Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/bF--9oLHwzdRQ65NPmz4yX2wco0.roa
File: bF--9oLHwzdRQ65NPmz4yX2wco0.roa (raw, json)
Hash identifier: ZCV9OlZioLPdbB1rqA68PdSUv7URhnVMwgMDW+RxWhk=
Subject key identifier: 6C:5F:BE:F6:82:C7:C3:37:51:43:AE:4D:3E:6C:F8:C9:7D:B0:72:8D
Certificate issuer: /CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Certificate serial: 018C440A9A648BA1153B6D4C644E88EF9199
Authority key identifier: C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/bF--9oLHwzdRQ65NPmz4yX2wco0.roa
Signing time: Thu 07 Dec 2023 11:29:54 +0000
ROA not before: Thu 07 Dec 2023 11:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210402
IP address blocks: 109.61.4.0/24 maxlen: 24
109.61.4.0/23 maxlen: 23
109.61.4.0/22 maxlen: 22
109.61.5.0/24 maxlen: 24
109.61.6.0/23 maxlen: 23
109.61.6.0/24 maxlen: 24
109.61.7.0/24 maxlen: 24
91.106.36.0/22 maxlen: 22
91.106.36.0/24 maxlen: 24
91.106.37.0/24 maxlen: 24
91.106.38.0/24 maxlen: 24
91.106.39.0/24 maxlen: 24
91.106.38.0/23 maxlen: 23
91.106.50.0/24 maxlen: 24
91.106.49.0/24 maxlen: 24
91.106.57.0/24 maxlen: 24
91.106.58.0/24 maxlen: 24
91.106.53.0/24 maxlen: 24
91.106.54.0/24 maxlen: 24
91.106.55.0/24 maxlen: 24
91.106.56.0/24 maxlen: 24
91.106.56.0/22 maxlen: 22
91.106.52.0/24 maxlen: 24
91.106.60.0/24 maxlen: 24
91.106.61.0/24 maxlen: 24
91.106.62.0/24 maxlen: 24
91.106.63.0/24 maxlen: 24
91.106.59.0/24 maxlen: 24
91.106.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:0a:9a:64:8b:a1:15:3b:6d:4c:64:4e:88:ef:91:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Validity
Not Before: Dec 7 11:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c5fbef682c7c3375143ae4d3e6cf8c97db0728d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:84:09:e4:63:37:ca:c7:a7:aa:b9:b4:dd:45:
4b:26:8e:1f:87:72:aa:98:74:6d:54:47:22:83:4c:
03:74:d6:e3:52:d7:6b:3e:5f:61:af:b9:0c:0b:9a:
c4:71:1c:0f:cb:0f:10:b3:9f:5a:94:6a:f8:db:82:
e5:03:8e:5c:24:2b:38:b6:c3:29:69:df:9b:9f:9a:
2a:e9:28:b3:60:ed:39:e8:b9:da:16:f7:17:f9:64:
36:16:83:d0:27:5b:31:34:2a:0a:07:a5:aa:86:07:
a1:63:79:81:7d:77:00:21:ce:08:e7:d4:3e:d5:4b:
a9:11:4d:b5:a0:0b:d1:d7:06:a7:44:28:37:ac:cf:
9f:a1:10:58:4d:b8:3b:36:90:1d:47:94:0b:45:98:
eb:e5:f1:b5:19:0e:f2:9b:30:4d:d2:f7:39:83:46:
cf:d3:43:90:d8:3c:8c:d5:c8:21:5c:2b:14:7c:2d:
db:3a:4f:d0:5c:d2:b1:d1:dd:66:03:ed:52:5d:a7:
f9:4a:ca:4c:f0:da:09:5d:0a:7e:67:d1:fb:f1:87:
54:fe:40:cc:dd:30:f3:ed:54:4e:aa:19:50:f8:d2:
fd:01:61:74:2d:fb:ac:80:5e:ad:d8:a9:25:64:bf:
ab:12:cb:b3:ae:70:20:1e:e1:43:f5:4a:f7:e6:cb:
c5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:5F:BE:F6:82:C7:C3:37:51:43:AE:4D:3E:6C:F8:C9:7D:B0:72:8D
X509v3 Authority Key Identifier:
keyid:C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/bF--9oLHwzdRQ65NPmz4yX2wco0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.36.0/22
91.106.49.0-91.106.50.255
91.106.52.0-91.106.63.255
109.61.4.0/22
Signature Algorithm: sha256WithRSAEncryption
69:e4:71:a5:fd:a5:d2:4a:8e:e4:71:22:f9:b3:ee:50:b4:0e:
a0:4d:a9:ec:15:c8:5b:ef:99:af:73:c9:7e:e1:2f:57:a9:1d:
e3:d0:18:11:d5:8e:fe:9b:b2:40:91:a2:c2:26:62:7b:28:e7:
69:29:e4:d8:7d:09:3f:4e:db:cc:6e:33:58:82:f5:18:84:19:
aa:20:24:97:7b:39:24:3d:c5:75:04:3d:b5:98:9f:cf:49:97:
81:be:7e:5d:ec:b1:1b:5e:0a:a1:4b:b1:82:72:13:68:27:3c:
2e:11:a8:d4:7c:d2:2a:5b:cf:da:de:c7:0e:db:36:b4:92:54:
d5:1b:e2:cd:60:15:88:38:ba:95:b5:2f:0d:7b:b2:6b:48:4c:
8c:43:cc:3a:ba:b5:1f:07:fe:c0:08:b4:3b:43:70:6f:11:29:
85:6e:b1:0a:26:71:1a:80:95:ce:a2:9e:c0:ca:dd:e9:39:e9:
63:1f:f0:ac:96:f5:51:69:72:f4:b9:29:ce:a1:03:ba:12:4e:
d3:a8:96:8a:ab:81:9e:8f:aa:f7:55:fe:9d:8c:9b:72:c4:e7:
80:7b:dc:2a:eb:b8:65:dd:b5:f6:73:c6:c2:84:c0:b5:49:34:
6a:9d:ed:36:2e:ab:25:57:1d:a6:7a:65:10:79:cb:e5:de:c4:
75:5e:71:d1
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYxECppki6EVO21MZE6I75GZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOTJkOGQ1NTExYjE5ZWNlNDU2OTYwZjIzYmZhODg2ZWUx
ZDU3MGIwHhcNMjMxMjA3MTEyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzVmYmVmNjgyYzdjMzM3NTE0M2FlNGQzZTZjZjhjOTdkYjA3MjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoQJ5GM3ysenqrm03UVLJo4fh3Kq
mHRtVEcig0wDdNbjUtdrPl9hr7kMC5rEcRwPyw8Qs59alGr424LlA45cJCs4tsMp
ad+bn5oq6SizYO056LnaFvcX+WQ2FoPQJ1sxNCoKB6WqhgehY3mBfXcAIc4I59Q+
1UupEU21oAvR1wanRCg3rM+foRBYTbg7NpAdR5QLRZjr5fG1GQ7ymzBN0vc5g0bP
00OQ2DyM1cghXCsUfC3bOk/QXNKx0d1mA+1SXaf5SspM8NoJXQp+Z9H78YdU/kDM
3TDz7VROqhlQ+NL9AWF0LfusgF6t2KklZL+rEsuzrnAgHuFD9Ur35svF5QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGxfvvaCx8M3UUOuTT5s+Ml9sHKNMB8GA1UdIwQY
MBaAFMCS2NVRGxns5FaWDyO/qIbuHVcLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEt
MjY3YTE2YjQ2MjlmLzEvYkYtLTlvTEh3emRSUTY1TlBtejR5WDJ3Y28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEtMjY3YTE2YjQ2Mjlm
LzEvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCW2okMAwD
BABbajEDBABbajIwDAMEAltqNAMEBltqAAMEAm09BDANBgkqhkiG9w0BAQsFAAOC
AQEAaeRxpf2l0kqO5HEi+bPuULQOoE2p7BXIW++Zr3PJfuEvV6kd49AYEdWO/puy
QJGiwiZieyjnaSnk2H0JP07bzG4zWIL1GIQZqiAkl3s5JD3FdQQ9tZifz0mXgb5+
XeyxG14KoUuxgnITaCc8LhGo1HzSKlvP2t7HDts2tJJU1RvizWAViDi6lbUvDXuy
a0hMjEPMOrq1Hwf+wAi0O0NwbxEphW6xCiZxGoCVzqKewMrd6TnpYx/wrJb1UWly
9LkpzqEDuhJO06iWiquBno+q91X+nYybcsTngHvcKuu4Zd219nPGwoTAtUk0ap3t
Ni6rJVcdpnplEHnL5d7EdV5x0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:02 2024 by rpki-client on console-fra.rpki-client.org