Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/Xm3ah_g685AIjf4dvaKrPYVzaLs.roa
File: Xm3ah_g685AIjf4dvaKrPYVzaLs.roa (raw, json)
Hash identifier: ikRqAYkncRd8wVVr2E/7DBH+sUt8qxJ43pgG5oxxmsM=
Subject key identifier: 5E:6D:DA:87:F8:3A:F3:90:08:8D:FE:1D:BD:A2:AB:3D:85:73:68:BB
Certificate issuer: /CN=de9461c211bf3551c5507c930b4204c6ec43b322
Certificate serial: 018FD33F3D70DEA3B4F6F600BC5DB516E15F
Authority key identifier: DE:94:61:C2:11:BF:35:51:C5:50:7C:93:0B:42:04:C6:EC:43:B3:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pRhwhG_NVHFUHyTC0IExuxDsyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/Xm3ah_g685AIjf4dvaKrPYVzaLs.roa
Signing time: Sat 01 Jun 2024 10:01:28 +0000
ROA not before: Sat 01 Jun 2024 10:01:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211392
IP address blocks: 91.192.106.0/23 maxlen: 23
91.192.106.0/24 maxlen: 24
91.192.107.0/24 maxlen: 24
91.193.58.0/23 maxlen: 23
91.193.59.0/24 maxlen: 24
193.106.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Aug 2024 09:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d3:3f:3d:70:de:a3:b4:f6:f6:00:bc:5d:b5:16:e1:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de9461c211bf3551c5507c930b4204c6ec43b322
Validity
Not Before: Jun 1 10:01:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e6dda87f83af390088dfe1dbda2ab3d857368bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d7:ef:8e:00:8c:3f:75:07:85:a0:bf:f7:75:
e8:40:a1:99:1a:8a:f1:27:e1:3a:70:2f:6d:47:d7:
64:68:28:f6:5f:6e:4b:1e:53:80:2a:b2:c4:b8:84:
47:35:a9:f9:ec:69:6a:bc:75:25:12:02:d8:b1:fa:
39:08:91:dc:0d:1a:2f:8d:0d:ec:a7:d0:b9:41:c4:
5e:f6:91:a3:09:8d:53:5d:ea:ea:05:ef:73:2a:94:
82:0e:97:2e:33:5c:f9:45:36:97:4a:10:6e:cd:a2:
ed:29:b1:8f:8b:7e:bb:4e:32:8c:4b:fa:a4:31:34:
09:15:9a:86:2b:d3:ca:fd:40:4f:10:c1:1b:99:b0:
7f:4b:aa:c5:37:9a:55:5b:34:48:6d:5e:ff:08:d0:
28:a3:33:17:94:82:dd:09:12:87:c0:f3:bb:b9:a6:
af:ec:81:74:b1:3d:34:1a:7a:76:f9:06:86:4f:51:
7a:94:65:19:44:ea:d9:2f:a8:ec:d9:c4:cb:39:06:
ca:87:80:a6:ca:b0:96:b5:9f:7b:1a:97:75:60:ca:
92:71:24:80:2a:d3:e8:30:a6:26:c9:d8:ba:a2:3e:
1b:60:79:98:97:fd:c9:ef:25:bb:53:cb:bf:95:ec:
5a:44:0d:d5:20:5a:24:3a:6e:9f:4d:c4:22:89:67:
52:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:6D:DA:87:F8:3A:F3:90:08:8D:FE:1D:BD:A2:AB:3D:85:73:68:BB
X509v3 Authority Key Identifier:
keyid:DE:94:61:C2:11:BF:35:51:C5:50:7C:93:0B:42:04:C6:EC:43:B3:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pRhwhG_NVHFUHyTC0IExuxDsyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/Xm3ah_g685AIjf4dvaKrPYVzaLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9183d4-0779-49c4-96f7-8202a467d753/1/3pRhwhG_NVHFUHyTC0IExuxDsyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.106.0/23
91.193.58.0/23
193.106.189.0/24
Signature Algorithm: sha256WithRSAEncryption
48:57:92:1f:02:66:99:88:4d:df:f8:a7:1b:1c:58:42:4d:37:
83:0e:91:32:5d:37:4d:b6:35:c9:b9:6b:51:70:4d:a8:de:d7:
f0:d2:a3:38:3e:51:6b:69:4a:35:ed:c5:42:5e:fd:15:4f:c4:
05:57:77:f2:8d:8e:f2:f0:c8:fd:98:77:34:9c:6f:63:ed:40:
40:77:7b:cc:76:ea:a6:89:b6:da:16:58:98:e9:cf:dd:8f:36:
dd:8a:ec:d8:27:09:26:5e:e5:9c:9e:a4:00:3a:7c:de:a7:b1:
a0:fb:03:46:5c:61:75:aa:1d:68:3e:dd:fd:b8:55:51:4d:bf:
60:c1:db:c3:17:58:f6:6c:6b:44:0e:ec:32:cb:c3:14:4f:34:
17:da:82:fb:84:fc:b6:84:98:7d:f0:b1:ec:21:4e:b9:46:32:
7f:3a:66:58:d7:f6:b9:b9:5e:bc:13:93:ed:c0:86:9d:cc:4e:
29:a6:a9:f2:54:8c:7c:25:42:e7:6d:1b:02:5a:96:9a:cd:46:
4b:dc:f4:5f:5f:69:2a:c7:a3:77:a5:e6:7f:c8:1a:de:66:d0:
1b:87:f0:51:28:90:67:2d:57:2b:c0:fa:09:80:24:98:a3:17:
ae:61:4a:e1:0d:f9:9c:fc:4e:dd:6f:cb:7e:c5:ff:a6:6b:a8:
b3:1b:92:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/TPz1w3qO09vYAvF21FuFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTQ2MWMyMTFiZjM1NTFjNTUwN2M5MzBiNDIwNGM2ZWM0
M2IzMjIwHhcNMjQwNjAxMTAwMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTZkZGE4N2Y4M2FmMzkwMDg4ZGZlMWRiZGEyYWIzZDg1NzM2OGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdfvjgCMP3UHhaC/93XoQKGZGorx
J+E6cC9tR9dkaCj2X25LHlOAKrLEuIRHNan57GlqvHUlEgLYsfo5CJHcDRovjQ3s
p9C5QcRe9pGjCY1TXerqBe9zKpSCDpcuM1z5RTaXShBuzaLtKbGPi367TjKMS/qk
MTQJFZqGK9PK/UBPEMEbmbB/S6rFN5pVWzRIbV7/CNAoozMXlILdCRKHwPO7uaav
7IF0sT00Gnp2+QaGT1F6lGUZROrZL6js2cTLOQbKh4CmyrCWtZ97Gpd1YMqScSSA
KtPoMKYmydi6oj4bYHmYl/3J7yW7U8u/lexaRA3VIFokOm6fTcQiiWdSvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF5t2of4OvOQCI3+Hb2iqz2Fc2i7MB8GA1UdIwQY
MBaAFN6UYcIRvzVRxVB8kwtCBMbsQ7MiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BSaHdoR19OVkhGVUh5VEMwSUV4dXhEc3lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85MTgzZDQtMDc3OS00OWM0LTk2Zjct
ODIwMmE0NjdkNzUzLzEvWG0zYWhfZzY4NUFJamY0ZHZhS3JQWVZ6YUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85MTgzZDQtMDc3OS00OWM0LTk2ZjctODIwMmE0NjdkNzUz
LzEvM3BSaHdoR19OVkhGVUh5VEMwSUV4dXhEc3lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW8BqAwQB
W8E6AwQAwWq9MA0GCSqGSIb3DQEBCwUAA4IBAQBIV5IfAmaZiE3f+KcbHFhCTTeD
DpEyXTdNtjXJuWtRcE2o3tfw0qM4PlFraUo17cVCXv0VT8QFV3fyjY7y8Mj9mHc0
nG9j7UBAd3vMduqmibbaFliY6c/djzbdiuzYJwkmXuWcnqQAOnzep7Gg+wNGXGF1
qh1oPt39uFVRTb9gwdvDF1j2bGtEDuwyy8MUTzQX2oL7hPy2hJh98LHsIU65RjJ/
OmZY1/a5uV68E5PtwIadzE4ppqnyVIx8JULnbRsCWpaazUZL3PRfX2kqx6N3peZ/
yBreZtAbh/BRKJBnLVcrwPoJgCSYoxeuYUrhDfmc/E7db8t+xf+ma6izG5LV
-----END CERTIFICATE-----
Generated at Tue Aug 6 12:01:27 2024 by rpki-client on console-fra.rpki-client.org