Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/M_hTrqMg6ODnyphtj2K1unt_BuE.roa
File: M_hTrqMg6ODnyphtj2K1unt_BuE.roa (raw, json)
Hash identifier: qtZ+yuy5brJlVtzpfswxQmMo48bFY3MEOY5Vp7xUOHQ=
Subject key identifier: 33:F8:53:AE:A3:20:E8:E0:E7:CA:98:6D:8F:62:B5:BA:7B:7F:06:E1
Certificate issuer: /CN=07f231365985828d5a9663ed1b440624b24fec13
Certificate serial: 01912E1A0C1B5F05DA327BEA3A3615CD3145
Authority key identifier: 07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/M_hTrqMg6ODnyphtj2K1unt_BuE.roa
Signing time: Wed 07 Aug 2024 18:29:04 +0000
ROA not before: Wed 07 Aug 2024 18:29:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.199.42.0/24 maxlen: 24
91.199.44.0/24 maxlen: 24
91.199.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Aug 2024 07:38:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2e:1a:0c:1b:5f:05:da:32:7b:ea:3a:36:15:cd:31:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07f231365985828d5a9663ed1b440624b24fec13
Validity
Not Before: Aug 7 18:29:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33f853aea320e8e0e7ca986d8f62b5ba7b7f06e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:89:09:88:23:3f:da:37:36:ca:f7:3f:04:88:
13:d1:62:4a:a8:e5:2f:fb:9c:4b:47:1c:32:af:3a:
19:a8:8c:4b:2b:86:8c:f0:0f:22:3e:41:13:0a:df:
50:15:6f:2f:c5:28:e0:3a:be:ef:56:6e:c3:52:11:
cf:b8:b8:26:14:ad:5e:19:65:26:8c:ae:21:25:30:
d2:59:1d:da:c5:74:11:ad:e0:21:5e:62:8e:22:7b:
2f:d8:6a:d9:91:63:dd:aa:a2:60:f6:bb:e9:98:a4:
d9:b9:44:26:eb:0b:d7:cf:f0:8e:40:1b:61:c3:52:
38:6a:2a:c2:f9:5d:59:01:f4:b6:43:f4:af:22:83:
43:ae:19:8e:e5:97:03:26:fe:1f:6f:64:44:1b:a0:
1b:a7:b7:9f:2b:1d:18:db:e1:21:19:11:29:ac:52:
2b:e3:6f:e4:a0:34:44:b3:8c:10:0d:9d:ef:1f:12:
5d:e4:fd:93:dd:97:a4:cc:49:eb:53:e8:e8:54:85:
eb:19:be:43:56:72:75:3c:75:16:cf:bd:87:9e:73:
6e:2b:60:cb:28:28:57:35:74:01:c7:0d:d3:68:01:
9a:e8:e0:8a:4c:5a:62:3c:21:ea:19:94:b9:76:a1:
46:01:f8:d5:b5:a4:01:f7:f1:a3:c9:66:ef:a6:5b:
75:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F8:53:AE:A3:20:E8:E0:E7:CA:98:6D:8F:62:B5:BA:7B:7F:06:E1
X509v3 Authority Key Identifier:
keyid:07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/M_hTrqMg6ODnyphtj2K1unt_BuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/B_IxNlmFgo1almPtG0QGJLJP7BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.42.0/24
91.199.44.0/24
91.199.47.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:86:52:14:88:3c:3b:c3:53:93:ec:a7:c2:a6:48:f2:3d:1e:
5b:01:ce:ee:2a:77:e0:59:68:49:05:37:21:1f:1e:d8:c5:0c:
08:e8:f3:41:e5:f9:3e:d3:24:60:f9:54:a3:a1:8b:0d:e8:53:
9f:d3:11:d4:53:06:dc:c9:c4:26:aa:7d:47:cd:1f:47:57:5d:
6a:7f:8a:53:bb:ef:3c:af:97:b3:68:fd:ad:35:a6:16:4c:8c:
71:1a:17:79:14:4f:86:bf:9d:87:1f:a4:93:db:04:2d:75:99:
12:36:0a:d3:ff:85:13:63:be:f0:e6:49:fd:af:61:73:c9:e5:
0e:60:b2:08:24:32:6d:b4:0b:60:78:38:70:56:f3:c1:46:f2:
76:67:f0:9c:2a:2a:a1:6d:d5:94:d7:c1:ff:17:f7:0c:36:a8:
4f:3e:12:95:8c:34:6b:d4:48:15:24:ea:35:e0:33:02:87:ad:
f5:8e:8d:5d:ba:03:3c:bb:36:c7:1c:07:b6:e2:bf:52:f2:a5:
90:4c:27:91:37:ed:92:4f:d5:a9:e7:ef:51:97:b2:7b:65:5a:
f9:88:81:81:9d:6d:6a:a4:c0:19:52:77:c2:50:f6:2f:dc:3b:
35:07:59:c5:fe:ca:a3:31:c0:15:50:d9:00:39:ff:2e:94:72:
ee:6c:02:61
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEuGgwbXwXaMnvqOjYVzTFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjIzMTM2NTk4NTgyOGQ1YTk2NjNlZDFiNDQwNjI0YjI0
ZmVjMTMwHhcNMjQwODA3MTgyOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2Y4NTNhZWEzMjBlOGUwZTdjYTk4NmQ4ZjYyYjViYTdiN2YwNmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4kJiCM/2jc2yvc/BIgT0WJKqOUv
+5xLRxwyrzoZqIxLK4aM8A8iPkETCt9QFW8vxSjgOr7vVm7DUhHPuLgmFK1eGWUm
jK4hJTDSWR3axXQRreAhXmKOInsv2GrZkWPdqqJg9rvpmKTZuUQm6wvXz/COQBth
w1I4airC+V1ZAfS2Q/SvIoNDrhmO5ZcDJv4fb2REG6Abp7efKx0Y2+EhGREprFIr
42/koDREs4wQDZ3vHxJd5P2T3ZekzEnrU+joVIXrGb5DVnJ1PHUWz72HnnNuK2DL
KChXNXQBxw3TaAGa6OCKTFpiPCHqGZS5dqFGAfjVtaQB9/GjyWbvplt1ZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDP4U66jIOjg58qYbY9itbp7fwbhMB8GA1UdIwQY
MBaAFAfyMTZZhYKNWpZj7RtEBiSyT+wTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzct
MDg1ZmEwYTU2MDUyLzEvTV9oVHJxTWc2T0RueXBodGoySzF1bnRfQnVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzctMDg1ZmEwYTU2MDUy
LzEvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8cqAwQA
W8csAwQAW8cvMA0GCSqGSIb3DQEBCwUAA4IBAQDThlIUiDw7w1OT7KfCpkjyPR5b
Ac7uKnfgWWhJBTchHx7YxQwI6PNB5fk+0yRg+VSjoYsN6FOf0xHUUwbcycQmqn1H
zR9HV11qf4pTu+88r5ezaP2tNaYWTIxxGhd5FE+Gv52HH6ST2wQtdZkSNgrT/4UT
Y77w5kn9r2FzyeUOYLIIJDJttAtgeDhwVvPBRvJ2Z/CcKiqhbdWU18H/F/cMNqhP
PhKVjDRr1EgVJOo14DMCh631jo1dugM8uzbHHAe24r9S8qWQTCeRN+2ST9Wp5+9R
l7J7ZVr5iIGBnW1qpMAZUnfCUPYv3Ds1B1nF/sqjMcAVUNkAOf8ulHLubAJh
-----END CERTIFICATE-----
Generated at Mon Aug 19 09:06:51 2024 by rpki-client on console-fra.rpki-client.org