Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/73160d-1714-44f2-9be4-a7d4253b271f/1/IhJvns37Y_V-mhOI6qfHQNzO4gA.roa
File: IhJvns37Y_V-mhOI6qfHQNzO4gA.roa (raw, json)
Hash identifier: 3tRMDnSw/v1ViFbsub2K6BXwsiZlMmFP7Ic+Mwj0Qh8=
Subject key identifier: 22:12:6F:9E:CD:FB:63:F5:7E:9A:13:88:EA:A7:C7:40:DC:CE:E2:00
Certificate issuer: /CN=18b6e5f8b4097c1dba74a202206145939ff1e1da
Certificate serial: 01856ECB739A12D10AA692AE5704BF678950
Authority key identifier: 18:B6:E5:F8:B4:09:7C:1D:BA:74:A2:02:20:61:45:93:9F:F1:E1:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GLbl-LQJfB26dKICIGFFk5_x4do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/73160d-1714-44f2-9be4-a7d4253b271f/1/IhJvns37Y_V-mhOI6qfHQNzO4gA.roa
Signing time: Sun 01 Jan 2023 19:25:05 +0000
ROA not before: Sun 01 Jan 2023 19:25:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48653
IP address blocks: 91.209.49.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:73:9a:12:d1:0a:a6:92:ae:57:04:bf:67:89:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18b6e5f8b4097c1dba74a202206145939ff1e1da
Validity
Not Before: Jan 1 19:25:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22126f9ecdfb63f57e9a1388eaa7c740dccee200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ba:a8:19:28:78:09:7c:b3:16:89:1c:04:7b:
65:dc:fe:a3:7f:5c:0e:be:3b:82:27:be:9a:1d:0b:
f7:95:91:7e:d3:ea:57:c5:37:cd:7b:f7:53:e2:82:
66:88:86:cc:af:85:29:13:79:8e:51:51:a1:17:f2:
76:f4:ad:ce:b5:5c:e2:9c:fd:88:cc:df:87:85:20:
2b:73:70:41:d1:45:d7:ed:a0:b8:a9:2c:66:82:8e:
46:eb:85:f5:c8:fb:00:93:63:de:07:03:48:f8:a5:
c0:14:b6:aa:76:19:62:9e:91:c2:53:f3:28:04:ac:
98:c9:dc:a7:a9:3b:7b:4a:a8:a7:37:b6:89:e1:56:
c4:3f:40:0d:ff:2b:02:0f:79:a3:d8:ac:ef:76:3e:
d8:1f:1c:62:25:d6:5c:0d:c9:74:f7:b8:35:a8:74:
4b:1a:50:11:97:d7:1f:bf:4b:f2:f4:2a:f1:93:c7:
a2:a4:da:ae:1e:db:4a:d4:1a:36:84:c1:b7:14:aa:
78:ef:89:2a:98:ec:18:23:3b:8c:e9:16:98:17:3a:
e3:e9:6d:e8:b8:dd:12:36:21:84:c8:ab:6c:ba:f4:
c7:a8:53:f6:96:54:a1:ad:e7:ec:a8:64:79:49:b0:
db:14:85:b6:6a:10:04:7e:57:9a:14:3b:87:ef:43:
db:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:12:6F:9E:CD:FB:63:F5:7E:9A:13:88:EA:A7:C7:40:DC:CE:E2:00
X509v3 Authority Key Identifier:
keyid:18:B6:E5:F8:B4:09:7C:1D:BA:74:A2:02:20:61:45:93:9F:F1:E1:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GLbl-LQJfB26dKICIGFFk5_x4do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/73160d-1714-44f2-9be4-a7d4253b271f/1/IhJvns37Y_V-mhOI6qfHQNzO4gA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/73160d-1714-44f2-9be4-a7d4253b271f/1/GLbl-LQJfB26dKICIGFFk5_x4do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.49.0/24
Signature Algorithm: sha256WithRSAEncryption
40:2f:e9:ef:c1:89:78:f4:af:98:7f:7e:f8:57:ab:54:c7:dd:
1f:c1:41:53:54:0a:d8:35:25:f5:22:cd:98:62:c5:f7:62:4c:
87:b1:15:28:0c:b0:eb:24:0a:2a:45:be:f8:91:fe:eb:42:65:
71:4d:26:0f:8f:7f:2e:1a:bc:8c:d1:a6:f8:91:f1:69:e7:4e:
09:c2:7a:aa:d5:82:28:89:1d:5a:1d:63:f1:7e:1d:44:6e:a6:
35:d8:99:5a:6a:22:df:18:28:55:44:97:de:71:6f:ec:c8:15:
ca:c9:fe:e2:db:d1:74:b3:f1:96:67:a0:dd:b5:ac:49:0e:64:
01:f3:bc:c9:66:c9:ea:16:15:3c:31:23:2a:dc:2c:b8:0a:39:
f5:6c:27:3e:97:ca:73:d3:9b:27:6d:b6:f7:ed:7f:f0:db:e9:
2f:86:01:7d:f4:e8:86:7a:4d:51:3a:55:2c:70:fd:d8:3a:e4:
f4:d5:12:87:e1:e5:83:c1:5c:4d:19:d2:de:e7:56:c9:a4:3b:
0b:cf:b8:81:21:7d:48:80:c5:d2:3f:87:cb:7d:4f:e5:c0:51:
ba:55:c0:f5:4d:70:bf:7e:67:b0:cc:28:5c:f1:d7:6b:6b:ca:
d3:4d:3e:dd:31:45:a7:3c:bd:2d:5e:45:cc:6d:c6:3e:c5:ec:
8f:ef:a1:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy3OaEtEKppKuVwS/Z4lQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4YjZlNWY4YjQwOTdjMWRiYTc0YTIwMjIwNjE0NTkzOWZm
MWUxZGEwHhcNMjMwMTAxMTkyNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjEyNmY5ZWNkZmI2M2Y1N2U5YTEzODhlYWE3Yzc0MGRjY2VlMjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rqoGSh4CXyzFokcBHtl3P6jf1wO
vjuCJ76aHQv3lZF+0+pXxTfNe/dT4oJmiIbMr4UpE3mOUVGhF/J29K3OtVzinP2I
zN+HhSArc3BB0UXX7aC4qSxmgo5G64X1yPsAk2PeBwNI+KXAFLaqdhlinpHCU/Mo
BKyYydynqTt7SqinN7aJ4VbEP0AN/ysCD3mj2Kzvdj7YHxxiJdZcDcl097g1qHRL
GlARl9cfv0vy9Crxk8eipNquHttK1Bo2hMG3FKp474kqmOwYIzuM6RaYFzrj6W3o
uN0SNiGEyKtsuvTHqFP2llShrefsqGR5SbDbFIW2ahAEfleaFDuH70Pb5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCISb57N+2P1fpoTiOqnx0DczuIAMB8GA1UdIwQY
MBaAFBi25fi0CXwdunSiAiBhRZOf8eHaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0xibC1MUUpmQjI2ZEtJQ0lHRkZrNV94NGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy83MzE2MGQtMTcxNC00NGYyLTliZTQt
YTdkNDI1M2IyNzFmLzEvSWhKdm5zMzdZX1YtbWhPSTZxZkhRTnpPNGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy83MzE2MGQtMTcxNC00NGYyLTliZTQtYTdkNDI1M2IyNzFm
LzEvR0xibC1MUUpmQjI2ZEtJQ0lHRkZrNV94NGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ExMA0G
CSqGSIb3DQEBCwUAA4IBAQBAL+nvwYl49K+Yf374V6tUx90fwUFTVArYNSX1Is2Y
YsX3YkyHsRUoDLDrJAoqRb74kf7rQmVxTSYPj38uGryM0ab4kfFp504Jwnqq1YIo
iR1aHWPxfh1EbqY12JlaaiLfGChVRJfecW/syBXKyf7i29F0s/GWZ6DdtaxJDmQB
87zJZsnqFhU8MSMq3Cy4Cjn1bCc+l8pz05snbbb37X/w2+kvhgF99OiGek1ROlUs
cP3YOuT01RKH4eWDwVxNGdLe51bJpDsLz7iBIX1IgMXSP4fLfU/lwFG6VcD1TXC/
fmewzChc8ddra8rTTT7dMUWnPL0tXkXMbcY+xeyP76HE
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:49 2024 by rpki-client on console-fra.rpki-client.org