Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/69a209-fa57-43f0-bbc2-7507e819a795/1/E9TLEb4FEWD8Di2OaNb7SG4DuQ0.roa
File: E9TLEb4FEWD8Di2OaNb7SG4DuQ0.roa (raw, json)
Hash identifier: /OXOQPa+uLvBuvy9XTrx+yy+V9rgrrhNSVO6DoTIwn0=
Subject key identifier: 13:D4:CB:11:BE:05:11:60:FC:0E:2D:8E:68:D6:FB:48:6E:03:B9:0D
Certificate issuer: /CN=e31da2ba057e9a54a6170f257ff97856dc97e068
Certificate serial: 01856F391113F53F3B71AC6948789CD0DFA7
Authority key identifier: E3:1D:A2:BA:05:7E:9A:54:A6:17:0F:25:7F:F9:78:56:DC:97:E0:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4x2iugV-mlSmFw8lf_l4VtyX4Gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/69a209-fa57-43f0-bbc2-7507e819a795/1/E9TLEb4FEWD8Di2OaNb7SG4DuQ0.roa
Signing time: Sun 01 Jan 2023 21:24:48 +0000
ROA not before: Sun 01 Jan 2023 21:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58029
IP address blocks: 192.166.157.0/24 maxlen: 24
192.166.154.0/24 maxlen: 24
192.166.156.0/24 maxlen: 24
192.166.155.0/24 maxlen: 24
91.223.125.0/24 maxlen: 24
91.241.57.0/24 maxlen: 24
2a0f:9c80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:11:13:f5:3f:3b:71:ac:69:48:78:9c:d0:df:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e31da2ba057e9a54a6170f257ff97856dc97e068
Validity
Not Before: Jan 1 21:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13d4cb11be051160fc0e2d8e68d6fb486e03b90d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f9:07:5a:41:f0:02:ea:ed:d5:bb:9a:c8:7d:
bc:2d:ec:a8:41:ee:dd:57:60:2e:db:16:a1:e8:5b:
ea:f8:5a:ae:36:b6:50:c4:e4:5b:d1:c4:fc:d9:14:
79:4f:8b:f2:f3:e7:c0:1f:cf:27:43:26:62:72:a4:
c1:90:80:ab:c3:d8:4b:49:89:2d:39:31:e4:27:b6:
f2:90:01:e8:77:90:ae:15:e9:d6:a4:69:a1:f4:41:
78:27:db:dd:0a:74:f2:aa:43:7a:12:04:8f:0a:6e:
2e:4c:de:0e:32:f7:72:ac:9f:99:9f:6c:99:90:14:
73:d3:f4:00:20:34:a3:fe:f2:ea:4f:f0:b0:e1:82:
7c:25:35:10:ee:bb:ae:8c:f0:47:ab:bb:31:e3:65:
4e:36:ab:68:81:d6:54:36:23:3a:69:c7:5a:d0:90:
cf:5c:e8:35:29:2f:fd:94:81:c9:84:04:40:fc:51:
b6:33:81:1b:1d:67:6e:1a:64:17:f2:93:51:0c:28:
0a:8f:a1:98:52:89:63:0b:20:71:65:b2:20:e0:ee:
4c:72:c0:85:4c:27:dd:6a:e1:f3:71:18:d5:2b:2b:
fb:a5:61:8c:f3:46:5a:da:ee:72:85:1a:fe:be:b2:
31:72:12:73:36:e1:f4:29:c1:b2:ea:21:d0:f0:04:
ef:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:D4:CB:11:BE:05:11:60:FC:0E:2D:8E:68:D6:FB:48:6E:03:B9:0D
X509v3 Authority Key Identifier:
keyid:E3:1D:A2:BA:05:7E:9A:54:A6:17:0F:25:7F:F9:78:56:DC:97:E0:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4x2iugV-mlSmFw8lf_l4VtyX4Gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/69a209-fa57-43f0-bbc2-7507e819a795/1/E9TLEb4FEWD8Di2OaNb7SG4DuQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/69a209-fa57-43f0-bbc2-7507e819a795/1/4x2iugV-mlSmFw8lf_l4VtyX4Gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.125.0/24
91.241.57.0/24
192.166.154.0-192.166.157.255
IPv6:
2a0f:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
28:62:47:6b:3f:dc:0a:26:70:76:55:96:31:8b:4a:76:55:52:
32:e2:52:e0:b3:7e:04:c5:67:ce:b7:11:24:17:12:01:85:3c:
0b:73:17:3a:e5:ba:2a:ea:49:b1:90:a1:c4:1c:42:64:35:34:
1b:7a:b0:21:6f:71:9c:e4:c9:1e:19:e1:cc:cc:8a:dc:7a:05:
c4:1d:13:cd:ec:c2:67:7f:db:95:37:7e:50:84:cf:90:3e:00:
30:37:19:bd:2e:ef:de:13:ae:4c:74:5c:37:c9:c9:5e:cc:f0:
23:6d:e1:29:8b:54:56:e3:d4:1d:1c:8f:c1:19:18:c9:ef:8b:
12:a7:ec:9f:da:80:f0:c2:2d:23:f7:df:31:ff:10:16:a9:ef:
cc:a1:4a:dc:88:98:d2:b5:bb:bf:74:e8:15:3d:f2:d1:42:87:
01:7a:b9:3d:62:94:d6:18:d3:24:53:34:ae:d1:e6:b1:98:2f:
7d:3b:e9:98:b7:ea:d8:83:35:00:2c:e1:d2:bb:3e:02:92:ef:
47:4b:e5:a3:29:f0:18:b6:41:01:dc:3d:87:a5:b8:61:bb:7f:
10:23:f0:6c:51:22:8c:26:52:e0:8f:d4:9a:97:0b:38:23:af:
3b:69:c1:24:28:43:8d:05:94:73:fc:0e:fe:0a:71:43:11:78:
50:15:77:6e
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVvORET9T87caxpSHic0N+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWRhMmJhMDU3ZTlhNTRhNjE3MGYyNTdmZjk3ODU2ZGM5
N2UwNjgwHhcNMjMwMTAxMjEyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2Q0Y2IxMWJlMDUxMTYwZmMwZTJkOGU2OGQ2ZmI0ODZlMDNiOTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vkHWkHwAurt1buayH28LeyoQe7d
V2Au2xah6Fvq+FquNrZQxORb0cT82RR5T4vy8+fAH88nQyZicqTBkICrw9hLSYkt
OTHkJ7bykAHod5CuFenWpGmh9EF4J9vdCnTyqkN6EgSPCm4uTN4OMvdyrJ+Zn2yZ
kBRz0/QAIDSj/vLqT/Cw4YJ8JTUQ7ruujPBHq7sx42VONqtogdZUNiM6acda0JDP
XOg1KS/9lIHJhARA/FG2M4EbHWduGmQX8pNRDCgKj6GYUoljCyBxZbIg4O5McsCF
TCfdauHzcRjVKyv7pWGM80Za2u5yhRr+vrIxchJzNuH0KcGy6iHQ8ATvewIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBPUyxG+BRFg/A4tjmjW+0huA7kNMB8GA1UdIwQY
MBaAFOMdoroFfppUphcPJX/5eFbcl+BoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHgyaXVnVi1tbFNtRnc4bGZfbDRWdHlYNEdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy82OWEyMDktZmE1Ny00M2YwLWJiYzIt
NzUwN2U4MTlhNzk1LzEvRTlUTEViNEZFV0Q4RGkyT2FOYjdTRzREdVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy82OWEyMDktZmE1Ny00M2YwLWJiYzItNzUwN2U4MTlhNzk1
LzEvNHgyaXVnVi1tbFNtRnc4bGZfbDRWdHlYNEdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAW999AwQA
W/E5MAwDBAHAppoDBAHAppwwDQQCAAIwBwMFAyoPnIAwDQYJKoZIhvcNAQELBQAD
ggEBAChiR2s/3AomcHZVljGLSnZVUjLiUuCzfgTFZ863ESQXEgGFPAtzFzrluirq
SbGQocQcQmQ1NBt6sCFvcZzkyR4Z4czMitx6BcQdE83swmd/25U3flCEz5A+ADA3
Gb0u794Trkx0XDfJyV7M8CNt4SmLVFbj1B0cj8EZGMnvixKn7J/agPDCLSP33zH/
EBap78yhStyImNK1u7906BU98tFChwF6uT1ilNYY0yRTNK7R5rGYL3076Zi36tiD
NQAs4dK7PgKS70dL5aMp8Bi2QQHcPYeluGG7fxAj8GxRIowmUuCP1JqXCzgjrztp
wSQoQ40FlHP8Dv4KcUMReFAVd24=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:57 2024 by rpki-client on console-fra.rpki-client.org