Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/Ni51zZ84DfOQWeP-Dq7K7lIcwao.roa
File: Ni51zZ84DfOQWeP-Dq7K7lIcwao.roa (raw, json)
Hash identifier: Ec0FtsIWEzbRldrxN7Xr7OpZU0KOlQdCLCRRNJQXA7w=
Subject key identifier: 36:2E:75:CD:9F:38:0D:F3:90:59:E3:FE:0E:AE:CA:EE:52:1C:C1:AA
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 018C3FA2AD810FD9FCDA5C3C7603D6D2E58C
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/Ni51zZ84DfOQWeP-Dq7K7lIcwao.roa
Signing time: Wed 06 Dec 2023 14:57:54 +0000
ROA not before: Wed 06 Dec 2023 14:57:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211261
IP address blocks: 91.210.126.0/24 maxlen: 24
5.253.157.0/24 maxlen: 24
5.253.156.0/24 maxlen: 24
5.253.159.0/24 maxlen: 24
185.146.67.0/24 maxlen: 24
185.204.201.0/24 maxlen: 24
185.204.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Dec 2023 08:08:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:a2:ad:81:0f:d9:fc:da:5c:3c:76:03:d6:d2:e5:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Dec 6 14:57:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=362e75cd9f380df39059e3fe0eaecaee521cc1aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3b:ed:dd:a5:bf:ba:23:b2:1d:6f:c6:b7:97:
df:a0:c9:ef:05:ba:cd:1d:50:80:0f:84:69:6e:51:
6d:8b:bf:4a:46:7c:9f:ea:1e:3f:2f:a4:c6:5f:80:
00:97:93:96:fc:8f:5d:14:f8:bf:d0:70:ed:ae:c7:
6e:36:8b:b6:68:19:68:c1:67:aa:d3:7d:fc:a4:e5:
fb:b5:66:2e:f4:4d:56:51:2e:a6:a4:80:fd:fb:47:
1f:c1:9b:a7:eb:eb:57:34:69:4a:26:aa:b4:ed:19:
a8:50:f3:c8:a8:11:46:b9:ba:3e:47:c5:6a:fb:5b:
f7:f4:29:50:5a:ae:b4:41:a4:7b:cf:09:cd:b0:a6:
c4:38:82:4f:a6:b3:04:8e:06:57:ec:eb:ca:50:e1:
1a:f6:74:24:0f:8b:a1:14:78:4a:d6:28:6d:09:0d:
ac:b3:62:60:3d:67:81:57:25:80:8f:e7:67:65:e2:
0c:fd:31:84:74:0f:9e:d6:cb:64:2d:bf:6b:37:42:
fd:8a:32:37:53:6a:e0:8b:7d:ad:f1:6e:27:34:20:
a2:69:44:17:af:06:38:ec:ae:83:a2:cc:e7:e6:49:
ba:dd:49:9e:32:31:e1:a3:33:10:c0:6e:34:5a:46:
87:ad:d3:37:69:36:c3:f6:19:4f:24:8a:7f:e6:70:
ee:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:2E:75:CD:9F:38:0D:F3:90:59:E3:FE:0E:AE:CA:EE:52:1C:C1:AA
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/Ni51zZ84DfOQWeP-Dq7K7lIcwao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.156.0/23
5.253.159.0/24
91.210.126.0/24
185.146.67.0/24
185.204.200.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:41:fd:6d:1c:6e:75:ce:be:e9:22:57:9e:7d:28:e9:00:74:
da:9e:b1:83:8a:38:78:d3:cc:9f:93:5e:68:f4:b6:78:26:13:
ff:ed:38:73:21:f0:c8:8e:ea:43:1e:4a:83:ba:df:49:5e:2b:
a3:4e:21:dc:5e:ea:90:56:7f:06:aa:04:9e:76:31:33:85:3c:
27:db:32:05:d0:b1:bc:d5:ee:78:ad:4e:a7:9a:d3:74:9e:f4:
46:80:cc:d9:b1:a8:65:8c:76:2e:61:64:75:99:8f:31:21:50:
d1:6e:67:6a:96:f7:7f:ba:10:c1:89:e1:f0:b6:bc:38:cc:b3:
53:e8:41:eb:df:e4:e8:a4:f8:0e:c4:27:19:45:90:5f:05:13:
2e:26:e7:a3:ba:15:6f:2b:70:ba:c3:1d:cc:1a:75:e9:97:d3:
e0:75:34:fc:28:2a:86:96:87:0b:86:a8:a3:b2:ab:23:47:bd:
b1:2a:97:0c:ca:88:65:30:03:88:d1:6f:87:a9:dc:18:da:d2:
02:2f:5c:d4:55:64:85:16:33:6b:7d:09:b8:67:ac:a8:88:42:
7e:58:30:3d:f6:ff:f6:bc:e2:d5:49:a6:58:ca:bd:0e:be:35:
ba:73:a7:8b:bb:6e:9c:eb:bd:b8:e3:0a:c1:2a:7c:ff:cf:59:
64:92:2d:4b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYw/oq2BD9n82lw8dgPW0uWMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjMxMjA2MTQ1NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjJlNzVjZDlmMzgwZGYzOTA1OWUzZmUwZWFlY2FlZTUyMWNjMWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjvt3aW/uiOyHW/Gt5ffoMnvBbrN
HVCAD4RpblFti79KRnyf6h4/L6TGX4AAl5OW/I9dFPi/0HDtrsduNou2aBlowWeq
0338pOX7tWYu9E1WUS6mpID9+0cfwZun6+tXNGlKJqq07RmoUPPIqBFGubo+R8Vq
+1v39ClQWq60QaR7zwnNsKbEOIJPprMEjgZX7OvKUOEa9nQkD4uhFHhK1ihtCQ2s
s2JgPWeBVyWAj+dnZeIM/TGEdA+e1stkLb9rN0L9ijI3U2rgi32t8W4nNCCiaUQX
rwY47K6Doszn5km63UmeMjHhozMQwG40WkaHrdM3aTbD9hlPJIp/5nDuiwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDYudc2fOA3zkFnj/g6uyu5SHMGqMB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvTmk1MXpaODREZk9RV2VQLURxN0s3bEljd2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBBf2cAwQA
Bf2fAwQAW9J+AwQAuZJDAwQBuczIMA0GCSqGSIb3DQEBCwUAA4IBAQAdQf1tHG51
zr7pIleefSjpAHTanrGDijh408yfk15o9LZ4JhP/7ThzIfDIjupDHkqDut9JXiuj
TiHcXuqQVn8GqgSedjEzhTwn2zIF0LG81e54rU6nmtN0nvRGgMzZsahljHYuYWR1
mY8xIVDRbmdqlvd/uhDBieHwtrw4zLNT6EHr3+TopPgOxCcZRZBfBRMuJuejuhVv
K3C6wx3MGnXpl9PgdTT8KCqGlocLhqijsqsjR72xKpcMyohlMAOI0W+HqdwY2tIC
L1zUVWSFFjNrfQm4Z6yoiEJ+WDA99v/2vOLVSaZYyr0OvjW6c6eLu26c67244wrB
Knz/z1lkki1L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:15 2024 by rpki-client on console-fra.rpki-client.org