Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/1-hp9ukJJTXZonVkNQYGlC5m-2G0.roa
File: 1-hp9ukJJTXZonVkNQYGlC5m-2G0.roa (raw, json)
Hash identifier: MEkDJsQjLy6/A4AA5ziuPsu+nunqzOvEdVJXEMG/36Q=
Subject key identifier: FA:1A:7D:BA:42:49:4D:76:68:9D:59:0D:41:81:A5:0B:99:BE:D8:6D
Certificate issuer: /CN=de9461c211bf3551c5507c930b4204c6ec43b322
Certificate serial: 019126EF55228E22BCFD2F788F2D94968962
Authority key identifier: DE:94:61:C2:11:BF:35:51:C5:50:7C:93:0B:42:04:C6:EC:43:B3:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pRhwhG_NVHFUHyTC0IExuxDsyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/1-hp9ukJJTXZonVkNQYGlC5m-2G0.roa
Signing time: Tue 06 Aug 2024 09:05:04 +0000
ROA not before: Tue 06 Aug 2024 09:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211392
IP address blocks: 91.192.106.0/24 maxlen: 24
91.193.58.0/23 maxlen: 23
91.193.59.0/24 maxlen: 24
193.106.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 07:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:26:ef:55:22:8e:22:bc:fd:2f:78:8f:2d:94:96:89:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de9461c211bf3551c5507c930b4204c6ec43b322
Validity
Not Before: Aug 6 09:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa1a7dba42494d76689d590d4181a50b99bed86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:99:54:af:49:dd:a8:ae:0e:b1:d5:87:29:12:
fa:ec:be:55:10:b0:e3:26:3d:ad:4a:a8:b7:c5:34:
93:c2:98:f0:ea:61:3b:74:77:b9:aa:2f:cc:c0:b1:
77:88:a3:79:81:75:80:01:77:26:1b:80:c6:9f:e0:
8e:c4:b4:b8:c2:04:d4:60:34:f8:dc:c6:9c:6e:d5:
e2:38:d9:b0:bd:30:07:52:25:bd:3a:51:42:54:44:
c9:49:1e:60:ad:43:a8:5d:f6:05:36:f0:dc:86:b7:
2f:16:f1:bc:4a:bf:44:18:4e:c7:c7:dd:66:54:7e:
c5:f8:38:da:10:05:0d:ca:21:83:d5:36:48:a6:d9:
db:b6:13:cd:b9:de:08:dc:68:bd:7b:6a:99:17:8f:
9e:63:ca:2e:2a:06:29:a8:7b:a5:df:e5:02:3a:b9:
7f:11:ef:84:ce:50:e9:b1:b7:01:86:3b:81:b4:fe:
ea:d2:fe:49:62:30:66:df:f9:94:64:82:12:b7:8a:
3d:3a:23:4a:39:84:50:38:99:0c:e7:b7:ff:56:f9:
4a:eb:ef:14:ac:11:c3:77:51:87:54:d7:19:6d:2b:
b1:d9:9d:9d:82:c3:8d:3b:2e:d1:a2:ea:bf:fd:71:
ad:8b:1e:79:1c:42:f4:03:4e:f5:3b:a7:44:71:5a:
b3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:1A:7D:BA:42:49:4D:76:68:9D:59:0D:41:81:A5:0B:99:BE:D8:6D
X509v3 Authority Key Identifier:
keyid:DE:94:61:C2:11:BF:35:51:C5:50:7C:93:0B:42:04:C6:EC:43:B3:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pRhwhG_NVHFUHyTC0IExuxDsyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/1-hp9ukJJTXZonVkNQYGlC5m-2G0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/3pRhwhG_NVHFUHyTC0IExuxDsyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.106.0/24
91.193.58.0/23
193.106.189.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:95:42:0b:14:94:73:a5:e7:c5:84:97:c5:0b:e9:7c:b5:21:
b7:5e:17:ff:a1:a8:71:4e:bc:18:88:60:83:1c:7d:5e:4e:35:
65:bc:a6:c1:c9:07:ba:a2:74:97:31:5a:6a:9b:25:0d:d6:c6:
ce:db:18:cb:8b:82:ef:3c:48:d8:bf:41:30:5d:be:6c:6f:bc:
f1:f3:27:74:b1:41:26:0f:a8:f0:4a:f4:83:eb:40:5e:fb:fe:
f7:7d:a2:3a:0d:48:0d:c2:8a:2a:97:1b:2d:7d:80:92:4f:27:
aa:bc:af:1c:ef:c9:ef:d5:75:87:46:dc:b1:15:f1:0f:5f:d7:
f9:5b:71:b6:40:ba:54:c8:df:ea:8c:b9:4e:55:90:31:d6:07:
80:ea:5e:36:cd:25:28:87:62:41:e6:93:a9:ff:9c:8b:fe:3d:
b5:4d:67:39:ad:03:22:6f:c9:c6:76:c0:eb:3b:b4:86:51:81:
28:0b:9a:69:bb:76:22:44:05:21:df:97:36:d8:c0:7d:54:c9:
d2:ab:55:f1:4e:2c:60:8b:dd:06:93:62:98:1d:99:6c:db:34:
40:ed:1d:8a:91:d8:6f:9f:d8:d0:78:4a:21:d7:17:72:6f:bc:
01:cd:69:93:23:99:f9:03:fb:48:73:72:ae:9d:e5:6f:c5:31:
c0:25:0d:3f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEm71UijiK8/S94jy2UloliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTQ2MWMyMTFiZjM1NTFjNTUwN2M5MzBiNDIwNGM2ZWM0
M2IzMjIwHhcNMjQwODA2MDkwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTFhN2RiYTQyNDk0ZDc2Njg5ZDU5MGQ0MTgxYTUwYjk5YmVkODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZlUr0ndqK4OsdWHKRL67L5VELDj
Jj2tSqi3xTSTwpjw6mE7dHe5qi/MwLF3iKN5gXWAAXcmG4DGn+COxLS4wgTUYDT4
3MacbtXiONmwvTAHUiW9OlFCVETJSR5grUOoXfYFNvDchrcvFvG8Sr9EGE7Hx91m
VH7F+DjaEAUNyiGD1TZIptnbthPNud4I3Gi9e2qZF4+eY8ouKgYpqHul3+UCOrl/
Ee+EzlDpsbcBhjuBtP7q0v5JYjBm3/mUZIISt4o9OiNKOYRQOJkM57f/VvlK6+8U
rBHDd1GHVNcZbSux2Z2dgsONOy7Rouq//XGtix55HEL0A071O6dEcVqzbQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPoafbpCSU12aJ1ZDUGBpQuZvthtMB8GA1UdIwQY
MBaAFN6UYcIRvzVRxVB8kwtCBMbsQ7MiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BSaHdoR19OVkhGVUh5VEMwSUV4dXhEc3lJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85MTgzZDQtMDc3OS00OWM0LTk2Zjct
ODIwMmE0NjdkNzUzLzEvMS1ocDl1a0pKVFhab25Wa05RWUdsQzVtLTJHMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmMvOTE4M2Q0LTA3NzktNDljNC05NmY3LTgyMDJhNDY3ZDc1
My8xLzNwUmh3aEdfTlZIRlVIeVRDMElFeHV4RHN5SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFvAagME
AVvBOgMEAMFqvTANBgkqhkiG9w0BAQsFAAOCAQEAw5VCCxSUc6XnxYSXxQvpfLUh
t14X/6GocU68GIhggxx9Xk41ZbymwckHuqJ0lzFaapslDdbGztsYy4uC7zxI2L9B
MF2+bG+88fMndLFBJg+o8Er0g+tAXvv+932iOg1IDcKKKpcbLX2Akk8nqryvHO/J
79V1h0bcsRXxD1/X+VtxtkC6VMjf6oy5TlWQMdYHgOpeNs0lKIdiQeaTqf+ci/49
tU1nOa0DIm/JxnbA6zu0hlGBKAuaabt2IkQFId+XNtjAfVTJ0qtV8U4sYIvdBpNi
mB2ZbNs0QO0dipHYb5/Y0HhKIdcXcm+8Ac1pkyOZ+QP7SHNyrp3lb8UxwCUNPw==
-----END CERTIFICATE-----
Generated at Mon Oct 28 08:56:17 2024 by rpki-client on console-fra.rpki-client.org