Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/4yDwiWsw0MY8ww20XI3sTOdgX24.roa
File: 4yDwiWsw0MY8ww20XI3sTOdgX24.roa (raw, json)
Hash identifier: 4H/Gg5gMaq/9OnQAxDy6lLfke2xBu5aMYzeIfEEe5zY=
Subject key identifier: E3:20:F0:89:6B:30:D0:C6:3C:C3:0D:B4:5C:8D:EC:4C:E7:60:5F:6E
Certificate issuer: /CN=61e565562d3e3f565e9c0a41946ea53d45d5d657
Certificate serial: 0187FC40AB554107155A7B83C29F263ABA5B
Authority key identifier: 61:E5:65:56:2D:3E:3F:56:5E:9C:0A:41:94:6E:A5:3D:45:D5:D6:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YeVlVi0-P1ZenApBlG6lPUXV1lc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/4yDwiWsw0MY8ww20XI3sTOdgX24.roa
Signing time: Mon 08 May 2023 16:45:09 +0000
ROA not before: Mon 08 May 2023 16:45:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211186
IP address blocks: 91.218.22.0/24 maxlen: 24
185.14.96.0/24 maxlen: 24
195.95.189.0/24 maxlen: 24
2a0c:2580::/36 maxlen: 36
2a0c:2580:1000::/36 maxlen: 36
2a0c:2580::/30 maxlen: 30
Validation: Failed, certificate revoked on Tue 17 Oct 2023 10:55:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fc:40:ab:55:41:07:15:5a:7b:83:c2:9f:26:3a:ba:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61e565562d3e3f565e9c0a41946ea53d45d5d657
Validity
Not Before: May 8 16:45:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e320f0896b30d0c63cc30db45c8dec4ce7605f6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a6:4c:e5:87:67:f6:ca:99:ec:88:67:f8:47:
52:4e:99:ce:7d:fb:9c:92:f9:57:a6:60:77:21:11:
da:55:38:7d:67:81:f0:67:6e:b7:77:4a:d1:9f:2a:
ac:28:97:43:d4:d9:f1:11:c9:b0:11:bd:09:7d:1b:
db:d9:56:a4:15:15:75:36:45:6b:62:bc:8d:9c:f0:
a7:07:87:85:f0:3a:2e:0d:de:c3:9d:71:f9:9b:96:
67:9e:80:15:2c:52:0a:1b:dc:db:98:c4:28:68:a0:
66:06:3f:cb:f0:c6:eb:37:98:5c:26:77:82:ce:e0:
43:1f:43:d9:71:64:2c:63:34:26:d0:82:d5:a9:db:
1a:f4:fd:2d:fb:e5:5b:99:1f:03:59:7f:d0:43:95:
a5:5b:7a:8b:a7:ae:00:d1:5e:89:e0:d5:92:92:33:
07:16:11:07:17:df:ad:9a:f7:b5:e0:14:d0:57:2b:
80:b7:ff:00:5f:65:43:7e:e7:34:d5:f4:d5:32:3b:
6b:fb:31:88:3b:f1:34:c0:27:c3:b8:62:bb:dc:e2:
97:99:fd:86:7c:18:a1:1a:fd:a1:4a:85:45:ef:bb:
b4:fb:62:75:a1:73:12:8b:26:26:a8:23:a4:eb:7e:
33:f6:1b:7c:0b:cc:d4:cf:44:b5:c7:c0:11:9d:2e:
79:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:20:F0:89:6B:30:D0:C6:3C:C3:0D:B4:5C:8D:EC:4C:E7:60:5F:6E
X509v3 Authority Key Identifier:
keyid:61:E5:65:56:2D:3E:3F:56:5E:9C:0A:41:94:6E:A5:3D:45:D5:D6:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YeVlVi0-P1ZenApBlG6lPUXV1lc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/4yDwiWsw0MY8ww20XI3sTOdgX24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/YeVlVi0-P1ZenApBlG6lPUXV1lc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.22.0/24
185.14.96.0/24
195.95.189.0/24
IPv6:
2a0c:2580::/30
Signature Algorithm: sha256WithRSAEncryption
4e:c2:ed:4e:3b:e8:80:c4:86:5a:b6:0d:39:f5:86:13:7e:58:
02:a5:cf:97:e0:74:d8:67:d1:6c:df:fa:b4:05:66:82:8e:d7:
10:fc:b8:b4:e9:25:0c:49:2f:ee:af:56:4d:ee:3f:60:0f:b3:
bf:90:3d:13:41:a4:73:eb:f8:8a:ed:c1:6b:1a:8b:da:28:de:
85:d9:5c:1e:46:61:e1:89:17:6f:35:f3:da:8d:62:9b:8c:39:
20:55:ab:e8:37:05:4a:78:3b:29:f9:43:f2:3d:d5:5a:7f:55:
56:e2:ba:15:c0:e8:19:a9:b6:ff:8b:05:1c:ee:4f:8b:06:86:
c8:58:c3:75:16:2f:39:ef:c3:de:2e:52:78:d6:47:fe:a1:d7:
49:a5:fd:54:fe:bd:c8:40:e7:95:78:46:b4:32:89:13:8b:2d:
34:c6:c4:52:dd:1f:be:b9:d5:e9:98:00:d1:1b:cf:56:15:b3:
34:ed:d2:7b:f2:43:b6:3a:51:ba:49:87:3b:00:58:3c:c2:42:
a3:c3:40:39:8e:be:42:7f:82:42:8f:86:f4:c3:97:45:1f:54:
15:63:e5:6b:bb:b0:25:c7:9f:44:d2:f9:c7:5e:4b:9f:ce:5b:
48:a9:ee:3a:57:12:3c:cc:af:c2:54:e0:3f:7d:1a:78:cf:96:
58:b9:74:a6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYf8QKtVQQcVWnuDwp8mOrpbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZTU2NTU2MmQzZTNmNTY1ZTljMGE0MTk0NmVhNTNkNDVk
NWQ2NTcwHhcNMjMwNTA4MTY0NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzIwZjA4OTZiMzBkMGM2M2NjMzBkYjQ1YzhkZWM0Y2U3NjA1ZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6ZM5Ydn9sqZ7Ihn+EdSTpnOffuc
kvlXpmB3IRHaVTh9Z4HwZ263d0rRnyqsKJdD1NnxEcmwEb0JfRvb2VakFRV1NkVr
YryNnPCnB4eF8DouDd7DnXH5m5ZnnoAVLFIKG9zbmMQoaKBmBj/L8MbrN5hcJneC
zuBDH0PZcWQsYzQm0ILVqdsa9P0t++VbmR8DWX/QQ5WlW3qLp64A0V6J4NWSkjMH
FhEHF9+tmve14BTQVyuAt/8AX2VDfuc01fTVMjtr+zGIO/E0wCfDuGK73OKXmf2G
fBihGv2hSoVF77u0+2J1oXMSiyYmqCOk634z9ht8C8zUz0S1x8ARnS55CwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOMg8IlrMNDGPMMNtFyN7EznYF9uMB8GA1UdIwQY
MBaAFGHlZVYtPj9WXpwKQZRupT1F1dZXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWVWbFZpMC1QMVplbkFwQmxHNmxQVVhWMWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NjIxNGItMDFkZi00YjAxLWJhNzYt
ZjRjYmQ2YmE2YzBmLzEvNHlEd2lXc3cwTVk4d3cyMFhJM3NUT2RnWDI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NjIxNGItMDFkZi00YjAxLWJhNzYtZjRjYmQ2YmE2YzBm
LzEvWWVWbFZpMC1QMVplbkFwQmxHNmxQVVhWMWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9oWAwQA
uQ5gAwQAw1+9MA0EAgACMAcDBQIqDCWAMA0GCSqGSIb3DQEBCwUAA4IBAQBOwu1O
O+iAxIZatg059YYTflgCpc+X4HTYZ9Fs3/q0BWaCjtcQ/Li06SUMSS/ur1ZN7j9g
D7O/kD0TQaRz6/iK7cFrGovaKN6F2VweRmHhiRdvNfPajWKbjDkgVavoNwVKeDsp
+UPyPdVaf1VW4roVwOgZqbb/iwUc7k+LBobIWMN1Fi8578PeLlJ41kf+oddJpf1U
/r3IQOeVeEa0MokTiy00xsRS3R++udXpmADRG89WFbM07dJ78kO2OlG6SYc7AFg8
wkKjw0A5jr5Cf4JCj4b0w5dFH1QVY+Vru7Alx59E0vnHXkufzltIqe46VxI8zK/C
VOA/fRp4z5ZYuXSm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org