Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/b_LRaaMdAi57dEn5fLuEi6YpWTE.roa
File: b_LRaaMdAi57dEn5fLuEi6YpWTE.roa (raw, json)
Hash identifier: K0A1V1PcIj2omMbdYZlx3HiQhmT6PviRO0k3YEV1/zM=
Subject key identifier: 6F:F2:D1:69:A3:1D:02:2E:7B:74:49:F9:7C:BB:84:8B:A6:29:59:31
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018C249BA4FA23D8B6D160CE1AEF3FBD6EBA
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/b_LRaaMdAi57dEn5fLuEi6YpWTE.roa
Signing time: Fri 01 Dec 2023 09:00:29 +0000
ROA not before: Fri 01 Dec 2023 09:00:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 91.232.136.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:9b:a4:fa:23:d8:b6:d1:60:ce:1a:ef:3f:bd:6e:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Dec 1 09:00:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ff2d169a31d022e7b7449f97cbb848ba6295931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f4:1f:ff:dc:c8:30:c7:be:90:5b:5a:8a:68:
d5:49:70:8f:80:11:7a:03:c8:57:a9:1b:96:dc:9a:
af:2f:52:38:4a:f7:17:21:c7:1c:e0:19:e5:fb:6d:
aa:59:84:ef:89:68:ad:ce:10:b4:c0:4f:b8:c5:fa:
cb:4e:52:bf:62:aa:62:48:14:3c:fd:b2:3f:e3:f6:
62:9d:2d:8f:75:8c:d1:1d:b2:29:b0:e2:7e:cc:ee:
65:31:92:ea:58:a5:25:4f:f3:5b:57:be:49:c0:93:
50:70:5f:b4:ed:99:c9:f4:bd:1a:d7:f9:b9:4f:f8:
58:87:ce:94:91:95:42:64:a6:4b:6a:fa:dd:dc:48:
0c:be:a3:13:78:41:c5:db:7b:68:b1:1c:ad:93:f4:
23:0c:53:27:88:ac:ad:40:0f:26:8a:d7:bf:4c:a9:
be:ef:16:8c:ec:93:23:3c:e0:87:69:06:f6:ca:6f:
72:21:c8:ec:ca:47:92:59:86:fc:df:d3:bf:5d:3c:
58:e8:ba:eb:d4:f7:6e:a2:f9:8c:1c:16:a8:01:b1:
a9:e2:15:8e:26:14:24:24:0c:25:1e:e0:5e:7e:ad:
a2:bd:cf:fc:4d:20:5c:aa:80:64:d5:92:98:68:22:
3d:5a:48:ab:08:2a:7f:7b:2c:f7:81:d1:17:8c:04:
3e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:F2:D1:69:A3:1D:02:2E:7B:74:49:F9:7C:BB:84:8B:A6:29:59:31
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/b_LRaaMdAi57dEn5fLuEi6YpWTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.136.0/22
Signature Algorithm: sha256WithRSAEncryption
64:5c:c2:20:ac:85:33:0c:c2:3d:cf:19:f2:90:a7:0e:6f:89:
57:1b:9a:fb:4f:49:57:dd:39:8c:b0:c3:f7:ae:54:f7:48:f0:
aa:bf:28:9a:55:39:b3:e5:86:ee:8f:3e:1a:ac:7d:fd:4e:eb:
6b:ba:89:83:54:8f:a6:94:4b:0e:15:ec:95:17:bb:23:7c:f1:
d9:4e:bf:a7:de:fb:32:43:59:80:e7:f0:94:7d:36:c1:a1:27:
81:8e:2f:f2:c6:67:ac:d4:15:1b:97:7a:47:db:00:b6:e2:22:
8d:e6:69:63:44:34:4c:ca:18:fc:a5:53:42:94:90:ad:29:57:
80:ac:29:17:80:70:e6:5b:9f:9e:66:ec:b7:bb:da:21:87:95:
0a:f8:a0:d2:cb:30:3c:ed:39:4c:80:52:e6:c8:34:0b:6c:50:
3b:04:e9:d2:12:85:0c:ac:98:db:9b:cc:d6:60:c8:9d:ab:fa:
78:47:03:3b:1c:61:b8:22:ab:05:19:88:6c:b8:00:cb:d7:05:
69:22:cb:a2:2d:04:bb:59:9a:00:b2:ca:c9:24:c4:d8:bf:01:
35:e4:19:a0:3e:47:c7:97:aa:9b:09:23:84:a9:a4:f1:34:2b:
b9:84:2a:ec:b8:16:40:09:80:df:bb:fa:dc:ac:39:d3:6c:af:
cd:92:9e:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwkm6T6I9i20WDOGu8/vW66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMjAxMDkwMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmYyZDE2OWEzMWQwMjJlN2I3NDQ5Zjk3Y2JiODQ4YmE2Mjk1OTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/Qf/9zIMMe+kFtaimjVSXCPgBF6
A8hXqRuW3JqvL1I4SvcXIccc4Bnl+22qWYTviWitzhC0wE+4xfrLTlK/YqpiSBQ8
/bI/4/ZinS2PdYzRHbIpsOJ+zO5lMZLqWKUlT/NbV75JwJNQcF+07ZnJ9L0a1/m5
T/hYh86UkZVCZKZLavrd3EgMvqMTeEHF23tosRytk/QjDFMniKytQA8mite/TKm+
7xaM7JMjPOCHaQb2ym9yIcjsykeSWYb839O/XTxY6Lrr1PduovmMHBaoAbGp4hWO
JhQkJAwlHuBefq2ivc/8TSBcqoBk1ZKYaCI9WkirCCp/eyz3gdEXjAQ+NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG/y0WmjHQIue3RJ+Xy7hIumKVkxMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvYl9MUmFhTWRBaTU3ZEVuNWZMdUVpNllwV1RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+iIMA0G
CSqGSIb3DQEBCwUAA4IBAQBkXMIgrIUzDMI9zxnykKcOb4lXG5r7T0lX3TmMsMP3
rlT3SPCqvyiaVTmz5Ybujz4arH39TutruomDVI+mlEsOFeyVF7sjfPHZTr+n3vsy
Q1mA5/CUfTbBoSeBji/yxmes1BUbl3pH2wC24iKN5mljRDRMyhj8pVNClJCtKVeA
rCkXgHDmW5+eZuy3u9ohh5UK+KDSyzA87TlMgFLmyDQLbFA7BOnSEoUMrJjbm8zW
YMidq/p4RwM7HGG4IqsFGYhsuADL1wVpIsuiLQS7WZoAssrJJMTYvwE15BmgPkfH
l6qbCSOEqaTxNCu5hCrsuBZACYDfu/rcrDnTbK/Nkp4a
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:15:04 2024 by rpki-client on console-ams.rpki-client.org