Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/3_2HN7QSP2IA9gxmyP0yNFmIT94.roa
File: 3_2HN7QSP2IA9gxmyP0yNFmIT94.roa (raw, json)
Hash identifier: fRuR+sz8w0GRs37gfQECTILa3Uy1aGg8pKAAaLASd0g=
Subject key identifier: DF:FD:87:37:B4:12:3F:62:00:F6:0C:66:C8:FD:32:34:59:88:4F:DE
Certificate issuer: /CN=a2bcd88ac3e02cffad3c00de46b5da336bd64702
Certificate serial: 01856D0AC303B1B5E0ED3F400DC93F3945EE
Authority key identifier: A2:BC:D8:8A:C3:E0:2C:FF:AD:3C:00:DE:46:B5:DA:33:6B:D6:47:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/orzYisPgLP-tPADeRrXaM2vWRwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/3_2HN7QSP2IA9gxmyP0yNFmIT94.roa
Signing time: Sun 01 Jan 2023 11:14:59 +0000
ROA not before: Sun 01 Jan 2023 11:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25143
IP address blocks: 91.239.49.0/24 maxlen: 24
91.239.48.0/24 maxlen: 24
91.239.51.0/24 maxlen: 24
91.239.50.0/24 maxlen: 24
193.19.228.0/24 maxlen: 24
193.19.231.0/24 maxlen: 24
193.19.230.0/24 maxlen: 24
193.19.229.0/24 maxlen: 24
193.238.20.0/24 maxlen: 24
193.238.23.0/24 maxlen: 24
193.238.22.0/24 maxlen: 24
193.238.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:c3:03:b1:b5:e0:ed:3f:40:0d:c9:3f:39:45:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2bcd88ac3e02cffad3c00de46b5da336bd64702
Validity
Not Before: Jan 1 11:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dffd8737b4123f6200f60c66c8fd323459884fde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f9:0f:50:b4:fb:99:ca:c5:e2:f9:f2:8e:a5:
0b:16:26:6d:57:42:b3:a0:22:48:35:27:81:8e:99:
3e:aa:ab:a5:4e:e1:68:69:e9:8b:86:d7:c6:2e:be:
29:60:08:d2:4b:54:85:90:62:22:d5:f6:88:d6:5a:
d1:c5:e0:2f:75:bd:53:af:12:af:a5:45:e3:9d:1d:
be:97:0d:d8:63:6e:20:c6:b8:d0:58:82:ac:44:9e:
ca:a7:63:65:13:41:18:0f:48:9b:5b:58:61:de:02:
76:bd:d2:4e:c3:2a:a0:60:bf:61:ad:95:5f:69:c2:
fd:5c:08:a6:d1:75:cc:da:ed:8e:2f:f3:28:f0:2b:
d2:38:bf:3e:b3:b1:f9:15:3e:ae:0c:54:54:75:cd:
5c:d4:68:67:34:3e:bc:84:49:fb:9f:17:66:4f:9d:
0b:06:01:d2:da:2b:07:5b:68:42:0b:9e:96:8b:27:
98:d7:4a:41:2f:1a:0d:03:33:82:23:bc:e0:b5:7c:
6c:51:26:50:31:0d:e5:80:96:17:f7:19:4d:5a:3a:
05:27:91:d7:2e:b7:b5:b4:8c:15:84:69:d8:5a:4a:
84:bc:b5:2f:65:d1:6f:7e:b0:a5:ce:3e:60:9c:82:
1b:df:21:91:46:14:8a:2b:c2:93:64:20:ab:22:cb:
cc:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:FD:87:37:B4:12:3F:62:00:F6:0C:66:C8:FD:32:34:59:88:4F:DE
X509v3 Authority Key Identifier:
keyid:A2:BC:D8:8A:C3:E0:2C:FF:AD:3C:00:DE:46:B5:DA:33:6B:D6:47:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orzYisPgLP-tPADeRrXaM2vWRwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/3_2HN7QSP2IA9gxmyP0yNFmIT94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/orzYisPgLP-tPADeRrXaM2vWRwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.48.0/22
193.19.228.0/22
193.238.20.0/22
Signature Algorithm: sha256WithRSAEncryption
25:13:36:2a:d0:6e:bf:0c:b7:3c:12:9f:dd:4d:c3:97:04:43:
c9:4c:10:b8:c8:01:ff:78:25:b2:47:6b:eb:bd:8c:47:9c:0e:
da:1d:27:c8:5c:5f:ed:3e:10:06:19:a1:c7:da:e4:f0:9a:fe:
ce:24:e9:1a:5c:2f:33:33:c1:57:2f:60:bf:9c:0c:d0:bf:fa:
69:33:6b:07:d3:71:e4:aa:b7:39:a6:72:de:96:7b:a8:c7:24:
a2:e1:1b:37:44:59:52:f6:24:09:af:65:5c:a8:c5:68:2c:82:
09:19:3b:ae:ed:37:d8:52:b6:b8:10:20:f1:d0:01:e6:d6:67:
4a:87:59:28:48:94:0b:2f:5e:68:d4:23:50:d1:49:95:78:a1:
57:ef:80:fd:51:f8:50:22:b3:b6:6c:44:2e:9e:9a:1e:47:4f:
dd:02:b7:12:16:d6:79:ab:f2:31:5a:12:9e:00:1a:19:78:e9:
3e:f7:ae:31:f3:bc:f1:b5:c9:ab:5a:2c:f9:1a:d6:c4:59:ff:
80:f9:bc:bd:54:ec:23:8c:55:41:35:86:d4:84:68:c6:03:ac:
93:65:50:04:45:c9:16:ed:aa:29:10:dd:3e:f9:99:11:2b:d3:
81:2f:e4:51:b3:5e:f2:96:68:83:14:86:7f:d2:c4:8a:e5:34:
d3:9a:49:68
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtCsMDsbXg7T9ADck/OUXuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYmNkODhhYzNlMDJjZmZhZDNjMDBkZTQ2YjVkYTMzNmJk
NjQ3MDIwHhcNMjMwMTAxMTExNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmZkODczN2I0MTIzZjYyMDBmNjBjNjZjOGZkMzIzNDU5ODg0ZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPkPULT7mcrF4vnyjqULFiZtV0Kz
oCJINSeBjpk+qqulTuFoaemLhtfGLr4pYAjSS1SFkGIi1faI1lrRxeAvdb1TrxKv
pUXjnR2+lw3YY24gxrjQWIKsRJ7Kp2NlE0EYD0ibW1hh3gJ2vdJOwyqgYL9hrZVf
acL9XAim0XXM2u2OL/Mo8CvSOL8+s7H5FT6uDFRUdc1c1GhnND68hEn7nxdmT50L
BgHS2isHW2hCC56WiyeY10pBLxoNAzOCI7zgtXxsUSZQMQ3lgJYX9xlNWjoFJ5HX
Lre1tIwVhGnYWkqEvLUvZdFvfrClzj5gnIIb3yGRRhSKK8KTZCCrIsvMBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN/9hze0Ej9iAPYMZsj9MjRZiE/eMB8GA1UdIwQY
MBaAFKK82IrD4Cz/rTwA3ka12jNr1kcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3J6WWlzUGdMUC10UEFEZVJyWGFNMnZXUndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9jZjRkYjUtZmIyOS00YjJhLWEyMTUt
YWFiODYyODYxYTA5LzEvM18ySE43UVNQMklBOWd4bXlQMHlORm1JVDk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9jZjRkYjUtZmIyOS00YjJhLWEyMTUtYWFiODYyODYxYTA5
LzEvb3J6WWlzUGdMUC10UEFEZVJyWGFNMnZXUndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW+8wAwQC
wRPkAwQCwe4UMA0GCSqGSIb3DQEBCwUAA4IBAQAlEzYq0G6/DLc8Ep/dTcOXBEPJ
TBC4yAH/eCWyR2vrvYxHnA7aHSfIXF/tPhAGGaHH2uTwmv7OJOkaXC8zM8FXL2C/
nAzQv/ppM2sH03Hkqrc5pnLelnuoxySi4Rs3RFlS9iQJr2VcqMVoLIIJGTuu7TfY
Ura4ECDx0AHm1mdKh1koSJQLL15o1CNQ0UmVeKFX74D9UfhQIrO2bEQunpoeR0/d
ArcSFtZ5q/IxWhKeABoZeOk+964x87zxtcmrWiz5GtbEWf+A+by9VOwjjFVBNYbU
hGjGA6yTZVAERckW7aopEN0++ZkRK9OBL+RRs17ylmiDFIZ/0sSK5TTTmklo
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:23 2024 by rpki-client on console-ams.rpki-client.org