Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/t5YM8CMKsgYvsJKX54mWKuOhyvM.roa
File: t5YM8CMKsgYvsJKX54mWKuOhyvM.roa (raw, json)
Hash identifier: A7vWASrvFji2dNGtLDp90U29k7OVqT840hrhczouedc=
Subject key identifier: B7:96:0C:F0:23:0A:B2:06:2F:B0:92:97:E7:89:96:2A:E3:A1:CA:F3
Certificate issuer: /CN=0eb8bc44e36fae16d37102fd0d519f284d663d90
Certificate serial: 01856D41A1ED85683B7FC2D346C667EA7AE4
Authority key identifier: 0E:B8:BC:44:E3:6F:AE:16:D3:71:02:FD:0D:51:9F:28:4D:66:3D:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dri8RONvrhbTcQL9DVGfKE1mPZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/t5YM8CMKsgYvsJKX54mWKuOhyvM.roa
Signing time: Sun 01 Jan 2023 12:14:55 +0000
ROA not before: Sun 01 Jan 2023 12:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209680
IP address blocks: 91.132.204.0/24 maxlen: 24
2a09:d881::/48 maxlen: 48
2a09:d880::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:a1:ed:85:68:3b:7f:c2:d3:46:c6:67:ea:7a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0eb8bc44e36fae16d37102fd0d519f284d663d90
Validity
Not Before: Jan 1 12:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7960cf0230ab2062fb09297e789962ae3a1caf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f5:b6:5c:2b:05:b0:e7:52:a5:46:f8:8f:6c:
1c:8f:a1:ce:28:c6:63:54:80:78:4d:9d:27:de:af:
48:b9:5a:7a:de:3e:58:e6:e5:3c:20:e6:9d:98:8d:
23:fb:72:39:b5:80:0f:6b:53:72:8a:e7:52:2b:15:
35:37:49:d9:43:01:21:d2:63:58:a5:f8:42:61:6d:
9b:82:db:82:1f:f0:bb:8e:05:d7:26:98:94:0b:8a:
a2:32:ce:81:69:16:9c:06:67:bd:4a:f3:27:e7:14:
c7:34:32:a7:96:e8:95:22:a5:b7:68:81:01:1b:2b:
1c:89:0f:7f:d5:11:40:e4:5e:a5:5f:d3:e1:b0:00:
50:d3:b5:81:ae:e2:ef:66:2d:09:29:77:18:14:d2:
ac:21:71:2d:f6:50:78:49:2a:bb:cd:89:c5:a9:e6:
6a:df:53:40:04:e9:60:95:b3:c7:e5:53:30:e7:bc:
c1:7a:d1:77:16:98:7a:63:43:14:2a:a1:70:eb:06:
5d:5a:4b:cb:c0:4a:01:f8:62:49:8e:f0:bc:9a:fa:
54:62:62:e8:11:f6:97:98:3d:9b:3b:47:7c:17:16:
52:b8:66:17:5f:e2:31:ff:8c:08:8d:81:04:0d:78:
54:67:65:e2:97:e4:12:0a:a6:86:8e:2f:37:a2:9e:
3a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:96:0C:F0:23:0A:B2:06:2F:B0:92:97:E7:89:96:2A:E3:A1:CA:F3
X509v3 Authority Key Identifier:
keyid:0E:B8:BC:44:E3:6F:AE:16:D3:71:02:FD:0D:51:9F:28:4D:66:3D:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dri8RONvrhbTcQL9DVGfKE1mPZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/t5YM8CMKsgYvsJKX54mWKuOhyvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/Dri8RONvrhbTcQL9DVGfKE1mPZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.204.0/24
IPv6:
2a09:d880::/48
2a09:d881::/48
Signature Algorithm: sha256WithRSAEncryption
81:2d:8b:6e:6f:16:eb:e1:91:ae:fe:cd:57:36:29:22:55:f7:
87:e3:f5:6a:a4:6a:23:d3:53:d6:3e:b4:e4:61:15:ec:e1:59:
e8:3a:85:cf:f7:3c:9a:b7:5a:23:0a:90:04:1b:62:a2:44:62:
b8:62:12:c2:10:d2:80:d8:b0:ab:4b:fa:92:89:9c:19:b1:17:
be:c9:07:94:22:1c:cd:5b:0e:b1:fc:cf:88:77:16:f4:83:b1:
07:bd:c7:3d:6f:17:2d:58:e9:20:10:00:c9:39:50:8c:30:bc:
5f:8d:49:c0:49:ea:eb:3d:01:a8:8c:4e:2e:8f:77:23:92:d3:
0f:bb:49:cc:dd:6c:93:26:70:dc:fd:cc:c3:f9:ca:25:e2:22:
ae:2f:dd:30:f5:c0:ee:6d:89:81:a8:18:6e:65:f2:1e:37:3a:
df:67:27:74:e0:83:81:50:00:f3:cb:3b:a4:8d:86:c9:23:37:
23:59:5a:27:5a:70:ac:ef:c4:32:94:04:f0:ea:fa:74:6e:e5:
13:b4:8d:55:16:f9:44:79:b3:85:2c:a3:cc:14:e8:b0:f5:b8:
fd:e9:44:68:df:f5:1c:a9:78:05:b1:7b:c7:40:dd:dd:ad:d1:
79:cf:b6:24:0f:7c:56:16:94:5f:bb:9f:f5:b5:06:05:0e:51:
14:5c:d6:d0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVtQaHthWg7f8LTRsZn6nrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlYjhiYzQ0ZTM2ZmFlMTZkMzcxMDJmZDBkNTE5ZjI4NGQ2
NjNkOTAwHhcNMjMwMTAxMTIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzk2MGNmMDIzMGFiMjA2MmZiMDkyOTdlNzg5OTYyYWUzYTFjYWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifW2XCsFsOdSpUb4j2wcj6HOKMZj
VIB4TZ0n3q9IuVp63j5Y5uU8IOadmI0j+3I5tYAPa1NyiudSKxU1N0nZQwEh0mNY
pfhCYW2bgtuCH/C7jgXXJpiUC4qiMs6BaRacBme9SvMn5xTHNDKnluiVIqW3aIEB
GysciQ9/1RFA5F6lX9PhsABQ07WBruLvZi0JKXcYFNKsIXEt9lB4SSq7zYnFqeZq
31NABOlglbPH5VMw57zBetF3Fph6Y0MUKqFw6wZdWkvLwEoB+GJJjvC8mvpUYmLo
EfaXmD2bO0d8FxZSuGYXX+Ix/4wIjYEEDXhUZ2Xil+QSCqaGji83op469wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLeWDPAjCrIGL7CSl+eJlirjocrzMB8GA1UdIwQY
MBaAFA64vETjb64W03EC/Q1RnyhNZj2QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHJpOFJPTnZyaGJUY1FMOURWR2ZLRTFtUFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWQxY2UtY2Q4MC00MjlkLWJmZTEt
ODliM2EzZjE1ZGYwLzEvdDVZTThDTUtzZ1l2c0pLWDU0bVdLdU9oeXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82MWQxY2UtY2Q4MC00MjlkLWJmZTEtODliM2EzZjE1ZGYw
LzEvRHJpOFJPTnZyaGJUY1FMOURWR2ZLRTFtUFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAW4TMMBgE
AgACMBIDBwAqCdiAAAADBwAqCdiBAAAwDQYJKoZIhvcNAQELBQADggEBAIEti25v
Fuvhka7+zVc2KSJV94fj9WqkaiPTU9Y+tORhFezhWeg6hc/3PJq3WiMKkAQbYqJE
YrhiEsIQ0oDYsKtL+pKJnBmxF77JB5QiHM1bDrH8z4h3FvSDsQe9xz1vFy1Y6SAQ
AMk5UIwwvF+NScBJ6us9AaiMTi6PdyOS0w+7SczdbJMmcNz9zMP5yiXiIq4v3TD1
wO5tiYGoGG5l8h43Ot9nJ3Tgg4FQAPPLO6SNhskjNyNZWidacKzvxDKUBPDq+nRu
5RO0jVUW+UR5s4Uso8wU6LD1uP3pRGjf9RypeAWxe8dA3d2t0XnPtiQPfFYWlF+7
n/W1BgUOURRc1tA=
-----END CERTIFICATE-----
Generated at Tue Jan 2 02:56:36 2024 by rpki-client on console.sobornost.net