Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/ge73q99qLYKI26SaDmsXwBV5hag.roa
File: ge73q99qLYKI26SaDmsXwBV5hag.roa (raw, json)
Hash identifier: nb/Ddwk+pr71y0q67/TitKh25iaif4QCJbBBkEFuvIM=
Subject key identifier: 81:EE:F7:AB:DF:6A:2D:82:88:DB:A4:9A:0E:6B:17:C0:15:79:85:A8
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 018B62763525335ED03F678C64FF01054356
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/ge73q99qLYKI26SaDmsXwBV5hag.roa
Signing time: Tue 24 Oct 2023 16:13:15 +0000
ROA not before: Tue 24 Oct 2023 16:13:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49617
IP address blocks: 91.215.60.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:62:76:35:25:33:5e:d0:3f:67:8c:64:ff:01:05:43:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Oct 24 16:13:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81eef7abdf6a2d8288dba49a0e6b17c0157985a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c1:68:49:4a:63:73:bd:9e:ba:50:71:43:12:
69:e2:26:49:4f:01:1d:7c:0f:41:49:69:c8:b0:7e:
31:52:08:bc:85:eb:53:58:0a:27:73:d9:98:1a:ad:
17:ae:b8:be:81:97:8b:2c:6b:1c:33:6a:ec:88:40:
c3:44:90:d5:78:8b:4a:a7:ce:9a:e5:d1:f0:fa:98:
ec:d1:32:b3:34:44:6a:81:f5:f9:33:73:e4:d2:6e:
c3:a9:7c:53:d4:d8:3b:db:02:e5:42:70:a5:12:d3:
a4:46:c9:6d:0a:95:33:d6:00:0a:2c:27:20:86:cd:
3d:0c:ef:1b:6f:9a:35:28:7a:4a:84:b5:1e:d6:8b:
85:a4:50:0f:34:1d:02:cb:ee:9c:68:a1:69:4b:a4:
44:fe:c5:10:67:61:d4:f7:b9:01:ac:89:dc:8d:8b:
a4:05:0f:a4:40:a0:5f:ce:74:10:d3:f9:4b:6c:65:
07:cc:29:76:53:05:7f:33:f3:e9:d5:73:63:f6:e7:
ce:8b:63:34:af:f5:52:aa:67:16:5d:f3:9d:40:5f:
3f:8e:f3:81:4f:95:7b:62:0f:11:12:62:cd:85:10:
b1:62:90:23:a9:51:57:d2:50:2e:bd:88:02:e1:68:
39:79:c6:f4:73:84:c0:dc:7b:0f:6f:85:12:1a:0f:
c3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:EE:F7:AB:DF:6A:2D:82:88:DB:A4:9A:0E:6B:17:C0:15:79:85:A8
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/ge73q99qLYKI26SaDmsXwBV5hag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.60.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:08:8b:61:6e:b8:20:45:b3:44:fa:5f:c4:7f:1c:3a:f1:d4:
a4:27:c3:47:cc:14:2b:12:9b:eb:b7:9a:34:6c:1f:f1:55:92:
46:b2:ab:c3:8f:93:c4:23:68:3d:ab:db:4d:8a:08:e0:8a:e7:
82:0e:25:33:f5:dd:ef:25:f2:8c:d4:71:d8:50:76:62:59:e8:
f1:8c:31:d5:7d:89:88:90:d2:2c:12:8a:8d:e1:91:df:47:5e:
c2:da:ed:c3:1d:d3:8b:16:f9:7e:60:7e:65:9e:82:ba:84:8f:
48:7f:01:76:dd:7c:c4:e3:d8:27:e7:7b:03:66:5a:28:70:ca:
6b:28:71:ba:e9:53:14:40:61:4f:8f:88:e8:a6:fe:a8:0e:71:
c6:41:39:5f:74:59:0d:a8:2c:ee:1e:b6:bc:52:21:50:d3:37:
98:4c:b7:4d:05:8f:38:46:f7:c9:cf:0d:47:8c:da:b3:9e:9d:
0c:16:d4:00:43:23:47:5a:9e:f7:b7:f4:23:83:19:12:dc:61:
0f:6a:e4:cc:06:68:a4:7f:3e:8b:c3:1f:6d:cf:19:f9:f2:78:
1b:7e:13:59:af:c1:b1:f8:20:08:cf:30:4f:5c:33:c0:3f:ee:
cc:a2:0f:6a:dd:96:93:ee:b9:40:d4:e1:8f:eb:fa:80:3a:ad:
80:a6:2a:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtidjUlM17QP2eMZP8BBUNWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMxMDI0MTYxMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWVlZjdhYmRmNmEyZDgyODhkYmE0OWEwZTZiMTdjMDE1Nzk4NWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMFoSUpjc72eulBxQxJp4iZJTwEd
fA9BSWnIsH4xUgi8hetTWAonc9mYGq0Xrri+gZeLLGscM2rsiEDDRJDVeItKp86a
5dHw+pjs0TKzNERqgfX5M3Pk0m7DqXxT1Ng72wLlQnClEtOkRsltCpUz1gAKLCcg
hs09DO8bb5o1KHpKhLUe1ouFpFAPNB0Cy+6caKFpS6RE/sUQZ2HU97kBrIncjYuk
BQ+kQKBfznQQ0/lLbGUHzCl2UwV/M/Pp1XNj9ufOi2M0r/VSqmcWXfOdQF8/jvOB
T5V7Yg8REmLNhRCxYpAjqVFX0lAuvYgC4Wg5ecb0c4TA3HsPb4USGg/DywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIHu96vfai2CiNukmg5rF8AVeYWoMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvZ2U3M3E5OXFMWUtJMjZTYURtc1h3QlY1aGFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9c8MA0G
CSqGSIb3DQEBCwUAA4IBAQBNCIthbrggRbNE+l/Efxw68dSkJ8NHzBQrEpvrt5o0
bB/xVZJGsqvDj5PEI2g9q9tNigjgiueCDiUz9d3vJfKM1HHYUHZiWejxjDHVfYmI
kNIsEoqN4ZHfR17C2u3DHdOLFvl+YH5lnoK6hI9IfwF23XzE49gn53sDZloocMpr
KHG66VMUQGFPj4jopv6oDnHGQTlfdFkNqCzuHra8UiFQ0zeYTLdNBY84RvfJzw1H
jNqznp0MFtQAQyNHWp73t/QjgxkS3GEPauTMBmikfz6Lwx9tzxn58ngbfhNZr8Gx
+CAIzzBPXDPAP+7Mog9q3ZaT7rlA1OGP6/qAOq2Apirn
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:54 2024 by rpki-client on console-fra.rpki-client.org