Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/v_FNW51TrWO8y7XKhAZtPUm0teI.roa
File: v_FNW51TrWO8y7XKhAZtPUm0teI.roa (raw, json)
Hash identifier: SegBOhXyqrbpRsSHQE6uq+/8mYc2WETWF+WIT+4cMyE=
Subject key identifier: BF:F1:4D:5B:9D:53:AD:63:BC:CB:B5:CA:84:06:6D:3D:49:B4:B5:E2
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019243374658E626F425247327E52D346417
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/v_FNW51TrWO8y7XKhAZtPUm0teI.roa
Signing time: Mon 30 Sep 2024 13:55:48 +0000
ROA not before: Mon 30 Sep 2024 13:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203464
IP address blocks: 91.223.117.0/24 maxlen: 24
91.231.227.0/24 maxlen: 24
91.233.201.0/24 maxlen: 24
91.237.193.0/24 maxlen: 24
91.238.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 13:06:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:43:37:46:58:e6:26:f4:25:24:73:27:e5:2d:34:64:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Sep 30 13:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bff14d5b9d53ad63bccbb5ca84066d3d49b4b5e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cd:6b:24:6b:ce:8a:65:6a:03:b3:82:6d:31:
ab:1a:16:73:a4:ae:f5:3c:9a:4a:1e:d3:46:04:96:
a2:42:9c:4c:cf:e8:ed:a5:e4:b9:bc:25:9b:80:5a:
23:15:27:e9:de:cd:9a:9a:8f:ad:b5:4d:a2:07:b9:
44:46:2c:7e:f8:cb:3e:76:5e:1d:32:89:60:1d:50:
7e:11:03:51:93:d3:fa:b4:b6:f6:25:17:63:1e:54:
4b:64:a5:f0:39:b6:f2:b3:67:8c:b0:dc:90:2d:8f:
81:70:74:7d:8a:41:34:12:66:15:5a:43:55:e0:a0:
0e:3e:75:6c:77:91:b4:81:10:09:a2:cf:fb:95:6e:
d6:da:55:66:06:5e:84:99:e6:29:c4:bc:a4:f9:d3:
fb:07:f3:32:eb:c9:0a:d3:24:3a:31:81:cb:99:4b:
aa:20:96:44:1e:71:4f:27:3d:5c:d3:64:90:6e:75:
72:f6:b3:ce:77:8f:f0:9b:c2:3d:05:c8:ba:d0:6e:
e0:19:0f:d2:80:75:4b:20:90:2a:e4:bb:01:e5:a0:
e5:e0:4d:c7:27:3b:1d:ce:7d:4b:41:b9:e2:dd:92:
d5:37:c6:27:35:ba:36:c6:1b:15:95:a6:df:b3:2a:
ea:62:8b:6c:98:01:32:69:c7:c9:06:43:02:9f:bc:
ee:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:F1:4D:5B:9D:53:AD:63:BC:CB:B5:CA:84:06:6D:3D:49:B4:B5:E2
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/v_FNW51TrWO8y7XKhAZtPUm0teI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.117.0/24
91.231.227.0/24
91.233.201.0/24
91.237.193.0/24
91.238.38.0/24
Signature Algorithm: sha256WithRSAEncryption
38:58:c6:c3:da:fe:33:7e:be:bd:fb:81:2e:03:71:d9:7a:a9:
14:e0:e0:e3:56:83:5d:5f:b9:2d:c9:50:78:77:18:b5:78:5b:
32:19:d9:e3:35:1a:4d:e4:0f:65:2c:27:be:ca:f0:4e:f1:b4:
f3:00:e2:d1:42:98:ac:9c:79:33:ce:b8:c3:0d:d1:bf:09:88:
73:20:97:29:f5:38:03:0c:ad:14:e4:5d:2e:3f:92:99:4a:02:
1d:1d:f1:7b:9c:a7:35:8b:a6:b8:54:60:20:f5:56:41:af:53:
ff:0c:f9:cf:b8:bb:a9:b5:35:59:4d:b1:ab:58:79:e6:45:81:
0e:d2:07:d1:be:95:44:d3:35:71:7f:d8:92:07:ff:7f:75:bd:
58:5d:cf:0a:46:fd:6b:d0:f5:a4:29:66:e0:54:be:e8:d2:cc:
35:af:e2:51:e8:80:15:99:36:5b:23:48:bf:59:d6:15:f6:0c:
48:f7:4c:2a:fd:67:55:34:59:b5:b1:df:32:be:4b:9b:e8:f4:
71:db:6e:31:a9:79:9e:4c:99:43:99:17:92:d2:d6:61:4a:7c:
8b:b1:56:ce:ea:7d:28:84:e7:ab:36:12:af:35:7d:02:31:98:
6a:3e:64:ea:73:71:90:9c:05:d8:a7:06:d5:ea:3e:89:51:6d:
75:d9:c1:ed
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZJDN0ZY5ib0JSRzJ+UtNGQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwOTMwMTM1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmYxNGQ1YjlkNTNhZDYzYmNjYmI1Y2E4NDA2NmQzZDQ5YjRiNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwc1rJGvOimVqA7OCbTGrGhZzpK71
PJpKHtNGBJaiQpxMz+jtpeS5vCWbgFojFSfp3s2amo+ttU2iB7lERix++Ms+dl4d
MolgHVB+EQNRk9P6tLb2JRdjHlRLZKXwObbys2eMsNyQLY+BcHR9ikE0EmYVWkNV
4KAOPnVsd5G0gRAJos/7lW7W2lVmBl6EmeYpxLyk+dP7B/My68kK0yQ6MYHLmUuq
IJZEHnFPJz1c02SQbnVy9rPOd4/wm8I9Bci60G7gGQ/SgHVLIJAq5LsB5aDl4E3H
Jzsdzn1LQbni3ZLVN8YnNbo2xhsVlabfsyrqYotsmAEyacfJBkMCn7zuEwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL/xTVudU61jvMu1yoQGbT1JtLXiMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvdl9GTlc1MVRyV084eTdYS2hBWnRQVW0wdGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW991AwQA
W+fjAwQAW+nJAwQAW+3BAwQAW+4mMA0GCSqGSIb3DQEBCwUAA4IBAQA4WMbD2v4z
fr69+4EuA3HZeqkU4ODjVoNdX7ktyVB4dxi1eFsyGdnjNRpN5A9lLCe+yvBO8bTz
AOLRQpisnHkzzrjDDdG/CYhzIJcp9TgDDK0U5F0uP5KZSgIdHfF7nKc1i6a4VGAg
9VZBr1P/DPnPuLuptTVZTbGrWHnmRYEO0gfRvpVE0zVxf9iSB/9/db1YXc8KRv1r
0PWkKWbgVL7o0sw1r+JR6IAVmTZbI0i/WdYV9gxI90wq/WdVNFm1sd8yvkub6PRx
224xqXmeTJlDmReS0tZhSnyLsVbO6n0ohOerNhKvNX0CMZhqPmTqc3GQnAXYpwbV
6j6JUW112cHt
-----END CERTIFICATE-----
Generated at Thu Oct 3 15:33:11 2024 by rpki-client on console-fra.rpki-client.org