Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/39wMB4iPwqwiQcFgiPvmd0E9z24.roa
File: 39wMB4iPwqwiQcFgiPvmd0E9z24.roa (raw, json)
Hash identifier: /GiIIQSmjuPuEIKy5L3Jeya3a4K0iyLJHtT1GlzF4dw=
Subject key identifier: DF:DC:0C:07:88:8F:C2:AC:22:41:C1:60:88:FB:E6:77:41:3D:CF:6E
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 01856D9D367135B6450A765D1DDCE9867966
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/39wMB4iPwqwiQcFgiPvmd0E9z24.roa
Signing time: Sun 01 Jan 2023 13:54:57 +0000
ROA not before: Sun 01 Jan 2023 13:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.213.174.0/24 maxlen: 24
91.213.189.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
91.208.104.0/24 maxlen: 24
91.216.215.0/24 maxlen: 24
91.208.109.0/24 maxlen: 24
45.150.197.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:36:71:35:b6:45:0a:76:5d:1d:dc:e9:86:79:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Jan 1 13:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfdc0c07888fc2ac2241c16088fbe677413dcf6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8e:d3:6f:bb:83:cb:81:b2:d0:ba:b1:ee:c6:
34:eb:79:7a:04:11:be:ea:d7:09:1b:ac:87:62:c2:
27:fa:02:6d:56:92:4a:f7:97:c8:7d:de:fb:1a:71:
87:f1:8c:53:b5:2c:89:dd:68:a4:67:11:6f:2c:8a:
db:b4:ee:22:8d:68:c6:27:3f:48:d7:fd:51:e3:6e:
70:03:da:85:d9:cb:86:1a:4e:cb:1a:e5:15:e6:7e:
4b:bd:65:0d:34:80:7e:5e:63:06:fd:f7:f8:9d:14:
3c:2f:3d:86:4b:04:9d:ab:20:cd:78:f0:a5:bf:bd:
93:82:6b:df:98:dd:2a:7a:8c:96:d2:7f:73:bd:e1:
a9:e7:8b:e9:82:67:fa:7a:da:9c:d4:6c:ef:df:f6:
8e:18:54:2a:ad:cf:25:17:d7:0d:65:e1:2e:62:32:
a1:b7:71:c6:11:9d:b5:71:5e:0b:50:3b:b8:d5:9a:
6c:89:d2:a9:a3:8f:51:f7:f2:04:80:a8:a4:b1:7d:
0b:e7:39:80:75:9a:c9:86:52:0a:99:27:13:fe:67:
eb:d2:eb:19:b8:38:bd:2b:42:ab:f9:6a:fe:cc:8d:
fd:89:0c:8e:a1:6e:cb:8f:3e:00:ec:c3:eb:24:1f:
00:48:e5:4b:f0:8b:34:3a:e7:5e:39:ce:be:95:12:
03:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DC:0C:07:88:8F:C2:AC:22:41:C1:60:88:FB:E6:77:41:3D:CF:6E
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/39wMB4iPwqwiQcFgiPvmd0E9z24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.197.0/24
91.208.104.0/24
91.208.109.0/24
91.213.174.0/24
91.213.189.0/24
91.213.200.0/24
91.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:0e:30:80:bb:85:a7:76:c8:17:a6:d3:4a:91:92:0a:fc:07:
34:8d:10:de:b5:4a:97:02:b9:04:f0:8e:4e:ec:63:20:6f:d2:
0b:6c:55:7f:20:35:fa:52:de:7b:68:0c:49:6d:d4:e8:b6:df:
bd:ab:84:89:43:1e:3d:8a:cc:70:20:c0:8b:df:54:cc:83:2d:
e4:ef:b3:2c:89:46:9a:70:87:1e:77:2b:26:dc:19:ab:1b:21:
f7:2b:e1:e3:dc:cd:84:8b:6c:b2:71:72:56:83:7b:cd:04:19:
f9:81:0a:7e:d5:9b:3d:53:ce:4c:07:d3:dd:5d:d9:cd:cd:22:
7f:c6:82:5f:03:5e:45:49:e4:de:cf:82:03:e8:6a:3f:17:ec:
48:72:c1:9b:ce:74:2f:10:bc:07:c4:e1:53:ee:58:e3:ec:8b:
ae:7a:42:d8:ed:cb:cc:9f:90:2e:ed:5b:2c:0b:ae:2e:7e:40:
76:0e:d4:23:31:aa:10:dd:f1:1c:f7:df:1e:3f:61:60:3a:93:
eb:aa:57:1a:f6:35:55:9f:5e:5d:c6:22:b7:e1:38:94:26:03:
1f:c6:59:a4:db:71:31:9c:a5:cf:a1:69:67:ad:09:38:ff:40:
ea:76:5d:12:97:37:55:55:bb:4d:63:3f:2f:8c:fc:28:48:6b:
c1:a6:3e:cd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVtnTZxNbZFCnZdHdzphnlmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwMTAxMTM1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmRjMGMwNzg4OGZjMmFjMjI0MWMxNjA4OGZiZTY3NzQxM2RjZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlI7Tb7uDy4Gy0Lqx7sY063l6BBG+
6tcJG6yHYsIn+gJtVpJK95fIfd77GnGH8YxTtSyJ3WikZxFvLIrbtO4ijWjGJz9I
1/1R425wA9qF2cuGGk7LGuUV5n5LvWUNNIB+XmMG/ff4nRQ8Lz2GSwSdqyDNePCl
v72TgmvfmN0qeoyW0n9zveGp54vpgmf6etqc1Gzv3/aOGFQqrc8lF9cNZeEuYjKh
t3HGEZ21cV4LUDu41ZpsidKpo49R9/IEgKiksX0L5zmAdZrJhlIKmScT/mfr0usZ
uDi9K0Kr+Wr+zI39iQyOoW7Ljz4A7MPrJB8ASOVL8Is0OudeOc6+lRIDewIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFN/cDAeIj8KsIkHBYIj75ndBPc9uMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvMzl3TUI0aVB3cXdpUWNGZ2lQdm1kMEU5ejI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZbFAwQA
W9BoAwQAW9BtAwQAW9WuAwQAW9W9AwQAW9XIAwQAW9jXMA0GCSqGSIb3DQEBCwUA
A4IBAQB9DjCAu4WndsgXptNKkZIK/Ac0jRDetUqXArkE8I5O7GMgb9ILbFV/IDX6
Ut57aAxJbdTott+9q4SJQx49isxwIMCL31TMgy3k77MsiUaacIcedysm3BmrGyH3
K+Hj3M2Ei2yycXJWg3vNBBn5gQp+1Zs9U85MB9PdXdnNzSJ/xoJfA15FSeTez4ID
6Go/F+xIcsGbznQvELwHxOFT7ljj7IuuekLY7cvMn5Au7VssC64ufkB2DtQjMaoQ
3fEc998eP2FgOpPrqlca9jVVn15dxiK34TiUJgMfxlmk23ExnKXPoWlnrQk4/0Dq
dl0SlzdVVbtNYz8vjPwoSGvBpj7N
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:01 2023 by rpki-client on console-fra.rpki-client.org