Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/s1gKDBpp_C9TZdS_R-nuI9ElrVY.roa
File: s1gKDBpp_C9TZdS_R-nuI9ElrVY.roa (raw, json)
Hash identifier: Dulj5nCyW3mnXNc6f6+PSn86WPtZHRaH85dmC8qrYfM=
Subject key identifier: B3:58:0A:0C:1A:69:FC:2F:53:65:D4:BF:47:E9:EE:23:D1:25:AD:56
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 01856D4AE75BCEC5D2E77E3C8CF793E34EEB
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/s1gKDBpp_C9TZdS_R-nuI9ElrVY.roa
Signing time: Sun 01 Jan 2023 12:25:03 +0000
ROA not before: Sun 01 Jan 2023 12:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51789
IP address blocks: 91.220.109.0/24 maxlen: 24
193.164.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:e7:5b:ce:c5:d2:e7:7e:3c:8c:f7:93:e3:4e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Jan 1 12:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3580a0c1a69fc2f5365d4bf47e9ee23d125ad56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:5b:90:2a:aa:85:88:d2:2e:46:78:e9:e8:dc:
f2:ec:4c:95:c7:0a:1c:48:27:1a:f6:cf:42:d1:e7:
9f:a5:56:24:1f:58:20:b0:4b:a1:72:c7:58:08:dc:
88:27:02:75:9b:72:08:da:8e:1c:a4:8e:15:43:81:
1f:50:7e:49:2a:f1:b4:96:01:77:b6:6b:41:80:70:
c0:ce:55:c3:a4:09:b0:bd:49:a9:99:f1:63:ba:2a:
f3:9e:a5:a1:a8:a8:15:9f:f6:2a:b7:15:c2:89:3a:
6a:2a:07:c0:cf:78:f1:7c:cd:31:4a:8e:6e:9b:d4:
86:88:b3:75:6a:4b:dc:54:10:00:04:6b:a4:ec:7c:
51:fe:fb:c6:9f:c2:0b:98:7c:a0:66:97:6c:2e:c5:
df:7c:23:23:97:43:a4:69:db:28:67:5d:87:0d:ce:
d7:05:34:f2:af:d0:99:49:1c:fc:76:b1:bd:ec:5a:
35:e4:c2:2d:7c:92:74:7e:b8:56:8d:92:57:3e:b0:
84:72:39:d2:77:68:05:ce:6e:48:90:38:02:59:cd:
e5:80:45:74:da:16:88:cc:ee:fc:05:b8:3a:16:ce:
ed:05:89:90:8d:57:97:92:8b:8e:1b:5f:1c:a2:1e:
58:e0:52:21:ac:61:b0:d9:b9:42:64:aa:55:da:49:
28:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:58:0A:0C:1A:69:FC:2F:53:65:D4:BF:47:E9:EE:23:D1:25:AD:56
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/s1gKDBpp_C9TZdS_R-nuI9ElrVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.109.0/24
193.164.152.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:59:6b:dd:09:62:6d:49:12:43:35:b5:5b:be:c6:19:3d:a3:
b6:18:d6:47:49:2c:31:9d:35:03:a2:4f:6b:49:a3:bc:21:8b:
f9:8a:77:74:2e:2d:29:bf:10:4c:bc:ed:61:b4:da:b6:c9:62:
40:70:63:9a:b8:84:df:e1:fe:6f:fc:11:95:07:e9:0b:92:48:
43:52:fb:f1:19:9c:60:9e:5c:4c:54:ab:b8:3e:33:8b:be:d5:
b5:65:d9:56:97:d9:a6:28:53:b2:5c:09:29:c8:46:c3:1c:7b:
4c:6c:62:17:bf:bb:ba:78:50:88:21:7d:86:de:d2:af:85:ec:
e5:ad:84:be:c4:e0:35:bb:0c:e1:9e:7c:7e:31:27:d6:87:e4:
14:38:aa:2f:b5:aa:e0:16:c9:5f:e4:b1:aa:41:c2:d8:2a:4c:
f2:18:73:6d:22:f0:2f:7c:7a:94:a7:d9:61:d3:38:ca:d6:2f:
e4:d6:2d:d7:44:04:c8:e5:cd:9b:c8:2d:a1:27:fa:c7:b8:20:
f9:e9:60:8a:44:2c:70:bb:fb:bc:fd:58:ac:b4:45:3e:ae:dc:
0d:bd:9d:78:79:e4:e5:25:07:66:68:2f:99:ae:2c:e6:e8:d5:
31:4b:f5:df:b0:83:d6:b7:64:03:9a:df:dd:82:9e:ca:6b:1e:
f2:7f:b0:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtSudbzsXS5348jPeT407rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjMwMTAxMTIyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzU4MGEwYzFhNjlmYzJmNTM2NWQ0YmY0N2U5ZWUyM2QxMjVhZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFuQKqqFiNIuRnjp6Nzy7EyVxwoc
SCca9s9C0eefpVYkH1ggsEuhcsdYCNyIJwJ1m3II2o4cpI4VQ4EfUH5JKvG0lgF3
tmtBgHDAzlXDpAmwvUmpmfFjuirznqWhqKgVn/YqtxXCiTpqKgfAz3jxfM0xSo5u
m9SGiLN1akvcVBAABGuk7HxR/vvGn8ILmHygZpdsLsXffCMjl0OkadsoZ12HDc7X
BTTyr9CZSRz8drG97Fo15MItfJJ0frhWjZJXPrCEcjnSd2gFzm5IkDgCWc3lgEV0
2haIzO78Bbg6Fs7tBYmQjVeXkouOG18coh5Y4FIhrGGw2blCZKpV2kkoZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLNYCgwaafwvU2XUv0fp7iPRJa1WMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvczFnS0RCcHBfQzlUWmRTX1ItbnVJOUVsclZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9xtAwQA
waSYMA0GCSqGSIb3DQEBCwUAA4IBAQAeWWvdCWJtSRJDNbVbvsYZPaO2GNZHSSwx
nTUDok9rSaO8IYv5ind0Li0pvxBMvO1htNq2yWJAcGOauITf4f5v/BGVB+kLkkhD
UvvxGZxgnlxMVKu4PjOLvtW1ZdlWl9mmKFOyXAkpyEbDHHtMbGIXv7u6eFCIIX2G
3tKvhezlrYS+xOA1uwzhnnx+MSfWh+QUOKovtargFslf5LGqQcLYKkzyGHNtIvAv
fHqUp9lh0zjK1i/k1i3XRATI5c2byC2hJ/rHuCD56WCKRCxwu/u8/VistEU+rtwN
vZ14eeTlJQdmaC+Zrizm6NUxS/XfsIPWt2QDmt/dgp7Kax7yf7BW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:03 2024 by rpki-client on console-ams.rpki-client.org