Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/_a2Q1M4jqecINHAD0PXrbKiunVk.roa
File: _a2Q1M4jqecINHAD0PXrbKiunVk.roa (raw, json)
Hash identifier: 8Tvki4OXKnd2rC0qxju9a3A3CoExk4NoKPnukdebChQ=
Subject key identifier: FD:AD:90:D4:CE:23:A9:E7:08:34:70:03:D0:F5:EB:6C:A8:AE:9D:59
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018FAB19C092A2C5787298FBFFC68AC5F916
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/_a2Q1M4jqecINHAD0PXrbKiunVk.roa
Signing time: Fri 24 May 2024 14:55:42 +0000
ROA not before: Fri 24 May 2024 14:55:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49074
IP address blocks: 91.228.140.0/22 maxlen: 22
91.234.56.0/22 maxlen: 22
151.248.95.0/24 maxlen: 24
176.113.104.0/22 maxlen: 22
194.40.204.0/22 maxlen: 22
2a04:2041::/32 maxlen: 32
2a04:2043::/32 maxlen: 32
2a04:2045::/32 maxlen: 32
2a04:2047::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 27 May 2024 12:28:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ab:19:c0:92:a2:c5:78:72:98:fb:ff:c6:8a:c5:f9:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: May 24 14:55:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdad90d4ce23a9e708347003d0f5eb6ca8ae9d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:68:a5:cf:c9:3a:d8:1e:48:ca:b6:26:30:11:
3f:87:9f:1e:3f:3a:25:d0:be:af:57:34:17:14:79:
51:73:b0:2f:d2:cc:6a:91:9d:0b:1f:db:04:da:b9:
06:fa:fa:9b:42:55:1d:7d:53:f7:14:4c:b7:29:7f:
98:fd:d9:98:86:d1:36:82:7e:e6:cf:d5:3a:89:1e:
37:c6:d2:cc:07:ef:ce:74:6b:bb:65:92:56:1d:0d:
35:73:69:65:50:38:5f:10:9f:6a:ef:c4:96:fd:11:
aa:24:b1:bb:38:93:10:72:93:0c:57:1b:72:4d:2c:
63:e1:ed:5b:64:60:ee:ea:13:4c:31:12:b8:d5:e9:
df:50:c6:e4:42:a2:22:3f:1e:3f:4a:a4:47:da:f8:
2d:fc:56:fd:c2:fd:23:5b:e1:76:47:3e:98:3b:45:
a4:d0:3f:fb:51:f3:cc:24:f2:5b:28:73:41:f5:ec:
1a:e8:06:4d:b2:2d:d8:90:74:e1:c3:72:3d:96:7d:
08:79:00:e0:62:99:f6:a3:3a:81:09:61:62:c1:82:
7f:60:15:38:53:1f:ec:b6:4a:8b:5e:75:83:15:1b:
81:96:50:6b:e2:e9:12:c0:0a:a2:dc:71:93:f0:e2:
57:90:b0:42:0a:7f:1f:2f:5b:33:e4:ae:03:41:63:
14:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:AD:90:D4:CE:23:A9:E7:08:34:70:03:D0:F5:EB:6C:A8:AE:9D:59
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/_a2Q1M4jqecINHAD0PXrbKiunVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.140.0/22
91.234.56.0/22
151.248.95.0/24
176.113.104.0/22
194.40.204.0/22
IPv6:
2a04:2041::/32
2a04:2043::/32
2a04:2045::/32
2a04:2047::/32
Signature Algorithm: sha256WithRSAEncryption
73:67:31:f0:1a:a2:fd:e0:d5:5c:3d:a7:a3:df:57:6d:cc:fc:
5c:58:9e:b1:f4:6d:3d:0f:34:bb:d4:39:b4:b9:46:0c:98:a5:
a0:88:b8:34:08:41:48:cc:f5:da:d2:d1:b3:83:7c:09:94:04:
ee:2f:a5:0b:f7:e4:bc:bc:46:7a:42:98:79:48:4f:30:82:ea:
de:c2:32:87:a7:89:29:68:56:4c:18:79:81:df:48:5b:9c:37:
54:b6:c0:26:05:0b:6e:8b:2a:7c:05:d0:90:df:14:cd:0a:fc:
0a:ea:2b:8f:fc:01:59:4c:02:57:3a:48:8a:45:b6:f5:37:f8:
bc:a2:fa:08:17:bb:2f:1f:99:83:5b:ad:37:71:dc:a9:a0:44:
24:fe:a8:a2:5e:31:68:af:b3:6e:c3:53:a1:e4:0c:d4:90:6d:
82:7d:01:19:fb:74:49:1e:d2:32:59:5b:75:42:6f:30:3a:08:
bc:73:13:c2:80:a8:b9:d9:a7:af:d4:2d:7f:62:2f:a0:72:36:
3d:b8:2a:d8:c4:de:26:f4:c2:df:5d:c4:ff:56:e1:22:f7:93:
80:27:65:7c:5f:81:4a:a6:b7:64:cf:4b:95:ed:cb:d8:29:bd:
eb:37:d9:26:d2:20:66:1d:ec:10:0f:c1:c9:2e:27:8f:c7:66:
54:dd:c4:74
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY+rGcCSosV4cpj7/8aKxfkWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjQwNTI0MTQ1NTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGFkOTBkNGNlMjNhOWU3MDgzNDcwMDNkMGY1ZWI2Y2E4YWU5ZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2ilz8k62B5IyrYmMBE/h58ePzol
0L6vVzQXFHlRc7Av0sxqkZ0LH9sE2rkG+vqbQlUdfVP3FEy3KX+Y/dmYhtE2gn7m
z9U6iR43xtLMB+/OdGu7ZZJWHQ01c2llUDhfEJ9q78SW/RGqJLG7OJMQcpMMVxty
TSxj4e1bZGDu6hNMMRK41enfUMbkQqIiPx4/SqRH2vgt/Fb9wv0jW+F2Rz6YO0Wk
0D/7UfPMJPJbKHNB9ewa6AZNsi3YkHThw3I9ln0IeQDgYpn2ozqBCWFiwYJ/YBU4
Ux/stkqLXnWDFRuBllBr4ukSwAqi3HGT8OJXkLBCCn8fL1sz5K4DQWMUNQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFP2tkNTOI6nnCDRwA9D162yorp1ZMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvX2EyUTFNNGpxZWNJTkhBRDBQWHJiS2l1blZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAkBAIAATAeAwQCW+SMAwQC
W+o4AwQAl/hfAwQCsHFoAwQCwijMMCIEAgACMBwDBQAqBCBBAwUAKgQgQwMFACoE
IEUDBQAqBCBHMA0GCSqGSIb3DQEBCwUAA4IBAQBzZzHwGqL94NVcPaej31dtzPxc
WJ6x9G09DzS71Dm0uUYMmKWgiLg0CEFIzPXa0tGzg3wJlATuL6UL9+S8vEZ6Qph5
SE8wgurewjKHp4kpaFZMGHmB30hbnDdUtsAmBQtuiyp8BdCQ3xTNCvwK6iuP/AFZ
TAJXOkiKRbb1N/i8ovoIF7svH5mDW603cdypoEQk/qiiXjFor7Nuw1Oh5AzUkG2C
fQEZ+3RJHtIyWVt1Qm8wOgi8cxPCgKi52aev1C1/Yi+gcjY9uCrYxN4m9MLfXcT/
VuEi95OAJ2V8X4FKprdkz0uV7cvYKb3rN9km0iBmHewQD8HJLiePx2ZU3cR0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:07 2024 by rpki-client on console-fra.rpki-client.org