Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/cd111c-2d7f-44f3-9eb6-9af13f836879/1/AhFdJKI39oJVgBJ0GmqjAoX6pJY.roa
File: AhFdJKI39oJVgBJ0GmqjAoX6pJY.roa (raw, json)
Hash identifier: NjjHXEnHE8wnUeV6CBhBSr5uc0U4yYFCrn0iUe9gPn4=
Subject key identifier: 02:11:5D:24:A2:37:F6:82:55:80:12:74:1A:6A:A3:02:85:FA:A4:96
Certificate issuer: /CN=baab3f0885b5566b9b1533d2096df68e549fec3e
Certificate serial: 01856E389FB3B782137DAFCDD45183ECE55C
Authority key identifier: BA:AB:3F:08:85:B5:56:6B:9B:15:33:D2:09:6D:F6:8E:54:9F:EC:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqs_CIW1VmubFTPSCW32jlSf7D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/cd111c-2d7f-44f3-9eb6-9af13f836879/1/AhFdJKI39oJVgBJ0GmqjAoX6pJY.roa
Signing time: Sun 01 Jan 2023 16:44:42 +0000
ROA not before: Sun 01 Jan 2023 16:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51134
IP address blocks: 91.230.144.0/24 maxlen: 24
91.216.168.0/24 maxlen: 24
185.252.196.0/22 maxlen: 24
2a0c:3240::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:9f:b3:b7:82:13:7d:af:cd:d4:51:83:ec:e5:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baab3f0885b5566b9b1533d2096df68e549fec3e
Validity
Not Before: Jan 1 16:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02115d24a237f682558012741a6aa30285faa496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:5b:3f:b4:67:ae:86:37:d4:c5:8b:63:98:33:
74:f8:fe:bc:2b:68:b6:f9:69:44:df:c1:33:94:c8:
b8:14:88:92:6f:ed:55:62:1e:00:5f:ab:5a:f3:24:
b2:5c:2f:4d:0d:86:41:d3:36:29:25:07:86:3b:9e:
86:0c:b4:f3:d0:17:57:f7:99:59:99:76:f2:d6:cb:
b4:d6:31:19:bb:20:c3:0b:85:46:c5:98:78:6f:01:
62:76:ff:2d:18:ac:8d:fb:48:0f:f5:e1:30:90:62:
b2:ce:82:c3:75:a0:34:45:43:04:e3:e6:39:68:e5:
d2:26:4d:9d:9a:7d:aa:03:84:3c:be:6e:1e:9b:07:
07:21:b2:da:cf:88:3f:58:46:17:f0:d7:fa:44:93:
75:34:2a:86:45:fd:56:8a:ca:3e:33:8f:b6:25:c2:
7b:f2:ef:03:46:ab:85:bc:b6:ae:e3:d4:9a:8d:58:
42:83:73:92:c6:43:65:31:9c:cd:de:14:91:a0:c4:
ef:9f:98:b1:d2:8c:00:61:fb:50:e8:55:4e:a7:ad:
39:12:41:cc:fb:02:eb:58:b9:da:b1:fe:1d:46:cd:
38:31:13:98:f8:6f:4d:4a:39:04:f0:7b:f6:4c:b2:
99:98:af:cd:de:21:91:34:f0:96:38:c1:27:67:c7:
93:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:11:5D:24:A2:37:F6:82:55:80:12:74:1A:6A:A3:02:85:FA:A4:96
X509v3 Authority Key Identifier:
keyid:BA:AB:3F:08:85:B5:56:6B:9B:15:33:D2:09:6D:F6:8E:54:9F:EC:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqs_CIW1VmubFTPSCW32jlSf7D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cd111c-2d7f-44f3-9eb6-9af13f836879/1/AhFdJKI39oJVgBJ0GmqjAoX6pJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cd111c-2d7f-44f3-9eb6-9af13f836879/1/uqs_CIW1VmubFTPSCW32jlSf7D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.168.0/24
91.230.144.0/24
185.252.196.0/22
IPv6:
2a0c:3240::/29
Signature Algorithm: sha256WithRSAEncryption
6f:48:13:89:cf:64:c7:03:cf:24:f8:cd:9e:c0:97:ed:44:61:
41:7d:4a:63:95:41:16:ff:25:f5:c8:0e:f7:99:e5:8f:ea:64:
3f:93:3c:54:b5:c3:64:86:6b:a5:83:5d:48:ee:3d:64:99:69:
d6:86:07:8d:2c:2f:d2:aa:75:d3:3e:ea:91:da:28:d3:28:39:
cd:c5:68:fb:c0:8b:1b:2d:7f:66:16:31:a7:09:4a:33:e2:ec:
ac:bc:12:6c:eb:e8:ce:9e:30:0f:5c:09:09:80:a7:79:4b:11:
ac:1b:99:41:56:2f:9a:b1:c4:d7:f4:0e:4e:7a:bf:81:97:78:
b2:bf:41:6f:61:6c:e5:d6:98:0d:b1:6c:af:30:fa:72:79:13:
81:4c:19:a0:8c:21:91:19:f3:66:1d:28:7e:67:7a:64:15:29:
58:78:9e:f4:d8:bd:59:84:13:f6:68:f7:1b:06:46:9a:05:8b:
e6:6f:29:96:b2:53:69:a9:aa:4c:5a:12:bd:7d:06:58:95:7b:
16:5e:7d:9e:7e:df:37:9c:33:22:59:be:1f:14:cc:cb:24:f2:
da:c0:39:d9:46:d8:33:b0:93:44:f2:c1:ad:d3:92:81:61:38:
97:38:6b:64:22:c1:a6:22:f3:b3:96:8b:24:8d:f6:38:01:1c:
58:a1:fd:12
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVuOJ+zt4ITfa/N1FGD7OVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWIzZjA4ODViNTU2NmI5YjE1MzNkMjA5NmRmNjhlNTQ5
ZmVjM2UwHhcNMjMwMTAxMTY0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjExNWQyNGEyMzdmNjgyNTU4MDEyNzQxYTZhYTMwMjg1ZmFhNDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ls/tGeuhjfUxYtjmDN0+P68K2i2
+WlE38EzlMi4FIiSb+1VYh4AX6ta8ySyXC9NDYZB0zYpJQeGO56GDLTz0BdX95lZ
mXby1su01jEZuyDDC4VGxZh4bwFidv8tGKyN+0gP9eEwkGKyzoLDdaA0RUME4+Y5
aOXSJk2dmn2qA4Q8vm4emwcHIbLaz4g/WEYX8Nf6RJN1NCqGRf1Wiso+M4+2JcJ7
8u8DRquFvLau49SajVhCg3OSxkNlMZzN3hSRoMTvn5ix0owAYftQ6FVOp605EkHM
+wLrWLnasf4dRs04MROY+G9NSjkE8Hv2TLKZmK/N3iGRNPCWOMEnZ8eT/QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAIRXSSiN/aCVYASdBpqowKF+qSWMB8GA1UdIwQY
MBaAFLqrPwiFtVZrmxUz0glt9o5Un+w+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFzX0NJVzFWbXViRlRQU0NXMzJqbFNmN0Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jZDExMWMtMmQ3Zi00NGYzLTllYjYt
OWFmMTNmODM2ODc5LzEvQWhGZEpLSTM5b0pWZ0JKMEdtcWpBb1g2cEpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jZDExMWMtMmQ3Zi00NGYzLTllYjYtOWFmMTNmODM2ODc5
LzEvdXFzX0NJVzFWbXViRlRQU0NXMzJqbFNmN0Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9ioAwQA
W+aQAwQCufzEMA0EAgACMAcDBQMqDDJAMA0GCSqGSIb3DQEBCwUAA4IBAQBvSBOJ
z2THA88k+M2ewJftRGFBfUpjlUEW/yX1yA73meWP6mQ/kzxUtcNkhmulg11I7j1k
mWnWhgeNLC/SqnXTPuqR2ijTKDnNxWj7wIsbLX9mFjGnCUoz4uysvBJs6+jOnjAP
XAkJgKd5SxGsG5lBVi+ascTX9A5Oer+Bl3iyv0FvYWzl1pgNsWyvMPpyeROBTBmg
jCGRGfNmHSh+Z3pkFSlYeJ702L1ZhBP2aPcbBkaaBYvmbymWslNpqapMWhK9fQZY
lXsWXn2eft83nDMiWb4fFMzLJPLawDnZRtgzsJNE8sGt05KBYTiXOGtkIsGmIvOz
loskjfY4ARxYof0S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:48 2024 by rpki-client on console-fra.rpki-client.org