Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/beAYFmFZjw2e6TADP4DCRGMoPuc.roa
File: beAYFmFZjw2e6TADP4DCRGMoPuc.roa (raw, json)
Hash identifier: hWjr8Sz03g5MJRJsgQN7I6MuKfypRwmCx+qmQkze5Ok=
Subject key identifier: 6D:E0:18:16:61:59:8F:0D:9E:E9:30:03:3F:80:C2:44:63:28:3E:E7
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DC28042358F6CD8D27742A75D7D5F5E5D
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/beAYFmFZjw2e6TADP4DCRGMoPuc.roa
Signing time: Mon 19 Feb 2024 17:53:21 +0000
ROA not before: Mon 19 Feb 2024 17:53:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26548
IP address blocks: 91.198.230.0/24 maxlen: 24
91.199.3.0/24 maxlen: 24
193.33.66.0/24 maxlen: 24
193.37.133.0/24 maxlen: 24
193.109.221.0/24 maxlen: 24
193.193.164.0/24 maxlen: 24
194.56.255.0/24 maxlen: 24
194.107.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 18:35:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c2:80:42:35:8f:6c:d8:d2:77:42:a7:5d:7d:5f:5e:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 19 17:53:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6de0181661598f0d9ee930033f80c24463283ee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:03:52:fa:d1:fc:3f:f2:1b:59:d2:2b:1a:53:
33:b9:78:98:7d:7c:3a:17:9e:c4:b8:4c:50:95:1d:
6b:ac:a6:08:f2:26:b2:6b:e5:26:fa:31:ea:4b:eb:
87:b3:d0:6e:f1:f3:d3:bb:59:46:de:59:b3:55:92:
bb:e4:87:a8:43:6b:6d:d6:7e:a6:36:11:21:5f:b3:
d5:53:d8:34:21:00:8c:18:a3:7f:68:ee:4f:59:dd:
56:ba:d8:8b:c3:53:7d:54:c3:6d:d1:71:4b:bf:86:
18:b6:23:27:83:38:a8:55:f0:86:f7:8c:a6:ca:cb:
ac:15:11:c1:49:a3:b9:9f:fd:6a:07:60:f0:c3:3e:
c4:26:8c:09:00:6f:b6:01:6c:0e:4a:ca:e3:34:fe:
8a:20:c2:86:ee:91:a7:73:4c:2b:c9:26:a7:ca:a6:
f8:22:0b:ec:8c:b4:e8:4e:1e:3a:be:fc:d3:9d:49:
a0:61:7e:4a:19:a9:51:71:3e:75:1c:45:d8:a4:27:
5e:a8:7e:c9:94:6b:f6:56:9e:2b:89:47:2c:99:ec:
5a:14:9f:a3:fa:f8:a9:0b:06:0e:7b:54:f7:85:ea:
3b:c8:bd:90:3f:f7:5a:bd:5a:e0:65:01:c9:2b:d0:
62:05:0b:47:5b:0a:8c:a7:9a:46:d6:44:d9:97:d7:
86:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E0:18:16:61:59:8F:0D:9E:E9:30:03:3F:80:C2:44:63:28:3E:E7
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/beAYFmFZjw2e6TADP4DCRGMoPuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.230.0/24
91.199.3.0/24
193.33.66.0/24
193.37.133.0/24
193.109.221.0/24
193.193.164.0/24
194.56.255.0/24
194.107.125.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:3f:be:2d:5e:64:e4:ef:f4:5c:50:46:54:1f:3a:39:c3:2e:
d9:8b:78:e6:40:cd:7e:ee:c4:62:c9:b7:9d:7c:c1:3c:d7:fe:
be:11:de:2d:1c:6f:33:c7:7c:79:eb:58:7c:4e:1f:a8:7f:a8:
cf:e3:20:d0:79:3c:24:28:80:ab:71:fb:83:5f:ad:ad:f0:33:
67:e2:53:e1:47:13:d0:9c:d7:01:3f:88:83:06:e6:25:b7:88:
6c:2b:27:47:c7:17:cb:9e:ca:1e:90:ec:00:67:30:71:eb:1e:
58:2b:79:ee:93:5b:e7:66:b0:d4:db:c0:19:c5:08:11:6b:7d:
d1:eb:27:ad:8b:c2:b2:a9:89:bd:d5:66:da:d8:52:59:3f:af:
52:3e:de:90:2b:0d:80:79:09:db:0a:95:ca:49:56:62:2c:bb:
d9:63:f7:7b:90:f9:35:36:f6:28:46:04:04:00:02:3c:03:af:
35:2d:6e:9e:78:34:41:aa:3c:2c:b4:cc:0f:9e:ca:8b:b9:4d:
ad:9b:86:0d:0f:ab:62:d7:23:2e:74:1a:c4:fe:68:eb:4f:bb:
b3:6c:e3:0b:9e:ea:1b:6d:39:0f:60:33:36:67:e5:fd:ef:46:
e1:8b:03:8a:4b:f8:e9:8b:a9:75:4e:ca:fb:47:38:93:a2:6a:
f5:a9:b2:35
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY3CgEI1j2zY0ndCp119X15dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjE5MTc1MzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGUwMTgxNjYxNTk4ZjBkOWVlOTMwMDMzZjgwYzI0NDYzMjgzZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQNS+tH8P/IbWdIrGlMzuXiYfXw6
F57EuExQlR1rrKYI8iaya+Um+jHqS+uHs9Bu8fPTu1lG3lmzVZK75IeoQ2tt1n6m
NhEhX7PVU9g0IQCMGKN/aO5PWd1WutiLw1N9VMNt0XFLv4YYtiMngzioVfCG94ym
ysusFRHBSaO5n/1qB2Dwwz7EJowJAG+2AWwOSsrjNP6KIMKG7pGnc0wrySanyqb4
IgvsjLToTh46vvzTnUmgYX5KGalRcT51HEXYpCdeqH7JlGv2Vp4riUcsmexaFJ+j
+vipCwYOe1T3heo7yL2QP/davVrgZQHJK9BiBQtHWwqMp5pG1kTZl9eGiwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFG3gGBZhWY8NnukwAz+AwkRjKD7nMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvYmVBWUZtRlpqdzJlNlRBRFA0RENSR01vUHVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAW8bmAwQA
W8cDAwQAwSFCAwQAwSWFAwQAwW3dAwQAwcGkAwQAwjj/AwQAwmt9MA0GCSqGSIb3
DQEBCwUAA4IBAQBbP74tXmTk7/RcUEZUHzo5wy7Zi3jmQM1+7sRiybedfME81/6+
Ed4tHG8zx3x561h8Th+of6jP4yDQeTwkKICrcfuDX62t8DNn4lPhRxPQnNcBP4iD
BuYlt4hsKydHxxfLnsoekOwAZzBx6x5YK3nuk1vnZrDU28AZxQgRa33R6yeti8Ky
qYm91Wba2FJZP69SPt6QKw2AeQnbCpXKSVZiLLvZY/d7kPk1NvYoRgQEAAI8A681
LW6eeDRBqjwstMwPnsqLuU2tm4YND6ti1yMudBrE/mjrT7uzbOMLnuobbTkPYDM2
Z+X970bhiwOKS/jpi6l1Tsr7RziTomr1qbI1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org