Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/KRu4mobRBxTUMWzk-lyiEOLwCLU.roa
File: KRu4mobRBxTUMWzk-lyiEOLwCLU.roa (raw, json)
Hash identifier: 69aB9NfpoW2zs6PwsEnA4Jjb0iO/q0c9Lqxib66HEu8=
Subject key identifier: 29:1B:B8:9A:86:D1:07:14:D4:31:6C:E4:FA:5C:A2:10:E2:F0:08:B5
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0187A355ABF73960B0A548B3FF07D3867EE7
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/KRu4mobRBxTUMWzk-lyiEOLwCLU.roa
Signing time: Fri 21 Apr 2023 10:21:53 +0000
ROA not before: Fri 21 Apr 2023 10:21:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 91.200.223.0/24 maxlen: 24
91.200.221.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
91.226.57.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
193.93.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 23 Apr 2023 04:50:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a3:55:ab:f7:39:60:b0:a5:48:b3:ff:07:d3:86:7e:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 21 10:21:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=291bb89a86d10714d4316ce4fa5ca210e2f008b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:cb:a5:78:f1:75:4b:ca:04:7d:d3:7a:31:58:
ad:92:c6:7b:b3:c3:30:22:f1:d9:e3:b1:ce:c5:0a:
f9:34:d2:88:d5:52:8a:3d:f4:46:cd:5f:57:20:5e:
64:b3:61:2a:64:5a:61:5d:15:e6:22:78:46:c6:98:
7e:8a:c9:06:46:f9:25:8f:93:79:b2:8e:ef:a8:b1:
0b:70:ca:7f:75:3b:81:31:e6:73:0e:35:f5:8c:8f:
b9:df:ff:29:74:9e:3d:80:da:5e:38:8c:9a:66:45:
c7:04:38:52:01:fa:a1:da:2f:e7:d3:f6:86:e8:1d:
8e:21:f3:70:6f:30:40:77:c9:25:98:ff:fc:d4:f7:
82:fa:73:8e:25:c1:9a:d1:2f:31:83:af:38:07:ad:
9a:9c:af:6c:99:a1:d5:15:6d:45:71:f1:da:4a:b6:
a6:7e:6e:f0:37:86:6c:c5:01:5c:c9:ae:93:15:11:
27:73:45:0c:d9:2a:78:d9:8b:6f:79:d6:03:23:09:
a4:8f:aa:f5:c9:2e:70:55:0a:0f:63:eb:0e:55:f6:
b8:dd:b7:d4:8e:de:9f:17:18:27:4d:02:05:6b:f1:
22:3f:e1:f8:a6:30:1e:00:53:f9:63:5a:7b:de:31:
47:ef:3d:ef:53:61:f6:8f:b9:48:e4:b5:07:71:5b:
83:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:1B:B8:9A:86:D1:07:14:D4:31:6C:E4:FA:5C:A2:10:E2:F0:08:B5
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/KRu4mobRBxTUMWzk-lyiEOLwCLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
91.200.223.0/24
91.226.57.0/24
91.226.59.0/24
109.122.44.0/24
193.93.52.0/24
Signature Algorithm: sha256WithRSAEncryption
94:45:00:e2:69:d4:a9:74:44:7b:ca:74:16:2a:e5:d9:a9:fe:
dc:10:8d:57:ff:41:c0:e5:2a:ca:29:c8:b4:e9:8c:6c:67:95:
75:d9:81:14:51:8c:9d:d9:a5:b6:3c:58:1d:77:cd:af:2a:b1:
91:68:08:fa:f7:6e:2b:44:84:47:90:30:11:36:97:f4:40:ce:
01:1b:8b:b0:15:6a:92:37:50:64:70:d2:ce:df:8f:7b:4d:db:
e2:db:d6:d8:47:0f:9e:96:d0:58:08:d4:9f:86:39:00:ef:cc:
1a:14:7d:d5:8b:1d:99:7c:ec:c4:83:0d:d8:42:dd:a3:05:9f:
dd:6b:e1:ef:c4:c4:4b:d9:1b:7c:d8:93:ee:2a:d4:9c:77:2e:
9a:fd:05:c8:ae:35:05:b3:84:51:e3:d1:dc:28:12:8d:f7:0f:
8d:8f:f6:0b:be:2f:b3:b3:b6:6b:b9:a5:eb:25:56:52:48:3e:
22:93:5d:e1:bc:99:c1:c5:83:41:b3:02:83:3c:cc:a7:43:4b:
30:31:71:0e:9d:20:6e:34:91:ca:a4:5e:ba:ee:b6:cf:ce:80:
5d:13:69:9d:7b:d4:77:f4:ac:ca:10:d9:b3:36:17:17:1a:8d:
50:94:a8:67:f0:6f:42:db:df:4a:fe:c7:8a:a5:a8:6e:a9:01:
bb:66:fa:ec
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYejVav3OWCwpUiz/wfThn7nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNDIxMTAyMTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTFiYjg5YTg2ZDEwNzE0ZDQzMTZjZTRmYTVjYTIxMGUyZjAwOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgculePF1S8oEfdN6MVitksZ7s8Mw
IvHZ47HOxQr5NNKI1VKKPfRGzV9XIF5ks2EqZFphXRXmInhGxph+iskGRvklj5N5
so7vqLELcMp/dTuBMeZzDjX1jI+53/8pdJ49gNpeOIyaZkXHBDhSAfqh2i/n0/aG
6B2OIfNwbzBAd8klmP/81PeC+nOOJcGa0S8xg684B62anK9smaHVFW1FcfHaSram
fm7wN4ZsxQFcya6TFREnc0UM2Sp42YtvedYDIwmkj6r1yS5wVQoPY+sOVfa43bfU
jt6fFxgnTQIFa/EiP+H4pjAeAFP5Y1p73jFH7z3vU2H2j7lI5LUHcVuDNQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCkbuJqG0QcU1DFs5PpcohDi8Ai1MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvS1J1NG1vYlJCeFRVTVd6ay1seWlFT0x3Q0xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW8jdAwQA
W8jfAwQAW+I5AwQAW+I7AwQAbXosAwQAwV00MA0GCSqGSIb3DQEBCwUAA4IBAQCU
RQDiadSpdER7ynQWKuXZqf7cEI1X/0HA5SrKKci06YxsZ5V12YEUUYyd2aW2PFgd
d82vKrGRaAj6924rRIRHkDARNpf0QM4BG4uwFWqSN1BkcNLO3497Tdvi29bYRw+e
ltBYCNSfhjkA78waFH3Vix2ZfOzEgw3YQt2jBZ/da+HvxMRL2Rt82JPuKtScdy6a
/QXIrjUFs4RR49HcKBKN9w+Nj/YLvi+zs7ZruaXrJVZSSD4ik13hvJnBxYNBswKD
PMynQ0swMXEOnSBuNJHKpF667rbPzoBdE2mde9R39KzKENmzNhcXGo1QlKhn8G9C
299K/seKpahuqQG7Zvrs
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org