Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/oRzuVctNPacqLCOWuATSTMfM3eI.roa
File: oRzuVctNPacqLCOWuATSTMfM3eI.roa (raw, json)
Hash identifier: nFqw2GnwDGg0VyvjlRaO8aFdMadW7ovpLiarR/RzpKA=
Subject key identifier: A1:1C:EE:55:CB:4D:3D:A7:2A:2C:23:96:B8:04:D2:4C:C7:CC:DD:E2
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 0191AE4A7C0CD81EC02E61B1C3E3D4446352
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/oRzuVctNPacqLCOWuATSTMfM3eI.roa
Signing time: Sun 01 Sep 2024 15:53:22 +0000
ROA not before: Sun 01 Sep 2024 15:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 93.190.8.0/24 maxlen: 24
93.190.10.0/24 maxlen: 24
93.190.11.0/24 maxlen: 24
185.254.52.0/24 maxlen: 24
193.17.4.0/24 maxlen: 24
193.17.5.0/24 maxlen: 24
193.17.6.0/24 maxlen: 24
193.17.7.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.77.0/24 maxlen: 24
193.111.78.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 19:50:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ae:4a:7c:0c:d8:1e:c0:2e:61:b1:c3:e3:d4:44:63:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Sep 1 15:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a11cee55cb4d3da72a2c2396b804d24cc7ccdde2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:19:a5:2e:fa:13:15:c5:95:d5:73:f4:f9:3f:
83:58:05:c4:01:07:a8:c1:48:c8:18:64:52:ad:37:
b6:b8:e4:26:ce:a0:58:13:a2:35:21:08:87:a8:4d:
11:ba:9b:b6:f9:4c:6a:35:aa:9f:cb:b6:bb:c1:0d:
d3:6d:c2:8b:d6:98:5e:d4:a7:4a:bf:0d:95:86:ec:
b9:23:87:b8:8e:c6:6b:46:11:3c:37:c7:a4:35:d5:
bf:c5:a9:47:32:74:65:5e:96:69:3e:c3:47:23:39:
a0:64:fd:1a:0a:f5:84:9c:92:d7:3c:c1:1b:fd:81:
2c:66:35:49:3f:d5:dd:b6:56:d4:79:d8:c4:cb:15:
2a:db:62:27:77:d8:97:91:ad:c2:e4:f0:52:65:c1:
dd:b7:10:44:0d:d1:b4:68:9f:de:ea:ba:07:7a:59:
e9:82:e6:c1:fb:72:18:82:b2:6b:32:ab:07:c7:10:
61:3a:ea:5c:9d:d9:fc:71:4e:48:80:bd:c2:ff:a3:
d7:29:76:01:64:28:bd:b1:c5:b1:bf:93:f5:0d:1e:
f4:6e:e5:b0:ff:a3:98:18:c0:2a:65:69:56:d9:8c:
55:3c:ac:9f:5f:57:65:f3:6d:1f:8e:70:fb:f1:d1:
53:2d:29:84:9e:51:f1:be:00:4c:dc:e4:44:05:60:
4d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1C:EE:55:CB:4D:3D:A7:2A:2C:23:96:B8:04:D2:4C:C7:CC:DD:E2
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/oRzuVctNPacqLCOWuATSTMfM3eI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.8.0/24
93.190.10.0/23
185.254.52.0/24
193.17.4.0/22
193.111.76.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:8d:66:b0:b3:c3:f3:05:d0:75:d3:2b:c6:14:a8:43:48:78:
55:ff:f7:12:86:de:bd:3a:72:ed:14:61:b9:01:11:61:af:44:
81:42:0b:38:a7:be:3f:71:5b:02:6b:e8:56:bd:f2:e7:c6:5b:
90:23:e7:63:bb:4d:96:95:03:2f:15:c1:69:ed:05:c1:92:d5:
b9:c0:bc:2a:ac:2d:98:5d:2b:8b:3c:12:5e:d2:34:e7:59:db:
a8:cf:77:ea:e2:d3:aa:fe:76:70:92:b8:ab:f1:b5:6a:1a:08:
b5:db:31:96:38:50:d1:0c:6e:d6:cf:48:b1:98:82:97:89:fc:
d6:59:47:fe:ef:b5:3e:3c:83:7e:99:1e:7d:71:79:4e:29:4c:
41:49:74:54:db:c3:37:75:02:50:31:9d:5e:0a:91:73:33:67:
c1:91:0b:24:b0:19:0e:f3:d4:f8:da:00:4d:33:9d:dd:fe:e0:
77:02:3c:96:d6:90:c6:c3:79:9b:38:f9:20:41:e6:29:1d:48:
ed:64:ed:0d:b8:de:a1:53:79:df:30:1d:9c:12:f9:18:6b:5e:
c1:45:bd:1a:62:f6:bb:3c:f0:ba:8d:06:28:bb:fb:2b:72:ab:
bd:60:46:82:bb:3c:34:ab:5b:ff:8a:30:e5:d0:b9:4e:41:89:
5f:f8:1c:3d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZGuSnwM2B7ALmGxw+PURGNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwOTAxMTU1MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTFjZWU1NWNiNGQzZGE3MmEyYzIzOTZiODA0ZDI0Y2M3Y2NkZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRmlLvoTFcWV1XP0+T+DWAXEAQeo
wUjIGGRSrTe2uOQmzqBYE6I1IQiHqE0Rupu2+UxqNaqfy7a7wQ3TbcKL1phe1KdK
vw2Vhuy5I4e4jsZrRhE8N8ekNdW/xalHMnRlXpZpPsNHIzmgZP0aCvWEnJLXPMEb
/YEsZjVJP9XdtlbUedjEyxUq22Ind9iXka3C5PBSZcHdtxBEDdG0aJ/e6roHelnp
gubB+3IYgrJrMqsHxxBhOupcndn8cU5IgL3C/6PXKXYBZCi9scWxv5P1DR70buWw
/6OYGMAqZWlW2YxVPKyfX1dl820fjnD78dFTLSmEnlHxvgBM3OREBWBN9QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKEc7lXLTT2nKiwjlrgE0kzHzN3iMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvb1J6dVZjdE5QYWNxTENPV3VBVFNUTWZNM2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAXb4IAwQB
Xb4KAwQAuf40AwQCwREEAwQCwW9MMA0GCSqGSIb3DQEBCwUAA4IBAQAdjWaws8Pz
BdB10yvGFKhDSHhV//cSht69OnLtFGG5ARFhr0SBQgs4p74/cVsCa+hWvfLnxluQ
I+dju02WlQMvFcFp7QXBktW5wLwqrC2YXSuLPBJe0jTnWduoz3fq4tOq/nZwkrir
8bVqGgi12zGWOFDRDG7Wz0ixmIKXifzWWUf+77U+PIN+mR59cXlOKUxBSXRU28M3
dQJQMZ1eCpFzM2fBkQsksBkO89T42gBNM53d/uB3AjyW1pDGw3mbOPkgQeYpHUjt
ZO0NuN6hU3nfMB2cEvkYa17BRb0aYva7PPC6jQYou/srcqu9YEaCuzw0q1v/ijDl
0LlOQYlf+Bw9
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:32 2024 by rpki-client on console-ams.rpki-client.org