Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/Td3iC87hPu0ChKFuq_20yTUh5p0.roa
File: Td3iC87hPu0ChKFuq_20yTUh5p0.roa (raw, json)
Hash identifier: Gn8dCickYpJUm6AOxLVd4nhkgnHn0VeC7T8MPd7t0oA=
Subject key identifier: 4D:DD:E2:0B:CE:E1:3E:ED:02:84:A1:6E:AB:FD:B4:C9:35:21:E6:9D
Certificate issuer: /CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Certificate serial: 01894FB0C143C1F5AFB5CD8CA0E95DB143A6
Authority key identifier: 53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/Td3iC87hPu0ChKFuq_20yTUh5p0.roa
Signing time: Thu 13 Jul 2023 14:38:51 +0000
ROA not before: Thu 13 Jul 2023 14:38:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29244
IP address blocks: 91.92.11.0/24 maxlen: 24
91.92.9.0/24 maxlen: 24
91.92.10.0/24 maxlen: 24
91.92.8.0/24 maxlen: 24
91.92.13.0/24 maxlen: 24
91.92.12.0/24 maxlen: 24
91.92.14.0/24 maxlen: 24
91.92.15.0/24 maxlen: 24
85.118.192.0/21 maxlen: 21
193.193.182.0/24 maxlen: 24
193.194.147.0/24 maxlen: 24
193.194.155.0/24 maxlen: 24
193.193.171.0/24 maxlen: 24
149.62.192.0/18 maxlen: 18
Validation: Failed, certificate revoked on Mon 27 Nov 2023 12:42:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4f:b0:c1:43:c1:f5:af:b5:cd:8c:a0:e9:5d:b1:43:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Validity
Not Before: Jul 13 14:38:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ddde20bcee13eed0284a16eabfdb4c93521e69d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:60:dd:29:21:a6:a1:44:4b:99:7b:7c:d8:a1:
9d:db:70:f2:3f:f8:ef:46:0a:88:02:a6:13:62:91:
ac:64:03:49:51:77:ba:19:09:f5:73:c3:52:a4:5a:
08:8b:ea:5d:61:02:13:c1:36:27:ad:da:08:6b:64:
be:da:a0:d9:1a:ee:62:55:98:5c:6c:80:2d:a1:39:
b2:14:e0:e1:ff:94:83:f3:9c:57:61:f7:2a:73:09:
e4:b0:b3:85:83:d4:ae:e1:56:07:3a:0a:4a:a9:ae:
41:ef:55:a4:21:b4:76:99:ee:fb:f4:cf:92:b9:07:
de:24:bd:ee:c2:1a:0c:6a:66:c2:24:b3:f6:fb:69:
0e:2b:63:2d:67:cb:c7:02:a7:62:4b:0e:a8:f7:47:
9f:b1:b1:01:9c:a8:cb:c0:36:3f:2f:70:e8:bb:58:
19:19:58:be:40:18:8e:18:4e:40:5e:ca:44:f5:fb:
39:0c:8e:1f:00:73:f9:3b:55:bf:77:39:02:bc:93:
ba:24:22:2d:9c:c3:aa:3e:5c:0b:22:62:51:9d:95:
8b:d3:5b:c7:eb:58:cd:7c:88:cc:0f:6f:b3:db:7b:
75:d2:1e:27:b0:64:b4:bf:74:c1:d3:91:dd:72:56:
50:93:fd:80:df:55:73:5c:47:2b:b9:86:16:99:d0:
fd:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:DD:E2:0B:CE:E1:3E:ED:02:84:A1:6E:AB:FD:B4:C9:35:21:E6:9D
X509v3 Authority Key Identifier:
keyid:53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/Td3iC87hPu0ChKFuq_20yTUh5p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.192.0/21
91.92.8.0/21
149.62.192.0/18
193.193.171.0/24
193.193.182.0/24
193.194.147.0/24
193.194.155.0/24
Signature Algorithm: sha256WithRSAEncryption
55:90:9a:b1:af:75:ae:d4:7b:16:6a:9d:45:7a:6a:64:49:d4:
6b:3c:3c:e8:99:36:f4:8b:24:fb:86:24:f4:a7:62:54:f0:a3:
14:b9:c8:69:a3:1b:48:41:87:5b:a4:86:3f:93:d7:a4:63:32:
5d:a6:c6:e6:a4:67:db:67:d7:c3:db:ec:1d:5b:57:0b:23:ee:
63:8d:0e:da:cf:8f:d8:94:4c:43:0e:8e:52:50:81:ca:6b:09:
20:f5:81:e5:1a:35:de:b8:3c:24:2f:a2:af:16:89:61:97:73:
30:7b:3c:60:a4:4f:ac:ea:46:18:bf:d8:f4:f6:34:a6:a6:c2:
ae:12:86:6f:03:0e:4f:e7:ec:ff:39:d3:ed:aa:11:19:93:6c:
a9:4b:07:99:e0:0b:0d:8f:ba:fc:55:d8:0d:7c:2f:36:84:5d:
5a:f8:f4:42:ff:ce:3f:bb:ad:ad:47:c9:3c:aa:3c:3e:d9:ef:
8e:39:14:a9:fb:bf:2b:1e:20:d8:80:e0:39:5e:43:f9:98:fc:
0c:6b:db:70:7a:15:9c:be:8f:cc:8c:a4:22:fc:f3:34:d5:37:
cf:0d:f3:99:8f:da:c7:67:33:a5:9f:db:58:57:25:eb:f1:7e:
8c:c9:93:16:c9:2b:44:93:43:06:8d:33:9e:fe:b2:4e:ef:cd:
cd:fe:82:35
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYlPsMFDwfWvtc2MoOldsUOmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzZhMTA2Y2VjZGViYTkyZTBiODBlNWU5YTVjNzg5YmE3
NGM2MmIwHhcNMjMwNzEzMTQzODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGRkZTIwYmNlZTEzZWVkMDI4NGExNmVhYmZkYjRjOTM1MjFlNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWDdKSGmoURLmXt82KGd23DyP/jv
RgqIAqYTYpGsZANJUXe6GQn1c8NSpFoIi+pdYQITwTYnrdoIa2S+2qDZGu5iVZhc
bIAtoTmyFODh/5SD85xXYfcqcwnksLOFg9Su4VYHOgpKqa5B71WkIbR2me779M+S
uQfeJL3uwhoMambCJLP2+2kOK2MtZ8vHAqdiSw6o90efsbEBnKjLwDY/L3Dou1gZ
GVi+QBiOGE5AXspE9fs5DI4fAHP5O1W/dzkCvJO6JCItnMOqPlwLImJRnZWL01vH
61jNfIjMD2+z23t10h4nsGS0v3TB05HdclZQk/2A31VzXEcruYYWmdD9pwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFE3d4gvO4T7tAoShbqv9tMk1IeadMB8GA1UdIwQY
MBaAFFM2oQbOzeupLguA5emlx4m6dMYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAt
ZGQ4MDNjNWI4NWRiLzEvVGQzaUM4N2hQdTBDaEtGdXFfMjB5VFVoNXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAtZGQ4MDNjNWI4NWRi
LzEvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDVXbAAwQD
W1wIAwQGlT7AAwQAwcGrAwQAwcG2AwQAwcKTAwQAwcKbMA0GCSqGSIb3DQEBCwUA
A4IBAQBVkJqxr3Wu1HsWap1FempkSdRrPDzomTb0iyT7hiT0p2JU8KMUuchpoxtI
QYdbpIY/k9ekYzJdpsbmpGfbZ9fD2+wdW1cLI+5jjQ7az4/YlExDDo5SUIHKawkg
9YHlGjXeuDwkL6KvFolhl3MwezxgpE+s6kYYv9j09jSmpsKuEoZvAw5P5+z/OdPt
qhEZk2ypSweZ4AsNj7r8VdgNfC82hF1a+PRC/84/u62tR8k8qjw+2e+OORSp+78r
HiDYgOA5XkP5mPwMa9twehWcvo/MjKQi/PM01TfPDfOZj9rHZzOln9tYVyXr8X6M
yZMWyStEk0MGjTOe/rJO783N/oI1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:12 2024 by rpki-client on console-fra.rpki-client.org