Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/cD-vuQKYBXkocCPJ19uy4gXdib8.roa
File: cD-vuQKYBXkocCPJ19uy4gXdib8.roa (raw, json)
Hash identifier: by/AhcBv11W5jvwclbPClPmznWl7APLyyHrUttKhIV4=
Subject key identifier: 70:3F:AF:B9:02:98:05:79:28:70:23:C9:D7:DB:B2:E2:05:DD:89:BF
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0188A0CC21752DF2560073F4997BBC7A47A8
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/cD-vuQKYBXkocCPJ19uy4gXdib8.roa
Signing time: Fri 09 Jun 2023 15:35:12 +0000
ROA not before: Fri 09 Jun 2023 15:35:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206150
IP address blocks: 91.193.28.0/23 maxlen: 23
91.245.91.0/24 maxlen: 24
176.103.121.0/24 maxlen: 24
64.43.72.0/24 maxlen: 24
91.234.120.0/24 maxlen: 24
91.234.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Jun 2023 14:45:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a0:cc:21:75:2d:f2:56:00:73:f4:99:7b:bc:7a:47:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jun 9 15:35:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=703fafb902980579287023c9d7dbb2e205dd89bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d3:d6:93:e6:fe:0b:51:be:ee:a7:de:db:f8:
36:43:a9:08:67:b6:aa:c3:95:e8:a4:b4:b4:91:8e:
c0:4b:0f:98:68:55:5f:20:95:71:0c:b4:56:f0:5c:
87:22:80:a5:b6:43:86:de:dc:16:05:2c:f1:fd:8f:
4f:d9:b2:b5:61:f2:14:11:13:96:38:e3:40:2d:ab:
4d:f3:ad:fb:78:55:dc:7f:36:56:9e:ec:58:df:80:
9d:4e:cb:92:ab:de:b8:f1:6c:ae:d8:3b:63:86:7a:
e9:0b:38:c7:58:f2:80:d5:90:cf:5e:2a:d3:22:c8:
4d:02:3f:b2:b2:c4:1d:57:cc:f6:1b:e2:c2:a9:3e:
fa:29:65:f9:79:ab:9a:b3:80:f0:8b:5d:4c:2f:12:
40:f6:e1:43:7a:c7:16:a2:bd:f8:c9:93:75:34:44:
cd:fc:c7:1b:0d:c7:a5:16:e0:47:7c:03:07:e9:44:
06:51:0a:be:3e:45:ea:af:48:c7:3a:1f:2b:65:5b:
ab:ee:4e:89:27:e2:a0:68:99:89:80:ca:f3:a7:f8:
6a:38:31:7d:2d:b3:5e:fd:f4:56:0f:00:45:c4:0b:
ed:37:bb:11:49:26:0e:5d:85:63:50:fd:da:6b:5a:
40:a0:cb:d2:16:0e:7d:dd:ba:a6:5a:c9:8e:ac:9d:
0e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:3F:AF:B9:02:98:05:79:28:70:23:C9:D7:DB:B2:E2:05:DD:89:BF
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/cD-vuQKYBXkocCPJ19uy4gXdib8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.72.0/24
91.193.28.0/23
91.234.120.0/23
91.245.91.0/24
176.103.121.0/24
Signature Algorithm: sha256WithRSAEncryption
21:60:48:81:e1:67:fb:55:cf:d1:80:7f:f8:38:c4:e7:e2:cb:
f4:e8:86:72:70:cd:ef:25:a2:09:2a:6c:a6:05:34:80:a8:53:
a2:82:47:ad:c4:7c:26:1d:c8:50:80:69:1d:41:c5:0f:8d:34:
2d:8d:b8:e7:7f:c6:83:d1:f4:36:0b:d6:48:1d:e9:ca:98:81:
78:c4:2c:a5:6a:ba:7f:30:88:f7:33:d7:3d:43:3e:d8:4f:62:
96:bb:12:f3:09:26:2c:cf:05:04:81:6a:a8:b1:7c:fd:dd:ae:
bd:87:9c:18:a7:1d:36:1f:cf:ba:4d:1d:32:d0:2d:58:91:dc:
e5:44:4a:c7:1a:02:9a:04:98:fd:e6:53:ec:98:49:1f:79:40:
91:d8:02:1d:cc:0f:fe:ab:36:45:0d:d1:50:6f:96:7b:12:42:
e0:1e:cb:16:af:84:34:10:c4:bf:fb:43:46:e4:e1:4a:8e:cf:
fd:6d:58:f1:7d:9e:ec:6c:69:6c:f0:4a:4f:48:fa:d8:8f:7b:
c0:47:34:8b:c7:03:43:5e:e0:07:c3:17:bf:64:c4:cd:20:cc:
08:67:e2:c7:c8:a8:fc:8f:49:0b:46:8c:8d:37:59:62:c1:5c:
cb:95:e0:1b:e6:1d:dd:c3:19:b9:0d:84:42:29:cc:bc:6c:8a:
2a:43:1e:e4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYigzCF1LfJWAHP0mXu8ekeoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNjA5MTUzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDNmYWZiOTAyOTgwNTc5Mjg3MDIzYzlkN2RiYjJlMjA1ZGQ4OWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdPWk+b+C1G+7qfe2/g2Q6kIZ7aq
w5XopLS0kY7ASw+YaFVfIJVxDLRW8FyHIoCltkOG3twWBSzx/Y9P2bK1YfIUEROW
OONALatN8637eFXcfzZWnuxY34CdTsuSq9648Wyu2DtjhnrpCzjHWPKA1ZDPXirT
IshNAj+yssQdV8z2G+LCqT76KWX5eauas4Dwi11MLxJA9uFDescWor34yZN1NETN
/McbDcelFuBHfAMH6UQGUQq+PkXqr0jHOh8rZVur7k6JJ+KgaJmJgMrzp/hqODF9
LbNe/fRWDwBFxAvtN7sRSSYOXYVjUP3aa1pAoMvSFg593bqmWsmOrJ0O+QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHA/r7kCmAV5KHAjydfbsuIF3Ym/MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvY0QtdnVRS1lCWGtvY0NQSjE5dXk0Z1hkaWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAQCtIAwQB
W8EcAwQBW+p4AwQAW/VbAwQAsGd5MA0GCSqGSIb3DQEBCwUAA4IBAQAhYEiB4Wf7
Vc/RgH/4OMTn4sv06IZycM3vJaIJKmymBTSAqFOigketxHwmHchQgGkdQcUPjTQt
jbjnf8aD0fQ2C9ZIHenKmIF4xCylarp/MIj3M9c9Qz7YT2KWuxLzCSYszwUEgWqo
sXz93a69h5wYpx02H8+6TR0y0C1YkdzlRErHGgKaBJj95lPsmEkfeUCR2AIdzA/+
qzZFDdFQb5Z7EkLgHssWr4Q0EMS/+0NG5OFKjs/9bVjxfZ7sbGls8EpPSPrYj3vA
RzSLxwNDXuAHwxe/ZMTNIMwIZ+LHyKj8j0kLRoyNN1liwVzLleAb5h3dwxm5DYRC
Kcy8bIoqQx7k
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org