Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/756e9d-b410-42e0-969f-ee59e376f7ca/1/514XUSjbi0UxnjZoVw1V-c0fIwY.roa
File: 514XUSjbi0UxnjZoVw1V-c0fIwY.roa (raw, json)
Hash identifier: 3tH38TdWiNZ0aRKNSEPeXiD5eVThLnlH349BUftujQg=
Subject key identifier: E7:5E:17:51:28:DB:8B:45:31:9E:36:68:57:0D:55:F9:CD:1F:23:06
Certificate issuer: /CN=df84f759a661f69f2acf1b7233fadc944920c557
Certificate serial: 0186DB46BF678D39AB224AA19F38A54B9C10
Authority key identifier: DF:84:F7:59:A6:61:F6:9F:2A:CF:1B:72:33:FA:DC:94:49:20:C5:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34T3WaZh9p8qzxtyM_rclEkgxVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/756e9d-b410-42e0-969f-ee59e376f7ca/1/514XUSjbi0UxnjZoVw1V-c0fIwY.roa
Signing time: Mon 13 Mar 2023 14:01:32 +0000
ROA not before: Mon 13 Mar 2023 14:01:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50214
IP address blocks: 91.198.211.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:db:46:bf:67:8d:39:ab:22:4a:a1:9f:38:a5:4b:9c:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df84f759a661f69f2acf1b7233fadc944920c557
Validity
Not Before: Mar 13 14:01:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e75e175128db8b45319e3668570d55f9cd1f2306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fb:5b:2d:77:3c:e6:6b:6c:40:26:40:d8:03:
4d:bc:f3:46:4f:58:f3:ce:14:fb:10:a9:34:b7:ae:
87:e8:fc:da:08:79:ed:53:4b:2e:76:9a:18:b6:02:
00:16:f4:ae:e1:6d:1e:b4:fc:af:42:ae:fe:13:e5:
ad:bc:43:ba:48:67:9a:38:2b:9e:0c:80:22:5a:dd:
70:a7:bd:41:50:c2:0c:55:cf:37:f0:d6:70:c5:1e:
ab:ef:cc:26:91:51:28:19:aa:5f:25:da:7c:47:aa:
4f:bc:75:e5:38:f1:9b:59:28:97:9b:ea:45:fd:df:
fa:66:4a:16:01:e5:08:b2:f0:0e:83:4e:77:cd:93:
dc:42:f1:d0:c8:b1:26:13:51:48:8f:6e:0f:e5:ad:
b0:37:cb:22:7f:e8:a5:e1:0c:52:2a:2b:23:0d:ba:
72:a6:09:cf:00:47:63:8b:32:e4:5f:4a:14:e0:c5:
e7:3b:df:7a:49:e1:b2:4d:8e:d1:51:0c:4f:b9:ed:
02:52:ac:b7:34:d0:1a:b0:8e:12:38:a9:fc:b4:a7:
43:91:ce:15:25:ef:94:9a:46:93:05:62:6c:fb:95:
06:04:e5:af:5d:17:10:f0:bb:84:27:d9:bf:44:a7:
8c:74:85:8d:28:28:34:fc:90:7a:c6:7e:f5:af:d7:
a8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:5E:17:51:28:DB:8B:45:31:9E:36:68:57:0D:55:F9:CD:1F:23:06
X509v3 Authority Key Identifier:
keyid:DF:84:F7:59:A6:61:F6:9F:2A:CF:1B:72:33:FA:DC:94:49:20:C5:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34T3WaZh9p8qzxtyM_rclEkgxVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/756e9d-b410-42e0-969f-ee59e376f7ca/1/514XUSjbi0UxnjZoVw1V-c0fIwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/756e9d-b410-42e0-969f-ee59e376f7ca/1/34T3WaZh9p8qzxtyM_rclEkgxVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.211.0/24
Signature Algorithm: sha256WithRSAEncryption
12:6c:41:59:53:eb:fc:2e:4b:ce:a6:6d:34:ec:94:fd:48:6c:
24:79:94:37:fc:67:73:6b:e8:0b:18:b0:90:fa:06:f4:09:d8:
48:4d:59:26:af:9f:29:2d:da:21:8a:89:b7:58:89:c4:b3:b4:
5e:5d:bb:ac:30:4c:5b:8d:e3:89:5f:3e:16:00:79:8e:1c:41:
f6:ab:08:2e:62:22:4e:5e:da:88:2b:b9:cc:d5:67:f2:ac:fb:
bb:3b:8f:26:56:b2:10:d7:f8:a7:98:d2:54:da:71:97:c0:fe:
71:9d:3a:31:73:35:67:98:fe:f9:12:b1:a9:d1:4a:cb:27:c5:
11:fa:47:ba:fe:aa:c9:82:c5:13:2a:ad:d5:55:5e:cf:85:be:
a7:c8:02:64:da:f2:92:1e:1a:15:a3:73:af:b9:86:71:b5:65:
ac:67:83:d8:d5:e0:a6:b9:6b:f3:cf:0c:93:86:01:e0:17:a6:
52:d2:3d:d9:34:e3:4e:92:81:62:6e:cc:fd:f9:ba:c0:74:56:
88:57:e1:84:2c:8e:ec:ed:23:4d:03:cb:58:2e:23:a4:f1:0b:
4c:3f:ba:42:16:c9:36:7c:9e:fe:fd:ab:2c:58:6e:71:d7:dd:
1f:53:5a:f8:09:82:b2:d9:88:ea:0f:82:da:33:18:04:02:31:
dd:25:1f:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbbRr9njTmrIkqhnzilS5wQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmODRmNzU5YTY2MWY2OWYyYWNmMWI3MjMzZmFkYzk0NDky
MGM1NTcwHhcNMjMwMzEzMTQwMTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzVlMTc1MTI4ZGI4YjQ1MzE5ZTM2Njg1NzBkNTVmOWNkMWYyMzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPtbLXc85mtsQCZA2ANNvPNGT1jz
zhT7EKk0t66H6PzaCHntU0sudpoYtgIAFvSu4W0etPyvQq7+E+WtvEO6SGeaOCue
DIAiWt1wp71BUMIMVc838NZwxR6r78wmkVEoGapfJdp8R6pPvHXlOPGbWSiXm+pF
/d/6ZkoWAeUIsvAOg053zZPcQvHQyLEmE1FIj24P5a2wN8sif+il4QxSKisjDbpy
pgnPAEdjizLkX0oU4MXnO996SeGyTY7RUQxPue0CUqy3NNAasI4SOKn8tKdDkc4V
Je+UmkaTBWJs+5UGBOWvXRcQ8LuEJ9m/RKeMdIWNKCg0/JB6xn71r9eowQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOdeF1Eo24tFMZ42aFcNVfnNHyMGMB8GA1UdIwQY
MBaAFN+E91mmYfafKs8bcjP63JRJIMVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzRUM1dhWmg5cDhxenh0eU1fcmNsRWtneFZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi83NTZlOWQtYjQxMC00MmUwLTk2OWYt
ZWU1OWUzNzZmN2NhLzEvNTE0WFVTamJpMFV4bmpab1Z3MVYtYzBmSXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi83NTZlOWQtYjQxMC00MmUwLTk2OWYtZWU1OWUzNzZmN2Nh
LzEvMzRUM1dhWmg5cDhxenh0eU1fcmNsRWtneFZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8bTMA0G
CSqGSIb3DQEBCwUAA4IBAQASbEFZU+v8LkvOpm007JT9SGwkeZQ3/Gdza+gLGLCQ
+gb0CdhITVkmr58pLdohiom3WInEs7ReXbusMExbjeOJXz4WAHmOHEH2qwguYiJO
XtqIK7nM1WfyrPu7O48mVrIQ1/inmNJU2nGXwP5xnToxczVnmP75ErGp0UrLJ8UR
+ke6/qrJgsUTKq3VVV7Phb6nyAJk2vKSHhoVo3OvuYZxtWWsZ4PY1eCmuWvzzwyT
hgHgF6ZS0j3ZNONOkoFibsz9+brAdFaIV+GELI7s7SNNA8tYLiOk8QtMP7pCFsk2
fJ7+/assWG5x190fU1r4CYKy2YjqD4LaMxgEAjHdJR/s
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:55 2024 by rpki-client on console-fra.rpki-client.org