Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/_lT0HXqlZEILOQ3Kcuowk7D9Z3E.roa
File: _lT0HXqlZEILOQ3Kcuowk7D9Z3E.roa (raw, json)
Hash identifier: uShySobsrmB+WWIVCFjqLUTMaSPk9yjBhgO5H+ZU0LQ=
Subject key identifier: FE:54:F4:1D:7A:A5:64:42:0B:39:0D:CA:72:EA:30:93:B0:FD:67:71
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0191B8206E1AE85C6E532F10E098A3630B89
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/_lT0HXqlZEILOQ3Kcuowk7D9Z3E.roa
Signing time: Tue 03 Sep 2024 13:43:38 +0000
ROA not before: Tue 03 Sep 2024 13:43:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63018
IP address blocks: 91.235.166.0/24 maxlen: 24
91.235.167.0/24 maxlen: 24
91.237.194.0/24 maxlen: 24
91.237.195.0/24 maxlen: 24
93.120.72.0/24 maxlen: 24
93.120.73.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Oct 2024 12:57:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b8:20:6e:1a:e8:5c:6e:53:2f:10:e0:98:a3:63:0b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Sep 3 13:43:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe54f41d7aa564420b390dca72ea3093b0fd6771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f2:4b:2e:50:a4:b0:63:7c:e5:9d:96:25:af:
93:9d:9c:b1:65:64:0a:92:6d:01:3c:6c:55:0e:a4:
bf:4d:50:ee:b0:de:22:00:8f:a1:55:7c:1b:0f:67:
66:fb:95:07:d9:be:01:1d:b2:16:1c:23:5a:1d:19:
d7:d7:df:8f:db:ac:cd:6d:59:b4:0d:48:40:0f:0f:
60:c4:f7:c6:a0:35:18:ba:e6:15:44:99:a7:7f:e4:
c0:3b:28:7d:aa:bf:a1:15:10:27:0d:d7:2a:71:f9:
07:88:8c:01:bd:29:9e:ec:7f:f8:5b:b9:4d:71:4b:
4d:29:ea:f7:5a:00:b5:89:6b:11:dc:39:61:2c:35:
37:86:2c:da:04:2c:4c:cb:30:8c:b5:31:9f:33:08:
88:98:f9:e2:7c:49:74:62:9e:5c:97:e9:ad:0c:b3:
22:f8:a1:6e:7c:d2:65:85:b1:b5:f1:91:7b:58:96:
22:f9:83:77:38:b0:67:ff:af:4e:ca:af:c5:f0:ea:
29:a4:07:69:d4:12:a7:8b:a4:e3:42:4c:87:27:68:
bf:e9:5a:b6:e7:a5:a8:b4:bd:e3:cb:a6:eb:45:bb:
64:91:b5:06:c4:d0:58:93:2d:14:ff:52:bd:e1:cc:
33:ec:f3:d9:06:f8:0d:cd:94:fd:58:a0:43:99:c3:
9c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:54:F4:1D:7A:A5:64:42:0B:39:0D:CA:72:EA:30:93:B0:FD:67:71
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/_lT0HXqlZEILOQ3Kcuowk7D9Z3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.166.0/23
91.237.194.0/23
93.120.72.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:17:61:04:ab:5c:42:a0:a5:29:9e:53:a1:99:a8:19:c3:c6:
58:5a:5c:9a:03:27:31:8c:ff:f0:d6:62:01:3a:a6:69:35:79:
a6:5b:75:a8:17:a0:97:08:2f:58:be:90:b8:f6:78:29:43:9e:
4b:52:a9:f2:24:19:ad:77:02:e6:f3:63:3d:24:6f:42:85:dd:
c6:a9:1f:db:1b:44:7d:b8:a4:71:95:82:ed:3a:98:35:25:1d:
a1:f0:84:4e:be:b9:77:d8:77:94:b4:5c:15:08:d5:34:d5:55:
5e:91:d8:40:77:1e:8a:68:e4:87:a8:72:6d:be:04:6e:15:e4:
a3:00:12:cf:7e:31:0c:b4:9e:f1:ab:e3:4e:02:3f:12:3d:4c:
df:21:68:ec:cd:5c:cc:6d:46:b1:ea:6c:d7:ce:87:ae:e2:eb:
85:43:af:eb:e9:a2:ba:b0:02:1e:d3:ef:fa:e1:6e:ba:3c:85:
77:c3:02:7f:0e:b5:ab:06:39:e8:a0:0e:a1:af:e5:1d:ab:ce:
48:34:3d:93:56:92:41:0b:75:ed:21:88:50:07:53:c1:ab:f8:
bb:b3:1e:2d:44:f6:4b:ef:92:ba:74:21:c9:21:5d:cf:d4:64:
b2:a0:ce:52:c9:32:4c:3d:f1:8b:53:3e:e5:cd:6c:67:f9:ee:
d1:af:91:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZG4IG4a6FxuUy8Q4JijYwuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwOTAzMTM0MzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTU0ZjQxZDdhYTU2NDQyMGIzOTBkY2E3MmVhMzA5M2IwZmQ2NzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/JLLlCksGN85Z2WJa+TnZyxZWQK
km0BPGxVDqS/TVDusN4iAI+hVXwbD2dm+5UH2b4BHbIWHCNaHRnX19+P26zNbVm0
DUhADw9gxPfGoDUYuuYVRJmnf+TAOyh9qr+hFRAnDdcqcfkHiIwBvSme7H/4W7lN
cUtNKer3WgC1iWsR3DlhLDU3hizaBCxMyzCMtTGfMwiImPnifEl0Yp5cl+mtDLMi
+KFufNJlhbG18ZF7WJYi+YN3OLBn/69Oyq/F8OoppAdp1BKni6TjQkyHJ2i/6Vq2
56WotL3jy6brRbtkkbUGxNBYky0U/1K94cwz7PPZBvgNzZT9WKBDmcOcDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP5U9B16pWRCCzkNynLqMJOw/WdxMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvX2xUMEhYcWxaRUlMT1EzS2N1b3drN0Q5WjNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+umAwQB
W+3CAwQBXXhIMA0GCSqGSIb3DQEBCwUAA4IBAQAuF2EEq1xCoKUpnlOhmagZw8ZY
WlyaAycxjP/w1mIBOqZpNXmmW3WoF6CXCC9YvpC49ngpQ55LUqnyJBmtdwLm82M9
JG9Chd3GqR/bG0R9uKRxlYLtOpg1JR2h8IROvrl32HeUtFwVCNU01VVekdhAdx6K
aOSHqHJtvgRuFeSjABLPfjEMtJ7xq+NOAj8SPUzfIWjszVzMbUax6mzXzoeu4uuF
Q6/r6aK6sAIe0+/64W66PIV3wwJ/DrWrBjnooA6hr+Udq85IND2TVpJBC3XtIYhQ
B1PBq/i7sx4tRPZL75K6dCHJIV3P1GSyoM5SyTJMPfGLUz7lzWxn+e7Rr5EO
-----END CERTIFICATE-----
Generated at Thu Oct 31 16:45:34 2024 by rpki-client on console-ams.rpki-client.org