Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/xb87uRjilhZOc8LvPJ0wZetiBSM.roa
File: xb87uRjilhZOc8LvPJ0wZetiBSM.roa (raw, json)
Hash identifier: uBsrF+ZDPjwdXqgvatbF32q7gqxCTWKtjXdqg/Sr0YE=
Subject key identifier: C5:BF:3B:B9:18:E2:96:16:4E:73:C2:EF:3C:9D:30:65:EB:62:05:23
Certificate issuer: /CN=9ba94bc14937bb0b3632374355a446724104a981
Certificate serial: 019320FD47C71276BD507AC0286E11828AAC
Authority key identifier: 9B:A9:4B:C1:49:37:BB:0B:36:32:37:43:55:A4:46:72:41:04:A9:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/xb87uRjilhZOc8LvPJ0wZetiBSM.roa
Signing time: Tue 12 Nov 2024 15:28:10 +0000
ROA not before: Tue 12 Nov 2024 15:28:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31480
IP address blocks: 91.196.32.0/22 maxlen: 22
91.196.34.0/24 maxlen: 24
185.59.136.0/24 maxlen: 24
193.151.108.0/22 maxlen: 22
193.151.108.0/23 maxlen: 23
193.151.108.0/24 maxlen: 24
193.151.110.0/24 maxlen: 24
2a0c:1d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 12 Nov 2024 18:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:20:fd:47:c7:12:76:bd:50:7a:c0:28:6e:11:82:8a:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ba94bc14937bb0b3632374355a446724104a981
Validity
Not Before: Nov 12 15:28:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5bf3bb918e296164e73c2ef3c9d3065eb620523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:db:26:b1:5f:3e:cc:43:3c:a8:e4:f5:79:c3:
45:56:0d:10:ab:7a:b9:77:f1:98:8e:e8:71:b1:9e:
5e:8f:fd:81:36:ca:6a:29:36:dd:db:7d:69:a3:2b:
ab:08:f7:ec:4c:20:c2:70:2e:b0:8a:71:6f:f4:a7:
46:3b:70:43:66:51:4f:e6:66:de:64:01:aa:9f:0a:
94:43:a8:4b:c6:7f:b6:a8:cc:8a:ad:72:03:d5:7d:
c8:f8:54:ea:3a:8b:56:20:c7:7a:42:98:8f:fe:0b:
5d:6b:7b:35:b7:9a:5d:9d:76:7d:51:9d:ab:6d:1d:
c7:0f:b3:1c:0d:76:99:27:2f:67:d1:38:12:07:4e:
9b:a5:23:f2:28:fa:4d:92:37:69:68:3f:7f:cf:92:
e5:d8:ae:2d:02:40:fd:a4:9a:2c:55:b7:22:61:99:
97:ac:fb:1f:3b:05:d3:92:ea:58:08:16:40:7a:e3:
38:7d:81:0e:58:d6:3d:2e:26:04:3e:ff:cf:e5:80:
7b:9d:cb:cb:37:d2:9f:45:78:09:10:af:8a:62:7d:
cf:93:1f:4c:49:e9:d2:83:b6:e1:2c:cf:48:5d:d9:
0c:a5:5c:21:4d:b4:10:b9:75:03:80:47:98:fc:71:
57:12:34:ea:7b:15:a0:68:64:45:fd:d6:8f:d5:9b:
b5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:BF:3B:B9:18:E2:96:16:4E:73:C2:EF:3C:9D:30:65:EB:62:05:23
X509v3 Authority Key Identifier:
keyid:9B:A9:4B:C1:49:37:BB:0B:36:32:37:43:55:A4:46:72:41:04:A9:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/xb87uRjilhZOc8LvPJ0wZetiBSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.32.0/22
185.59.136.0/24
193.151.108.0/22
IPv6:
2a0c:1d80::/29
Signature Algorithm: sha256WithRSAEncryption
35:46:dc:5e:83:d4:42:92:0a:be:c8:7e:bc:2c:2c:44:a5:04:
75:49:83:b5:aa:75:e3:d5:0b:39:c7:18:b3:a0:db:59:03:d7:
bd:41:24:fd:4c:a4:b1:14:7e:5a:06:bb:dd:11:a8:b2:a9:bd:
47:01:b9:53:52:41:bc:1f:31:d0:96:92:53:c0:11:34:d2:c4:
2b:43:5b:1b:15:45:62:4c:e2:71:85:54:b4:27:93:59:f3:88:
2a:28:fc:a0:55:39:e0:6a:6a:70:45:f9:8b:4e:b9:12:6e:6d:
8a:2a:74:43:86:cf:8e:4e:7d:22:c8:e2:20:30:f9:cc:c2:9d:
75:2b:05:e2:d4:8d:20:b5:3f:df:43:1d:73:7c:5f:36:a5:bf:
83:7f:b6:48:a7:57:e1:a3:07:12:18:a2:13:28:7f:a0:36:1a:
80:63:50:0d:bc:a8:b5:5a:89:66:1c:95:80:c9:5b:7f:09:07:
89:30:a4:7d:94:cd:16:0b:33:50:67:42:75:c6:be:4c:69:54:
04:ab:5f:d6:84:fa:28:e8:3f:9c:df:e3:1e:c8:38:97:60:27:
35:1f:44:59:a7:fd:26:cd:92:03:b4:3f:c2:11:af:ee:cc:00:
58:4c:75:8a:4a:9a:25:74:60:1a:e8:e3:e5:6e:32:a5:7a:0e:
cf:2e:33:07
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZMg/UfHEna9UHrAKG4RgoqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYTk0YmMxNDkzN2JiMGIzNjMyMzc0MzU1YTQ0NjcyNDEw
NGE5ODEwHhcNMjQxMTEyMTUyODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWJmM2JiOTE4ZTI5NjE2NGU3M2MyZWYzYzlkMzA2NWViNjIwNTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNsmsV8+zEM8qOT1ecNFVg0Qq3q5
d/GYjuhxsZ5ej/2BNspqKTbd231poyurCPfsTCDCcC6winFv9KdGO3BDZlFP5mbe
ZAGqnwqUQ6hLxn+2qMyKrXID1X3I+FTqOotWIMd6QpiP/gtda3s1t5pdnXZ9UZ2r
bR3HD7McDXaZJy9n0TgSB06bpSPyKPpNkjdpaD9/z5Ll2K4tAkD9pJosVbciYZmX
rPsfOwXTkupYCBZAeuM4fYEOWNY9LiYEPv/P5YB7ncvLN9KfRXgJEK+KYn3Pkx9M
SenSg7bhLM9IXdkMpVwhTbQQuXUDgEeY/HFXEjTqexWgaGRF/daP1Zu1BQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMW/O7kY4pYWTnPC7zydMGXrYgUjMB8GA1UdIwQY
MBaAFJupS8FJN7sLNjI3Q1WkRnJBBKmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTZsTHdVazN1d3MyTWpkRFZhUkdja0VFcVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jYzc4NDMtZDEzNi00ZmZiLThiOTkt
ODM2YzMxMmFjOGMyLzEveGI4N3VSamlsaFpPYzhMdlBKMHdaZXRpQlNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jYzc4NDMtZDEzNi00ZmZiLThiOTktODM2YzMxMmFjOGMy
LzEvbTZsTHdVazN1d3MyTWpkRFZhUkdja0VFcVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCW8QgAwQA
uTuIAwQCwZdsMA0EAgACMAcDBQMqDB2AMA0GCSqGSIb3DQEBCwUAA4IBAQA1Rtxe
g9RCkgq+yH68LCxEpQR1SYO1qnXj1Qs5xxizoNtZA9e9QST9TKSxFH5aBrvdEaiy
qb1HAblTUkG8HzHQlpJTwBE00sQrQ1sbFUViTOJxhVS0J5NZ84gqKPygVTngampw
RfmLTrkSbm2KKnRDhs+OTn0iyOIgMPnMwp11KwXi1I0gtT/fQx1zfF82pb+Df7ZI
p1fhowcSGKITKH+gNhqAY1ANvKi1WolmHJWAyVt/CQeJMKR9lM0WCzNQZ0J1xr5M
aVQEq1/WhPoo6D+c3+MeyDiXYCc1H0RZp/0mzZIDtD/CEa/uzABYTHWKSpoldGAa
6OPlbjKleg7PLjMH
-----END CERTIFICATE-----
Generated at Tue Nov 12 19:39:14 2024 by rpki-client on console-fra.rpki-client.org