Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/iwWHS4fBMRLujds2vkctmEao5fA.roa
File: iwWHS4fBMRLujds2vkctmEao5fA.roa (raw, json)
Hash identifier: 9PfyXcE+xh58d22cvGvnt7p+sDo29Ahr98ERLZ62/YY=
Subject key identifier: 8B:05:87:4B:87:C1:31:12:EE:8D:DB:36:BE:47:2D:98:46:A8:E5:F0
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018C8C9AB5874B929F22DF73EAA557BEC7BB
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/iwWHS4fBMRLujds2vkctmEao5fA.roa
Signing time: Thu 21 Dec 2023 13:39:58 +0000
ROA not before: Thu 21 Dec 2023 13:39:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136038
IP address blocks: 91.204.224.0/24 maxlen: 24
2.59.155.0/24 maxlen: 24
91.204.226.0/24 maxlen: 24
91.204.225.0/24 maxlen: 24
91.204.227.0/24 maxlen: 24
194.126.202.0/24 maxlen: 24
45.91.226.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:9a:b5:87:4b:92:9f:22:df:73:ea:a5:57:be:c7:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Dec 21 13:39:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b05874b87c13112ee8ddb36be472d9846a8e5f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:49:57:05:3a:ef:b7:db:ac:00:3b:0d:43:75:
03:18:3d:b3:2e:ea:5b:77:1c:35:ad:01:6d:63:2a:
f5:14:8c:89:1c:3d:b0:d7:7a:b0:9f:30:57:50:63:
3f:60:ea:fe:be:16:d8:6f:bf:c1:72:06:97:b3:6b:
ea:d9:06:61:74:12:f2:c1:b5:fa:55:cf:60:34:bc:
82:a7:52:71:3d:49:e3:a6:b7:c5:13:0d:58:a4:e4:
ae:a5:4b:07:36:e0:e7:54:1d:66:b5:f3:8b:5a:bf:
b4:52:0d:ea:41:92:e6:41:d7:13:9e:99:5a:ac:85:
92:65:31:e8:29:18:71:f5:17:b1:13:bc:37:ac:fc:
cd:37:f3:ee:8f:ce:c9:f9:6f:8d:15:15:dc:9f:a9:
fe:dd:80:27:4f:2e:99:3c:64:77:9d:ea:b8:e0:68:
b9:3c:a4:5a:4a:1b:36:2a:ef:45:2a:71:3f:de:cf:
13:12:dc:64:26:7d:d3:59:9f:30:a4:4d:d9:f6:32:
20:d3:38:44:f5:56:c7:d6:0c:aa:fc:18:c6:08:a1:
41:52:67:d5:71:9a:39:85:c7:2e:ce:32:bc:12:0a:
ac:e1:a3:4d:2f:5f:ea:e2:78:a7:12:38:0c:7b:88:
95:f5:f7:7f:b6:3d:48:05:19:d6:60:6f:76:b1:a1:
7a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:05:87:4B:87:C1:31:12:EE:8D:DB:36:BE:47:2D:98:46:A8:E5:F0
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/iwWHS4fBMRLujds2vkctmEao5fA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.155.0/24
45.91.226.0/24
91.204.224.0/22
194.126.202.0/24
Signature Algorithm: sha256WithRSAEncryption
79:ad:66:5a:aa:d8:3e:dc:89:64:b4:3b:84:e7:d0:5f:e7:13:
88:32:85:ce:31:85:ad:5e:4c:5d:47:b6:3f:31:d6:92:fb:d5:
21:c9:42:8c:34:0b:d5:e9:10:19:19:5f:3c:da:d1:a1:9f:9d:
57:b3:23:d6:41:10:99:56:2f:b1:62:9c:7c:41:b0:5a:15:97:
f0:3d:98:7c:29:16:a7:0f:3b:a0:6c:f9:b4:af:f2:52:5b:6e:
70:e0:35:a2:5d:22:e8:9d:61:ec:df:ef:97:51:72:33:80:4c:
45:3a:69:de:76:ce:a2:d4:78:5b:dc:29:56:a1:3d:d0:81:9f:
e1:ae:bd:b7:01:e7:64:ef:9c:a4:b9:f6:5f:d1:1e:bd:31:68:
6b:f9:06:9d:16:40:ad:ba:79:0b:cc:5a:7d:03:03:f5:65:1c:
66:c3:45:14:50:60:61:a5:c7:af:3c:83:09:4c:3f:03:80:0c:
a0:33:16:eb:82:1b:87:b1:97:fe:3f:a7:4e:45:45:38:99:1b:
ad:b6:b1:ae:e4:a6:7d:12:65:45:fd:bc:bf:b6:11:29:13:b9:
ea:57:3a:a1:6a:23:9b:f4:74:f2:1a:50:e9:22:38:1e:69:ca:
ca:f6:30:5e:99:04:79:9b:0c:72:5d:7f:38:8d:d1:a0:f6:51:
cd:74:b6:99
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYyMmrWHS5KfIt9z6qVXvse7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjMxMjIxMTMzOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjA1ODc0Yjg3YzEzMTEyZWU4ZGRiMzZiZTQ3MmQ5ODQ2YThlNWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUlXBTrvt9usADsNQ3UDGD2zLupb
dxw1rQFtYyr1FIyJHD2w13qwnzBXUGM/YOr+vhbYb7/BcgaXs2vq2QZhdBLywbX6
Vc9gNLyCp1JxPUnjprfFEw1YpOSupUsHNuDnVB1mtfOLWr+0Ug3qQZLmQdcTnpla
rIWSZTHoKRhx9RexE7w3rPzNN/Puj87J+W+NFRXcn6n+3YAnTy6ZPGR3neq44Gi5
PKRaShs2Ku9FKnE/3s8TEtxkJn3TWZ8wpE3Z9jIg0zhE9VbH1gyq/BjGCKFBUmfV
cZo5hccuzjK8Egqs4aNNL1/q4ninEjgMe4iV9fd/tj1IBRnWYG92saF6tQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIsFh0uHwTES7o3bNr5HLZhGqOXwMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvaXdXSFM0ZkJNUkx1amRzMnZrY3RtRWFvNWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjubAwQA
LVviAwQCW8zgAwQAwn7KMA0GCSqGSIb3DQEBCwUAA4IBAQB5rWZaqtg+3IlktDuE
59Bf5xOIMoXOMYWtXkxdR7Y/MdaS+9UhyUKMNAvV6RAZGV882tGhn51XsyPWQRCZ
Vi+xYpx8QbBaFZfwPZh8KRanDzugbPm0r/JSW25w4DWiXSLonWHs3++XUXIzgExF
Omneds6i1Hhb3ClWoT3QgZ/hrr23Aedk75ykufZf0R69MWhr+QadFkCtunkLzFp9
AwP1ZRxmw0UUUGBhpcevPIMJTD8DgAygMxbrghuHsZf+P6dORUU4mRuttrGu5KZ9
EmVF/by/thEpE7nqVzqhaiOb9HTyGlDpIjgeacrK9jBemQR5mwxyXX84jdGg9lHN
dLaZ
-----END CERTIFICATE-----
Generated at Tue Dec 26 18:26:21 2023 by rpki-client on console-ams.rpki-client.org