Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/n0FokiRkVFifzJAB-mEWUGWd_J8.roa
File: n0FokiRkVFifzJAB-mEWUGWd_J8.roa (raw, json)
Hash identifier: d49RZthQd0rBvDFiMp4pTf8M67X+goiuP784zPud8Vs=
Subject key identifier: 9F:41:68:92:24:64:54:58:9F:CC:90:01:FA:61:16:50:65:9D:FC:9F
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DD1E8C3D1BBE6C62DD4C1E9465C8137B2
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/n0FokiRkVFifzJAB-mEWUGWd_J8.roa
Signing time: Thu 22 Feb 2024 17:41:49 +0000
ROA not before: Thu 22 Feb 2024 17:41:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 91.246.48.0/24 maxlen: 24
91.247.166.0/24 maxlen: 24
91.247.173.0/24 maxlen: 24
176.97.203.0/24 maxlen: 24
193.160.219.0/24 maxlen: 24
194.105.60.0/24 maxlen: 24
194.107.92.0/24 maxlen: 24
217.198.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 12:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d1:e8:c3:d1:bb:e6:c6:2d:d4:c1:e9:46:5c:81:37:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 22 17:41:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f416892246454589fcc9001fa611650659dfc9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:37:f0:f3:4a:6e:23:51:b8:df:2f:95:99:4e:
1f:51:b7:12:f0:5a:44:25:6b:2c:74:c9:72:6a:47:
8a:7c:7e:e0:c0:d6:d4:00:aa:52:ad:d3:c8:8f:35:
a7:16:a9:c1:e4:53:62:72:17:94:c3:15:d8:53:fd:
69:d4:68:01:e4:29:89:08:a1:48:23:0c:23:82:58:
c0:d4:85:5f:2b:8f:3c:5f:e0:e3:24:c1:9e:e7:86:
dd:b6:02:57:62:f3:c4:36:3a:1b:7c:9e:c8:29:69:
96:b0:cc:b5:3e:30:9b:5f:62:43:bf:9e:eb:7f:bc:
d9:cd:22:7e:63:6c:c3:68:b6:7a:e5:de:34:52:31:
c4:e8:30:65:13:96:a9:f2:d3:ff:55:aa:32:95:7d:
8e:7b:d5:9d:57:85:cf:ea:ba:d2:ac:33:ed:6c:38:
06:ab:d3:ef:58:a0:46:b5:26:69:00:f3:92:8a:14:
88:47:5f:e1:98:dd:b2:8b:1e:4f:4c:7d:11:cd:d3:
bc:fb:b8:d4:9d:5c:4c:a1:af:9f:b0:49:3a:57:03:
d2:b1:de:f8:9f:85:37:90:a2:05:87:a3:bf:aa:c4:
b3:61:96:fd:06:d4:e2:12:f2:a1:c7:6f:65:19:e6:
cf:9b:d2:77:87:f4:58:78:1b:37:60:28:54:19:69:
23:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:41:68:92:24:64:54:58:9F:CC:90:01:FA:61:16:50:65:9D:FC:9F
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/n0FokiRkVFifzJAB-mEWUGWd_J8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.48.0/24
91.247.166.0/24
91.247.173.0/24
176.97.203.0/24
193.160.219.0/24
194.105.60.0/24
194.107.92.0/24
217.198.180.0/24
Signature Algorithm: sha256WithRSAEncryption
56:13:8b:a3:56:5b:5b:64:c7:29:9d:18:d4:ed:f2:65:25:b1:
09:8c:e9:d9:19:73:2a:91:63:4d:55:ed:c9:34:c4:30:9d:97:
ef:7a:4f:9a:60:9a:5f:e0:d3:cb:e3:61:5b:16:c4:ac:70:c0:
be:95:5e:f9:e9:e7:0a:7a:d4:63:e8:27:7f:a3:c7:6f:78:e8:
3e:e7:61:b2:7b:7c:3a:c0:1e:b6:66:d6:b2:d3:fa:7e:db:80:
67:38:26:02:ad:e8:49:69:52:58:92:0a:d0:ff:ad:b6:ca:f8:
a2:d9:59:e6:bd:34:99:1e:c6:17:36:bf:e7:fe:16:de:8b:ec:
66:e4:02:48:bf:77:8e:c3:52:6f:e2:ee:e9:7c:44:5b:19:50:
2d:c8:25:2a:13:65:1f:e4:e3:d9:73:e1:d0:b9:fc:c2:ab:22:
00:7f:19:1f:96:b5:e3:d3:05:be:b0:2c:0a:cf:27:11:ee:c4:
d3:9f:f4:69:8f:55:00:4a:6b:2b:9b:7d:e7:05:fc:2a:67:b1:
e7:66:2c:92:ec:43:3a:85:0b:34:eb:8a:46:40:ad:08:a9:a3:
83:ec:75:59:da:10:2f:20:86:39:0f:c1:d1:b6:06:b3:c6:a1:
b0:cb:2f:44:e4:22:bd:32:1e:23:4b:e8:a9:33:6c:74:bd:62:
d4:e9:e5:b0
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY3R6MPRu+bGLdTB6UZcgTeyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIyMTc0MTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQxNjg5MjI0NjQ1NDU4OWZjYzkwMDFmYTYxMTY1MDY1OWRmYzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijfw80puI1G43y+VmU4fUbcS8FpE
JWssdMlyakeKfH7gwNbUAKpSrdPIjzWnFqnB5FNicheUwxXYU/1p1GgB5CmJCKFI
IwwjgljA1IVfK488X+DjJMGe54bdtgJXYvPENjobfJ7IKWmWsMy1PjCbX2JDv57r
f7zZzSJ+Y2zDaLZ65d40UjHE6DBlE5ap8tP/VaoylX2Oe9WdV4XP6rrSrDPtbDgG
q9PvWKBGtSZpAPOSihSIR1/hmN2yix5PTH0RzdO8+7jUnVxMoa+fsEk6VwPSsd74
n4U3kKIFh6O/qsSzYZb9BtTiEvKhx29lGebPm9J3h/RYeBs3YChUGWkj8QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJ9BaJIkZFRYn8yQAfphFlBlnfyfMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvbjBGb2tpUmtWRmlmekpBQi1tRVdVR1dkX0o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAW/YwAwQA
W/emAwQAW/etAwQAsGHLAwQAwaDbAwQAwmk8AwQAwmtcAwQA2ca0MA0GCSqGSIb3
DQEBCwUAA4IBAQBWE4ujVltbZMcpnRjU7fJlJbEJjOnZGXMqkWNNVe3JNMQwnZfv
ek+aYJpf4NPL42FbFsSscMC+lV756ecKetRj6Cd/o8dveOg+52Gye3w6wB62Ztay
0/p+24BnOCYCrehJaVJYkgrQ/622yvii2VnmvTSZHsYXNr/n/hbei+xm5AJIv3eO
w1Jv4u7pfERbGVAtyCUqE2Uf5OPZc+HQufzCqyIAfxkflrXj0wW+sCwKzycR7sTT
n/Rpj1UASmsrm33nBfwqZ7HnZiyS7EM6hQs064pGQK0IqaOD7HVZ2hAvIIY5D8HR
tgazxqGwyy9E5CK9Mh4jS+ipM2x0vWLU6eWw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:49 2024 by rpki-client on console-ams.rpki-client.org