Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/tHVi4d-CRkkYwWbjCw_eqgvsEEE.roa
File: tHVi4d-CRkkYwWbjCw_eqgvsEEE.roa (raw, json)
Hash identifier: ah+4voIKqdT+4iDkdIBQO9mCp7nfStbunMQxsoG9H8Y=
Subject key identifier: B4:75:62:E1:DF:82:46:49:18:C1:66:E3:0B:0F:DE:AA:0B:EC:10:41
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 018FC39F853263014FBDAAA992CE8A550895
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/tHVi4d-CRkkYwWbjCw_eqgvsEEE.roa
Signing time: Wed 29 May 2024 09:12:42 +0000
ROA not before: Wed 29 May 2024 09:12:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31004
IP address blocks: 91.230.140.0/23 maxlen: 23
91.230.140.0/24 maxlen: 24
93.157.32.0/21 maxlen: 23
193.203.120.0/23 maxlen: 23
194.116.210.0/23 maxlen: 23
194.150.244.0/23 maxlen: 23
2a00:4bc0::/32 maxlen: 32
2a00:4bc0:2000::/44 maxlen: 56
2a00:4bc0:2100::/40 maxlen: 48
2a00:4bc0:2300::/40 maxlen: 48
2a00:4bc0:2400::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 30 May 2024 09:56:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c3:9f:85:32:63:01:4f:bd:aa:a9:92:ce:8a:55:08:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: May 29 09:12:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b47562e1df82464918c166e30b0fdeaa0bec1041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3a:66:86:16:7d:f9:b2:cd:bf:12:ff:6f:38:
54:21:68:17:66:fb:d2:e1:80:cc:dc:34:b2:4a:b2:
9a:ef:53:ac:89:3f:cf:b4:10:5c:d7:7a:50:5f:f7:
5f:9b:d8:56:1b:b8:d7:0f:20:77:36:84:28:15:4e:
e1:28:88:95:8f:90:87:50:b2:96:8d:ea:de:c9:55:
db:b9:3e:8d:93:ad:48:80:58:1f:5b:be:74:75:ff:
98:e0:6a:a7:7c:7f:4b:e9:bb:f0:e2:0a:5d:5a:df:
12:40:bc:18:59:96:ae:14:5b:a7:a6:ec:cc:cc:51:
f4:e8:66:4c:63:a3:0e:13:b6:e9:0e:e6:25:36:bb:
41:c8:80:d2:22:e0:d3:2c:37:fb:9c:bb:09:ad:e7:
1f:9f:1e:4c:dc:3e:58:c1:26:81:60:39:80:00:a5:
b6:c2:3d:6a:2a:b9:05:5d:bd:d5:8f:c2:55:b7:8e:
5d:0b:70:96:49:36:2d:64:5a:02:35:e8:2b:9e:af:
54:cd:1f:7f:32:c3:0e:af:59:8b:34:37:4e:bd:e0:
d6:24:c6:b5:37:35:fa:7d:4b:5e:1a:90:06:13:44:
4a:96:3e:2d:18:66:5d:d7:41:3d:f3:43:0e:49:df:
08:a0:37:d3:8f:9d:1d:a4:a2:05:0c:9a:05:ab:60:
ad:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:75:62:E1:DF:82:46:49:18:C1:66:E3:0B:0F:DE:AA:0B:EC:10:41
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/tHVi4d-CRkkYwWbjCw_eqgvsEEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.140.0/23
93.157.32.0/21
193.203.120.0/23
194.116.210.0/23
194.150.244.0/23
IPv6:
2a00:4bc0::/32
Signature Algorithm: sha256WithRSAEncryption
7c:ef:32:47:ba:c7:1d:2c:49:5a:09:78:a2:38:d2:29:31:1f:
e4:81:f0:f3:58:81:32:7f:6a:55:f2:9e:da:67:d5:62:00:3b:
e9:65:7c:80:a5:50:3d:eb:5b:9f:28:14:7d:e9:0b:e9:34:9e:
72:17:cf:50:9c:fc:e7:8b:e3:a1:c6:51:e3:75:a6:c8:ee:9c:
3d:5a:ba:42:8b:cd:56:b3:ab:f5:23:67:99:e3:d1:36:6b:04:
b1:14:94:7f:99:17:4d:fb:aa:3b:ff:56:18:f6:b6:85:66:6f:
d9:73:e3:51:d0:da:9b:a1:df:dc:4d:96:31:48:c7:22:81:48:
9f:fc:0c:0f:89:20:4f:b3:cb:06:ac:8b:dd:4d:38:16:ee:ad:
0f:44:f8:5a:0c:c9:2c:5b:a0:8e:ac:a7:37:e0:d8:a3:9a:ea:
30:e7:a7:20:47:85:a9:92:90:84:b3:c6:69:d6:67:bc:e1:02:
e6:e0:18:43:ab:e4:ca:be:a2:03:dd:89:cc:dc:3f:ac:96:63:
ea:65:d9:46:f6:ed:e2:c1:dd:e3:b0:9f:62:c6:85:7b:10:1e:
c1:20:dc:a7:89:11:37:77:dd:b7:f6:f3:c3:b2:43:4d:a1:cd:
9a:4b:93:9c:47:73:b9:50:6b:bf:56:87:70:61:8b:53:3f:01:
ad:99:86:8e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY/Dn4UyYwFPvaqpks6KVQiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjQwNTI5MDkxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDc1NjJlMWRmODI0NjQ5MThjMTY2ZTMwYjBmZGVhYTBiZWMxMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjpmhhZ9+bLNvxL/bzhUIWgXZvvS
4YDM3DSySrKa71OsiT/PtBBc13pQX/dfm9hWG7jXDyB3NoQoFU7hKIiVj5CHULKW
jereyVXbuT6Nk61IgFgfW750df+Y4GqnfH9L6bvw4gpdWt8SQLwYWZauFFunpuzM
zFH06GZMY6MOE7bpDuYlNrtByIDSIuDTLDf7nLsJrecfnx5M3D5YwSaBYDmAAKW2
wj1qKrkFXb3Vj8JVt45dC3CWSTYtZFoCNegrnq9UzR9/MsMOr1mLNDdOveDWJMa1
NzX6fUteGpAGE0RKlj4tGGZd10E980MOSd8IoDfTj50dpKIFDJoFq2Ct2QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLR1YuHfgkZJGMFm4wsP3qoL7BBBMB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvdEhWaTRkLUNSa2tZd1diakN3X2VxZ3ZzRUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzItM2FlNzExYWYwMzRi
LzEvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBW+aMAwQD
XZ0gAwQBwct4AwQBwnTSAwQBwpb0MA0EAgACMAcDBQAqAEvAMA0GCSqGSIb3DQEB
CwUAA4IBAQB87zJHuscdLElaCXiiONIpMR/kgfDzWIEyf2pV8p7aZ9ViADvpZXyA
pVA961ufKBR96QvpNJ5yF89QnPzni+OhxlHjdabI7pw9WrpCi81Ws6v1I2eZ49E2
awSxFJR/mRdN+6o7/1YY9raFZm/Zc+NR0Nqbod/cTZYxSMcigUif/AwPiSBPs8sG
rIvdTTgW7q0PRPhaDMksW6COrKc34Nijmuow56cgR4WpkpCEs8Zp1me84QLm4BhD
q+TKvqID3YnM3D+slmPqZdlG9u3iwd3jsJ9ixoV7EB7BINyniRE3d9239vPDskNN
oc2aS5OcR3O5UGu/VodwYYtTPwGtmYaO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:46 2024 by rpki-client on console-fra.rpki-client.org