Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/hFNo4wU5Aza7BLzhNnbafIUoIYc.roa
File: hFNo4wU5Aza7BLzhNnbafIUoIYc.roa (raw, json)
Hash identifier: L+CQ2q6mxhWyXLyc96954LoeeNTdLlYWoiLrmH2uyT0=
Subject key identifier: 84:53:68:E3:05:39:03:36:BB:04:BC:E1:36:76:DA:7C:85:28:21:87
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 01887103C34D39E9EBBB53714D26739CC4E3
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/hFNo4wU5Aza7BLzhNnbafIUoIYc.roa
Signing time: Wed 31 May 2023 08:54:11 +0000
ROA not before: Wed 31 May 2023 08:54:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.243.177.0/24 maxlen: 24
91.243.176.0/24 maxlen: 24
195.242.243.0/24 maxlen: 24
93.114.61.0/24 maxlen: 24
93.114.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Jun 2023 10:44:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:03:c3:4d:39:e9:eb:bb:53:71:4d:26:73:9c:c4:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: May 31 08:54:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=845368e305390336bb04bce13676da7c85282187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e3:93:b3:9f:78:1c:79:8e:0d:0c:0e:a4:b2:
71:62:00:64:43:3f:13:21:14:de:90:d8:0b:9d:e2:
2a:e1:ac:7a:32:ae:24:1a:6a:e9:5d:84:7e:c4:e8:
aa:12:31:d2:ad:1e:7c:32:e8:36:1d:2e:25:34:cc:
bb:58:3a:a8:a0:03:f9:58:87:85:64:8f:e2:e0:35:
56:b0:de:f9:c5:16:c2:00:50:3a:ce:e6:0b:90:bc:
a4:bc:28:11:75:59:e2:b8:74:59:3e:46:8d:20:8e:
21:6a:9c:39:77:29:88:a8:15:f5:7e:73:7d:49:bc:
6b:d1:01:75:14:03:57:50:e5:9b:24:7f:5b:cc:3f:
3a:7f:88:04:d8:90:a9:f2:7b:7c:d0:a7:41:5c:eb:
f0:4c:f4:c2:06:3e:ac:b8:bb:62:3b:df:38:9f:5a:
3c:1d:2c:8d:8e:db:51:e5:db:06:1d:92:39:49:da:
51:ae:24:45:57:40:8c:a2:31:cc:b7:4e:00:33:70:
dd:06:30:01:3f:4c:8b:53:2a:e4:b1:54:09:59:21:
fc:62:36:e0:60:bf:77:0f:e0:2e:17:1e:96:a9:07:
ea:93:73:79:4a:55:70:59:a9:a8:58:c6:42:e7:87:
b8:82:26:91:b4:2c:f9:cd:8e:05:33:88:13:88:1e:
f5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:53:68:E3:05:39:03:36:BB:04:BC:E1:36:76:DA:7C:85:28:21:87
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/hFNo4wU5Aza7BLzhNnbafIUoIYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.176.0/23
93.114.60.0/23
195.242.243.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:d2:a0:de:ba:0e:cf:20:d2:2c:6e:a7:53:99:06:ed:e7:2d:
9d:4b:f1:f1:b3:26:b6:1b:35:60:ee:f8:21:2e:be:5c:7b:ab:
fd:09:40:25:fe:6e:39:3b:58:d4:38:04:58:90:35:ab:b0:c9:
1e:30:8a:57:19:19:a4:2e:f8:a2:e6:8c:11:95:6e:5c:ae:e1:
fa:75:05:2b:60:e8:12:7a:80:17:5b:b4:4f:f1:93:60:17:5c:
6a:f7:19:01:18:fe:22:6b:50:bc:33:ec:bf:05:db:05:42:3e:
b9:3b:03:f7:9a:89:20:16:9a:e3:44:3d:73:ca:5d:bf:84:e9:
dc:65:82:06:da:e8:d8:4b:4b:26:e7:6c:68:d5:f9:49:9b:c7:
99:0b:42:9a:c3:6a:ae:4a:11:73:5c:90:3c:0c:e5:4d:83:76:
fd:78:8f:e3:dd:6d:e8:90:78:96:32:00:51:c9:93:50:c0:04:
2c:04:11:b8:06:31:e7:9a:75:24:86:bf:0d:bf:6e:23:e4:60:
0d:02:62:ba:11:27:e0:b5:86:76:2a:65:8c:df:27:94:a0:33:
77:70:ba:ac:34:76:37:62:4c:20:4f:74:e6:18:7b:c3:59:94:
d1:d7:9a:ce:47:aa:aa:b8:55:86:24:c9:96:86:4c:73:e5:30:
c5:16:e0:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhxA8NNOenru1NxTSZznMTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjMwNTMxMDg1NDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDUzNjhlMzA1MzkwMzM2YmIwNGJjZTEzNjc2ZGE3Yzg1MjgyMTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+OTs594HHmODQwOpLJxYgBkQz8T
IRTekNgLneIq4ax6Mq4kGmrpXYR+xOiqEjHSrR58Mug2HS4lNMy7WDqooAP5WIeF
ZI/i4DVWsN75xRbCAFA6zuYLkLykvCgRdVniuHRZPkaNII4hapw5dymIqBX1fnN9
Sbxr0QF1FANXUOWbJH9bzD86f4gE2JCp8nt80KdBXOvwTPTCBj6suLtiO984n1o8
HSyNjttR5dsGHZI5SdpRriRFV0CMojHMt04AM3DdBjABP0yLUyrksVQJWSH8Yjbg
YL93D+AuFx6WqQfqk3N5SlVwWamoWMZC54e4giaRtCz5zY4FM4gTiB71awIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIRTaOMFOQM2uwS84TZ22nyFKCGHMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvaEZObzR3VTVBemE3Qkx6aE5uYmFmSVVvSVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW/OwAwQB
XXI8AwQAw/LzMA0GCSqGSIb3DQEBCwUAA4IBAQBd0qDeug7PINIsbqdTmQbt5y2d
S/Hxsya2GzVg7vghLr5ce6v9CUAl/m45O1jUOARYkDWrsMkeMIpXGRmkLvii5owR
lW5cruH6dQUrYOgSeoAXW7RP8ZNgF1xq9xkBGP4ia1C8M+y/BdsFQj65OwP3mokg
FprjRD1zyl2/hOncZYIG2ujYS0sm52xo1flJm8eZC0Kaw2quShFzXJA8DOVNg3b9
eI/j3W3okHiWMgBRyZNQwAQsBBG4BjHnmnUkhr8Nv24j5GANAmK6ESfgtYZ2KmWM
3yeUoDN3cLqsNHY3YkwgT3TmGHvDWZTR15rOR6qquFWGJMmWhkxz5TDFFuA+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:55 2024 by rpki-client on console-fra.rpki-client.org