Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/h9aeYXk3TIMgMdbUXMCeC7mj7Ks.roa
File: h9aeYXk3TIMgMdbUXMCeC7mj7Ks.roa (raw, json)
Hash identifier: 9ySZ7Nb1yZrsy84TPndrVIHtEjvcBNiVsPWHSYJa7JE=
Subject key identifier: 87:D6:9E:61:79:37:4C:83:20:31:D6:D4:5C:C0:9E:0B:B9:A3:EC:AB
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 018CC6B93751131547F06724AA859F5A7334
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/h9aeYXk3TIMgMdbUXMCeC7mj7Ks.roa
Signing time: Mon 01 Jan 2024 20:31:16 +0000
ROA not before: Mon 01 Jan 2024 20:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46261
IP address blocks: 91.201.140.0/23 maxlen: 23
139.28.136.0/24 maxlen: 24
195.206.111.0/24 maxlen: 24
195.206.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 12:28:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:37:51:13:15:47:f0:67:24:aa:85:9f:5a:73:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Jan 1 20:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87d69e6179374c832031d6d45cc09e0bb9a3ecab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c3:5c:c7:ac:a3:64:45:70:ba:4c:a7:fb:8f:
62:b6:a0:06:c2:af:39:3e:38:81:a4:5e:47:01:b5:
69:1d:c7:14:bb:2d:6d:6f:cb:a4:02:e1:f8:2a:98:
27:bf:14:0b:45:4b:de:53:6b:01:12:fe:10:da:fc:
02:4b:1d:03:9b:71:b0:87:42:be:cd:2a:12:4f:d7:
d7:11:d9:40:53:9b:b7:39:22:93:10:01:24:85:b4:
c4:c9:3c:71:bd:a3:1b:0d:5f:eb:10:c2:51:3c:4c:
b9:eb:96:4f:3b:92:84:f2:db:af:26:66:16:53:24:
42:67:0f:4e:dc:8f:61:9e:5a:4b:f7:32:c2:61:0a:
e0:49:92:7e:5c:73:47:29:3f:a0:4b:2b:7b:85:70:
ef:c0:77:7d:e5:b8:f7:fe:6c:79:87:3b:37:4c:aa:
71:7e:86:de:c7:4a:01:30:7c:a5:94:de:a0:6a:d0:
21:42:ec:51:17:66:35:0d:57:3c:af:9c:04:cd:e6:
7b:68:32:96:5f:ce:a8:f5:fd:51:15:57:e3:8a:86:
83:ae:f9:13:dd:9b:d5:35:f0:9d:f1:06:ad:66:a3:
18:a6:e0:9d:fb:77:28:0f:e5:f3:e8:93:c1:31:d0:
39:7c:f4:53:d4:a3:48:5e:cc:49:d4:16:f8:b0:7c:
44:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:D6:9E:61:79:37:4C:83:20:31:D6:D4:5C:C0:9E:0B:B9:A3:EC:AB
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/h9aeYXk3TIMgMdbUXMCeC7mj7Ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.140.0/23
139.28.136.0/24
195.206.110.0/23
Signature Algorithm: sha256WithRSAEncryption
07:df:52:2c:ab:31:b4:96:b3:ac:22:da:c9:83:86:cb:2a:1d:
26:d9:db:fe:25:44:9c:30:7d:3a:0d:bc:0e:52:82:7d:34:77:
2e:ba:db:bf:c3:6f:38:f8:04:8f:67:f7:90:2b:01:63:08:9b:
17:f0:b9:4a:b8:f3:c2:f3:96:22:24:51:ed:60:6e:77:73:4a:
89:9e:db:3f:ab:d5:a0:65:c3:03:5d:1d:a7:5e:e8:a2:ed:fc:
48:7d:93:1e:8a:cb:5a:e9:83:28:f1:a8:03:a2:52:b2:a8:db:
7c:14:27:b3:99:0c:c1:3d:dc:2f:c3:d6:65:ce:94:b1:0a:5f:
21:41:41:3d:26:bd:cb:c5:25:92:50:a6:83:14:00:04:bc:4d:
11:d0:0e:7e:b8:be:1c:f7:0e:a8:4d:3e:86:79:9e:31:4f:b9:
51:84:be:a1:86:2d:9d:2b:78:13:e0:4a:69:cc:87:f1:9c:0e:
f4:6a:55:93:c1:5b:41:71:8e:c1:29:1e:e8:4b:90:34:2f:23:
48:fb:57:dd:1a:dc:59:e4:1e:ab:6c:4e:09:75:02:c7:9d:0e:
26:08:7c:a4:1b:35:5e:63:5b:52:fa:e5:66:ae:c1:3b:e1:4d:
02:b5:62:83:21:4b:62:c1:51:8d:f3:b4:ec:50:54:ed:1a:6d:
ef:14:d0:91
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGuTdRExVH8GckqoWfWnM0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjQwMTAxMjAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Q2OWU2MTc5Mzc0YzgzMjAzMWQ2ZDQ1Y2MwOWUwYmI5YTNlY2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncNcx6yjZEVwukyn+49itqAGwq85
PjiBpF5HAbVpHccUuy1tb8ukAuH4KpgnvxQLRUveU2sBEv4Q2vwCSx0Dm3Gwh0K+
zSoST9fXEdlAU5u3OSKTEAEkhbTEyTxxvaMbDV/rEMJRPEy565ZPO5KE8tuvJmYW
UyRCZw9O3I9hnlpL9zLCYQrgSZJ+XHNHKT+gSyt7hXDvwHd95bj3/mx5hzs3TKpx
fobex0oBMHyllN6gatAhQuxRF2Y1DVc8r5wEzeZ7aDKWX86o9f1RFVfjioaDrvkT
3ZvVNfCd8QatZqMYpuCd+3coD+Xz6JPBMdA5fPRT1KNIXsxJ1Bb4sHxEDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIfWnmF5N0yDIDHW1FzAngu5o+yrMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvaDlhZVlYazNUSU1nTWRiVVhNQ2VDN21qN0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW8mMAwQA
ixyIAwQBw85uMA0GCSqGSIb3DQEBCwUAA4IBAQAH31IsqzG0lrOsItrJg4bLKh0m
2dv+JUScMH06DbwOUoJ9NHcuutu/w284+ASPZ/eQKwFjCJsX8LlKuPPC85YiJFHt
YG53c0qJnts/q9WgZcMDXR2nXuii7fxIfZMeista6YMo8agDolKyqNt8FCezmQzB
Pdwvw9ZlzpSxCl8hQUE9Jr3LxSWSUKaDFAAEvE0R0A5+uL4c9w6oTT6GeZ4xT7lR
hL6hhi2dK3gT4EppzIfxnA70alWTwVtBcY7BKR7oS5A0LyNI+1fdGtxZ5B6rbE4J
dQLHnQ4mCHykGzVeY1tS+uVmrsE74U0CtWKDIUtiwVGN87TsUFTtGm3vFNCR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:54 2024 by rpki-client on console-fra.rpki-client.org