Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/606dde-fc51-456e-b5f1-dcaf7ef7ae3a/1/EO43dX84VQfHrZ7HCeV_VVDoj2c.roa
File: EO43dX84VQfHrZ7HCeV_VVDoj2c.roa (raw, json)
Hash identifier: TZOsaBznKOsWUU2xkdiwtjeMLei1PHUmx1HbVvYWaJ0=
Subject key identifier: 10:EE:37:75:7F:38:55:07:C7:AD:9E:C7:09:E5:7F:55:50:E8:8F:67
Certificate issuer: /CN=58dd1017c53457a8a921419687bde8a8b8eb5611
Certificate serial: 018571F0E7E6925DC01A2386825295D78F06
Authority key identifier: 58:DD:10:17:C5:34:57:A8:A9:21:41:96:87:BD:E8:A8:B8:EB:56:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WN0QF8U0V6ipIUGWh73oqLjrVhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/606dde-fc51-456e-b5f1-dcaf7ef7ae3a/1/EO43dX84VQfHrZ7HCeV_VVDoj2c.roa
Signing time: Mon 02 Jan 2023 10:04:51 +0000
ROA not before: Mon 02 Jan 2023 10:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43842
IP address blocks: 91.195.162.0/24 maxlen: 24
193.138.92.0/24 maxlen: 24
91.195.163.0/24 maxlen: 24
91.193.51.0/24 maxlen: 24
91.193.48.0/24 maxlen: 24
91.193.49.0/24 maxlen: 24
91.193.50.0/24 maxlen: 24
209.35.197.0/24 maxlen: 24
193.28.155.0/24 maxlen: 24
195.62.19.0/24 maxlen: 24
195.62.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:e7:e6:92:5d:c0:1a:23:86:82:52:95:d7:8f:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58dd1017c53457a8a921419687bde8a8b8eb5611
Validity
Not Before: Jan 2 10:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10ee37757f385507c7ad9ec709e57f5550e88f67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c6:dc:56:f3:9c:11:d9:53:7d:aa:c0:ef:b1:
3e:10:90:3a:28:38:3e:ec:9c:2f:7f:00:e3:89:8e:
d9:e4:d7:60:1a:1e:6b:a0:81:7e:67:ef:a1:c4:bc:
b8:46:2d:a2:d3:d4:b6:3f:44:6b:27:ad:7a:bb:a0:
3e:03:0c:4c:67:1d:a4:2d:4a:85:1f:99:d3:d5:cd:
0f:52:f0:8d:a2:cd:0f:f8:a5:ee:e0:ec:85:6e:d8:
39:74:c4:db:91:33:68:c8:3f:12:31:62:78:ed:aa:
0e:d0:13:6a:ff:ba:a4:b5:1e:b4:fa:b3:ae:10:b1:
75:d1:7f:6e:d8:24:a2:1a:44:37:39:d6:be:89:93:
db:62:93:ff:02:21:b8:c7:b9:11:1f:ae:e2:70:be:
4b:12:40:bf:da:e9:a5:98:96:98:83:51:cc:17:4b:
2f:e8:19:8f:03:86:d4:37:78:07:9c:e4:a6:98:19:
16:f2:2b:43:4f:bf:00:3f:fd:66:7d:e8:77:1f:91:
bd:03:34:5a:70:7d:06:a3:f2:75:c6:9d:3e:31:fc:
f6:0e:b5:9b:19:63:63:2d:00:12:bb:1c:95:23:70:
73:12:3d:53:2e:99:d6:fb:07:52:12:d7:03:a7:77:
cc:a6:00:b8:76:eb:8d:1e:bf:3e:14:c2:3e:2a:a1:
aa:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:EE:37:75:7F:38:55:07:C7:AD:9E:C7:09:E5:7F:55:50:E8:8F:67
X509v3 Authority Key Identifier:
keyid:58:DD:10:17:C5:34:57:A8:A9:21:41:96:87:BD:E8:A8:B8:EB:56:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WN0QF8U0V6ipIUGWh73oqLjrVhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/606dde-fc51-456e-b5f1-dcaf7ef7ae3a/1/EO43dX84VQfHrZ7HCeV_VVDoj2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/606dde-fc51-456e-b5f1-dcaf7ef7ae3a/1/WN0QF8U0V6ipIUGWh73oqLjrVhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.48.0/22
91.195.162.0/23
193.28.155.0/24
193.138.92.0/24
195.62.18.0/23
209.35.197.0/24
Signature Algorithm: sha256WithRSAEncryption
45:59:07:46:a7:d8:06:2f:0a:24:ac:f7:2f:ce:a0:63:cd:5b:
d0:d8:50:1e:3d:66:45:0e:6e:ad:73:06:fb:e9:31:11:47:92:
2a:8c:09:98:17:1a:71:73:f0:3c:2f:42:c0:fa:27:ec:83:21:
55:4f:2b:ec:e2:e2:b1:ad:1e:e9:8f:1b:80:a9:02:31:eb:76:
0a:4e:9e:16:e4:af:2f:25:f6:af:9e:d9:6e:32:fe:0e:27:ef:
71:26:90:ad:b2:a0:db:f8:17:e8:3c:7d:fa:5f:2b:50:f4:f8:
1b:79:74:47:d1:cc:b2:1a:6a:d2:e3:3e:47:3b:ec:d6:48:6a:
9d:49:8d:f8:65:e4:52:a4:bd:9a:c2:e2:d3:95:43:d1:84:00:
0b:1a:45:a3:c9:8d:64:6b:c0:66:50:44:54:93:1f:44:91:22:
05:68:0c:68:94:31:6e:64:9d:c0:51:f6:2d:47:cb:6c:da:0e:
d1:aa:12:01:b5:dd:8b:83:ab:99:2a:6e:eb:58:08:bf:8d:67:
9e:2a:e1:3e:3e:c2:21:30:ad:1a:a5:44:ac:b9:78:14:35:8b:
d5:7c:fb:64:53:a8:bf:45:03:ed:20:1e:74:65:b0:38:3c:29:
5f:cd:81:b3:69:38:73:4c:36:b7:ff:55:87:05:a2:20:14:ed:
39:66:a5:da
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVx8Ofmkl3AGiOGglKV148GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZGQxMDE3YzUzNDU3YThhOTIxNDE5Njg3YmRlOGE4Yjhl
YjU2MTEwHhcNMjMwMTAyMTAwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGVlMzc3NTdmMzg1NTA3YzdhZDllYzcwOWU1N2Y1NTUwZTg4ZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8bcVvOcEdlTfarA77E+EJA6KDg+
7JwvfwDjiY7Z5NdgGh5roIF+Z++hxLy4Ri2i09S2P0RrJ616u6A+AwxMZx2kLUqF
H5nT1c0PUvCNos0P+KXu4OyFbtg5dMTbkTNoyD8SMWJ47aoO0BNq/7qktR60+rOu
ELF10X9u2CSiGkQ3Oda+iZPbYpP/AiG4x7kRH67icL5LEkC/2umlmJaYg1HMF0sv
6BmPA4bUN3gHnOSmmBkW8itDT78AP/1mfeh3H5G9AzRacH0Go/J1xp0+Mfz2DrWb
GWNjLQASuxyVI3BzEj1TLpnW+wdSEtcDp3fMpgC4duuNHr8+FMI+KqGqvwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBDuN3V/OFUHx62exwnlf1VQ6I9nMB8GA1UdIwQY
MBaAFFjdEBfFNFeoqSFBloe96Ki461YRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV04wUUY4VTBWNmlwSVVHV2g3M29xTGpyVmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC82MDZkZGUtZmM1MS00NTZlLWI1ZjEt
ZGNhZjdlZjdhZTNhLzEvRU80M2RYODRWUWZIclo3SENlVl9WVkRvajJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC82MDZkZGUtZmM1MS00NTZlLWI1ZjEtZGNhZjdlZjdhZTNh
LzEvV04wUUY4VTBWNmlwSVVHV2g3M29xTGpyVmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCW8EwAwQB
W8OiAwQAwRybAwQAwYpcAwQBwz4SAwQA0SPFMA0GCSqGSIb3DQEBCwUAA4IBAQBF
WQdGp9gGLwokrPcvzqBjzVvQ2FAePWZFDm6tcwb76TERR5IqjAmYFxpxc/A8L0LA
+ifsgyFVTyvs4uKxrR7pjxuAqQIx63YKTp4W5K8vJfavntluMv4OJ+9xJpCtsqDb
+BfoPH36XytQ9PgbeXRH0cyyGmrS4z5HO+zWSGqdSY34ZeRSpL2awuLTlUPRhAAL
GkWjyY1ka8BmUERUkx9EkSIFaAxolDFuZJ3AUfYtR8ts2g7RqhIBtd2Lg6uZKm7r
WAi/jWeeKuE+PsIhMK0apUSsuXgUNYvVfPtkU6i/RQPtIB50ZbA4PClfzYGzaThz
TDa3/1WHBaIgFO05ZqXa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:46 2024 by rpki-client on console-fra.rpki-client.org