Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/4d8514-0ee5-4cdb-b078-f65a93f480a8/1/DmZH-yCf_zIQ79Xgs-XwCYs3BPA.roa
File: DmZH-yCf_zIQ79Xgs-XwCYs3BPA.roa (raw, json)
Hash identifier: VLMF23gKKal4pI9phvnt66I/+N5Do4HPTErzg2gsF1c=
Subject key identifier: 0E:66:47:FB:20:9F:FF:32:10:EF:D5:E0:B3:E5:F0:09:8B:37:04:F0
Certificate issuer: /CN=1c9c0b1d2144214ea4913c7d63b26fe26a472efe
Certificate serial: 01856D940EEDBA45C061062567B1D67EAF7F
Authority key identifier: 1C:9C:0B:1D:21:44:21:4E:A4:91:3C:7D:63:B2:6F:E2:6A:47:2E:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJwLHSFEIU6kkTx9Y7Jv4mpHLv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/4d8514-0ee5-4cdb-b078-f65a93f480a8/1/DmZH-yCf_zIQ79Xgs-XwCYs3BPA.roa
Signing time: Sun 01 Jan 2023 13:44:57 +0000
ROA not before: Sun 01 Jan 2023 13:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58310
IP address blocks: 91.109.224.0/23 maxlen: 23
91.109.226.0/23 maxlen: 23
185.173.72.0/24 maxlen: 24
185.173.73.0/24 maxlen: 24
185.173.72.0/22 maxlen: 22
185.173.72.0/23 maxlen: 23
185.173.74.0/23 maxlen: 23
91.109.230.0/23 maxlen: 23
91.109.228.0/23 maxlen: 23
2a0b:3901::/48 maxlen: 48
2a0b:3901::/47 maxlen: 47
2a0b:3901:1::/48 maxlen: 48
2a0b:3900::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:94:0e:ed:ba:45:c0:61:06:25:67:b1:d6:7e:af:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c9c0b1d2144214ea4913c7d63b26fe26a472efe
Validity
Not Before: Jan 1 13:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e6647fb209fff3210efd5e0b3e5f0098b3704f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f4:4d:65:bf:ec:01:4e:82:7c:95:1e:13:06:
a5:26:d9:97:0c:93:d1:d4:d4:56:70:02:88:6b:e7:
96:b3:a4:33:4a:a9:13:10:d5:f4:f6:1a:71:76:76:
4f:6b:de:25:b7:ef:50:f7:e1:0c:48:af:7a:f3:91:
ac:7c:45:b6:98:99:ab:58:d8:bc:3b:45:54:f8:c5:
d7:e6:88:e0:08:ea:57:c0:4b:09:b5:45:55:6e:f1:
a7:dc:9b:08:b0:8c:41:ce:0a:76:ed:cc:f4:16:36:
6f:80:cf:3b:c2:78:47:23:03:4d:f1:f7:28:a7:8c:
ef:27:1d:a4:f4:c0:ac:29:f5:2e:71:4c:83:44:76:
c2:30:5a:88:c6:01:c8:ba:74:c0:4d:95:e7:ad:28:
1a:67:66:60:47:e1:be:2f:09:55:4e:27:dd:3e:8f:
d6:89:fd:44:07:c0:e2:95:4f:9e:9b:2c:ef:d9:fa:
ee:80:68:27:ea:39:e1:c8:64:70:59:5d:1c:84:b9:
b0:e4:1c:25:e1:54:01:46:2f:35:eb:9a:b7:5a:13:
cf:85:3c:e0:c4:43:a5:40:af:6d:c2:8c:91:a7:5f:
f2:13:bd:ff:62:5e:ee:61:4e:d9:04:22:21:ff:7b:
91:75:06:a8:43:86:cf:2c:84:9c:e0:f2:27:c1:fd:
7e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:66:47:FB:20:9F:FF:32:10:EF:D5:E0:B3:E5:F0:09:8B:37:04:F0
X509v3 Authority Key Identifier:
keyid:1C:9C:0B:1D:21:44:21:4E:A4:91:3C:7D:63:B2:6F:E2:6A:47:2E:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJwLHSFEIU6kkTx9Y7Jv4mpHLv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/4d8514-0ee5-4cdb-b078-f65a93f480a8/1/DmZH-yCf_zIQ79Xgs-XwCYs3BPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/4d8514-0ee5-4cdb-b078-f65a93f480a8/1/HJwLHSFEIU6kkTx9Y7Jv4mpHLv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.224.0/21
185.173.72.0/22
IPv6:
2a0b:3900::/29
Signature Algorithm: sha256WithRSAEncryption
80:f4:b6:9e:d3:e1:08:3b:c2:4e:43:59:ba:ea:1c:b1:37:1f:
53:45:e0:2a:be:bb:94:97:52:fb:d1:57:a4:71:5f:60:44:3e:
7d:0b:9f:7f:8a:ab:f1:94:76:8b:fb:52:38:68:0c:93:35:f0:
d7:66:58:95:3a:85:a0:fd:43:ee:a3:90:77:76:66:f3:d2:30:
27:78:61:56:20:c9:6b:71:33:3b:7a:bf:1e:42:32:af:58:9f:
6d:98:af:2c:ef:d4:bd:7e:ee:99:3f:68:09:a3:ed:83:9a:b4:
1f:ce:4e:17:1a:86:26:88:6d:53:83:5a:f6:05:c6:59:3a:6d:
48:8d:d9:1d:6e:3f:d2:d1:22:94:24:5d:94:59:65:ec:c2:b8:
f3:97:67:1b:62:64:9a:85:8a:df:3f:8b:35:e5:02:51:26:57:
60:42:dd:8d:88:63:f4:82:de:92:fc:5a:17:74:04:ac:f1:bc:
85:c0:3f:57:e5:60:b3:35:e5:39:e9:75:fc:c7:34:35:0c:da:
1c:4c:c7:e5:eb:e4:9e:5e:29:13:27:20:d2:6b:0b:fc:e6:11:
16:d7:e7:35:7c:46:dd:93:d5:c0:79:f7:35:85:f8:f7:1a:0f:
65:71:75:e7:10:72:bf:66:4d:20:94:2a:07:12:ee:3b:91:fb:
51:85:d3:5a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtlA7tukXAYQYlZ7HWfq9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOWMwYjFkMjE0NDIxNGVhNDkxM2M3ZDYzYjI2ZmUyNmE0
NzJlZmUwHhcNMjMwMTAxMTM0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTY2NDdmYjIwOWZmZjMyMTBlZmQ1ZTBiM2U1ZjAwOThiMzcwNGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvRNZb/sAU6CfJUeEwalJtmXDJPR
1NRWcAKIa+eWs6QzSqkTENX09hpxdnZPa94lt+9Q9+EMSK9685GsfEW2mJmrWNi8
O0VU+MXX5ojgCOpXwEsJtUVVbvGn3JsIsIxBzgp27cz0FjZvgM87wnhHIwNN8fco
p4zvJx2k9MCsKfUucUyDRHbCMFqIxgHIunTATZXnrSgaZ2ZgR+G+LwlVTifdPo/W
if1EB8DilU+emyzv2frugGgn6jnhyGRwWV0chLmw5Bwl4VQBRi8165q3WhPPhTzg
xEOlQK9twoyRp1/yE73/Yl7uYU7ZBCIh/3uRdQaoQ4bPLISc4PInwf1+awIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA5mR/sgn/8yEO/V4LPl8AmLNwTwMB8GA1UdIwQY
MBaAFBycCx0hRCFOpJE8fWOyb+JqRy7+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEp3TEhTRkVJVTZra1R4OVk3SnY0bXBITHY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80ZDg1MTQtMGVlNS00Y2RiLWIwNzgt
ZjY1YTkzZjQ4MGE4LzEvRG1aSC15Q2ZfeklRNzlYZ3MtWHdDWXMzQlBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80ZDg1MTQtMGVlNS00Y2RiLWIwNzgtZjY1YTkzZjQ4MGE4
LzEvSEp3TEhTRkVJVTZra1R4OVk3SnY0bXBITHY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDW23gAwQC
ua1IMA0EAgACMAcDBQMqCzkAMA0GCSqGSIb3DQEBCwUAA4IBAQCA9Lae0+EIO8JO
Q1m66hyxNx9TReAqvruUl1L70VekcV9gRD59C59/iqvxlHaL+1I4aAyTNfDXZliV
OoWg/UPuo5B3dmbz0jAneGFWIMlrcTM7er8eQjKvWJ9tmK8s79S9fu6ZP2gJo+2D
mrQfzk4XGoYmiG1Tg1r2BcZZOm1Ijdkdbj/S0SKUJF2UWWXswrjzl2cbYmSahYrf
P4s15QJRJldgQt2NiGP0gt6S/FoXdASs8byFwD9X5WCzNeU56XX8xzQ1DNocTMfl
6+SeXikTJyDSawv85hEW1+c1fEbdk9XAefc1hfj3Gg9lcXXnEHK/Zk0glCoHEu47
kftRhdNa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:45 2024 by rpki-client on console-fra.rpki-client.org