Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/xJqx_XTf4PSWt97A0vRB1xt9GFo.roa
File: xJqx_XTf4PSWt97A0vRB1xt9GFo.roa (raw, json)
Hash identifier: EsIH5j+P7aNQf2n3PMja3pu29HMMBKnzIfYRkctWT7U=
Subject key identifier: C4:9A:B1:FD:74:DF:E0:F4:96:B7:DE:C0:D2:F4:41:D7:1B:7D:18:5A
Certificate issuer: /CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Certificate serial: 018C552D98EFDDD4487662A739F8C3AB62A7
Authority key identifier: C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/xJqx_XTf4PSWt97A0vRB1xt9GFo.roa
Signing time: Sun 10 Dec 2023 19:21:40 +0000
ROA not before: Sun 10 Dec 2023 19:21:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58322
IP address blocks: 109.61.4.0/24 maxlen: 24
109.61.4.0/23 maxlen: 23
109.61.4.0/22 maxlen: 22
109.61.5.0/24 maxlen: 24
109.61.6.0/23 maxlen: 23
109.61.6.0/24 maxlen: 24
109.61.7.0/24 maxlen: 24
91.106.34.0/24 maxlen: 24
91.106.34.0/23 maxlen: 23
91.106.35.0/24 maxlen: 24
91.106.32.0/23 maxlen: 23
91.106.32.0/24 maxlen: 24
91.106.33.0/24 maxlen: 24
91.106.32.0/22 maxlen: 22
91.106.44.0/24 maxlen: 24
91.106.40.0/22 maxlen: 22
91.106.40.0/21 maxlen: 21
91.106.41.0/24 maxlen: 24
91.106.42.0/23 maxlen: 23
91.106.42.0/24 maxlen: 24
91.106.43.0/24 maxlen: 24
91.106.44.0/23 maxlen: 23
91.106.44.0/22 maxlen: 22
91.106.40.0/23 maxlen: 23
91.106.40.0/24 maxlen: 24
91.106.45.0/24 maxlen: 24
91.106.46.0/23 maxlen: 23
91.106.46.0/24 maxlen: 24
91.106.47.0/24 maxlen: 24
91.106.48.0/24 maxlen: 24
91.106.49.0/24 maxlen: 24
91.106.50.0/24 maxlen: 24
91.106.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:55:2d:98:ef:dd:d4:48:76:62:a7:39:f8:c3:ab:62:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Validity
Not Before: Dec 10 19:21:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c49ab1fd74dfe0f496b7dec0d2f441d71b7d185a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a8:96:c1:7c:e9:e2:8f:05:dd:8d:1e:27:f5:
f9:62:4d:f3:af:9e:df:6e:68:70:aa:1d:6e:ae:ad:
70:bc:29:7f:5b:57:bb:0f:28:43:c2:34:05:22:1a:
e8:ca:8d:03:46:df:5a:18:ae:c6:fe:00:48:59:0b:
4f:1b:5e:c2:3b:7a:32:3c:76:fe:66:d4:68:40:e3:
9f:3b:0e:86:66:40:4e:f6:38:7d:9b:71:83:6e:f0:
ad:d6:e8:39:88:43:8d:80:f3:62:51:8b:9f:fc:d5:
59:99:05:7d:13:7e:49:3d:27:ae:04:85:77:d8:ba:
5f:d8:6b:a6:3d:10:f6:67:fe:82:ab:95:18:e6:69:
3a:4d:a7:1d:f8:4a:93:12:45:17:bb:fb:b0:ce:aa:
83:17:a7:4b:0d:f6:3f:68:89:72:75:b9:c6:18:32:
42:c9:1b:c0:79:49:ac:31:c6:9e:dd:3a:73:ed:36:
fd:ee:f5:bb:c2:b8:e0:dd:a5:c8:d9:cf:98:00:92:
fa:47:45:62:1f:bb:48:8b:53:02:b1:59:5c:e6:ad:
ba:e7:84:11:fc:7e:b9:c1:ae:d2:86:b9:7f:a0:f3:
36:e8:8b:19:15:6f:c6:f1:c8:08:ab:5a:f5:ab:48:
33:1f:c0:b1:16:f0:e0:bd:b0:4a:4f:c4:5e:45:a0:
49:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:9A:B1:FD:74:DF:E0:F4:96:B7:DE:C0:D2:F4:41:D7:1B:7D:18:5A
X509v3 Authority Key Identifier:
keyid:C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/xJqx_XTf4PSWt97A0vRB1xt9GFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.32.0/22
91.106.40.0-91.106.51.255
109.61.4.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:ae:13:93:f2:bc:f8:8b:ab:86:05:f1:3e:9a:f7:05:66:9f:
a9:4e:95:70:b6:02:4f:b2:1c:d9:39:84:6d:f8:47:fb:f4:54:
a7:88:f4:44:4e:94:e3:36:01:a1:7f:41:00:3e:85:96:df:94:
2b:85:b4:ca:8e:24:33:18:a9:f7:10:fa:28:1b:5c:f4:11:a0:
21:17:80:f2:1d:f2:d1:56:1c:91:4e:4c:49:8d:67:1e:72:6b:
fc:6d:d8:52:e1:6a:76:df:d0:92:fe:96:a6:46:ae:b1:0e:ac:
e7:d9:15:81:27:01:51:69:68:7c:ca:bc:31:b9:0b:06:5b:ea:
ae:58:b9:d5:3b:31:2b:9d:22:e4:49:cc:b6:08:ba:0e:85:d4:
01:f4:43:ea:47:6e:91:c9:91:f1:ee:a5:a1:e4:69:69:0b:93:
c4:59:f7:50:03:a8:5a:0e:c4:e8:16:d8:0a:6c:3a:00:a9:e6:
de:6c:34:34:e5:9e:32:99:d5:24:64:33:21:cd:32:b9:a0:5b:
38:cd:44:fe:03:b9:b6:17:8c:6a:77:8b:e2:7e:52:9e:7b:0f:
f7:05:69:9e:41:79:be:78:3f:e7:fe:40:53:84:c2:8d:89:ce:
e1:ab:db:63:7d:89:5e:87:5f:7c:a7:4c:e1:4e:2b:79:3d:c9:
9d:95:a6:72
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYxVLZjv3dRIdmKnOfjDq2KnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOTJkOGQ1NTExYjE5ZWNlNDU2OTYwZjIzYmZhODg2ZWUx
ZDU3MGIwHhcNMjMxMjEwMTkyMTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDlhYjFmZDc0ZGZlMGY0OTZiN2RlYzBkMmY0NDFkNzFiN2QxODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qiWwXzp4o8F3Y0eJ/X5Yk3zr57f
bmhwqh1urq1wvCl/W1e7DyhDwjQFIhroyo0DRt9aGK7G/gBIWQtPG17CO3oyPHb+
ZtRoQOOfOw6GZkBO9jh9m3GDbvCt1ug5iEONgPNiUYuf/NVZmQV9E35JPSeuBIV3
2Lpf2GumPRD2Z/6Cq5UY5mk6Tacd+EqTEkUXu/uwzqqDF6dLDfY/aIlydbnGGDJC
yRvAeUmsMcae3Tpz7Tb97vW7wrjg3aXI2c+YAJL6R0ViH7tIi1MCsVlc5q2654QR
/H65wa7Shrl/oPM26IsZFW/G8cgIq1r1q0gzH8CxFvDgvbBKT8ReRaBJYwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMSasf103+D0lrfewNL0QdcbfRhaMB8GA1UdIwQY
MBaAFMCS2NVRGxns5FaWDyO/qIbuHVcLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEt
MjY3YTE2YjQ2MjlmLzEveEpxeF9YVGY0UFNXdDk3QTB2UkIxeHQ5R0ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEtMjY3YTE2YjQ2Mjlm
LzEvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCW2ogMAwD
BANbaigDBAJbajADBAJtPQQwDQYJKoZIhvcNAQELBQADggEBAD+uE5PyvPiLq4YF
8T6a9wVmn6lOlXC2Ak+yHNk5hG34R/v0VKeI9EROlOM2AaF/QQA+hZbflCuFtMqO
JDMYqfcQ+igbXPQRoCEXgPId8tFWHJFOTEmNZx5ya/xt2FLhanbf0JL+lqZGrrEO
rOfZFYEnAVFpaHzKvDG5CwZb6q5YudU7MSudIuRJzLYIug6F1AH0Q+pHbpHJkfHu
paHkaWkLk8RZ91ADqFoOxOgW2ApsOgCp5t5sNDTlnjKZ1SRkMyHNMrmgWzjNRP4D
ubYXjGp3i+J+Up57D/cFaZ5Beb54P+f+QFOEwo2JzuGr22N9iV6HX3ynTOFOK3k9
yZ2VpnI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:07 2024 by rpki-client on console-ams.rpki-client.org