Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rarAMVqHsfblwKjvRGvjhT7tTjk.roa
File: rarAMVqHsfblwKjvRGvjhT7tTjk.roa (raw, json)
Hash identifier: 5wMcD0OQnoOUqnTh2OOa3f00sbxSgz0IKZZpNbhZ/PI=
Subject key identifier: AD:AA:C0:31:5A:87:B1:F6:E5:C0:A8:EF:44:6B:E3:85:3E:ED:4E:39
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01920F99780BE55D84423CA62AE135A7187C
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rarAMVqHsfblwKjvRGvjhT7tTjk.roa
Signing time: Fri 20 Sep 2024 13:22:48 +0000
ROA not before: Fri 20 Sep 2024 13:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203464
IP address blocks: 91.223.117.0/24 maxlen: 24
91.231.227.0/24 maxlen: 24
91.232.55.0/24 maxlen: 24
91.233.201.0/24 maxlen: 24
91.237.193.0/24 maxlen: 24
91.238.38.0/24 maxlen: 24
91.240.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 13:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0f:99:78:0b:e5:5d:84:42:3c:a6:2a:e1:35:a7:18:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Sep 20 13:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adaac0315a87b1f6e5c0a8ef446be3853eed4e39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fc:ff:16:23:d0:53:c5:72:a5:17:c1:8d:be:
35:9d:cb:5e:93:90:0b:45:d0:5c:5c:48:12:a1:a9:
f1:4d:58:bc:56:00:23:8d:e1:6a:8e:65:09:02:33:
43:ba:da:41:28:de:b3:98:2a:8a:1a:cd:b0:b2:ab:
13:b3:6c:f9:3d:5f:3e:ad:d7:9b:40:91:00:d4:9a:
b4:c3:53:26:be:aa:8d:f4:a3:e9:73:01:8d:90:a1:
66:04:fe:a1:c8:d5:fa:4f:0e:17:67:f8:63:cb:fa:
d8:00:86:3a:c4:c7:73:98:cd:5c:62:32:a9:64:70:
09:44:58:94:c7:2c:98:3e:92:73:36:05:a1:e5:82:
fb:b5:d2:4b:ef:fe:6c:1c:ed:e3:b5:57:81:53:bf:
c1:cb:95:50:6a:43:ab:93:6c:ab:69:f4:4b:79:28:
39:ef:de:7d:55:47:81:54:92:76:1d:90:f6:dd:5e:
2f:3f:74:ed:75:20:6d:41:cf:48:ab:43:24:7b:40:
77:da:8e:64:7f:77:e3:c3:5d:49:f4:41:31:3b:98:
f1:64:74:73:48:61:5c:e7:c1:56:67:3f:6e:b7:00:
cc:53:b0:34:79:4a:9e:5c:0f:e4:46:c7:1b:d7:fa:
0b:d5:79:de:46:2b:a8:92:5e:a2:ca:27:76:61:3f:
f0:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:AA:C0:31:5A:87:B1:F6:E5:C0:A8:EF:44:6B:E3:85:3E:ED:4E:39
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rarAMVqHsfblwKjvRGvjhT7tTjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.117.0/24
91.231.227.0/24
91.232.55.0/24
91.233.201.0/24
91.237.193.0/24
91.238.38.0/24
91.240.154.0/24
Signature Algorithm: sha256WithRSAEncryption
16:38:e5:12:75:97:26:2a:7a:05:b2:c2:65:53:15:84:03:d5:
8f:6b:eb:ea:36:f5:03:cf:17:e8:38:0f:9e:17:1f:97:d8:f7:
cd:4a:e8:69:f7:ee:12:98:69:da:dd:e8:cc:c8:33:da:a5:f2:
96:bb:e1:29:d9:66:d6:d1:7d:96:f2:c1:50:15:5c:fa:65:56:
85:dc:2b:c3:37:72:72:4c:9a:bf:ad:e1:e4:6b:86:40:68:97:
5d:e2:fe:4d:7c:ff:65:34:71:76:95:8e:f5:fe:b4:5a:12:43:
44:8a:a7:7c:94:0a:34:64:2c:63:ec:da:df:94:b9:76:86:2a:
99:4a:c3:fa:46:b5:d2:98:53:b3:3c:25:8b:c6:74:5e:09:b0:
ed:de:a5:b6:6b:62:58:d5:df:55:73:5c:ff:f5:e4:c9:37:93:
1f:04:d0:ed:30:e0:14:c1:69:04:4b:14:99:57:4a:3a:f6:c5:
e9:68:ff:09:9f:4c:61:0b:85:07:19:a9:88:9c:7f:46:fb:62:
92:68:67:0a:15:ec:77:7d:03:92:a2:d9:db:02:bb:2c:d2:a7:
cc:8e:a0:1e:93:2f:69:4b:22:f1:8a:95:4b:83:08:53:c5:2c:
f8:74:6d:3d:15:c6:64:27:cd:5a:d8:45:97:d8:79:87:d0:ba:
c9:ff:95:8f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZIPmXgL5V2EQjymKuE1pxh8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwOTIwMTMyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGFhYzAzMTVhODdiMWY2ZTVjMGE4ZWY0NDZiZTM4NTNlZWQ0ZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfz/FiPQU8VypRfBjb41nctek5AL
RdBcXEgSoanxTVi8VgAjjeFqjmUJAjNDutpBKN6zmCqKGs2wsqsTs2z5PV8+rdeb
QJEA1Jq0w1MmvqqN9KPpcwGNkKFmBP6hyNX6Tw4XZ/hjy/rYAIY6xMdzmM1cYjKp
ZHAJRFiUxyyYPpJzNgWh5YL7tdJL7/5sHO3jtVeBU7/By5VQakOrk2yrafRLeSg5
7959VUeBVJJ2HZD23V4vP3TtdSBtQc9Iq0Mke0B32o5kf3fjw11J9EExO5jxZHRz
SGFc58FWZz9utwDMU7A0eUqeXA/kRscb1/oL1XneRiuokl6iyid2YT/wTQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFK2qwDFah7H25cCo70Rr44U+7U45MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvcmFyQU1WcUhzZmJsd0tqdlJHdmpoVDd0VGprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAW991AwQA
W+fjAwQAW+g3AwQAW+nJAwQAW+3BAwQAW+4mAwQAW/CaMA0GCSqGSIb3DQEBCwUA
A4IBAQAWOOUSdZcmKnoFssJlUxWEA9WPa+vqNvUDzxfoOA+eFx+X2PfNSuhp9+4S
mGna3ejMyDPapfKWu+Ep2WbW0X2W8sFQFVz6ZVaF3CvDN3JyTJq/reHka4ZAaJdd
4v5NfP9lNHF2lY71/rRaEkNEiqd8lAo0ZCxj7NrflLl2hiqZSsP6RrXSmFOzPCWL
xnReCbDt3qW2a2JY1d9Vc1z/9eTJN5MfBNDtMOAUwWkESxSZV0o69sXpaP8Jn0xh
C4UHGamInH9G+2KSaGcKFex3fQOSotnbArss0qfMjqAeky9pSyLxipVLgwhTxSz4
dG09FcZkJ81a2EWX2HmH0LrJ/5WP
-----END CERTIFICATE-----
Generated at Mon Sep 30 15:37:23 2024 by rpki-client on console-fra.rpki-client.org