Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/dA1lJwMDbCt1aCeU9du_0xX09pU.roa
File: dA1lJwMDbCt1aCeU9du_0xX09pU.roa (raw, json)
Hash identifier: I1WvcXtGcOEws5LvrNFK8ePGjWbobTwmqpWBz+YVBBg=
Subject key identifier: 74:0D:65:27:03:03:6C:2B:75:68:27:94:F5:DB:BF:D3:15:F4:F6:95
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DE6B3A98077252367EE468E198A6A8600
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/dA1lJwMDbCt1aCeU9du_0xX09pU.roa
Signing time: Mon 26 Feb 2024 18:35:50 +0000
ROA not before: Mon 26 Feb 2024 18:35:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 91.220.198.0/24 maxlen: 24
195.96.144.0/24 maxlen: 24
195.96.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 12:12:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e6:b3:a9:80:77:25:23:67:ee:46:8e:19:8a:6a:86:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 26 18:35:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=740d652703036c2b75682794f5dbbfd315f4f695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d6:fb:cc:be:b8:0f:6b:76:99:de:7f:3a:1b:
5a:de:ec:e7:d0:c5:7b:0a:c1:22:db:35:e8:34:aa:
74:dc:dc:ea:01:ce:fd:40:56:cb:00:7d:0c:09:67:
36:27:a1:7e:77:0b:d1:63:dd:2e:bf:7f:13:45:d7:
6e:f2:08:53:28:55:81:95:b8:14:63:42:e0:6a:6b:
20:00:15:73:34:a2:f2:54:90:bf:7e:fb:a0:e0:a6:
54:22:fb:8d:af:71:5b:84:de:96:45:e8:d5:ee:2c:
13:1b:03:33:d8:88:53:3b:c5:6f:07:c1:a3:a8:a9:
19:07:05:ba:ce:b9:2e:d2:55:2b:8a:60:75:b1:b1:
ef:3f:0f:17:5d:14:99:a8:a1:c0:14:23:d0:1b:fd:
16:fd:b8:9b:1e:80:98:71:e9:1f:86:56:8b:69:2b:
00:7c:db:ca:a7:29:60:90:40:e1:c5:2e:49:b7:35:
19:62:bb:c4:dc:fb:fa:21:e8:b2:ab:65:d8:b8:2e:
64:d7:f8:ce:93:da:5c:6c:10:ce:59:3b:25:d8:a2:
57:01:bc:67:d7:28:e5:66:17:80:c9:ca:40:a8:2f:
b0:de:df:20:78:8d:fa:6f:ff:ae:4f:82:1b:45:37:
d9:7a:32:0b:67:58:f4:b1:22:8d:73:11:b1:54:7c:
d8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:0D:65:27:03:03:6C:2B:75:68:27:94:F5:DB:BF:D3:15:F4:F6:95
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/dA1lJwMDbCt1aCeU9du_0xX09pU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.198.0/24
195.96.144.0/24
195.96.147.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:df:60:7d:f2:7e:65:b4:fc:45:23:59:29:bd:26:e7:7a:6a:
ff:80:0c:80:23:cb:b4:61:e3:11:f6:90:db:8b:05:db:e6:6d:
32:70:a6:fd:bd:42:28:cb:e9:bf:c0:e1:1b:e8:af:81:b8:9a:
5c:12:b6:09:c9:f1:0e:95:6d:dc:e7:e9:6e:05:20:23:4e:d8:
70:ae:a3:85:53:cf:78:d7:c6:83:91:5a:d1:8c:7e:9a:f1:66:
bc:48:9b:3d:50:71:46:29:6e:aa:2c:15:06:6a:d1:99:b3:da:
05:52:99:97:fd:22:24:9c:ed:91:75:c6:03:32:a3:1b:1a:f6:
63:e3:9e:1f:af:2c:34:c4:59:2e:bb:3e:d0:c9:15:5d:2b:0a:
2b:ab:90:8f:74:ef:d8:fd:7e:4b:ed:6b:e7:63:8f:0a:96:ef:
d9:5d:8d:ea:68:ef:62:95:f0:d0:d5:ae:3c:95:ce:48:9a:0e:
3b:8a:ec:57:ad:ba:32:d8:1b:90:93:43:5d:a2:05:6d:aa:e5:
9d:74:11:ce:c1:9d:44:be:e3:03:08:36:aa:25:ab:2a:c5:a4:
49:a7:f9:87:5a:8a:26:6b:d0:cb:d9:b1:62:2f:79:94:0f:dc:
86:f6:3a:df:44:b6:af:a6:ac:c7:dc:2a:c8:c4:f7:dc:78:44:
d0:8f:84:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3ms6mAdyUjZ+5GjhmKaoYAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjI2MTgzNTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDBkNjUyNzAzMDM2YzJiNzU2ODI3OTRmNWRiYmZkMzE1ZjRmNjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9b7zL64D2t2md5/Ohta3uzn0MV7
CsEi2zXoNKp03NzqAc79QFbLAH0MCWc2J6F+dwvRY90uv38TRddu8ghTKFWBlbgU
Y0LgamsgABVzNKLyVJC/fvug4KZUIvuNr3FbhN6WRejV7iwTGwMz2IhTO8VvB8Gj
qKkZBwW6zrku0lUrimB1sbHvPw8XXRSZqKHAFCPQG/0W/bibHoCYcekfhlaLaSsA
fNvKpylgkEDhxS5JtzUZYrvE3Pv6Ieiyq2XYuC5k1/jOk9pcbBDOWTsl2KJXAbxn
1yjlZheAycpAqC+w3t8geI36b/+uT4IbRTfZejILZ1j0sSKNcxGxVHzYNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHQNZScDA2wrdWgnlPXbv9MV9PaVMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvZEExbEp3TURiQ3QxYUNlVTlkdV8weFgwOXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9zGAwQA
w2CQAwQAw2CTMA0GCSqGSIb3DQEBCwUAA4IBAQBt32B98n5ltPxFI1kpvSbnemr/
gAyAI8u0YeMR9pDbiwXb5m0ycKb9vUIoy+m/wOEb6K+BuJpcErYJyfEOlW3c5+lu
BSAjTthwrqOFU89418aDkVrRjH6a8Wa8SJs9UHFGKW6qLBUGatGZs9oFUpmX/SIk
nO2RdcYDMqMbGvZj454fryw0xFkuuz7QyRVdKworq5CPdO/Y/X5L7WvnY48Klu/Z
XY3qaO9ilfDQ1a48lc5Img47iuxXrboy2BuQk0NdogVtquWddBHOwZ1EvuMDCDaq
JasqxaRJp/mHWooma9DL2bFiL3mUD9yG9jrfRLavpqzH3CrIxPfceETQj4TW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:48 2024 by rpki-client on console-ams.rpki-client.org