVpz9bD+CITptHuZ0BdyFhMB8GA1UdIwQY
MBaAFBtkbULOidQJPkrJJ6fyNvN6UaviMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJSdFFzNkoxQWstU3NrbnBfSTI4M3BScS1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kZjFiY2MtMDIwMC00NmNiLWE5MzMt
NjYzNDBiYmZmMGI5LzEva3N6Y1c1V25QMXNQNEloT20wZTVuUUYzSVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kZjFiY2MtMDIwMC00NmNiLWE5MzMtNjYzNDBiYmZmMGI5
LzEvRzJSdFFzNkoxQWstU3NrbnBfSTI4M3BScS1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW84uMA0G
CSqGSIb3DQEBCwUAA4IBAQALsHpQnki8V2f92d6h1nMfOcaB1ZNn8ccJag2B6l1l
qSQmQa/w8ku0laQUO9N9sPfGrUT9mJrtsLIpWrJUPdPcbWL8wx8dhO0LkDpBFLFE
WDU7o5sV0UW0nq4rWcqZU8Je7cV1zGKTZ6PrfPIXEYTGAHJ33Xt1KiyYRYnlXx59
ZKWqLN7t9tmhSyhHFev5uKy25HIHy9QSdtiYD1KoimHcDr/2OQnOYIPiOyRNaaV9
8osL+w0AzSsa5ZIzKE0XNMSw2nu0IdxIcs+gKTaaPZU9mUfMlcd460na0fPUWPVc
Bt3BtlhAhAArT3wKJNMATfOBC1Qe0xepX0Ma+2PM6E82
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:29 2024 by rpki-client on console-fra.rpki-client.org