Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/r-u2ck9qs81Z3nFmbkMNyuaTVLo.roa
File: r-u2ck9qs81Z3nFmbkMNyuaTVLo.roa (raw, json)
Hash identifier: NEGhmKbvnf0rZUlml52U/ZFsi1IU4p9OgAS3GUxZq1g=
Subject key identifier: AF:EB:B6:72:4F:6A:B3:CD:59:DE:71:66:6E:43:0D:CA:E6:93:54:BA
Certificate issuer: /CN=09fecd7071b727db3d12f09efbb454e04d4f743d
Certificate serial: 018CBE970950818CAC5404081CE2E0339082
Authority key identifier: 09:FE:CD:70:71:B7:27:DB:3D:12:F0:9E:FB:B4:54:E0:4D:4F:74:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/r-u2ck9qs81Z3nFmbkMNyuaTVLo.roa
Signing time: Sun 31 Dec 2023 06:36:58 +0000
ROA not before: Sun 31 Dec 2023 06:36:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207558
IP address blocks: 91.196.229.0/24 maxlen: 24
91.196.228.0/22 maxlen: 22
91.196.228.0/24 maxlen: 24
91.196.231.0/24 maxlen: 24
91.196.230.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:be:97:09:50:81:8c:ac:54:04:08:1c:e2:e0:33:90:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09fecd7071b727db3d12f09efbb454e04d4f743d
Validity
Not Before: Dec 31 06:36:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afebb6724f6ab3cd59de71666e430dcae69354ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bf:80:cb:5a:1f:6a:f5:a1:73:f0:9e:a3:21:
29:89:16:de:1a:5a:34:e9:28:8a:bb:9e:d7:a0:f7:
42:02:42:37:e5:66:dc:b6:84:41:17:8a:20:be:27:
78:ba:82:a9:71:b0:9c:ea:0b:a7:09:be:27:3c:82:
7b:6e:27:3f:3b:81:63:18:0f:ac:f4:a6:a0:43:60:
40:c9:bd:0c:1a:f0:68:c8:bf:94:1d:f7:b6:b3:22:
b7:75:9a:8c:e3:b6:c1:8f:67:9b:7d:ef:3a:30:8d:
66:2b:bf:46:1d:72:12:e6:43:1d:80:18:65:fe:6e:
5c:7e:20:3b:43:71:c1:30:fd:ad:a1:24:70:d8:59:
4c:44:95:51:14:39:0c:1c:89:f5:3c:df:a9:aa:64:
c5:b8:c9:dd:2f:67:e5:da:72:f8:2c:cf:aa:b5:8d:
0a:45:87:a1:83:ae:18:64:5d:0c:d5:28:c5:58:04:
dd:07:b5:b5:43:12:7b:4b:50:4b:48:16:9a:32:49:
4a:9d:37:55:41:25:4d:14:7a:c9:98:eb:2a:d4:45:
43:d9:63:5a:9c:82:d5:5c:79:0c:3e:c5:53:15:9e:
74:aa:ff:05:c2:00:14:54:b2:eb:9d:d8:d9:42:a5:
89:08:c7:c4:42:92:cc:78:f8:5c:5c:e9:43:09:9e:
48:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EB:B6:72:4F:6A:B3:CD:59:DE:71:66:6E:43:0D:CA:E6:93:54:BA
X509v3 Authority Key Identifier:
keyid:09:FE:CD:70:71:B7:27:DB:3D:12:F0:9E:FB:B4:54:E0:4D:4F:74:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/r-u2ck9qs81Z3nFmbkMNyuaTVLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.228.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:c6:94:70:92:a9:3e:34:77:c8:d9:32:ab:92:67:63:10:58:
2e:1d:1f:30:4d:46:f7:87:53:6f:7b:c5:a8:71:e7:9f:30:fe:
dd:a4:05:7e:ba:2a:d4:2a:47:a3:6d:97:db:d6:15:28:07:6a:
99:16:ce:95:fa:79:30:cc:e3:3b:b3:e0:0d:27:ad:0d:e9:b5:
82:6b:b8:93:c6:2b:ae:1c:04:65:2c:38:b4:9a:31:ce:66:72:
81:26:09:78:6d:79:51:46:e3:33:32:9c:6e:f9:1e:1e:a0:73:
79:9c:36:e1:4a:dd:4a:fb:ec:19:53:bd:0e:6d:2f:63:5f:24:
3a:3a:55:23:33:a2:8a:43:42:67:39:cb:52:4f:b7:ae:af:59:
67:aa:b1:00:8a:c2:18:cb:d8:6a:3d:e4:5b:a4:66:5b:16:2f:
03:34:45:66:6f:97:6b:6d:42:4d:0e:70:fb:af:2e:d0:61:ca:
80:a0:6d:06:da:26:3c:4d:c6:8b:05:90:69:62:c2:c1:05:97:
18:8c:0b:bd:30:af:97:a8:61:c7:e4:7e:73:0f:e1:0b:b5:4a:
e1:9b:d3:7a:a6:0c:22:fb:0f:b8:4a:66:d7:0b:4d:d0:c9:74:
1c:d5:d3:d2:6f:90:f0:47:64:ce:d1:c7:da:8d:14:8b:bd:a2:
ca:f6:f2:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy+lwlQgYysVAQIHOLgM5CCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZmVjZDcwNzFiNzI3ZGIzZDEyZjA5ZWZiYjQ1NGUwNGQ0
Zjc0M2QwHhcNMjMxMjMxMDYzNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmViYjY3MjRmNmFiM2NkNTlkZTcxNjY2ZTQzMGRjYWU2OTM1NGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsL+Ay1ofavWhc/CeoyEpiRbeGlo0
6SiKu57XoPdCAkI35WbctoRBF4ogvid4uoKpcbCc6gunCb4nPIJ7bic/O4FjGA+s
9KagQ2BAyb0MGvBoyL+UHfe2syK3dZqM47bBj2ebfe86MI1mK79GHXIS5kMdgBhl
/m5cfiA7Q3HBMP2toSRw2FlMRJVRFDkMHIn1PN+pqmTFuMndL2fl2nL4LM+qtY0K
RYehg64YZF0M1SjFWATdB7W1QxJ7S1BLSBaaMklKnTdVQSVNFHrJmOsq1EVD2WNa
nILVXHkMPsVTFZ50qv8FwgAUVLLrndjZQqWJCMfEQpLMePhcXOlDCZ5ICQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK/rtnJParPNWd5xZm5DDcrmk1S6MB8GA1UdIwQY
MBaAFAn+zXBxtyfbPRLwnvu0VOBNT3Q9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2Y3TmNIRzNKOXM5RXZDZS03UlU0RTFQZEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS83MmUzYTEtOTA2Yy00NDhiLTk4ZGEt
NWEyMDZlOGIxMzY5LzEvci11MmNrOXFzODFaM25GbWJrTU55dWFUVkxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS83MmUzYTEtOTA2Yy00NDhiLTk4ZGEtNWEyMDZlOGIxMzY5
LzEvQ2Y3TmNIRzNKOXM5RXZDZS03UlU0RTFQZEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8TkMA0G
CSqGSIb3DQEBCwUAA4IBAQCKxpRwkqk+NHfI2TKrkmdjEFguHR8wTUb3h1Nve8Wo
ceefMP7dpAV+uirUKkejbZfb1hUoB2qZFs6V+nkwzOM7s+ANJ60N6bWCa7iTxiuu
HARlLDi0mjHOZnKBJgl4bXlRRuMzMpxu+R4eoHN5nDbhSt1K++wZU70ObS9jXyQ6
OlUjM6KKQ0JnOctST7eur1lnqrEAisIYy9hqPeRbpGZbFi8DNEVmb5drbUJNDnD7
ry7QYcqAoG0G2iY8TcaLBZBpYsLBBZcYjAu9MK+XqGHH5H5zD+ELtUrhm9N6pgwi
+w+4SmbXC03QyXQc1dPSb5DwR2TO0cfajRSLvaLK9vIC
Generated at Sun Dec 31 10:55:34 2023 by rpki-client on console.sobornost.net