Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/X-ZMtt8cuX_dyms0u51Qi9m87-s.roa
File: X-ZMtt8cuX_dyms0u51Qi9m87-s.roa (raw, json)
Hash identifier: I9ktZXri8qpR9SooLyvh33glrTovh9m5BbpTg7grxmY=
Subject key identifier: 5F:E6:4C:B6:DF:1C:B9:7F:DD:CA:6B:34:BB:9D:50:8B:D9:BC:EF:EB
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 018D20CB9E1DE0F1C2361A8536637A2ABFAD
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/X-ZMtt8cuX_dyms0u51Qi9m87-s.roa
Signing time: Fri 19 Jan 2024 08:17:11 +0000
ROA not before: Fri 19 Jan 2024 08:17:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 91.225.226.0/24 maxlen: 24
91.225.227.0/24 maxlen: 24
188.191.98.0/24 maxlen: 24
188.191.101.0/24 maxlen: 24
188.191.103.0/24 maxlen: 24
188.191.106.0/24 maxlen: 24
188.191.109.0/24 maxlen: 24
188.191.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 08:22:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:20:cb:9e:1d:e0:f1:c2:36:1a:85:36:63:7a:2a:bf:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jan 19 08:17:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fe64cb6df1cb97fddca6b34bb9d508bd9bcefeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:00:d8:d7:d5:2f:05:10:7d:b1:2f:24:c3:00:
07:0b:1e:55:87:e7:30:1e:16:48:e1:b0:78:12:ae:
67:05:5e:5a:64:58:1a:49:ce:4a:6a:81:11:c4:9b:
03:73:d6:7b:a2:4a:ad:bc:72:ce:33:88:92:71:02:
3c:64:87:75:e6:2b:c5:c5:72:61:e3:1c:fd:f3:8f:
db:9c:ce:45:03:e3:20:e9:5a:6a:55:2c:a0:9f:f7:
99:9b:02:e1:5c:66:a2:16:b1:3c:97:62:a1:6b:ba:
63:b3:0d:76:bc:49:df:a4:c4:6d:93:cb:2f:69:18:
13:5d:c1:7e:29:e0:7a:a4:6e:8a:d8:2e:a1:80:e3:
14:92:1a:77:62:32:b2:c5:99:f9:7a:30:db:08:c2:
2c:2d:b8:05:12:78:ce:39:08:75:a4:55:34:da:84:
a3:aa:0a:66:8e:41:de:7a:87:70:bd:79:c7:74:1e:
31:34:19:f5:fa:da:8e:0e:d8:0c:fc:8e:2c:f3:a8:
30:54:b7:28:0b:cd:c5:94:25:c2:a1:7e:6d:60:87:
72:bb:32:30:5c:bc:5d:07:14:b7:ff:5f:e3:92:ca:
25:1f:e7:ec:76:0c:23:0b:74:a1:cc:a2:51:db:29:
18:35:c8:24:62:9c:4f:ff:8c:8a:ef:18:99:d4:c8:
38:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E6:4C:B6:DF:1C:B9:7F:DD:CA:6B:34:BB:9D:50:8B:D9:BC:EF:EB
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/X-ZMtt8cuX_dyms0u51Qi9m87-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.226.0/23
188.191.98.0/24
188.191.101.0/24
188.191.103.0/24
188.191.106.0/24
188.191.109.0-188.191.110.255
Signature Algorithm: sha256WithRSAEncryption
4f:c1:87:46:5a:10:44:1a:9f:1b:aa:25:89:63:10:34:ff:1b:
fc:69:61:d3:0d:24:cd:a6:5e:ee:07:22:f8:57:62:e5:71:dc:
2d:95:b2:e7:8e:0e:38:fb:95:30:1f:0a:00:16:9f:ce:ac:85:
eb:16:68:8a:ed:2b:1c:de:20:d5:20:5c:9e:82:31:73:89:85:
3f:83:1e:19:19:07:e2:ac:f6:d8:81:5a:0b:cb:4a:bc:d3:d1:
e4:1f:a1:b2:df:50:26:f0:cd:fa:b0:3e:fa:df:f3:2d:0a:69:
16:fd:37:a1:00:c7:3b:8c:4a:6e:78:2f:50:90:f1:44:5e:6a:
5b:51:f6:cc:fe:c0:06:5b:9e:ab:51:51:f8:96:b5:3b:9f:96:
89:f2:24:f9:0e:ae:af:6c:fa:d2:23:fd:ff:5e:ce:71:69:cd:
a9:c9:c6:4f:d3:77:36:44:76:cf:99:21:23:8a:c2:3b:d9:af:
fc:36:80:b1:bc:c6:7e:06:8c:9b:23:81:a1:77:af:4c:37:39:
c5:39:0d:4f:35:a4:b5:d0:66:d6:80:45:ea:15:11:f2:d1:94:
cf:0e:65:d7:e2:da:d4:4c:cf:a6:cd:2c:79:01:24:13:a7:12:
e8:f9:ef:99:6b:b8:1f:61:a1:31:96:33:af:1b:6c:68:d7:25:
17:a0:27:46
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY0gy54d4PHCNhqFNmN6Kr+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjQwMTE5MDgxNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmU2NGNiNmRmMWNiOTdmZGRjYTZiMzRiYjlkNTA4YmQ5YmNlZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwDY19UvBRB9sS8kwwAHCx5Vh+cw
HhZI4bB4Eq5nBV5aZFgaSc5KaoERxJsDc9Z7okqtvHLOM4iScQI8ZId15ivFxXJh
4xz984/bnM5FA+Mg6VpqVSygn/eZmwLhXGaiFrE8l2Kha7pjsw12vEnfpMRtk8sv
aRgTXcF+KeB6pG6K2C6hgOMUkhp3YjKyxZn5ejDbCMIsLbgFEnjOOQh1pFU02oSj
qgpmjkHeeodwvXnHdB4xNBn1+tqODtgM/I4s86gwVLcoC83FlCXCoX5tYIdyuzIw
XLxdBxS3/1/jksolH+fsdgwjC3ShzKJR2ykYNcgkYpxP/4yK7xiZ1Mg4/wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFF/mTLbfHLl/3cprNLudUIvZvO/rMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvWC1aTXR0OGN1WF9keW1zMHU1MVFpOW04Ny1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBW+HiAwQA
vL9iAwQAvL9lAwQAvL9nAwQAvL9qMAwDBAC8v20DBAC8v24wDQYJKoZIhvcNAQEL
BQADggEBAE/Bh0ZaEEQanxuqJYljEDT/G/xpYdMNJM2mXu4HIvhXYuVx3C2VsueO
Djj7lTAfCgAWn86shesWaIrtKxzeINUgXJ6CMXOJhT+DHhkZB+Ks9tiBWgvLSrzT
0eQfobLfUCbwzfqwPvrf8y0KaRb9N6EAxzuMSm54L1CQ8URealtR9sz+wAZbnqtR
UfiWtTuflonyJPkOrq9s+tIj/f9eznFpzanJxk/TdzZEds+ZISOKwjvZr/w2gLG8
xn4GjJsjgaF3r0w3OcU5DU81pLXQZtaAReoVEfLRlM8OZdfi2tRMz6bNLHkBJBOn
Euj575lruB9hoTGWM68bbGjXJRegJ0Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org