Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ahCjH4NTYP_yQx6dHwJE-25CbwU.roa
File: ahCjH4NTYP_yQx6dHwJE-25CbwU.roa (raw, json)
Hash identifier: mmz4YBxiAnFLPQ8/oPVQpd53CfNQU5nicQBRSf77LfU=
Subject key identifier: 6A:10:A3:1F:83:53:60:FF:F2:43:1E:9D:1F:02:44:FB:6E:42:6F:05
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018D598190819F603379F0F3B1F38782ACE1
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ahCjH4NTYP_yQx6dHwJE-25CbwU.roa
Signing time: Tue 30 Jan 2024 08:34:39 +0000
ROA not before: Tue 30 Jan 2024 08:34:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12668
IP address blocks: 90.157.68.0/23 maxlen: 23
92.54.90.0/24 maxlen: 24
94.31.195.0/24 maxlen: 24
94.31.202.0/24 maxlen: 24
94.31.250.0/24 maxlen: 24
94.31.255.0/24 maxlen: 24
188.17.116.0/23 maxlen: 23
188.18.112.0/24 maxlen: 24
188.18.113.0/24 maxlen: 24
188.18.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Mar 2024 01:35:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:81:90:81:9f:60:33:79:f0:f3:b1:f3:87:82:ac:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 30 08:34:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a10a31f835360fff2431e9d1f0244fb6e426f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:53:91:b7:58:94:2f:07:55:bd:da:3a:8e:d4:
52:f3:b3:04:ed:cf:40:b7:ef:50:16:61:0e:e2:6b:
0b:77:96:71:56:04:c1:05:12:7f:b3:da:fd:72:39:
05:4d:f1:7e:76:03:c4:a3:47:3a:74:00:07:e5:1c:
cf:78:91:7a:81:56:8e:74:d9:8f:94:8d:db:c0:12:
56:4c:01:53:53:2c:a6:4a:00:2f:5c:77:0c:58:30:
4f:5d:2e:da:37:69:10:b0:5a:e8:7e:0c:4c:c6:25:
6e:7b:c0:e7:cc:bd:59:bd:af:a9:60:4e:c4:5c:c6:
fc:9e:74:e1:12:fe:1a:08:be:99:95:2d:7e:2e:98:
8b:61:54:f5:cb:fe:6f:b8:4a:56:e9:a9:53:3f:bd:
79:51:32:83:55:b9:49:3c:97:b9:3c:aa:49:0e:ec:
13:a7:68:ec:75:a4:ef:f8:da:96:c9:0a:46:4b:ce:
4d:46:71:4c:50:3f:f4:2e:b6:56:19:54:db:ac:07:
f7:74:eb:c8:79:45:1a:c2:0f:dc:66:8e:f3:cf:24:
d3:d6:54:56:68:5f:06:60:18:df:15:05:cd:04:d9:
9d:aa:74:27:b3:e5:a8:4d:a6:37:75:ea:77:f4:d8:
a0:4e:9d:96:75:09:2b:a4:a7:74:0d:1d:aa:11:a1:
9b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:10:A3:1F:83:53:60:FF:F2:43:1E:9D:1F:02:44:FB:6E:42:6F:05
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ahCjH4NTYP_yQx6dHwJE-25CbwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.157.68.0/23
92.54.90.0/24
94.31.195.0/24
94.31.202.0/24
94.31.250.0/24
94.31.255.0/24
188.17.116.0/23
188.18.112.0/23
188.18.116.0/24
Signature Algorithm: sha256WithRSAEncryption
34:8e:43:fc:27:b5:3a:54:27:a3:36:a3:34:99:e2:e2:d6:ee:
11:2d:66:9c:d4:3d:85:c4:24:4f:b9:af:45:65:04:c4:de:3a:
9c:b5:ba:25:34:90:d6:cc:48:ee:38:29:70:5f:11:50:e4:fe:
b0:89:5d:cf:4f:b8:b1:37:6a:c6:ff:72:76:4c:3f:61:19:1b:
7b:33:67:e6:d3:39:98:c3:05:92:ae:d2:2a:76:53:be:b4:f1:
ac:3f:51:33:b4:bf:e7:3e:8e:5d:09:4d:bf:ea:60:77:8f:71:
97:21:4f:fd:cf:4d:2b:27:c6:03:64:87:68:db:18:3d:1e:da:
09:1c:66:7c:fc:9e:20:56:7c:6b:31:d3:a8:60:34:33:39:86:
7b:bc:86:ee:d2:be:32:b5:32:f6:15:83:22:6e:0f:1a:06:5e:
49:71:fa:aa:18:11:25:11:d8:0d:9d:37:24:bf:3f:b3:c1:cc:
9b:fc:8d:ab:81:34:3e:b1:24:de:8e:ba:31:46:2b:d8:a9:23:
17:e3:d1:71:be:13:88:ca:33:3d:7a:95:51:66:44:e4:21:51:
50:d4:08:c9:6a:97:5a:2a:df:87:4f:e8:17:98:e3:db:38:2f:
51:02:34:a5:6d:fe:a9:bd:22:8d:8a:21:aa:cc:4e:0f:5a:04:
ac:c9:5e:26
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY1ZgZCBn2AzefDzsfOHgqzhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMTMwMDgzNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTEwYTMxZjgzNTM2MGZmZjI0MzFlOWQxZjAyNDRmYjZlNDI2ZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFORt1iULwdVvdo6jtRS87ME7c9A
t+9QFmEO4msLd5ZxVgTBBRJ/s9r9cjkFTfF+dgPEo0c6dAAH5RzPeJF6gVaOdNmP
lI3bwBJWTAFTUyymSgAvXHcMWDBPXS7aN2kQsFrofgxMxiVue8DnzL1Zva+pYE7E
XMb8nnThEv4aCL6ZlS1+LpiLYVT1y/5vuEpW6alTP715UTKDVblJPJe5PKpJDuwT
p2jsdaTv+NqWyQpGS85NRnFMUD/0LrZWGVTbrAf3dOvIeUUawg/cZo7zzyTT1lRW
aF8GYBjfFQXNBNmdqnQns+WoTaY3dep39NigTp2WdQkrpKd0DR2qEaGbJQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGoQox+DU2D/8kMenR8CRPtuQm8FMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvYWhDakg0TlRZUF95UXg2ZEh3SkUtMjVDYndVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBWp1EAwQA
XDZaAwQAXh/DAwQAXh/KAwQAXh/6AwQAXh//AwQBvBF0AwQBvBJwAwQAvBJ0MA0G
CSqGSIb3DQEBCwUAA4IBAQA0jkP8J7U6VCejNqM0meLi1u4RLWac1D2FxCRPua9F
ZQTE3jqctbolNJDWzEjuOClwXxFQ5P6wiV3PT7ixN2rG/3J2TD9hGRt7M2fm0zmY
wwWSrtIqdlO+tPGsP1EztL/nPo5dCU2/6mB3j3GXIU/9z00rJ8YDZIdo2xg9HtoJ
HGZ8/J4gVnxrMdOoYDQzOYZ7vIbu0r4ytTL2FYMibg8aBl5JcfqqGBElEdgNnTck
vz+zwcyb/I2rgTQ+sSTejroxRivYqSMX49FxvhOIyjM9epVRZkTkIVFQ1AjJapda
Kt+HT+gXmOPbOC9RAjSlbf6pvSKNiiGqzE4PWgSsyV4m
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:56 2024 by rpki-client on console-fra.rpki-client.org