Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/fnMm47Ac2la8ItnAzJklt0UATVg.roa
File: fnMm47Ac2la8ItnAzJklt0UATVg.roa (raw, json)
Hash identifier: 06jeCtctOGms/C3+LUKRoYaZgqr99dDIDi+72g6b0hg=
Subject key identifier: 7E:73:26:E3:B0:1C:DA:56:BC:22:D9:C0:CC:99:25:B7:45:00:4D:58
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D7A9313DEBBBC54D01DCC4523C12EF72D
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/fnMm47Ac2la8ItnAzJklt0UATVg.roa
Signing time: Mon 05 Feb 2024 18:41:15 +0000
ROA not before: Mon 05 Feb 2024 18:41:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26548
IP address blocks: 91.198.230.0/24 maxlen: 24
91.199.3.0/24 maxlen: 24
193.37.133.0/24 maxlen: 24
193.193.164.0/24 maxlen: 24
194.56.255.0/24 maxlen: 24
194.107.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 18:11:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:93:13:de:bb:bc:54:d0:1d:cc:45:23:c1:2e:f7:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 5 18:41:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e7326e3b01cda56bc22d9c0cc9925b745004d58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3b:16:cb:dd:c2:4e:dc:51:bd:bc:b6:c3:8d:
90:f9:c0:aa:73:39:0e:dc:dd:4a:50:ac:a6:8f:ba:
21:63:54:9a:d2:ad:0e:de:49:7d:c6:5d:7e:d7:a4:
1f:0c:6d:e3:99:58:7c:b4:41:25:9a:22:56:7d:bc:
c8:ff:64:c8:c1:1b:b1:d8:2a:dc:11:7d:99:0e:89:
68:9f:1e:bf:dd:a7:ea:16:51:61:11:61:ad:5b:e5:
93:a5:c3:8e:68:c4:05:a2:e6:27:10:8c:ad:49:4c:
ad:eb:12:35:e2:75:8e:c9:60:0b:dd:73:d0:f5:a1:
b7:73:e5:ca:07:63:c0:66:2f:44:9d:75:a7:d8:93:
08:ad:38:9a:d1:8f:f0:24:93:57:9e:d7:16:9e:f5:
ab:7a:a4:1c:83:59:b5:1a:c5:2c:49:e3:a7:bc:f5:
ab:c2:ce:07:52:0b:43:39:a5:c1:41:20:8e:c4:d1:
97:cc:8b:14:58:79:a5:94:5e:f8:aa:e9:29:d3:8d:
7f:4f:06:c2:19:d5:0e:a2:1c:79:ff:ae:86:16:c6:
17:9d:bc:ad:36:d1:56:7f:5e:71:f8:5a:50:a1:14:
78:5a:4c:99:7a:cb:87:ee:73:e3:db:7d:70:89:55:
b5:47:6f:a0:5a:bf:fa:1e:46:8d:e6:71:76:48:05:
97:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:73:26:E3:B0:1C:DA:56:BC:22:D9:C0:CC:99:25:B7:45:00:4D:58
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/fnMm47Ac2la8ItnAzJklt0UATVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.230.0/24
91.199.3.0/24
193.37.133.0/24
193.193.164.0/24
194.56.255.0/24
194.107.125.0/24
Signature Algorithm: sha256WithRSAEncryption
94:98:18:8d:b9:b5:83:7d:7c:f2:6e:eb:45:b3:3e:14:4d:bc:
70:22:f2:18:20:64:8c:bd:00:c0:bf:0e:f7:d3:85:45:4d:17:
54:3d:02:b0:71:e7:a5:33:90:7c:82:05:0a:b5:07:86:57:b3:
94:c1:9a:23:44:43:9e:41:b1:0e:4e:ba:26:e7:47:e5:62:e3:
70:90:3d:49:8f:af:95:30:75:3e:b8:96:74:b5:60:ee:99:28:
77:d8:1e:f9:11:b4:a4:ce:92:6b:db:a7:a0:73:93:cf:c2:28:
a3:f7:7f:63:d5:af:9d:92:62:2d:1c:dd:1e:73:57:18:f2:fb:
17:f5:5b:82:5b:50:a4:92:1c:3e:9e:e2:7c:6f:f3:56:ec:c7:
f0:d7:c7:3e:cb:32:9d:8e:92:d4:fb:df:07:9f:a4:2c:b8:82:
61:ce:07:d6:d8:c4:d9:ff:6f:af:66:6b:2b:f0:02:30:b4:41:
50:8e:09:87:ab:12:a0:4b:c6:4f:13:79:46:70:6f:7e:1a:7e:
bf:79:1c:79:60:71:ae:6f:8e:fe:40:71:a8:2d:d4:a2:bd:da:
7a:b4:26:fc:70:ec:04:68:30:a8:52:5f:9f:bc:d3:b7:76:1e:
7b:e3:8e:17:af:68:cc:24:30:91:86:83:93:b7:4b:8f:58:8a:
1e:ac:68:bf
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY16kxPeu7xU0B3MRSPBLvctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjA1MTg0MTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTczMjZlM2IwMWNkYTU2YmMyMmQ5YzBjYzk5MjViNzQ1MDA0ZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTsWy93CTtxRvby2w42Q+cCqczkO
3N1KUKymj7ohY1Sa0q0O3kl9xl1+16QfDG3jmVh8tEElmiJWfbzI/2TIwRux2Crc
EX2ZDolonx6/3afqFlFhEWGtW+WTpcOOaMQFouYnEIytSUyt6xI14nWOyWAL3XPQ
9aG3c+XKB2PAZi9EnXWn2JMIrTia0Y/wJJNXntcWnvWreqQcg1m1GsUsSeOnvPWr
ws4HUgtDOaXBQSCOxNGXzIsUWHmllF74qukp041/TwbCGdUOohx5/66GFsYXnbyt
NtFWf15x+FpQoRR4WkyZesuH7nPj231wiVW1R2+gWr/6HkaN5nF2SAWXmQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH5zJuOwHNpWvCLZwMyZJbdFAE1YMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvZm5NbTQ3QWMybGE4SXRuQXpKa2x0MFVBVFZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW8bmAwQA
W8cDAwQAwSWFAwQAwcGkAwQAwjj/AwQAwmt9MA0GCSqGSIb3DQEBCwUAA4IBAQCU
mBiNubWDfXzybutFsz4UTbxwIvIYIGSMvQDAvw7304VFTRdUPQKwceelM5B8ggUK
tQeGV7OUwZojREOeQbEOTrom50flYuNwkD1Jj6+VMHU+uJZ0tWDumSh32B75EbSk
zpJr26egc5PPwiij939j1a+dkmItHN0ec1cY8vsX9VuCW1Ckkhw+nuJ8b/NW7Mfw
18c+yzKdjpLU+98Hn6QsuIJhzgfW2MTZ/2+vZmsr8AIwtEFQjgmHqxKgS8ZPE3lG
cG9+Gn6/eRx5YHGub47+QHGoLdSivdp6tCb8cOwEaDCoUl+fvNO3dh57444Xr2jM
JDCRhoOTt0uPWIoerGi/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:49 2024 by rpki-client on console-ams.rpki-client.org