Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/ni8mUEb-CY6z_a0G1fVTNXh-CTw.roa
File: ni8mUEb-CY6z_a0G1fVTNXh-CTw.roa (raw, json)
Hash identifier: oOC+NqPPUZTN15pqtNPP2NE+MIG8C5O+iLMtaMo8PUI=
Subject key identifier: 9E:2F:26:50:46:FE:09:8E:B3:FD:AD:06:D5:F5:53:35:78:7E:09:3C
Certificate issuer: /CN=576d59494a0a927f7a68f909ecef577cd503db1c
Certificate serial: 01856F393E3BB202CCA02AD621E2A4C0871B
Authority key identifier: 57:6D:59:49:4A:0A:92:7F:7A:68:F9:09:EC:EF:57:7C:D5:03:DB:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V21ZSUoKkn96aPkJ7O9XfNUD2xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/ni8mUEb-CY6z_a0G1fVTNXh-CTw.roa
Signing time: Sun 01 Jan 2023 21:25:00 +0000
ROA not before: Sun 01 Jan 2023 21:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50812
IP address blocks: 185.30.48.0/24 maxlen: 24
193.105.252.0/24 maxlen: 24
91.224.6.0/24 maxlen: 24
91.224.7.0/24 maxlen: 24
91.193.107.0/24 maxlen: 24
91.193.106.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:3e:3b:b2:02:cc:a0:2a:d6:21:e2:a4:c0:87:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=576d59494a0a927f7a68f909ecef577cd503db1c
Validity
Not Before: Jan 1 21:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e2f265046fe098eb3fdad06d5f55335787e093c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7e:0d:72:b9:3f:46:24:39:16:15:de:8d:9e:
c9:fc:6c:1d:34:d6:d6:89:af:92:77:c5:77:8a:91:
c4:a1:6a:a3:3e:7b:09:4f:1e:41:e8:95:f1:1b:f0:
4d:38:e0:e4:71:ea:f9:f0:a2:a1:74:42:41:29:ff:
04:f5:00:6e:f0:96:66:d3:8d:c1:10:e0:93:10:10:
1e:91:d3:77:0c:20:59:1b:2f:ca:e5:78:50:7d:63:
17:4a:b1:d6:bc:fa:47:23:71:88:04:e1:e6:c2:b7:
68:6d:da:c2:4e:be:ee:51:52:ed:6f:15:c8:07:e5:
e4:8f:e7:93:00:99:b7:8c:be:ed:d5:49:bc:db:b9:
1c:19:64:7a:cb:be:63:d8:92:37:b1:fe:57:75:b2:
97:f2:6a:1e:7c:ad:ed:66:71:8a:14:8a:95:51:ec:
3a:8d:da:a0:a8:8b:ef:eb:dc:96:24:ac:98:95:0e:
fd:0c:b3:97:6a:db:df:af:01:db:40:71:d5:35:1e:
e3:ba:15:32:b9:56:16:f1:dd:65:02:2b:23:0b:05:
08:a7:6a:bc:48:d4:da:12:6e:92:b7:fb:8a:b9:88:
1c:a7:f3:03:ed:52:f6:72:1b:db:00:0f:20:db:b9:
ca:5d:eb:7a:f2:9f:4d:6b:72:31:46:5d:1b:91:da:
e7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:2F:26:50:46:FE:09:8E:B3:FD:AD:06:D5:F5:53:35:78:7E:09:3C
X509v3 Authority Key Identifier:
keyid:57:6D:59:49:4A:0A:92:7F:7A:68:F9:09:EC:EF:57:7C:D5:03:DB:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V21ZSUoKkn96aPkJ7O9XfNUD2xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/ni8mUEb-CY6z_a0G1fVTNXh-CTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/V21ZSUoKkn96aPkJ7O9XfNUD2xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.106.0/23
91.224.6.0/23
185.30.48.0/24
193.105.252.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:78:49:7b:dc:33:2b:7e:84:58:08:6a:7b:0f:70:e9:7a:73:
1f:20:14:3e:a6:1a:6a:fe:fc:23:82:56:d5:0c:b8:56:55:c0:
85:aa:42:66:ad:67:a5:d0:f1:4f:bc:81:99:ef:8c:24:06:f5:
90:5c:a7:50:d2:fb:db:15:3a:37:32:b2:85:20:47:4f:92:9d:
00:0f:18:ca:cf:e4:fd:cc:db:44:8f:5b:8b:1e:ea:c9:90:6c:
b6:21:3d:f0:22:51:b3:e4:55:8c:e8:9c:f2:1f:b4:e6:82:36:
c8:85:33:8c:25:41:4b:81:8b:41:4f:6d:75:46:7c:9b:ff:09:
e4:28:e5:52:20:21:4b:19:08:a0:1c:21:fd:42:dc:4a:2c:e1:
53:b9:91:5a:4d:49:e0:66:94:9c:52:ed:41:dc:1a:77:13:a4:
87:b3:a9:16:ef:71:85:a1:a7:ae:48:22:8d:8b:df:65:fd:42:
fc:ce:24:00:2c:df:df:7a:ee:36:e6:14:a2:25:c8:e8:e2:9c:
bb:0f:9c:5e:44:17:8c:fa:26:54:ec:9d:e4:da:1a:4e:d7:c9:
18:13:54:03:36:ed:25:91:cf:00:d8:d9:84:53:88:23:ba:a5:
fd:c1:fd:9b:dd:af:30:57:47:db:2d:bf:56:b8:d3:6f:e9:b1:
dc:0a:8d:a7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvOT47sgLMoCrWIeKkwIcbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NmQ1OTQ5NGEwYTkyN2Y3YTY4ZjkwOWVjZWY1NzdjZDUw
M2RiMWMwHhcNMjMwMTAxMjEyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTJmMjY1MDQ2ZmUwOThlYjNmZGFkMDZkNWY1NTMzNTc4N2UwOTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH4Ncrk/RiQ5FhXejZ7J/GwdNNbW
ia+Sd8V3ipHEoWqjPnsJTx5B6JXxG/BNOODkcer58KKhdEJBKf8E9QBu8JZm043B
EOCTEBAekdN3DCBZGy/K5XhQfWMXSrHWvPpHI3GIBOHmwrdobdrCTr7uUVLtbxXI
B+Xkj+eTAJm3jL7t1Um827kcGWR6y75j2JI3sf5XdbKX8moefK3tZnGKFIqVUew6
jdqgqIvv69yWJKyYlQ79DLOXatvfrwHbQHHVNR7juhUyuVYW8d1lAisjCwUIp2q8
SNTaEm6St/uKuYgcp/MD7VL2chvbAA8g27nKXet68p9Na3IxRl0bkdrnaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ4vJlBG/gmOs/2tBtX1UzV4fgk8MB8GA1UdIwQY
MBaAFFdtWUlKCpJ/emj5CezvV3zVA9scMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjIxWlNVb0trbjk2YVBrSjdPOVhmTlVEMnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9hODk2NDQtOTMxNi00ZThiLTgxYTQt
MWYxOWE4YmRhM2VkLzEvbmk4bVVFYi1DWTZ6X2EwRzFmVlROWGgtQ1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9hODk2NDQtOTMxNi00ZThiLTgxYTQtMWYxOWE4YmRhM2Vk
LzEvVjIxWlNVb0trbjk2YVBrSjdPOVhmTlVEMnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW8FqAwQB
W+AGAwQAuR4wAwQAwWn8MA0GCSqGSIb3DQEBCwUAA4IBAQBueEl73DMrfoRYCGp7
D3DpenMfIBQ+phpq/vwjglbVDLhWVcCFqkJmrWel0PFPvIGZ74wkBvWQXKdQ0vvb
FTo3MrKFIEdPkp0ADxjKz+T9zNtEj1uLHurJkGy2IT3wIlGz5FWM6JzyH7TmgjbI
hTOMJUFLgYtBT211Rnyb/wnkKOVSICFLGQigHCH9QtxKLOFTuZFaTUngZpScUu1B
3Bp3E6SHs6kW73GFoaeuSCKNi99l/UL8ziQALN/feu425hSiJcjo4py7D5xeRBeM
+iZU7J3k2hpO18kYE1QDNu0lkc8A2NmEU4gjuqX9wf2b3a8wV0fbLb9WuNNv6bHc
Co2n
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:16 2024 by rpki-client on console-fra.rpki-client.org