Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/A_TQ9HTLxk0UZu3iyISXThMETfI.roa
File: A_TQ9HTLxk0UZu3iyISXThMETfI.roa (raw, json)
Hash identifier: 7GeNyPFkxX7mxfblqLKhxj+dseg0vlbVTDpN6ODxxPQ=
Subject key identifier: 03:F4:D0:F4:74:CB:C6:4D:14:66:ED:E2:C8:84:97:4E:13:04:4D:F2
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D65BF0E695E89EED5D26E986E89C20CB4
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/A_TQ9HTLxk0UZu3iyISXThMETfI.roa
Signing time: Thu 01 Feb 2024 17:37:16 +0000
ROA not before: Thu 01 Feb 2024 17:37:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26548
IP address blocks: 91.198.230.0/24 maxlen: 24
91.199.3.0/24 maxlen: 24
193.37.133.0/24 maxlen: 24
193.193.164.0/24 maxlen: 24
194.107.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 18:41:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:bf:0e:69:5e:89:ee:d5:d2:6e:98:6e:89:c2:0c:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 1 17:37:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03f4d0f474cbc64d1466ede2c884974e13044df2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0b:2b:67:1b:0c:db:42:13:21:82:3b:94:10:
72:66:60:a1:7a:c6:57:03:eb:51:99:bf:a4:b9:ad:
30:d1:aa:13:65:94:e6:7d:b8:9a:ad:c4:d2:77:02:
e2:0f:5c:f6:f9:cb:c4:ba:84:99:fd:5b:71:71:4b:
01:91:18:24:2c:37:9d:38:f1:04:c7:9f:56:85:79:
be:2d:95:86:e7:95:2e:ff:0e:dd:50:37:7a:4d:dd:
5b:01:b6:2b:10:00:ea:30:34:9d:96:72:04:86:63:
23:56:21:95:5e:c6:e9:21:d8:47:d6:ed:78:78:e7:
2f:5f:71:32:79:32:5d:0c:50:0e:46:e0:0c:71:f0:
58:dd:82:52:d1:32:5a:d0:ae:35:47:e6:fa:b2:91:
d5:f3:44:61:5d:c1:d7:ee:b8:3d:d3:94:02:75:a3:
9f:68:c1:20:f7:ce:01:01:95:fc:23:f7:98:87:14:
0f:01:ca:84:e9:cb:71:b3:63:09:43:12:51:57:6b:
a0:f2:c9:54:a4:3c:67:12:8c:b1:bb:a2:6e:bf:6a:
26:2c:e9:0c:8d:1d:bc:98:03:77:07:c5:ac:bf:9d:
72:47:8b:da:81:cb:70:fc:bd:31:ed:97:87:18:25:
2b:f0:90:25:72:80:45:f3:eb:6f:51:8d:a3:97:d9:
76:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F4:D0:F4:74:CB:C6:4D:14:66:ED:E2:C8:84:97:4E:13:04:4D:F2
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/A_TQ9HTLxk0UZu3iyISXThMETfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.230.0/24
91.199.3.0/24
193.37.133.0/24
193.193.164.0/24
194.107.125.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:cc:02:8d:0c:86:c8:53:9e:98:49:0d:d2:12:c4:10:1e:d6:
f6:91:2b:5f:a4:b3:c6:e3:50:a6:ff:08:60:3a:d2:1b:7c:0b:
55:76:07:e9:68:9b:c4:bd:69:7b:16:29:d0:f0:72:64:41:3a:
c0:e2:23:2a:1d:2a:e9:65:e4:95:6b:2f:ae:47:6f:c6:9e:fa:
27:b2:e6:08:30:9f:5f:dc:35:ce:64:9c:39:29:5c:40:cc:d8:
22:9c:d8:e3:7e:ec:9d:62:70:ce:81:4a:04:94:51:cd:61:3b:
0a:00:96:9e:58:85:1e:df:1f:22:2d:b4:b0:fd:e7:86:e1:8f:
7a:20:3a:aa:ee:53:22:da:c8:f5:72:99:d6:de:20:16:b7:c2:
a0:a1:44:07:df:67:a7:63:ce:17:61:f5:1e:1b:a0:6d:a9:b1:
1c:09:be:ac:13:12:8f:c9:a2:94:e4:4a:d8:56:c6:1c:27:ea:
08:00:c9:e6:8a:0b:54:f1:89:e9:30:d4:f2:a0:39:1e:54:1b:
fe:c3:f6:ec:df:36:c4:68:d5:81:a0:c6:7f:7a:b3:3d:7a:d7:
9b:70:79:74:fe:17:ee:77:c7:9d:c9:63:f3:2f:9f:0e:b1:22:
d5:a2:23:0e:c6:54:79:f9:ce:49:a9:7d:8a:0f:8f:5f:84:70:
42:29:a8:ff
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY1lvw5pXonu1dJumG6Jwgy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjAxMTczNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2Y0ZDBmNDc0Y2JjNjRkMTQ2NmVkZTJjODg0OTc0ZTEzMDQ0ZGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigsrZxsM20ITIYI7lBByZmChesZX
A+tRmb+kua0w0aoTZZTmfbiarcTSdwLiD1z2+cvEuoSZ/VtxcUsBkRgkLDedOPEE
x59WhXm+LZWG55Uu/w7dUDd6Td1bAbYrEADqMDSdlnIEhmMjViGVXsbpIdhH1u14
eOcvX3EyeTJdDFAORuAMcfBY3YJS0TJa0K41R+b6spHV80RhXcHX7rg905QCdaOf
aMEg984BAZX8I/eYhxQPAcqE6ctxs2MJQxJRV2ug8slUpDxnEoyxu6Juv2omLOkM
jR28mAN3B8Wsv51yR4vagctw/L0x7ZeHGCUr8JAlcoBF8+tvUY2jl9l2/QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAP00PR0y8ZNFGbt4siEl04TBE3yMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvQV9UUTlIVEx4azBVWnUzaXlJU1hUaE1FVGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW8bmAwQA
W8cDAwQAwSWFAwQAwcGkAwQAwmt9MA0GCSqGSIb3DQEBCwUAA4IBAQBdzAKNDIbI
U56YSQ3SEsQQHtb2kStfpLPG41Cm/whgOtIbfAtVdgfpaJvEvWl7FinQ8HJkQTrA
4iMqHSrpZeSVay+uR2/GnvonsuYIMJ9f3DXOZJw5KVxAzNginNjjfuydYnDOgUoE
lFHNYTsKAJaeWIUe3x8iLbSw/eeG4Y96IDqq7lMi2sj1cpnW3iAWt8KgoUQH32en
Y84XYfUeG6BtqbEcCb6sExKPyaKU5ErYVsYcJ+oIAMnmigtU8YnpMNTyoDkeVBv+
w/bs3zbEaNWBoMZ/erM9etebcHl0/hfud8edyWPzL58OsSLVoiMOxlR5+c5JqX2K
D49fhHBCKaj/
-----END CERTIFICATE-----
Generated at Mon Feb 5 22:57:47 2024 by rpki-client on console-fra.rpki-client.org