Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/wTxaV2m9EQ4LYGI3dgzcYZup1bw.roa
File: wTxaV2m9EQ4LYGI3dgzcYZup1bw.roa (raw, json)
Hash identifier: 6NrBrodn59zC4M/uwEphXOrN6qW4fzu8gS+awVVJmxw=
Subject key identifier: C1:3C:5A:57:69:BD:11:0E:0B:60:62:37:76:0C:DC:61:9B:A9:D5:BC
Certificate issuer: /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial: 018BA46EF17074404B9E11094219E8EF9103
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/wTxaV2m9EQ4LYGI3dgzcYZup1bw.roa
Signing time: Mon 06 Nov 2023 11:40:16 +0000
ROA not before: Mon 06 Nov 2023 11:40:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 91.193.252.0/24 maxlen: 24
91.193.255.0/24 maxlen: 24
91.193.254.0/24 maxlen: 24
93.89.219.0/24 maxlen: 24
93.89.223.0/24 maxlen: 24
93.89.222.0/24 maxlen: 24
93.89.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a4:6e:f1:70:74:40:4b:9e:11:09:42:19:e8:ef:91:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Validity
Not Before: Nov 6 11:40:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c13c5a5769bd110e0b606237760cdc619ba9d5bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:65:3e:e9:5b:09:42:22:00:c9:0f:3f:4a:4f:
f9:83:ed:58:dc:4a:1b:90:a1:ab:2f:a3:a7:0f:12:
dc:14:d5:49:65:b5:94:e8:e4:a2:8b:97:d5:01:33:
e4:bf:ac:58:19:e3:0e:77:32:8f:50:ca:5e:59:1a:
9b:2b:9d:45:8f:4f:13:1d:5a:7e:16:9f:3b:b6:88:
93:f1:0c:84:e2:83:77:e5:f8:a1:38:80:f0:c9:8b:
f7:26:d8:1b:8f:1e:ae:ae:74:69:bf:16:41:ee:1e:
98:f3:0e:b7:9f:4d:a5:10:4f:0b:6b:50:57:f5:00:
de:49:84:78:b9:06:c0:f2:eb:8e:74:b4:f7:32:3f:
88:6d:a4:b7:e1:b6:a1:a6:bc:86:52:d1:9a:9e:cb:
cf:43:8c:66:5f:c8:b4:10:13:d5:1d:ed:4a:ec:b0:
eb:df:a3:f3:da:85:21:fb:cb:16:fd:77:02:46:dc:
ee:da:8b:57:c9:a4:99:6e:df:d4:c6:a7:49:c0:c8:
d9:be:91:96:e7:cf:6a:5f:3c:70:f7:88:a3:a5:b8:
e3:89:c6:07:ec:75:ec:90:43:35:9b:ae:1e:a7:83:
98:c2:df:33:cc:a7:de:a7:4a:67:40:9b:6c:74:40:
e0:0d:a7:eb:3e:93:a2:39:c5:7f:1a:49:d4:5b:cd:
d7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:3C:5A:57:69:BD:11:0E:0B:60:62:37:76:0C:DC:61:9B:A9:D5:BC
X509v3 Authority Key Identifier:
keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/wTxaV2m9EQ4LYGI3dgzcYZup1bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.252.0/24
91.193.254.0/23
93.89.219.0/24
93.89.221.0-93.89.223.255
Signature Algorithm: sha256WithRSAEncryption
2c:18:a9:0c:2a:5d:0a:96:e3:0b:2b:1f:ea:ee:34:fd:e8:ab:
3f:a8:21:40:32:44:2d:22:46:15:8a:b5:08:f2:51:d8:53:8d:
71:81:eb:06:b4:a3:f9:ae:39:5d:6d:e3:14:33:44:5f:c2:5b:
2e:bb:08:62:c6:7e:11:cf:97:d0:fb:89:82:9e:2c:84:38:4c:
93:92:f0:9a:10:13:42:0e:36:67:e3:64:45:88:e6:17:ac:71:
df:5b:4d:62:69:f2:e2:27:35:16:70:af:de:dd:ac:60:0f:1d:
b5:d2:df:2a:91:90:c5:b2:78:ab:88:95:0c:83:a9:01:66:44:
6f:3e:ea:20:9c:1e:b2:53:5c:80:18:e2:c8:b2:91:f1:11:a8:
87:aa:3c:fe:79:3a:71:a2:87:1b:78:3a:8e:da:3d:cc:28:cf:
b9:ce:5a:b0:37:d9:c6:e5:32:3c:cd:b4:18:a0:36:a2:ce:bf:
10:f5:fa:8b:4a:07:62:cb:bd:ca:c7:b1:e4:f3:a0:47:2e:46:
37:09:cb:87:bd:58:45:b2:84:3e:f1:fb:69:ba:ab:54:76:3f:
32:21:65:f2:60:11:62:26:40:05:a5:89:73:d7:a2:09:dc:7f:
7b:f3:66:ce:77:1f:bd:1d:bf:bd:70:68:f6:5a:e5:66:40:57:
7d:6b:f7:04
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYukbvFwdEBLnhEJQhno75EDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjMxMTA2MTE0MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTNjNWE1NzY5YmQxMTBlMGI2MDYyMzc3NjBjZGM2MTliYTlkNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWU+6VsJQiIAyQ8/Sk/5g+1Y3Eob
kKGrL6OnDxLcFNVJZbWU6OSii5fVATPkv6xYGeMOdzKPUMpeWRqbK51Fj08THVp+
Fp87toiT8QyE4oN35fihOIDwyYv3Jtgbjx6urnRpvxZB7h6Y8w63n02lEE8La1BX
9QDeSYR4uQbA8uuOdLT3Mj+IbaS34bahpryGUtGansvPQ4xmX8i0EBPVHe1K7LDr
36Pz2oUh+8sW/XcCRtzu2otXyaSZbt/UxqdJwMjZvpGW589qXzxw94ijpbjjicYH
7HXskEM1m64ep4OYwt8zzKfep0pnQJtsdEDgDafrPpOiOcV/GknUW83XgwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFME8WldpvREOC2BiN3YM3GGbqdW8MB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvd1R4YVYybTlFUTRMWUdJM2RnemNZWnVwMWJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAW8H8AwQB
W8H+AwQAXVnbMAwDBABdWd0DBAVdWcAwDQYJKoZIhvcNAQELBQADggEBACwYqQwq
XQqW4wsrH+ruNP3oqz+oIUAyRC0iRhWKtQjyUdhTjXGB6wa0o/muOV1t4xQzRF/C
Wy67CGLGfhHPl9D7iYKeLIQ4TJOS8JoQE0IONmfjZEWI5hescd9bTWJp8uInNRZw
r97drGAPHbXS3yqRkMWyeKuIlQyDqQFmRG8+6iCcHrJTXIAY4siykfERqIeqPP55
OnGihxt4Oo7aPcwoz7nOWrA32cblMjzNtBigNqLOvxD1+otKB2LLvcrHseTzoEcu
RjcJy4e9WEWyhD7x+2m6q1R2PzIhZfJgEWImQAWliXPXogncf3vzZs53H70dv71w
aPZa5WZAV31r9wQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:05 2024 by rpki-client on console-fra.rpki-client.org