Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/q5y74O5philVvaRO_wnQXYYH28Y.roa
File: q5y74O5philVvaRO_wnQXYYH28Y.roa (raw, json)
Hash identifier: 7LNEqs2VKKuyBI+BxJk0DrK4+jBVq1FT55/Zhnr9RZc=
Subject key identifier: AB:9C:BB:E0:EE:69:86:29:55:BD:A4:4E:FF:09:D0:5D:86:07:DB:C6
Certificate issuer: /CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Certificate serial: 01856C65C696A2BD3C685775AD6F1A114078
Authority key identifier: C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/q5y74O5philVvaRO_wnQXYYH28Y.roa
Signing time: Sun 01 Jan 2023 08:14:47 +0000
ROA not before: Sun 01 Jan 2023 08:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210402
IP address blocks: 91.106.36.0/24 maxlen: 24
91.106.37.0/24 maxlen: 24
91.106.38.0/24 maxlen: 24
91.106.39.0/24 maxlen: 24
91.106.57.0/24 maxlen: 24
91.106.58.0/24 maxlen: 24
91.106.56.0/24 maxlen: 24
91.106.52.0/24 maxlen: 24
91.106.60.0/24 maxlen: 24
91.106.61.0/24 maxlen: 24
91.106.62.0/24 maxlen: 24
91.106.63.0/24 maxlen: 24
91.106.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Mar 2023 06:15:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:c6:96:a2:bd:3c:68:57:75:ad:6f:1a:11:40:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Validity
Not Before: Jan 1 08:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab9cbbe0ee69862955bda44eff09d05d8607dbc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:46:ba:d8:eb:30:2a:b4:4b:45:cc:22:d9:43:
8a:e9:c9:89:d6:88:2a:29:48:e4:50:76:96:b7:66:
e5:74:0d:70:7f:3b:b8:b1:27:3b:9d:40:36:a8:e6:
2f:02:62:ae:f8:e6:cc:8f:14:c9:56:c1:65:e8:b9:
ea:59:2f:43:88:be:df:15:51:ba:2c:27:da:84:ef:
d7:cb:06:02:a6:43:51:3c:de:93:05:87:61:d5:53:
d8:15:1e:91:73:39:0c:98:d3:bb:0e:07:2a:34:05:
72:ed:bf:93:61:d3:af:93:85:62:7f:7a:a2:da:a9:
0b:5c:a6:a0:8f:e6:f0:23:b0:fb:b2:b1:8c:67:18:
55:3a:15:51:6d:44:8b:a0:ae:5e:39:0e:c0:a4:ef:
b7:ee:0e:68:d0:83:d8:ff:8d:6b:1a:af:b5:75:3a:
6a:22:54:fd:c4:04:6d:fa:fb:dd:62:0f:b4:79:52:
fe:ce:5b:c7:23:5d:78:15:62:f8:92:84:0f:a7:41:
26:b9:de:8f:e2:a2:17:3a:09:fa:b7:9e:9b:85:8e:
48:ee:a0:07:e3:a2:af:a1:1a:bd:4d:7e:da:12:c8:
e9:dd:3a:f0:34:a8:f1:49:68:90:17:b8:cf:d5:49:
89:21:4b:b6:fd:7a:eb:f9:01:41:56:ea:89:50:2a:
15:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:9C:BB:E0:EE:69:86:29:55:BD:A4:4E:FF:09:D0:5D:86:07:DB:C6
X509v3 Authority Key Identifier:
keyid:C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/q5y74O5philVvaRO_wnQXYYH28Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.36.0/22
91.106.52.0/24
91.106.56.0/21
Signature Algorithm: sha256WithRSAEncryption
26:74:31:b6:4d:a3:53:d8:5f:56:dc:5c:0d:9a:ab:87:2d:77:
9d:17:25:2e:cc:43:81:c7:a5:b2:85:c4:4a:d5:34:cc:1a:0a:
07:c2:3a:0c:dd:cc:d1:e9:b4:a6:dc:2d:b7:b2:87:5a:58:c8:
8f:05:93:93:78:45:22:df:e2:6b:71:48:95:c1:5e:27:21:94:
72:f8:0b:fa:6f:52:f1:13:31:31:28:bf:39:9a:be:ea:0f:0b:
d2:95:08:aa:84:bb:4e:3a:1c:f0:c6:a4:bd:47:00:4d:f3:35:
b5:42:ea:57:96:1f:49:34:6b:c5:a6:1a:7b:42:9c:aa:1d:25:
32:ce:24:f9:8c:dd:02:00:51:71:0c:9a:1f:f3:f8:a0:4d:9e:
d2:a1:f2:bd:55:0d:85:04:59:3c:7c:18:67:7e:51:94:ac:dc:
5a:7f:62:bf:78:09:66:af:ba:1a:b4:2a:67:12:96:de:22:f9:
c2:b2:7d:a9:6e:4a:ad:ec:6c:35:0d:d5:e8:e7:c9:d9:75:bd:
8d:d8:6a:c8:10:0a:2f:57:e0:b0:b0:56:e4:55:cb:cd:ce:61:
b8:8c:02:66:2f:0f:92:7d:f7:9f:93:5f:78:eb:9e:90:9e:f5:
d1:f9:34:24:cc:28:1f:2d:ef:b7:1c:17:e2:09:e9:0e:30:c6:
98:ce:c1:70
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsZcaWor08aFd1rW8aEUB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOTJkOGQ1NTExYjE5ZWNlNDU2OTYwZjIzYmZhODg2ZWUx
ZDU3MGIwHhcNMjMwMTAxMDgxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjljYmJlMGVlNjk4NjI5NTViZGE0NGVmZjA5ZDA1ZDg2MDdkYmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAika62OswKrRLRcwi2UOK6cmJ1ogq
KUjkUHaWt2bldA1wfzu4sSc7nUA2qOYvAmKu+ObMjxTJVsFl6LnqWS9DiL7fFVG6
LCfahO/XywYCpkNRPN6TBYdh1VPYFR6RczkMmNO7DgcqNAVy7b+TYdOvk4Vif3qi
2qkLXKagj+bwI7D7srGMZxhVOhVRbUSLoK5eOQ7ApO+37g5o0IPY/41rGq+1dTpq
IlT9xARt+vvdYg+0eVL+zlvHI114FWL4koQPp0Emud6P4qIXOgn6t56bhY5I7qAH
46KvoRq9TX7aEsjp3TrwNKjxSWiQF7jP1UmJIUu2/Xrr+QFBVuqJUCoVZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKucu+DuaYYpVb2kTv8J0F2GB9vGMB8GA1UdIwQY
MBaAFMCS2NVRGxns5FaWDyO/qIbuHVcLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEt
MjY3YTE2YjQ2MjlmLzEvcTV5NzRPNXBoaWxWdmFST193blFYWVlIMjhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEtMjY3YTE2YjQ2Mjlm
LzEvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW2okAwQA
W2o0AwQDW2o4MA0GCSqGSIb3DQEBCwUAA4IBAQAmdDG2TaNT2F9W3FwNmquHLXed
FyUuzEOBx6WyhcRK1TTMGgoHwjoM3czR6bSm3C23sodaWMiPBZOTeEUi3+JrcUiV
wV4nIZRy+Av6b1LxEzExKL85mr7qDwvSlQiqhLtOOhzwxqS9RwBN8zW1QupXlh9J
NGvFphp7QpyqHSUyziT5jN0CAFFxDJof8/igTZ7SofK9VQ2FBFk8fBhnflGUrNxa
f2K/eAlmr7oatCpnEpbeIvnCsn2pbkqt7Gw1DdXo58nZdb2N2GrIEAovV+CwsFbk
VcvNzmG4jAJmLw+Sffefk194656QnvXR+TQkzCgfLe+3HBfiCekOMMaYzsFw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:02 2024 by rpki-client on console-fra.rpki-client.org