Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1VkPWt1u9Bn53KzjmvNgXYk_TQc.roa
File: 1VkPWt1u9Bn53KzjmvNgXYk_TQc.roa (raw, json)
Hash identifier: ZMAK5RPVIbS8tI7XWJ9oZ4p4Gc5GUzeuc/P3NIA37pI=
Subject key identifier: D5:59:0F:5A:DD:6E:F4:19:F9:DC:AC:E3:9A:F3:60:5D:89:3F:4D:07
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01856BDCB40177695B0B256FB95F9C49D26E
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1VkPWt1u9Bn53KzjmvNgXYk_TQc.roa
Signing time: Sun 01 Jan 2023 05:45:04 +0000
ROA not before: Sun 01 Jan 2023 05:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209767
IP address blocks: 91.245.92.0/22 maxlen: 24
109.207.133.0/24 maxlen: 24
109.207.143.0/24 maxlen: 24
109.207.142.0/24 maxlen: 24
176.113.176.0/22 maxlen: 24
176.124.172.0/22 maxlen: 22
91.229.30.0/24 maxlen: 24
91.246.204.0/22 maxlen: 22
91.246.216.0/24 maxlen: 24
178.213.176.0/22 maxlen: 24
176.116.229.0/24 maxlen: 24
91.239.224.0/24 maxlen: 24
176.116.237.0/24 maxlen: 24
91.224.213.0/24 maxlen: 24
46.174.204.0/22 maxlen: 22
91.239.179.0/24 maxlen: 24
91.226.52.0/23 maxlen: 23
91.226.54.0/23 maxlen: 23
31.132.192.0/22 maxlen: 22
31.132.196.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:b4:01:77:69:5b:0b:25:6f:b9:5f:9c:49:d2:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5590f5add6ef419f9dcace39af3605d893f4d07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:91:e2:6a:6c:48:34:df:d1:5a:2d:23:4d:18:
ef:52:94:78:58:40:5c:95:c8:b4:b2:04:4c:a1:e3:
a6:d9:e3:56:10:4a:40:e3:c8:87:75:c4:3c:86:1e:
eb:bf:da:17:0a:a6:9f:68:4f:fc:f2:5d:09:d6:69:
53:b6:7f:0d:df:ec:2e:ef:90:62:a7:34:26:35:ba:
05:ed:22:3c:fb:4a:93:e5:3c:bc:ce:43:fa:f0:da:
a7:23:49:16:e6:35:fc:4f:45:0a:82:77:9e:63:78:
2a:c2:e2:2a:94:84:63:9f:62:b5:dc:8e:2f:8d:54:
b4:22:9a:d3:6b:ae:0e:5a:17:48:52:93:6c:01:57:
bb:a9:d8:32:0e:f7:d9:59:70:70:a4:77:20:d7:84:
88:13:01:f6:ab:d5:6a:61:f5:e5:07:41:d2:f7:c5:
2a:4d:5a:6b:c8:34:0f:df:5b:de:3f:ac:c0:93:54:
57:05:28:fb:8b:43:b6:6e:f7:44:b6:a5:03:bd:a1:
99:3f:e2:01:b5:6a:96:f5:03:ac:55:61:2e:56:1c:
dc:68:40:38:4c:21:e0:36:8e:4f:92:62:1a:58:f2:
66:09:48:31:3f:84:12:3b:25:56:8f:5e:e2:01:9f:
99:74:94:55:0d:ce:64:a0:04:91:5f:ea:6c:31:f1:
44:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:59:0F:5A:DD:6E:F4:19:F9:DC:AC:E3:9A:F3:60:5D:89:3F:4D:07
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1VkPWt1u9Bn53KzjmvNgXYk_TQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.192.0/21
46.174.204.0/22
91.224.213.0/24
91.226.52.0/22
91.229.30.0/24
91.239.179.0/24
91.239.224.0/24
91.245.92.0/22
91.246.204.0/22
91.246.216.0/24
109.207.133.0/24
109.207.142.0/23
176.113.176.0/22
176.116.229.0/24
176.116.237.0/24
176.124.172.0/22
178.213.176.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:31:eb:9f:5f:62:e6:6e:ef:d0:ef:fb:12:d1:da:45:d8:a1:
9e:a6:54:d7:b8:95:d7:d5:26:ed:c6:aa:24:45:63:09:59:bc:
8d:16:fb:3c:d5:ac:90:e2:ee:41:3d:f3:36:57:e2:4a:22:86:
60:c1:f6:2b:1c:82:2d:af:71:68:9b:c3:89:76:37:f6:92:30:
bd:a3:60:cd:0b:98:0b:2a:57:b1:01:83:f1:ed:b5:25:63:00:
1a:7d:25:3a:e6:8d:64:a5:08:80:5d:28:a0:f1:62:26:74:48:
d7:37:26:da:29:f9:eb:95:f7:73:fa:da:f6:f6:89:67:79:99:
7f:52:88:d9:58:87:67:d0:4b:53:b2:5e:36:c0:14:ef:e3:52:
37:90:68:28:f8:93:a4:4d:68:b5:52:92:0b:c1:7c:62:78:c7:
7d:f9:91:07:b2:31:84:43:88:78:ec:47:d7:45:bf:bb:81:8e:
2b:d7:90:6f:8d:5f:d3:ca:d8:66:2b:23:37:4c:71:8f:ba:e5:
4a:d3:2d:fd:d6:38:b2:6b:c2:01:e7:83:90:09:d2:f7:ff:cf:
d8:17:89:05:21:6c:78:f8:b7:da:08:55:90:60:e8:09:55:96:
fa:ee:a6:9e:f7:12:f1:2c:9d:c5:44:fa:8f:63:69:57:65:ef:
eb:5e:4e:9a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYVr3LQBd2lbCyVvuV+cSdJuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTAxMDU0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTU5MGY1YWRkNmVmNDE5ZjlkY2FjZTM5YWYzNjA1ZDg5M2Y0ZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpHiamxINN/RWi0jTRjvUpR4WEBc
lci0sgRMoeOm2eNWEEpA48iHdcQ8hh7rv9oXCqafaE/88l0J1mlTtn8N3+wu75Bi
pzQmNboF7SI8+0qT5Ty8zkP68NqnI0kW5jX8T0UKgneeY3gqwuIqlIRjn2K13I4v
jVS0IprTa64OWhdIUpNsAVe7qdgyDvfZWXBwpHcg14SIEwH2q9VqYfXlB0HS98Uq
TVpryDQP31veP6zAk1RXBSj7i0O2bvdEtqUDvaGZP+IBtWqW9QOsVWEuVhzcaEA4
TCHgNo5PkmIaWPJmCUgxP4QSOyVWj17iAZ+ZdJRVDc5koASRX+psMfFEswIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFNVZD1rdbvQZ+dys45rzYF2JP00HMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvMVZrUFd0MXU5Qm41M0t6am12TmdYWWtfVFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQDH4TAAwQC
Lq7MAwQAW+DVAwQCW+I0AwQAW+UeAwQAW++zAwQAW+/gAwQCW/VcAwQCW/bMAwQA
W/bYAwQAbc+FAwQBbc+OAwQCsHGwAwQAsHTlAwQAsHTtAwQCsHysAwQCstWwMA0G
CSqGSIb3DQEBCwUAA4IBAQAKMeufX2Lmbu/Q7/sS0dpF2KGeplTXuJXX1Sbtxqok
RWMJWbyNFvs81ayQ4u5BPfM2V+JKIoZgwfYrHIItr3Fom8OJdjf2kjC9o2DNC5gL
KlexAYPx7bUlYwAafSU65o1kpQiAXSig8WImdEjXNybaKfnrlfdz+tr29olneZl/
UojZWIdn0EtTsl42wBTv41I3kGgo+JOkTWi1UpILwXxieMd9+ZEHsjGEQ4h47EfX
Rb+7gY4r15BvjV/TythmKyM3THGPuuVK0y391jiya8IB54OQCdL3/8/YF4kFIWx4
+LfaCFWQYOgJVZb67qae9xLxLJ3FRPqPY2lXZe/rXk6a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:56 2024 by rpki-client on console-fra.rpki-client.org