Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/n42NWF1SAz12t65YfqVnkDC7lFE.roa
File: n42NWF1SAz12t65YfqVnkDC7lFE.roa (raw, json)
Hash identifier: +9RyeeS+tXPwDk3xIld+Ir7XFvKI7O69L557CH3KQ7Y=
Subject key identifier: 9F:8D:8D:58:5D:52:03:3D:76:B7:AE:58:7E:A5:67:90:30:BB:94:51
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 01856F9DC5345FF48DA762C32912066E7D71
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/n42NWF1SAz12t65YfqVnkDC7lFE.roa
Signing time: Sun 01 Jan 2023 23:14:48 +0000
ROA not before: Sun 01 Jan 2023 23:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51557
IP address blocks: 91.93.151.0/24 maxlen: 24
91.93.146.0/24 maxlen: 24
91.93.149.0/24 maxlen: 24
91.93.152.0/24 maxlen: 24
84.51.21.0/24 maxlen: 24
84.51.25.0/24 maxlen: 24
84.51.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:c5:34:5f:f4:8d:a7:62:c3:29:12:06:6e:7d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 23:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f8d8d585d52033d76b7ae587ea5679030bb9451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8b:c4:38:29:ec:87:81:1b:be:64:0a:a5:0e:
7e:1b:78:5b:13:07:b1:78:43:e8:c2:e2:20:ca:21:
79:df:0e:5f:02:7c:3f:61:76:40:17:3c:52:9a:04:
6d:37:94:0e:a6:e1:70:6c:ad:c7:f4:30:a1:0a:61:
52:2f:2a:4a:1a:8d:e0:16:b5:9c:ef:9c:b1:91:ee:
75:4e:ea:54:1f:d9:24:2d:b0:df:f9:dc:b7:58:06:
f2:d4:98:7d:3f:c6:90:e7:7d:cc:03:a8:9f:e6:2e:
9c:b8:5c:75:4b:eb:65:ac:a7:ef:2f:5b:fa:58:6b:
08:04:d7:a1:9f:57:67:cf:ef:8f:82:dc:ef:ea:95:
dc:74:10:df:fe:34:db:9c:c2:5f:ce:52:49:d0:22:
fa:90:f8:1d:57:ec:91:fd:c3:22:d9:e8:64:8a:2c:
d6:15:60:b1:72:e0:df:01:1a:67:5b:76:c7:bf:3e:
92:8d:e2:1a:54:c4:f7:81:13:d4:ce:0e:19:a8:92:
2e:68:6f:02:a9:05:8c:ec:ab:f0:ff:62:41:0d:ee:
46:c7:f0:b7:39:fe:bc:a2:01:42:42:75:fc:ee:65:
5d:73:01:39:07:5e:c2:79:a4:e8:3c:25:b5:b7:19:
bf:6a:2b:85:36:45:5d:b4:35:2d:1a:59:87:af:4e:
fc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:8D:8D:58:5D:52:03:3D:76:B7:AE:58:7E:A5:67:90:30:BB:94:51
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/n42NWF1SAz12t65YfqVnkDC7lFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.51.21.0/24
84.51.25.0/24
84.51.38.0/24
91.93.146.0/24
91.93.149.0/24
91.93.151.0-91.93.152.255
Signature Algorithm: sha256WithRSAEncryption
6a:98:7f:74:03:26:cc:19:8c:64:a4:7a:4e:e8:b5:f1:b6:28:
e6:c0:e5:dc:46:41:25:8f:67:18:3f:fb:2f:69:a2:c1:84:02:
df:bf:af:13:1f:68:21:32:4b:ba:44:6d:bb:ee:be:00:6c:40:
de:21:77:00:e1:8b:8c:c2:4f:1f:28:37:28:ba:52:65:da:b9:
51:99:bf:a7:45:53:da:73:a7:c9:1e:bf:43:0d:35:70:53:14:
bd:9c:50:94:96:44:ad:a2:34:07:4e:69:da:8d:70:1b:56:07:
42:c8:1b:31:16:d8:ab:87:ae:fd:37:f5:b5:a6:86:b5:f1:89:
f7:56:50:03:32:7b:3e:1a:07:79:fd:df:93:58:04:0b:1a:9e:
cf:85:2f:8d:1a:ec:38:87:e2:fa:34:09:46:d3:34:a9:0d:d2:
b9:91:55:74:fd:76:4d:db:c2:4e:a7:97:47:f5:65:e9:b8:69:
9f:2a:aa:97:de:19:14:ac:2d:33:ee:11:df:1b:85:30:17:cf:
38:4c:d1:ba:13:ac:ab:ba:82:1c:19:0a:b2:b0:69:71:17:4c:
db:5f:a9:ab:ce:28:70:32:07:1d:58:62:23:f6:6e:f7:3d:f6:
e0:c6:19:59:13:1a:41:be:49:63:62:a1:b7:51:86:82:dd:eb:
1d:8d:d5:08
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVvncU0X/SNp2LDKRIGbn1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjMwMTAxMjMxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjhkOGQ1ODVkNTIwMzNkNzZiN2FlNTg3ZWE1Njc5MDMwYmI5NDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4vEOCnsh4EbvmQKpQ5+G3hbEwex
eEPowuIgyiF53w5fAnw/YXZAFzxSmgRtN5QOpuFwbK3H9DChCmFSLypKGo3gFrWc
75yxke51TupUH9kkLbDf+dy3WAby1Jh9P8aQ533MA6if5i6cuFx1S+tlrKfvL1v6
WGsIBNehn1dnz++Pgtzv6pXcdBDf/jTbnMJfzlJJ0CL6kPgdV+yR/cMi2ehkiizW
FWCxcuDfARpnW3bHvz6SjeIaVMT3gRPUzg4ZqJIuaG8CqQWM7Kvw/2JBDe5Gx/C3
Of68ogFCQnX87mVdcwE5B17CeaToPCW1txm/aiuFNkVdtDUtGlmHr078vwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJ+NjVhdUgM9dreuWH6lZ5Awu5RRMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvbjQyTldGMVNBejEydDY1WWZxVm5rREM3bEZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAVDMVAwQA
VDMZAwQAVDMmAwQAW12SAwQAW12VMAwDBABbXZcDBABbXZgwDQYJKoZIhvcNAQEL
BQADggEBAGqYf3QDJswZjGSkek7otfG2KObA5dxGQSWPZxg/+y9posGEAt+/rxMf
aCEyS7pEbbvuvgBsQN4hdwDhi4zCTx8oNyi6UmXauVGZv6dFU9pzp8kev0MNNXBT
FL2cUJSWRK2iNAdOadqNcBtWB0LIGzEW2KuHrv039bWmhrXxifdWUAMyez4aB3n9
35NYBAsans+FL40a7DiH4vo0CUbTNKkN0rmRVXT9dk3bwk6nl0f1Zem4aZ8qqpfe
GRSsLTPuEd8bhTAXzzhM0boTrKu6ghwZCrKwaXEXTNtfqavOKHAyBx1YYiP2bvc9
9uDGGVkTGkG+SWNiobdRhoLd6x2N1Qg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org