Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/47b413-6416-402a-b5e1-6596d5036362/1/iIzfn40cLBAz0skBKh8k3wFE5xg.roa
File: iIzfn40cLBAz0skBKh8k3wFE5xg.roa (raw, json)
Hash identifier: FKL4Uzb9CY7yBwnF09cyUEyueMbTZ0F2IvIwmElSx60=
Subject key identifier: 88:8C:DF:9F:8D:1C:2C:10:33:D2:C9:01:2A:1F:24:DF:01:44:E7:18
Certificate issuer: /CN=2d4873e6e8be4f9d3764184f13e5750f8c61f68b
Certificate serial: 018573BAC66DA6F243ABF0A5340E3EC05A3E
Authority key identifier: 2D:48:73:E6:E8:BE:4F:9D:37:64:18:4F:13:E5:75:0F:8C:61:F6:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LUhz5ui-T503ZBhPE-V1D4xh9os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/47b413-6416-402a-b5e1-6596d5036362/1/iIzfn40cLBAz0skBKh8k3wFE5xg.roa
Signing time: Mon 02 Jan 2023 18:24:58 +0000
ROA not before: Mon 02 Jan 2023 18:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35712
IP address blocks: 91.132.180.0/24 maxlen: 24
91.132.180.0/22 maxlen: 22
91.132.183.0/24 maxlen: 24
91.132.182.0/24 maxlen: 24
91.132.181.0/24 maxlen: 24
2a09:cc84::/31 maxlen: 31
2a09:cc86::/31 maxlen: 31
2a09:cc82::/31 maxlen: 31
2a09:cc80::/29 maxlen: 29
2a09:cc80::/31 maxlen: 31
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:ba:c6:6d:a6:f2:43:ab:f0:a5:34:0e:3e:c0:5a:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d4873e6e8be4f9d3764184f13e5750f8c61f68b
Validity
Not Before: Jan 2 18:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=888cdf9f8d1c2c1033d2c9012a1f24df0144e718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ff:b5:7c:cb:46:6f:f0:f4:c1:0d:38:db:1f:
b9:69:60:92:51:da:88:ad:54:66:57:89:fe:02:ec:
a1:a5:1c:84:10:e9:d8:a4:df:ce:7d:a7:d9:7f:ec:
50:1e:9f:2c:96:5d:27:ae:90:19:84:7b:a1:af:b6:
26:a8:d7:8d:e4:c2:cf:62:62:f1:80:5f:4d:99:95:
a2:d6:27:39:50:db:6d:b6:e8:4c:64:41:50:80:b2:
ce:f5:e8:77:34:cc:60:42:1e:4b:4b:fc:f5:cc:25:
c2:5f:39:3b:47:f9:84:59:e9:ac:9c:18:04:4d:da:
b2:7d:5b:22:87:ee:89:1d:dd:a6:63:a8:48:28:b6:
f3:53:60:b9:66:c3:99:55:91:b1:1b:3d:29:9e:64:
ac:30:86:a3:bf:d5:b4:f2:df:51:39:d9:82:c8:82:
a1:28:d6:fe:ac:94:46:79:09:a9:b8:f3:59:52:bb:
fa:a1:6e:9a:b1:b1:dd:89:1f:a7:a4:44:14:9a:6a:
7d:ae:6d:df:8c:5d:f8:5b:ea:ad:3b:9d:e0:5d:cb:
54:9d:f0:4d:52:ea:82:45:c7:2e:8f:7f:c0:be:6d:
f0:60:2d:3c:89:5e:ea:fc:ff:9b:e9:78:c2:95:2f:
3c:ec:07:dc:67:75:a3:79:ca:ff:02:58:2f:32:b4:
74:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:8C:DF:9F:8D:1C:2C:10:33:D2:C9:01:2A:1F:24:DF:01:44:E7:18
X509v3 Authority Key Identifier:
keyid:2D:48:73:E6:E8:BE:4F:9D:37:64:18:4F:13:E5:75:0F:8C:61:F6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LUhz5ui-T503ZBhPE-V1D4xh9os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/47b413-6416-402a-b5e1-6596d5036362/1/iIzfn40cLBAz0skBKh8k3wFE5xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/47b413-6416-402a-b5e1-6596d5036362/1/LUhz5ui-T503ZBhPE-V1D4xh9os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.180.0/22
IPv6:
2a09:cc80::/29
Signature Algorithm: sha256WithRSAEncryption
a9:a5:f9:51:23:7a:92:d0:c0:0c:f4:a0:80:fe:24:cd:47:c4:
ae:5d:ad:81:1a:a3:5d:46:06:a6:08:a0:34:6f:74:e4:df:90:
1d:6b:31:82:44:43:af:72:e3:ff:7c:00:c4:9f:f5:84:30:ea:
08:2a:ce:46:4b:28:16:cc:5a:ac:20:4f:1a:e0:a3:b2:9d:4f:
58:08:6b:82:09:f4:4a:b6:16:dc:5c:3f:48:34:b5:0b:bf:c2:
b8:01:19:5e:95:fe:54:52:73:c5:63:b3:90:a7:6a:68:27:6b:
ba:82:86:ad:15:d8:b7:a5:ac:b7:bd:73:58:44:46:ae:1c:1c:
35:55:a7:e9:a0:76:48:3b:78:05:0c:48:c4:27:57:8a:0a:f6:
3c:08:e9:05:4d:b2:55:bd:53:00:13:10:8d:cf:2e:39:dc:b5:
be:85:43:7e:24:0b:91:5d:7c:29:93:e4:f7:87:e7:db:86:4a:
85:cb:11:ec:e3:52:13:77:96:e8:f8:08:55:a2:7a:da:c8:ad:
a8:27:8d:92:f8:a0:81:cc:e9:8e:43:4a:98:0c:9e:47:01:3e:
6d:0b:5a:ff:fc:e5:92:ca:f3:6f:0b:d9:44:0e:98:9e:ba:67:
78:b1:6e:13:42:83:7a:fd:2a:01:73:41:a7:98:2c:c4:40:c8:
f6:10:31:0c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzusZtpvJDq/ClNA4+wFo+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkNDg3M2U2ZThiZTRmOWQzNzY0MTg0ZjEzZTU3NTBmOGM2
MWY2OGIwHhcNMjMwMTAyMTgyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODhjZGY5ZjhkMWMyYzEwMzNkMmM5MDEyYTFmMjRkZjAxNDRlNzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv+1fMtGb/D0wQ042x+5aWCSUdqI
rVRmV4n+AuyhpRyEEOnYpN/OfafZf+xQHp8sll0nrpAZhHuhr7YmqNeN5MLPYmLx
gF9NmZWi1ic5UNtttuhMZEFQgLLO9eh3NMxgQh5LS/z1zCXCXzk7R/mEWemsnBgE
TdqyfVsih+6JHd2mY6hIKLbzU2C5ZsOZVZGxGz0pnmSsMIajv9W08t9ROdmCyIKh
KNb+rJRGeQmpuPNZUrv6oW6asbHdiR+npEQUmmp9rm3fjF34W+qtO53gXctUnfBN
UuqCRccuj3/Avm3wYC08iV7q/P+b6XjClS887AfcZ3Wjecr/AlgvMrR0nwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIiM35+NHCwQM9LJASofJN8BROcYMB8GA1UdIwQY
MBaAFC1Ic+bovk+dN2QYTxPldQ+MYfaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFVoejV1aS1UNTAzWkJoUEUtVjFENHhoOW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80N2I0MTMtNjQxNi00MDJhLWI1ZTEt
NjU5NmQ1MDM2MzYyLzEvaUl6Zm40MGNMQkF6MHNrQktoOGszd0ZFNXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80N2I0MTMtNjQxNi00MDJhLWI1ZTEtNjU5NmQ1MDM2MzYy
LzEvTFVoejV1aS1UNTAzWkJoUEUtVjFENHhoOW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCW4S0MA0E
AgACMAcDBQMqCcyAMA0GCSqGSIb3DQEBCwUAA4IBAQCppflRI3qS0MAM9KCA/iTN
R8SuXa2BGqNdRgamCKA0b3Tk35AdazGCREOvcuP/fADEn/WEMOoIKs5GSygWzFqs
IE8a4KOynU9YCGuCCfRKthbcXD9INLULv8K4ARlelf5UUnPFY7OQp2poJ2u6goat
Fdi3pay3vXNYREauHBw1VafpoHZIO3gFDEjEJ1eKCvY8COkFTbJVvVMAExCNzy45
3LW+hUN+JAuRXXwpk+T3h+fbhkqFyxHs41ITd5bo+AhVonrayK2oJ42S+KCBzOmO
Q0qYDJ5HAT5tC1r//OWSyvNvC9lEDpieumd4sW4TQoN6/SoBc0GnmCzEQMj2EDEM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:57 2024 by rpki-client on console-fra.rpki-client.org