Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/kiT4-dM1u-p6FKCZV7Kk3D7YtPg.roa
File: kiT4-dM1u-p6FKCZV7Kk3D7YtPg.roa (raw, json)
Hash identifier: 8sxnt6UB65GM2k4CFlv4g0M/q6H41v5TrTx+B0xvigU=
Subject key identifier: 92:24:F8:F9:D3:35:BB:EA:7A:14:A0:99:57:B2:A4:DC:3E:D8:B4:F8
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0189023E7E9B95D0578DC8CF9E4A5F4E843F
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/kiT4-dM1u-p6FKCZV7Kk3D7YtPg.roa
Signing time: Wed 28 Jun 2023 13:43:17 +0000
ROA not before: Wed 28 Jun 2023 13:43:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50835
IP address blocks: 91.193.30.0/23 maxlen: 23
81.161.48.0/22 maxlen: 22
91.246.192.0/22 maxlen: 24
77.36.57.0/24 maxlen: 24
77.36.60.0/24 maxlen: 24
176.113.180.0/22 maxlen: 22
91.246.203.0/24 maxlen: 24
176.110.112.0/23 maxlen: 23
91.246.217.0/24 maxlen: 24
81.161.8.0/22 maxlen: 22
37.97.121.0/24 maxlen: 24
37.97.120.0/24 maxlen: 24
91.232.56.0/23 maxlen: 23
193.36.220.0/22 maxlen: 22
194.33.66.0/23 maxlen: 23
64.43.120.0/22 maxlen: 24
91.233.200.0/24 maxlen: 24
176.115.236.0/22 maxlen: 24
109.207.130.0/24 maxlen: 24
109.207.132.0/24 maxlen: 24
176.96.94.0/24 maxlen: 24
91.200.134.0/23 maxlen: 23
176.121.108.0/23 maxlen: 24
176.121.110.0/23 maxlen: 24
91.238.39.0/24 maxlen: 24
176.116.228.0/24 maxlen: 24
176.116.236.0/24 maxlen: 24
91.239.226.0/24 maxlen: 24
91.224.212.0/24 maxlen: 24
91.232.226.0/24 maxlen: 24
46.173.248.0/22 maxlen: 24
91.236.76.0/24 maxlen: 24
46.173.254.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 21 Jul 2023 17:02:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:02:3e:7e:9b:95:d0:57:8d:c8:cf:9e:4a:5f:4e:84:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jun 28 13:43:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9224f8f9d335bbea7a14a09957b2a4dc3ed8b4f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c6:e9:85:c7:2c:15:d3:fb:1f:1a:41:ab:c8:
69:41:cd:9e:1d:56:dd:af:21:74:ff:31:46:77:73:
8f:81:b8:0e:56:c1:8b:94:20:5c:ad:8c:d3:86:b0:
a3:bf:88:6e:86:b0:dd:b7:96:f4:54:1c:f0:b1:64:
35:3f:cf:06:70:46:0f:1f:4c:bf:64:05:ef:08:ce:
96:6b:06:1a:e9:9c:2f:0f:f7:bd:ba:98:d3:d9:e5:
d9:3f:21:ee:9f:57:53:3c:43:c9:5e:52:05:22:28:
a7:b3:15:e1:a7:6b:2c:15:5a:aa:9b:2b:48:5e:47:
30:d9:02:5b:e1:1e:cb:36:72:47:0a:cd:b5:32:78:
07:67:ed:34:bb:f2:a2:63:73:6e:97:55:9f:1a:d4:
92:4d:96:19:67:ae:38:9d:ac:2d:8d:ae:d1:98:f8:
8d:31:d5:77:68:8a:27:c8:17:c0:bb:0b:a3:3f:4e:
b0:f0:cf:ff:2d:dd:13:79:92:b6:91:17:ec:78:02:
54:b2:34:0d:b0:11:ae:30:90:10:48:69:22:a7:59:
0a:d3:e4:fa:42:c1:4d:e7:83:0b:73:69:1c:a6:49:
6b:3d:ba:43:80:dc:7c:36:35:74:5b:51:b7:cf:38:
d8:51:2f:98:1b:35:6d:5b:c4:29:58:76:8b:07:9e:
5c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:24:F8:F9:D3:35:BB:EA:7A:14:A0:99:57:B2:A4:DC:3E:D8:B4:F8
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/kiT4-dM1u-p6FKCZV7Kk3D7YtPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.120.0/23
46.173.248.0/22
46.173.254.0/23
64.43.120.0/22
77.36.57.0/24
77.36.60.0/24
81.161.8.0/22
81.161.48.0/22
91.193.30.0/23
91.200.134.0/23
91.224.212.0/24
91.232.56.0/23
91.232.226.0/24
91.233.200.0/24
91.236.76.0/24
91.238.39.0/24
91.239.226.0/24
91.246.192.0/22
91.246.203.0/24
91.246.217.0/24
109.207.130.0/24
109.207.132.0/24
176.96.94.0/24
176.110.112.0/23
176.113.180.0/22
176.115.236.0/22
176.116.228.0/24
176.116.236.0/24
176.121.108.0/22
193.36.220.0/22
194.33.66.0/23
Signature Algorithm: sha256WithRSAEncryption
75:e1:0f:49:c9:1d:94:6b:bf:15:5b:10:1f:11:48:fb:16:f0:
36:36:fe:b7:9f:1d:7a:2d:81:35:9b:6c:f9:46:b9:a2:ed:6a:
3c:28:10:1a:20:6e:94:c8:e1:e0:44:0d:10:91:4e:c1:58:59:
f0:dc:c9:53:95:fe:e7:19:b3:98:9a:d9:e6:cb:43:f5:f2:34:
e4:69:6a:92:8c:99:9c:34:8e:a7:50:15:9c:ee:7a:b8:49:51:
66:4d:f3:6b:03:d0:03:b0:aa:0c:62:79:4e:24:44:f4:9f:cb:
89:8a:d6:22:80:13:9f:c7:06:0f:05:b5:2b:21:5b:2e:6b:11:
a3:b8:fb:5e:f6:e7:f1:24:8f:42:7f:40:78:5b:b5:5e:c4:43:
35:40:60:7e:85:d4:c7:0d:a0:26:4f:b4:44:16:7a:91:6f:7d:
2c:88:f4:d1:e5:d7:01:f4:df:9e:87:50:08:ec:b6:19:6a:f1:
d4:c3:ba:cf:91:32:d3:5e:a6:15:b9:ae:08:f6:ca:39:0d:90:
26:d6:90:55:e5:2a:d6:83:ef:0e:f6:1f:4b:fd:f8:95:5e:68:
09:b7:00:40:cf:97:ee:d4:18:19:f0:1e:71:e0:fc:43:57:79:
33:57:20:18:b2:3d:5d:af:e7:f7:71:39:e8:db:b8:12:3a:7d:
cd:03:22:77
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAYkCPn6bldBXjcjPnkpfToQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNjI4MTM0MzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjI0ZjhmOWQzMzViYmVhN2ExNGEwOTk1N2IyYTRkYzNlZDhiNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MbphccsFdP7HxpBq8hpQc2eHVbd
ryF0/zFGd3OPgbgOVsGLlCBcrYzThrCjv4huhrDdt5b0VBzwsWQ1P88GcEYPH0y/
ZAXvCM6WawYa6ZwvD/e9upjT2eXZPyHun1dTPEPJXlIFIiinsxXhp2ssFVqqmytI
Xkcw2QJb4R7LNnJHCs21MngHZ+00u/KiY3Nul1WfGtSSTZYZZ644nawtja7RmPiN
MdV3aIonyBfAuwujP06w8M//Ld0TeZK2kRfseAJUsjQNsBGuMJAQSGkip1kK0+T6
QsFN54MLc2kcpklrPbpDgNx8NjV0W1G3zzjYUS+YGzVtW8QpWHaLB55cLwIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFJIk+PnTNbvqehSgmVeypNw+2LT4MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEva2lUNC1kTTF1LXA2RktDWlY3S2szRDdZdFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDBAEl
YXgDBAIurfgDBAEurf4DBAJAK3gDBABNJDkDBABNJDwDBAJRoQgDBAJRoTADBAFb
wR4DBAFbyIYDBABb4NQDBAFb6DgDBABb6OIDBABb6cgDBABb7EwDBABb7icDBABb
7+IDBAJb9sADBABb9ssDBABb9tkDBABtz4IDBABtz4QDBACwYF4DBAGwbnADBAKw
cbQDBAKwc+wDBACwdOQDBACwdOwDBAKweWwDBALBJNwDBAHCIUIwDQYJKoZIhvcN
AQELBQADggEBAHXhD0nJHZRrvxVbEB8RSPsW8DY2/refHXotgTWbbPlGuaLtajwo
EBogbpTI4eBEDRCRTsFYWfDcyVOV/ucZs5ia2ebLQ/XyNORpapKMmZw0jqdQFZzu
erhJUWZN82sD0AOwqgxieU4kRPSfy4mK1iKAE5/HBg8FtSshWy5rEaO4+1725/Ek
j0J/QHhbtV7EQzVAYH6F1McNoCZPtEQWepFvfSyI9NHl1wH0356HUAjsthlq8dTD
us+RMtNephW5rgj2yjkNkCbWkFXlKtaD7w72H0v9+JVeaAm3AEDPl+7UGBnwHnHg
/ENXeTNXIBiyPV2v5/dxOejbuBI6fc0DInc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org