Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/20WKHfkOeai5qQfj4kjy8yy2vfY.roa
File: 20WKHfkOeai5qQfj4kjy8yy2vfY.roa (raw, json)
Hash identifier: 5ueX2WwIwy0tdqSzasl197ITOOTpmdo/rGlh5bvweAY=
Subject key identifier: DB:45:8A:1D:F9:0E:79:A8:B9:A9:07:E3:E2:48:F2:F3:2C:B6:BD:F6
Certificate issuer: /CN=38506d80ab592de7be0a331bbf4fa0068d41408a
Certificate serial: 018CC3495CC9C3FBC9B4CB095FC508889E9F
Authority key identifier: 38:50:6D:80:AB:59:2D:E7:BE:0A:33:1B:BF:4F:A0:06:8D:41:40:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFBtgKtZLee-CjMbv0-gBo1BQIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/20WKHfkOeai5qQfj4kjy8yy2vfY.roa
Signing time: Mon 01 Jan 2024 04:30:14 +0000
ROA not before: Mon 01 Jan 2024 04:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57136
IP address blocks: 91.230.248.0/24 maxlen: 24
194.105.143.0/24 maxlen: 24
194.105.142.0/23 maxlen: 23
194.105.142.0/24 maxlen: 24
194.126.205.0/24 maxlen: 24
194.102.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 09:36:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5c:c9:c3:fb:c9:b4:cb:09:5f:c5:08:88:9e:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38506d80ab592de7be0a331bbf4fa0068d41408a
Validity
Not Before: Jan 1 04:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db458a1df90e79a8b9a907e3e248f2f32cb6bdf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fc:2e:7c:a0:d9:03:03:53:6c:cc:7e:5a:da:
1d:b6:06:14:e8:da:e7:18:18:44:e5:49:67:79:7a:
3e:da:3e:29:6d:2c:c0:2e:57:66:de:ee:5b:17:7b:
86:19:0d:53:26:80:c8:0c:38:80:ce:8f:de:49:d5:
9b:29:8e:d5:92:22:c4:78:f4:3e:d7:cc:2e:60:82:
95:9c:d0:5c:0b:59:c2:86:30:f5:7c:4e:50:8d:37:
6a:4a:83:29:09:fb:4a:af:84:2a:ee:35:81:02:c1:
2c:80:ab:f2:fc:2e:90:9f:29:37:c9:ec:d6:7c:13:
49:13:0e:2e:44:59:a9:2a:96:49:0f:06:46:1d:61:
cc:65:73:b2:af:c7:6c:fc:05:80:7e:21:83:31:66:
e5:28:e6:b1:66:49:a0:d3:70:d8:d6:2a:fa:a7:6b:
f6:ec:5b:c6:c6:dd:d5:fa:0e:ba:95:75:c8:36:24:
33:a6:f6:b9:16:81:32:29:a9:d7:c2:ed:de:72:1f:
cd:c1:de:59:71:54:59:f3:a1:b3:e7:e4:26:08:23:
d4:b7:65:a8:d0:aa:bc:a7:e8:68:11:ae:8c:52:dd:
62:42:0c:eb:bb:8e:71:28:90:02:1c:ef:91:f8:e5:
71:6e:15:9a:43:d2:4c:bc:a1:11:bc:76:fc:d6:5e:
fc:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:45:8A:1D:F9:0E:79:A8:B9:A9:07:E3:E2:48:F2:F3:2C:B6:BD:F6
X509v3 Authority Key Identifier:
keyid:38:50:6D:80:AB:59:2D:E7:BE:0A:33:1B:BF:4F:A0:06:8D:41:40:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFBtgKtZLee-CjMbv0-gBo1BQIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/20WKHfkOeai5qQfj4kjy8yy2vfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.248.0/24
194.102.117.0/24
194.105.142.0/23
194.126.205.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:a1:c4:7b:6c:cf:b4:9f:62:c8:64:17:82:22:f6:4c:03:56:
0b:2b:51:dd:fe:f7:e9:be:34:e4:9a:a6:d8:a5:4f:3e:67:a4:
e6:c6:08:5f:e2:ee:71:05:9d:12:ad:b8:97:13:6c:e4:31:00:
a3:8d:e2:66:71:74:f7:c5:e0:5e:4a:95:33:13:98:93:48:90:
86:78:da:55:d8:53:97:1a:11:01:22:71:35:93:05:65:2a:20:
bf:85:08:b8:5f:fc:dd:c2:80:96:81:e3:9a:55:6f:d0:2e:dc:
4a:b1:8b:67:aa:06:33:92:d1:e9:0e:44:d3:e0:ed:4d:3d:a3:
c0:d5:d8:b8:c3:88:42:49:0f:13:28:35:5f:15:2e:b4:ed:cd:
d8:ba:35:2a:4b:d8:1d:88:1c:1c:9f:c7:95:81:bd:77:e4:5a:
f2:ed:df:02:98:f5:e7:f9:a1:a9:db:be:27:a9:59:80:5e:aa:
b0:12:ca:4f:69:95:b9:85:1b:b5:7b:61:b1:87:43:ab:c3:bb:
e3:b1:60:1b:09:dc:50:85:7e:c5:41:73:17:1e:58:67:74:5c:
7a:29:2d:c0:51:05:46:be:af:07:fb:69:c1:6b:3a:f7:2d:02:
f7:f7:8c:22:3e:92:12:3a:7d:bd:1e:e0:2a:d9:c3:49:c2:45:
b2:fa:95:9b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSVzJw/vJtMsJX8UIiJ6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NTA2ZDgwYWI1OTJkZTdiZTBhMzMxYmJmNGZhMDA2OGQ0
MTQwOGEwHhcNMjQwMTAxMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjQ1OGExZGY5MGU3OWE4YjlhOTA3ZTNlMjQ4ZjJmMzJjYjZiZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/wufKDZAwNTbMx+WtodtgYU6Nrn
GBhE5UlneXo+2j4pbSzALldm3u5bF3uGGQ1TJoDIDDiAzo/eSdWbKY7VkiLEePQ+
18wuYIKVnNBcC1nChjD1fE5QjTdqSoMpCftKr4Qq7jWBAsEsgKvy/C6Qnyk3yezW
fBNJEw4uRFmpKpZJDwZGHWHMZXOyr8ds/AWAfiGDMWblKOaxZkmg03DY1ir6p2v2
7FvGxt3V+g66lXXINiQzpva5FoEyKanXwu3ech/Nwd5ZcVRZ86Gz5+QmCCPUt2Wo
0Kq8p+hoEa6MUt1iQgzru45xKJACHO+R+OVxbhWaQ9JMvKERvHb81l78fwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNtFih35DnmouakH4+JI8vMstr32MB8GA1UdIwQY
MBaAFDhQbYCrWS3nvgozG79PoAaNQUCKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ZCdGdLdFpMZWUtQ2pNYnYwLWdCbzFCUUlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9mOTRmNzgtZjI2Mi00MjA3LThmMTgt
OGRmOGFmMzAwMWJjLzEvMjBXS0hma09lYWk1cVFmajRrank4eXkydmZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9mOTRmNzgtZjI2Mi00MjA3LThmMTgtOGRmOGFmMzAwMWJj
LzEvT0ZCdGdLdFpMZWUtQ2pNYnYwLWdCbzFCUUlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+b4AwQA
wmZ1AwQBwmmOAwQAwn7NMA0GCSqGSIb3DQEBCwUAA4IBAQAfocR7bM+0n2LIZBeC
IvZMA1YLK1Hd/vfpvjTkmqbYpU8+Z6Tmxghf4u5xBZ0SrbiXE2zkMQCjjeJmcXT3
xeBeSpUzE5iTSJCGeNpV2FOXGhEBInE1kwVlKiC/hQi4X/zdwoCWgeOaVW/QLtxK
sYtnqgYzktHpDkTT4O1NPaPA1di4w4hCSQ8TKDVfFS607c3YujUqS9gdiBwcn8eV
gb135Fry7d8CmPXn+aGp274nqVmAXqqwEspPaZW5hRu1e2Gxh0Orw7vjsWAbCdxQ
hX7FQXMXHlhndFx6KS3AUQVGvq8H+2nBazr3LQL394wiPpISOn29HuAq2cNJwkWy
+pWb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:43 2024 by rpki-client on console-ams.rpki-client.org