Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/T95TQuAdoWLG97cAv_c9VuJP9rQ.roa
File: T95TQuAdoWLG97cAv_c9VuJP9rQ.roa (raw, json)
Hash identifier: CLXGFJLyyrijl1dSurEquWXqZnkqesyBgao3fUhazyY=
Subject key identifier: 4F:DE:53:42:E0:1D:A1:62:C6:F7:B7:00:BF:F7:3D:56:E2:4F:F6:B4
Certificate issuer: /CN=ffb4f40f3211561c29f1bbc320bd87cfa2ddd029
Certificate serial: 0185718C3DF5AEDEC9615B4BCE1BC20AF241
Authority key identifier: FF:B4:F4:0F:32:11:56:1C:29:F1:BB:C3:20:BD:87:CF:A2:DD:D0:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/T95TQuAdoWLG97cAv_c9VuJP9rQ.roa
Signing time: Mon 02 Jan 2023 08:14:54 +0000
ROA not before: Mon 02 Jan 2023 08:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59943
IP address blocks: 91.208.211.0/24 maxlen: 24
193.104.8.0/24 maxlen: 24
185.3.216.0/22 maxlen: 24
91.223.195.0/24 maxlen: 24
2a02:5b41::/32 maxlen: 32
2a02:5b40::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 23 Dec 2023 07:23:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:3d:f5:ae:de:c9:61:5b:4b:ce:1b:c2:0a:f2:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffb4f40f3211561c29f1bbc320bd87cfa2ddd029
Validity
Not Before: Jan 2 08:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fde5342e01da162c6f7b700bff73d56e24ff6b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:74:d9:48:9a:5a:a4:f4:e2:85:cb:42:7e:af:
ce:92:b0:28:6c:67:a1:46:cf:54:8d:27:ca:ae:6c:
29:0e:a2:83:96:fd:66:c9:4e:68:9f:e6:2f:16:43:
8e:5c:ba:f1:c4:cb:7e:84:e0:b6:45:49:18:02:8b:
9e:a0:07:7a:d2:88:41:c2:99:a8:bc:9c:72:b5:6d:
de:63:f7:c3:2e:8b:ff:56:95:80:a1:21:a6:f0:5f:
35:a3:5e:c6:06:f0:79:8d:5d:27:8d:59:73:d7:c0:
34:2a:5f:9b:b7:b6:85:84:b1:e5:a1:a2:53:e4:f3:
52:7a:c7:23:61:f1:ab:13:20:0b:52:25:c7:f9:8f:
d6:e4:e6:a2:d7:d5:72:f2:1e:82:21:9f:1f:9f:e5:
17:ab:36:d0:42:0c:a4:f0:dc:e0:89:ec:28:cb:2a:
78:40:b5:6f:b0:8b:df:0d:52:20:eb:1c:75:68:70:
5f:39:b3:31:17:e8:c4:d4:69:ad:30:dc:a2:f8:32:
36:3c:a4:30:cd:79:18:b4:07:28:ba:4f:c3:c5:22:
9e:57:01:ac:ae:94:e8:64:59:11:a9:21:fd:c1:d4:
ee:a2:9f:e0:be:52:ed:53:52:dd:97:0d:38:ca:39:
34:cf:fc:79:c8:60:14:cc:15:dc:8c:2c:11:cf:a4:
7d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:DE:53:42:E0:1D:A1:62:C6:F7:B7:00:BF:F7:3D:56:E2:4F:F6:B4
X509v3 Authority Key Identifier:
keyid:FF:B4:F4:0F:32:11:56:1C:29:F1:BB:C3:20:BD:87:CF:A2:DD:D0:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/T95TQuAdoWLG97cAv_c9VuJP9rQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.211.0/24
91.223.195.0/24
185.3.216.0/22
193.104.8.0/24
IPv6:
2a02:5b40::/31
Signature Algorithm: sha256WithRSAEncryption
53:a7:9d:bf:14:f1:0e:8e:53:c2:f0:08:9b:0e:a8:4a:cb:8b:
87:6e:e2:11:9f:e8:d4:fa:31:dd:4f:d5:b0:7b:b5:0e:2d:88:
8c:d3:e2:db:97:58:9e:c1:b0:c5:e3:14:b3:32:60:01:3f:19:
38:06:b4:b4:25:e0:34:cf:cc:88:2f:23:08:db:d9:20:b2:ac:
22:be:9c:ea:f1:58:36:10:44:17:06:9d:1a:bd:66:cc:19:3f:
03:18:73:54:29:f5:68:0b:28:21:4d:26:a0:bd:c4:01:ef:8d:
2d:55:55:34:2e:16:59:11:73:fd:41:14:cf:b8:08:74:27:95:
53:8a:9e:ac:b9:3a:3a:cb:58:b2:6a:51:15:f8:45:d2:06:88:
86:52:7f:3a:c5:d4:a3:51:9b:1e:6c:c4:b2:e3:d8:2e:06:71:
a6:14:05:db:ba:1d:b4:49:2a:bf:52:a0:0c:42:66:7c:83:8b:
5c:fa:80:23:48:02:15:d0:e2:37:03:fa:81:96:2b:a9:ce:a5:
ad:75:c7:aa:7d:58:eb:47:84:aa:fe:3d:e8:b1:52:37:59:d9:
b1:68:28:ea:ac:8c:9b:b2:c4:fe:cb:11:ce:0b:cc:3b:07:18:
af:6f:e1:9d:09:4a:0c:3d:3c:36:0f:7e:c0:b2:0a:e6:87:4e:
3f:83:9d:c1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVxjD31rt7JYVtLzhvCCvJBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYjRmNDBmMzIxMTU2MWMyOWYxYmJjMzIwYmQ4N2NmYTJk
ZGQwMjkwHhcNMjMwMTAyMDgxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmRlNTM0MmUwMWRhMTYyYzZmN2I3MDBiZmY3M2Q1NmUyNGZmNmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinTZSJpapPTihctCfq/OkrAobGeh
Rs9UjSfKrmwpDqKDlv1myU5on+YvFkOOXLrxxMt+hOC2RUkYAoueoAd60ohBwpmo
vJxytW3eY/fDLov/VpWAoSGm8F81o17GBvB5jV0njVlz18A0Kl+bt7aFhLHloaJT
5PNSescjYfGrEyALUiXH+Y/W5Oai19Vy8h6CIZ8fn+UXqzbQQgyk8Nzgiewoyyp4
QLVvsIvfDVIg6xx1aHBfObMxF+jE1GmtMNyi+DI2PKQwzXkYtAcouk/DxSKeVwGs
rpToZFkRqSH9wdTuop/gvlLtU1Ldlw04yjk0z/x5yGAUzBXcjCwRz6R9WQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFE/eU0LgHaFixve3AL/3PVbiT/a0MB8GA1UdIwQY
MBaAFP+09A8yEVYcKfG7wyC9h8+i3dApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzdUMER6SVJWaHdwOGJ2RElMMkh6NkxkMENrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xNDhkODgtNjEzNi00Mzc0LTk5NGIt
ZDUzZjk0ZTIwN2E5LzEvVDk1VFF1QWRvV0xHOTdjQXZfYzlWdUpQOXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xNDhkODgtNjEzNi00Mzc0LTk5NGItZDUzZjk0ZTIwN2E5
LzEvXzdUMER6SVJWaHdwOGJ2RElMMkh6NkxkMENrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9DTAwQA
W9/DAwQCuQPYAwQAwWgIMA0EAgACMAcDBQEqAltAMA0GCSqGSIb3DQEBCwUAA4IB
AQBTp52/FPEOjlPC8AibDqhKy4uHbuIRn+jU+jHdT9Wwe7UOLYiM0+Lbl1iewbDF
4xSzMmABPxk4BrS0JeA0z8yILyMI29kgsqwivpzq8Vg2EEQXBp0avWbMGT8DGHNU
KfVoCyghTSagvcQB740tVVU0LhZZEXP9QRTPuAh0J5VTip6suTo6y1iyalEV+EXS
BoiGUn86xdSjUZsebMSy49guBnGmFAXbuh20SSq/UqAMQmZ8g4tc+oAjSAIV0OI3
A/qBliupzqWtdceqfVjrR4Sq/j3osVI3WdmxaCjqrIybssT+yxHOC8w7Bxivb+Gd
CUoMPTw2D37Asgrmh04/g53B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:21 2024 by rpki-client on console-fra.rpki-client.org