Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/0vqIdhnZ1G5I1LyLMoY_PevWxRU.roa
File: 0vqIdhnZ1G5I1LyLMoY_PevWxRU.roa (raw, json)
Hash identifier: 8vAtJA8Ng+Uq/0QAzAvGpYxIEiHHcpIeBWgMY9s18UY=
Subject key identifier: D2:FA:88:76:19:D9:D4:6E:48:D4:BC:8B:32:86:3F:3D:EB:D6:C5:15
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 01856F14AB13A29BEF4E2E0776813F3BD30D
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/0vqIdhnZ1G5I1LyLMoY_PevWxRU.roa
Signing time: Sun 01 Jan 2023 20:45:03 +0000
ROA not before: Sun 01 Jan 2023 20:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58000
IP address blocks: 91.237.182.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:ab:13:a2:9b:ef:4e:2e:07:76:81:3f:3b:d3:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 1 20:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2fa887619d9d46e48d4bc8b32863f3debd6c515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e5:09:4a:35:a1:72:7c:d4:97:09:0c:e8:a0:
e8:14:7c:ee:9e:0c:2f:25:50:be:6a:9c:a2:b2:6b:
e8:c1:3b:f1:f1:e9:ba:7d:58:c7:cc:f3:71:9e:7b:
b9:13:38:69:08:97:80:3b:dd:99:aa:2f:10:de:9f:
8f:90:ec:a9:0d:25:d4:4a:df:5d:fc:b3:8e:e8:58:
d3:71:b1:d2:34:f1:f9:ab:1d:9d:cd:49:f0:1f:47:
95:71:08:d5:01:73:b2:e2:2b:e6:89:8b:2f:ad:d2:
42:88:b4:de:da:61:dd:49:b5:33:39:28:f8:fa:37:
d6:06:99:ff:fe:ea:b4:2d:4e:58:19:f5:d5:46:8c:
3e:c9:51:20:9d:e8:ea:d2:72:1c:00:50:d3:58:69:
84:dc:2c:32:cb:ea:5f:a3:fe:82:4a:c7:5b:b4:47:
4d:1f:1f:91:99:c3:3c:bb:0e:d0:0f:88:b4:2c:bc:
70:ab:dd:c4:f0:dc:d3:d8:41:c8:54:16:1b:ee:17:
2a:25:d4:dd:bf:e0:48:18:07:69:ba:b8:22:80:fd:
b1:d2:43:b6:53:43:2e:80:ad:30:a3:8c:f2:63:45:
e1:f6:ca:03:09:ef:1e:de:0c:61:22:d1:59:3f:16:
28:9b:5c:fd:56:c9:88:ef:9e:76:72:6b:b0:c1:65:
e2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:FA:88:76:19:D9:D4:6E:48:D4:BC:8B:32:86:3F:3D:EB:D6:C5:15
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/0vqIdhnZ1G5I1LyLMoY_PevWxRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.182.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:b7:9a:31:f2:a8:46:f0:82:b6:44:f5:87:69:af:35:75:74:
f3:55:02:a5:b3:86:04:95:18:04:f1:30:73:b1:dd:fd:8d:4b:
62:e4:6f:da:55:47:41:fa:dd:af:47:cd:73:49:78:c5:c9:15:
54:89:2b:61:8f:ce:bb:8e:30:2c:0d:b6:44:54:2a:f0:1b:a2:
c7:5b:f5:49:18:4f:1c:2b:5b:18:c6:91:60:22:ab:95:a0:93:
67:1f:87:43:c2:a4:9c:98:01:7c:49:04:e3:7d:3d:ab:dc:b5:
51:40:e4:4a:5b:ad:d3:0a:b9:70:9a:01:eb:d0:a9:76:c3:10:
86:92:25:9e:e0:7c:b1:a2:11:ef:a5:70:8e:66:0f:05:7b:a7:
af:36:59:1f:e9:76:fb:e4:1a:ac:00:84:9f:2d:57:a0:8e:ac:
78:6c:9a:81:eb:d9:d4:de:e7:cf:50:e3:43:c2:7e:ca:e1:e4:
c0:96:83:2a:60:59:5e:9c:01:1f:3d:86:5c:67:2e:a3:3b:41:
90:fb:1b:24:1c:9f:9c:fd:b9:b1:91:59:c8:ce:db:0d:64:7c:
84:36:42:9f:30:1d:73:30:a1:96:1d:8e:75:77:3d:25:36:eb:
e8:33:6e:24:62:69:ae:a2:6d:d3:58:78:19:fb:47:51:41:12:
2a:1d:20:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFKsTopvvTi4HdoE/O9MNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMwMTAxMjA0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmZhODg3NjE5ZDlkNDZlNDhkNGJjOGIzMjg2M2YzZGViZDZjNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOUJSjWhcnzUlwkM6KDoFHzungwv
JVC+apyismvowTvx8em6fVjHzPNxnnu5EzhpCJeAO92Zqi8Q3p+PkOypDSXUSt9d
/LOO6FjTcbHSNPH5qx2dzUnwH0eVcQjVAXOy4ivmiYsvrdJCiLTe2mHdSbUzOSj4
+jfWBpn//uq0LU5YGfXVRow+yVEgnejq0nIcAFDTWGmE3Cwyy+pfo/6CSsdbtEdN
Hx+RmcM8uw7QD4i0LLxwq93E8NzT2EHIVBYb7hcqJdTdv+BIGAdpurgigP2x0kO2
U0MugK0wo4zyY0Xh9soDCe8e3gxhItFZPxYom1z9VsmI7552cmuwwWXi8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNL6iHYZ2dRuSNS8izKGPz3r1sUVMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvMHZxSWRobloxRzVJMUx5TE1vWV9QZXZXeFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+22MA0G
CSqGSIb3DQEBCwUAA4IBAQB9t5ox8qhG8IK2RPWHaa81dXTzVQKls4YElRgE8TBz
sd39jUti5G/aVUdB+t2vR81zSXjFyRVUiSthj867jjAsDbZEVCrwG6LHW/VJGE8c
K1sYxpFgIquVoJNnH4dDwqScmAF8SQTjfT2r3LVRQORKW63TCrlwmgHr0Kl2wxCG
kiWe4HyxohHvpXCOZg8Fe6evNlkf6Xb75BqsAISfLVegjqx4bJqB69nU3ufPUOND
wn7K4eTAloMqYFlenAEfPYZcZy6jO0GQ+xskHJ+c/bmxkVnIztsNZHyENkKfMB1z
MKGWHY51dz0lNuvoM24kYmmuom3TWHgZ+0dRQRIqHSDk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:53 2024 by rpki-client on console-ams.rpki-client.org