Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/aca994-f3c0-45a4-a642-6d7602d24c83/1/XAcm_FnOIzxABdHVoJAxNM8a9hA.roa
File: XAcm_FnOIzxABdHVoJAxNM8a9hA.roa (raw, json)
Hash identifier: IQHv9eqO9tyUsSE4ekGhCLOzpjTPxm8Flw30HH61+No=
Subject key identifier: 5C:07:26:FC:59:CE:23:3C:40:05:D1:D5:A0:90:31:34:CF:1A:F6:10
Certificate issuer: /CN=8e6d75b4e4986faccb614b334e45d5e039352a9c
Certificate serial: 01856B77CB2F0A96B608F99BC5C6DAA0CEA0
Authority key identifier: 8E:6D:75:B4:E4:98:6F:AC:CB:61:4B:33:4E:45:D5:E0:39:35:2A:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jm11tOSYb6zLYUszTkXV4Dk1Kpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/aca994-f3c0-45a4-a642-6d7602d24c83/1/XAcm_FnOIzxABdHVoJAxNM8a9hA.roa
Signing time: Sun 01 Jan 2023 03:54:50 +0000
ROA not before: Sun 01 Jan 2023 03:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20691
IP address blocks: 91.209.188.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:77:cb:2f:0a:96:b6:08:f9:9b:c5:c6:da:a0:ce:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e6d75b4e4986faccb614b334e45d5e039352a9c
Validity
Not Before: Jan 1 03:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c0726fc59ce233c4005d1d5a0903134cf1af610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:fa:55:49:cf:8b:7b:78:51:81:38:dc:22:de:
2e:74:94:14:95:34:24:f0:84:69:65:9b:12:a5:eb:
94:f3:8a:ba:a3:03:9b:fe:22:13:4a:14:95:ae:e8:
a4:2f:42:d4:72:7f:7a:8f:61:8a:c4:89:c4:91:2c:
6b:33:d2:22:8d:f1:f9:1c:77:e6:31:fd:40:cc:22:
c5:70:50:77:51:35:37:5b:50:25:b2:c9:40:31:89:
10:4c:c9:25:59:79:d8:33:f3:e9:87:74:e1:c4:ba:
54:fc:22:e8:b6:f3:cd:15:e1:06:fa:e3:4a:b1:8b:
00:1d:b2:d5:8c:d8:d5:ea:a1:ba:bc:c0:e3:41:ff:
80:c6:09:fe:c5:05:d1:d7:a6:a4:d1:72:77:21:0d:
28:04:06:5b:6e:16:20:20:55:12:fa:50:78:f1:ff:
f4:fb:f8:ce:3d:09:91:14:61:84:6e:9a:d9:53:63:
21:d5:cc:21:0d:bd:a3:b3:ae:1d:7d:bd:02:74:fc:
d8:8b:18:8e:5b:37:e2:05:93:5f:ae:5e:21:39:cf:
7e:10:cf:6c:da:99:2f:d2:18:95:35:a7:a5:91:d2:
23:04:44:ec:e2:01:35:82:4b:a1:ae:03:1a:2b:0e:
74:00:ac:6b:be:75:c1:62:71:5a:c6:f4:64:a6:6a:
5f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:07:26:FC:59:CE:23:3C:40:05:D1:D5:A0:90:31:34:CF:1A:F6:10
X509v3 Authority Key Identifier:
keyid:8E:6D:75:B4:E4:98:6F:AC:CB:61:4B:33:4E:45:D5:E0:39:35:2A:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jm11tOSYb6zLYUszTkXV4Dk1Kpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/aca994-f3c0-45a4-a642-6d7602d24c83/1/XAcm_FnOIzxABdHVoJAxNM8a9hA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/aca994-f3c0-45a4-a642-6d7602d24c83/1/jm11tOSYb6zLYUszTkXV4Dk1Kpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.188.0/24
Signature Algorithm: sha256WithRSAEncryption
06:f1:0d:0a:10:52:b4:69:80:c7:97:58:86:dc:1d:3f:0b:3d:
5f:85:10:dc:30:ae:44:f7:b4:d4:5d:01:58:d0:0e:99:f2:7f:
b6:4b:ea:63:24:99:26:40:59:a6:e4:f9:8a:4d:9c:3c:cd:cc:
0e:b3:8d:d8:6b:ba:ea:31:e3:0a:a9:96:93:cc:d4:02:7c:b9:
e4:0c:da:4d:60:15:bb:40:1d:68:d9:95:4e:e4:a6:13:7f:35:
0a:57:83:63:80:7d:66:3a:f1:93:95:00:35:46:2e:72:33:1a:
60:58:24:c2:bb:4c:cd:93:f0:a4:34:c9:bb:67:5e:d8:aa:e2:
b4:e2:fd:df:01:46:a6:aa:d4:2c:02:d3:ae:5d:22:be:8d:e1:
25:ef:74:29:88:35:48:a3:f8:0c:ad:d9:68:69:9d:97:4c:2c:
98:35:09:52:ee:9b:e0:b5:3a:6c:30:11:4c:84:b6:27:58:43:
9c:7e:f7:0f:c2:4e:09:d4:75:e2:56:b3:1f:54:a2:da:0b:0a:
a3:e3:ef:ac:e7:e6:b3:02:ce:ab:2b:3b:99:4b:ca:9a:ba:03:
cd:57:d1:9b:b3:62:5a:c2:a0:0d:d4:cf:58:38:0a:a6:65:c2:
e5:09:8b:c5:44:71:a3:d7:15:15:3c:95:47:39:cf:d3:40:44:
25:61:34:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrd8svCpa2CPmbxcbaoM6gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNmQ3NWI0ZTQ5ODZmYWNjYjYxNGIzMzRlNDVkNWUwMzkz
NTJhOWMwHhcNMjMwMTAxMDM1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzA3MjZmYzU5Y2UyMzNjNDAwNWQxZDVhMDkwMzEzNGNmMWFmNjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvpVSc+Le3hRgTjcIt4udJQUlTQk
8IRpZZsSpeuU84q6owOb/iITShSVruikL0LUcn96j2GKxInEkSxrM9IijfH5HHfm
Mf1AzCLFcFB3UTU3W1AlsslAMYkQTMklWXnYM/Pph3ThxLpU/CLotvPNFeEG+uNK
sYsAHbLVjNjV6qG6vMDjQf+Axgn+xQXR16ak0XJ3IQ0oBAZbbhYgIFUS+lB48f/0
+/jOPQmRFGGEbprZU2Mh1cwhDb2js64dfb0CdPzYixiOWzfiBZNfrl4hOc9+EM9s
2pkv0hiVNaelkdIjBETs4gE1gkuhrgMaKw50AKxrvnXBYnFaxvRkpmpfvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwHJvxZziM8QAXR1aCQMTTPGvYQMB8GA1UdIwQY
MBaAFI5tdbTkmG+sy2FLM05F1eA5NSqcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam0xMXRPU1liNnpMWVVzelRrWFY0RGsxS3B3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9hY2E5OTQtZjNjMC00NWE0LWE2NDIt
NmQ3NjAyZDI0YzgzLzEvWEFjbV9Gbk9JenhBQmRIVm9KQXhOTThhOWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9hY2E5OTQtZjNjMC00NWE0LWE2NDItNmQ3NjAyZDI0Yzgz
LzEvam0xMXRPU1liNnpMWVVzelRrWFY0RGsxS3B3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9G8MA0G
CSqGSIb3DQEBCwUAA4IBAQAG8Q0KEFK0aYDHl1iG3B0/Cz1fhRDcMK5E97TUXQFY
0A6Z8n+2S+pjJJkmQFmm5PmKTZw8zcwOs43Ya7rqMeMKqZaTzNQCfLnkDNpNYBW7
QB1o2ZVO5KYTfzUKV4NjgH1mOvGTlQA1Ri5yMxpgWCTCu0zNk/CkNMm7Z17YquK0
4v3fAUamqtQsAtOuXSK+jeEl73QpiDVIo/gMrdloaZ2XTCyYNQlS7pvgtTpsMBFM
hLYnWEOcfvcPwk4J1HXiVrMfVKLaCwqj4++s5+azAs6rKzuZS8qaugPNV9Gbs2Ja
wqAN1M9YOAqmZcLlCYvFRHGj1xUVPJVHOc/TQEQlYTRR
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:53:19 2024 by rpki-client on console-fra.rpki-client.org