Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/AF0y0KVYXw7FdsupOpNjny_TopU.roa
File: AF0y0KVYXw7FdsupOpNjny_TopU.roa (raw, json)
Hash identifier: Q50ttEXVqW1XCwEUi6nc1waNreYBJt82wf7fhnQn5ko=
Subject key identifier: 00:5D:32:D0:A5:58:5F:0E:C5:76:CB:A9:3A:93:63:9F:2F:D3:A2:95
Certificate issuer: /CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Certificate serial: 01856C65C5904CD0D89037303EA9D07F84BE
Authority key identifier: C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/AF0y0KVYXw7FdsupOpNjny_TopU.roa
Signing time: Sun 01 Jan 2023 08:14:47 +0000
ROA not before: Sun 01 Jan 2023 08:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58322
IP address blocks: 91.106.32.0/23 maxlen: 23
91.106.32.0/24 maxlen: 24
91.106.33.0/24 maxlen: 24
91.106.34.0/24 maxlen: 24
91.106.34.0/23 maxlen: 23
91.106.32.0/22 maxlen: 22
91.106.35.0/24 maxlen: 24
91.106.44.0/24 maxlen: 24
91.106.40.0/22 maxlen: 22
91.106.41.0/24 maxlen: 24
91.106.42.0/23 maxlen: 23
91.106.42.0/24 maxlen: 24
91.106.43.0/24 maxlen: 24
91.106.44.0/23 maxlen: 23
91.106.44.0/22 maxlen: 22
91.106.40.0/23 maxlen: 23
91.106.40.0/24 maxlen: 24
91.106.45.0/24 maxlen: 24
91.106.46.0/23 maxlen: 23
91.106.46.0/24 maxlen: 24
91.106.47.0/24 maxlen: 24
91.106.48.0/24 maxlen: 24
91.106.49.0/24 maxlen: 24
91.106.50.0/24 maxlen: 24
91.106.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 May 2023 05:40:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:c5:90:4c:d0:d8:90:37:30:3e:a9:d0:7f:84:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Validity
Not Before: Jan 1 08:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=005d32d0a5585f0ec576cba93a93639f2fd3a295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:52:e1:6c:2c:40:31:60:e3:02:35:56:d1:e8:
6a:c9:92:2f:1c:f7:2c:67:6a:74:ac:22:d4:0b:d8:
b3:2a:00:96:b8:2c:3f:a3:e0:6a:3f:67:46:f1:56:
ca:40:57:93:68:e2:74:0e:d8:01:ed:fb:39:ba:77:
50:d4:a8:10:34:04:46:12:3d:44:a1:db:3f:e2:44:
6e:a2:f4:1c:aa:14:da:5a:15:56:6f:5b:54:7a:b8:
53:45:4f:5b:65:40:1c:91:ba:9b:8c:8b:b4:97:de:
88:02:d0:3a:f6:1e:79:7c:65:36:e0:a1:ce:c2:27:
c0:ff:6c:e5:0c:62:43:5a:10:f5:11:25:87:81:92:
c8:e7:f5:d7:be:b0:c2:4e:83:13:15:fe:95:a0:51:
0b:28:89:7a:b8:9d:fb:b0:d7:51:97:6a:6e:3e:cd:
11:28:5e:2c:93:a1:4b:6a:cb:90:92:3c:b1:a8:12:
ad:17:85:42:23:a5:ad:ee:d3:9a:49:06:9f:78:32:
e5:31:d1:90:09:fd:d6:01:29:e0:79:5d:6e:90:c0:
5a:2d:7a:27:8e:af:fb:ec:7b:cf:a6:65:63:2e:ff:
c0:ee:da:b4:29:e0:51:cd:86:c8:44:7e:b9:b4:55:
04:d5:a5:ed:bb:c2:47:df:0f:68:0f:3c:25:bd:5c:
38:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5D:32:D0:A5:58:5F:0E:C5:76:CB:A9:3A:93:63:9F:2F:D3:A2:95
X509v3 Authority Key Identifier:
keyid:C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/AF0y0KVYXw7FdsupOpNjny_TopU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.32.0/22
91.106.40.0-91.106.51.255
Signature Algorithm: sha256WithRSAEncryption
84:8d:40:6e:c5:08:f2:52:9a:0e:eb:15:fa:1d:f9:e6:52:b5:
2d:ae:ab:54:c9:95:d7:17:80:c7:02:a7:df:c9:fd:db:61:de:
91:e8:65:0c:a0:15:7e:7b:a3:d2:1f:39:70:a3:ad:f2:fc:04:
d9:81:af:4f:5e:53:69:57:5c:5c:f0:6e:31:9f:c2:b5:9b:fd:
e7:2e:86:14:35:5c:b4:97:ef:ef:2a:74:79:89:bd:6e:59:35:
5a:59:8b:29:6a:bb:7f:8a:c1:53:e5:fb:9f:41:a5:d4:43:7c:
6a:9a:33:9c:1e:f9:6f:6e:72:77:94:16:f3:49:4e:d2:85:3b:
b4:6e:b9:f1:ec:a8:c5:63:c9:ca:d8:a8:63:9b:09:a9:90:ff:
9e:40:82:e6:91:f7:0b:b7:57:70:d1:c9:29:83:ac:e0:4b:b1:
35:77:44:ab:70:7a:b0:f0:d5:5d:07:77:4c:88:d3:51:84:d9:
76:39:8f:f3:f9:fa:30:db:09:78:60:ad:c7:ea:3b:d5:26:0e:
dd:bb:b0:2d:06:2f:8b:51:55:fa:65:de:19:8d:63:7c:ab:ca:
a5:33:62:56:28:41:a0:f8:45:ba:fb:ce:ab:9d:16:04:c8:e2:
cc:28:d0:b7:5e:9b:eb:d0:3b:7d:61:b6:d2:fb:0d:5b:d8:92:
2c:53:cf:13
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVsZcWQTNDYkDcwPqnQf4S+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOTJkOGQ1NTExYjE5ZWNlNDU2OTYwZjIzYmZhODg2ZWUx
ZDU3MGIwHhcNMjMwMTAxMDgxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDVkMzJkMGE1NTg1ZjBlYzU3NmNiYTkzYTkzNjM5ZjJmZDNhMjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVLhbCxAMWDjAjVW0ehqyZIvHPcs
Z2p0rCLUC9izKgCWuCw/o+BqP2dG8VbKQFeTaOJ0DtgB7fs5undQ1KgQNARGEj1E
ods/4kRuovQcqhTaWhVWb1tUerhTRU9bZUAckbqbjIu0l96IAtA69h55fGU24KHO
wifA/2zlDGJDWhD1ESWHgZLI5/XXvrDCToMTFf6VoFELKIl6uJ37sNdRl2puPs0R
KF4sk6FLasuQkjyxqBKtF4VCI6Wt7tOaSQafeDLlMdGQCf3WASngeV1ukMBaLXon
jq/77HvPpmVjLv/A7tq0KeBRzYbIRH65tFUE1aXtu8JH3w9oDzwlvVw4VwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFABdMtClWF8OxXbLqTqTY58v06KVMB8GA1UdIwQY
MBaAFMCS2NVRGxns5FaWDyO/qIbuHVcLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEt
MjY3YTE2YjQ2MjlmLzEvQUYweTBLVllYdzdGZHN1cE9wTmpueV9Ub3BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEtMjY3YTE2YjQ2Mjlm
LzEvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCW2ogMAwD
BANbaigDBAJbajAwDQYJKoZIhvcNAQELBQADggEBAISNQG7FCPJSmg7rFfod+eZS
tS2uq1TJldcXgMcCp9/J/dth3pHoZQygFX57o9IfOXCjrfL8BNmBr09eU2lXXFzw
bjGfwrWb/ecuhhQ1XLSX7+8qdHmJvW5ZNVpZiylqu3+KwVPl+59BpdRDfGqaM5we
+W9ucneUFvNJTtKFO7RuufHsqMVjycrYqGObCamQ/55AguaR9wu3V3DRySmDrOBL
sTV3RKtwerDw1V0Hd0yI01GE2XY5j/P5+jDbCXhgrcfqO9UmDt27sC0GL4tRVfpl
3hmNY3yryqUzYlYoQaD4Rbr7zqudFgTI4swo0Ldem+vQO31httL7DVvYkixTzxM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:06 2024 by rpki-client on console-ams.rpki-client.org