Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/9gACKjjbNEvMa0-v-ioFEgTHYpA.roa
File: 9gACKjjbNEvMa0-v-ioFEgTHYpA.roa (raw, json)
Hash identifier: FVj482LFPL7R7uAOOOltKgY3O5S2cCmvXhITX4oBhZU=
Subject key identifier: F6:00:02:2A:38:DB:34:4B:CC:6B:4F:AF:FA:2A:05:12:04:C7:62:90
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D84C455A973F98392513DB0A8728B8F4D
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/9gACKjjbNEvMa0-v-ioFEgTHYpA.roa
Signing time: Wed 07 Feb 2024 18:11:15 +0000
ROA not before: Wed 07 Feb 2024 18:11:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26548
IP address blocks: 91.198.230.0/24 maxlen: 24
91.199.3.0/24 maxlen: 24
193.33.66.0/24 maxlen: 24
193.37.133.0/24 maxlen: 24
193.193.164.0/24 maxlen: 24
194.56.255.0/24 maxlen: 24
194.107.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 17:53:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:c4:55:a9:73:f9:83:92:51:3d:b0:a8:72:8b:8f:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 7 18:11:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f600022a38db344bcc6b4faffa2a051204c76290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:82:51:f8:95:d2:99:f0:9f:bb:ba:22:0f:89:
1c:ba:d6:c7:a4:88:68:75:0b:57:f4:98:47:c6:82:
22:69:87:f2:e1:42:50:b8:38:5c:47:d9:7f:0a:e4:
f4:fc:c1:88:97:99:ac:da:21:9b:8e:63:8d:b3:3d:
47:16:e8:6d:1f:38:c7:f8:9a:e3:5d:1a:5b:4f:e4:
39:14:34:d1:62:78:86:8c:61:7b:80:95:f3:7e:c4:
bb:50:c5:8d:bc:84:bc:7f:04:a1:68:09:4c:50:b6:
9c:de:c3:6c:8b:98:b2:bf:7a:01:b3:a2:c6:56:d8:
35:16:b8:fb:26:29:c2:44:b1:79:80:9c:0d:01:4b:
a3:4b:b0:08:24:07:35:5e:de:3f:b4:14:f0:97:61:
f8:2c:94:db:59:b9:78:35:01:62:13:ff:f0:da:2f:
e8:a1:03:cb:eb:fd:75:53:8a:3b:ef:69:ab:7a:6b:
15:c0:1c:3f:13:2d:e2:b6:95:3a:e3:fe:dc:4f:b2:
25:ed:20:a8:b5:0c:cc:b3:30:7e:53:e1:2e:07:db:
d6:b5:13:6f:1a:fb:10:be:cc:0f:4f:4b:26:7a:0e:
10:a6:be:96:75:1f:0f:46:01:e8:74:ac:bd:8b:c7:
31:72:ed:74:7a:82:19:c1:db:2f:a5:d2:b7:2c:e2:
af:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:00:02:2A:38:DB:34:4B:CC:6B:4F:AF:FA:2A:05:12:04:C7:62:90
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/9gACKjjbNEvMa0-v-ioFEgTHYpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.230.0/24
91.199.3.0/24
193.33.66.0/24
193.37.133.0/24
193.193.164.0/24
194.56.255.0/24
194.107.125.0/24
Signature Algorithm: sha256WithRSAEncryption
83:c6:b2:24:37:8d:6c:ce:d3:44:00:34:f2:05:2e:67:67:55:
30:77:84:ad:c1:05:aa:dd:33:42:0d:67:70:19:e0:20:68:2d:
a8:60:78:a1:0e:f6:e4:e7:32:90:f1:5e:ac:74:82:f4:4d:76:
a5:08:53:76:2d:36:cf:9c:fc:b1:14:b5:f8:a9:47:57:b5:64:
ae:c9:f0:28:d3:67:0e:b7:bd:4e:a8:00:90:39:a0:6a:be:6d:
2d:45:a6:1a:49:9a:74:09:39:bb:b7:4a:3d:bf:57:b6:eb:cf:
b0:7e:19:14:08:4f:17:01:e1:d1:b5:94:56:a5:f5:3c:44:3e:
d3:e7:71:5d:0a:ea:38:f8:db:d2:ff:f3:28:50:9f:e8:ea:96:
6e:31:99:1b:e0:ad:d6:1f:6e:06:76:c9:78:e1:65:b9:16:03:
4d:c8:ec:15:da:51:c4:c4:a1:1a:06:27:f7:f0:77:2c:29:57:
f1:c3:83:df:e6:36:ba:4b:97:ee:c3:b9:c2:d3:61:2b:3e:da:
79:61:94:49:08:b4:f3:e0:cc:14:4d:9f:99:80:76:91:46:2a:
2f:e1:2a:7a:c2:00:4f:b8:98:29:7b:dc:0d:cf:2a:dc:b0:8e:
42:b5:8d:18:52:8f:87:71:2e:d5:85:0d:dc:fb:74:5d:fd:b6:
20:a6:a9:dd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY2ExFWpc/mDklE9sKhyi49NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjA3MTgxMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjAwMDIyYTM4ZGIzNDRiY2M2YjRmYWZmYTJhMDUxMjA0Yzc2MjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4JR+JXSmfCfu7oiD4kcutbHpIho
dQtX9JhHxoIiaYfy4UJQuDhcR9l/CuT0/MGIl5ms2iGbjmONsz1HFuhtHzjH+Jrj
XRpbT+Q5FDTRYniGjGF7gJXzfsS7UMWNvIS8fwShaAlMULac3sNsi5iyv3oBs6LG
Vtg1Frj7JinCRLF5gJwNAUujS7AIJAc1Xt4/tBTwl2H4LJTbWbl4NQFiE//w2i/o
oQPL6/11U4o772mremsVwBw/Ey3itpU64/7cT7Il7SCotQzMszB+U+EuB9vWtRNv
GvsQvswPT0smeg4Qpr6WdR8PRgHodKy9i8cxcu10eoIZwdsvpdK3LOKvIQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPYAAio42zRLzGtPr/oqBRIEx2KQMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvOWdBQ0tqamJORXZNYTAtdi1pb0ZFZ1RIWXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAW8bmAwQA
W8cDAwQAwSFCAwQAwSWFAwQAwcGkAwQAwjj/AwQAwmt9MA0GCSqGSIb3DQEBCwUA
A4IBAQCDxrIkN41sztNEADTyBS5nZ1Uwd4StwQWq3TNCDWdwGeAgaC2oYHihDvbk
5zKQ8V6sdIL0TXalCFN2LTbPnPyxFLX4qUdXtWSuyfAo02cOt71OqACQOaBqvm0t
RaYaSZp0CTm7t0o9v1e268+wfhkUCE8XAeHRtZRWpfU8RD7T53FdCuo4+NvS//Mo
UJ/o6pZuMZkb4K3WH24Gdsl44WW5FgNNyOwV2lHExKEaBif38HcsKVfxw4Pf5ja6
S5fuw7nC02ErPtp5YZRJCLTz4MwUTZ+ZgHaRRiov4Sp6wgBPuJgpe9wNzyrcsI5C
tY0YUo+HcS7VhQ3c+3Rd/bYgpqnd
-----END CERTIFICATE-----
Generated at Mon Feb 19 21:07:42 2024 by rpki-client on console-fra.rpki-client.org