Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/_48ohp03MYEaKQqMwg6FqsAFTXQ.roa
File: _48ohp03MYEaKQqMwg6FqsAFTXQ.roa (raw, json)
Hash identifier: aOYRsBljsqZFbkxups983CnfP3prh7zFDMOvZQ1f6sQ=
Subject key identifier: FF:8F:28:86:9D:37:31:81:1A:29:0A:8C:C2:0E:85:AA:C0:05:4D:74
Certificate issuer: /CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Certificate serial: 018DE9EB9A771A3C5AA7F3E4840600D7354C
Authority key identifier: AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/_48ohp03MYEaKQqMwg6FqsAFTXQ.roa
Signing time: Tue 27 Feb 2024 09:35:48 +0000
ROA not before: Tue 27 Feb 2024 09:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8851
IP address blocks: 91.84.0.0/18 maxlen: 18
91.84.96.0/19 maxlen: 19
91.84.128.0/17 maxlen: 17
91.85.0.0/17 maxlen: 17
91.85.128.0/19 maxlen: 19
91.85.192.0/18 maxlen: 18
194.46.32.0/19 maxlen: 19
194.46.36.0/24 maxlen: 24
194.46.37.0/24 maxlen: 24
194.46.39.0/24 maxlen: 24
194.46.40.0/24 maxlen: 24
194.46.41.0/24 maxlen: 24
194.46.43.0/24 maxlen: 24
194.46.44.0/24 maxlen: 24
194.46.45.0/24 maxlen: 24
194.46.46.0/24 maxlen: 24
194.46.48.0/21 maxlen: 21
194.46.56.0/24 maxlen: 24
194.46.61.0/24 maxlen: 24
194.46.64.0/22 maxlen: 22
194.46.68.0/23 maxlen: 23
194.46.72.0/22 maxlen: 22
194.46.76.0/23 maxlen: 23
194.46.78.0/24 maxlen: 24
194.46.80.0/23 maxlen: 23
194.46.81.0/24 maxlen: 24
194.46.82.0/24 maxlen: 24
212.104.129.0/24 maxlen: 24
212.104.130.0/24 maxlen: 24
212.104.132.0/24 maxlen: 24
212.104.136.0/24 maxlen: 24
212.104.143.0/24 maxlen: 24
212.104.149.0/24 maxlen: 24
212.104.150.0/24 maxlen: 24
212.104.152.0/24 maxlen: 24
212.104.155.0/24 maxlen: 24
212.104.156.0/24 maxlen: 24
212.104.159.0/24 maxlen: 24
212.108.80.0/21 maxlen: 21
212.108.80.0/23 maxlen: 23
212.108.84.0/24 maxlen: 24
212.108.88.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 28 Feb 2024 13:46:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e9:eb:9a:77:1a:3c:5a:a7:f3:e4:84:06:00:d7:35:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Validity
Not Before: Feb 27 09:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff8f28869d3731811a290a8cc20e85aac0054d74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e6:32:a6:a2:cc:15:c3:4b:30:96:87:39:54:
20:6e:aa:2e:52:c1:25:33:ac:69:f6:48:63:ec:1b:
e1:26:04:da:35:ec:c5:4c:bc:09:20:7d:ad:f7:b6:
74:20:47:32:e2:af:e0:1d:36:74:34:42:7f:b7:00:
f4:23:8a:c1:70:c3:89:d5:8b:ef:ea:c6:95:f1:b3:
9f:b1:3d:d5:5f:9d:0f:d8:58:d1:1f:4b:da:8a:d8:
f2:58:ee:44:a9:1e:b0:6c:6a:ee:e9:06:e7:32:11:
5a:0c:3f:ff:d0:75:b8:39:f6:87:1b:72:bc:11:de:
33:af:9f:a4:c8:92:73:86:b8:ec:bc:be:91:9b:42:
c4:9e:c5:e7:8a:22:22:11:46:ee:75:8d:c9:cc:22:
26:7e:0e:7f:67:5a:2c:67:ee:d3:f1:dd:bc:a4:d1:
86:6f:86:d1:bd:b9:cf:13:1e:f7:f7:0d:64:60:9d:
87:96:13:d9:5f:60:af:21:48:06:9e:40:60:c4:6c:
f4:24:32:0d:7d:75:ee:8f:8a:f0:43:d8:40:2d:72:
6a:ee:96:ed:0c:72:87:a0:a1:f6:d8:a3:53:3e:93:
47:a7:d9:5d:dc:98:a1:77:78:92:3a:e3:8e:76:fb:
91:d9:95:bf:06:6e:ef:95:31:71:a8:df:cb:ea:33:
a4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:8F:28:86:9D:37:31:81:1A:29:0A:8C:C2:0E:85:AA:C0:05:4D:74
X509v3 Authority Key Identifier:
keyid:AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/_48ohp03MYEaKQqMwg6FqsAFTXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.84.0.0/18
91.84.96.0-91.85.159.255
91.85.192.0/18
194.46.32.0-194.46.69.255
194.46.72.0-194.46.78.255
194.46.80.0-194.46.82.255
212.104.129.0-212.104.130.255
212.104.132.0/24
212.104.136.0/24
212.104.143.0/24
212.104.149.0-212.104.150.255
212.104.152.0/24
212.104.155.0-212.104.156.255
212.104.159.0/24
212.108.80.0-212.108.89.255
Signature Algorithm: sha256WithRSAEncryption
80:94:88:39:34:1c:d6:ed:f7:2e:53:20:6c:bf:9f:d5:de:82:
97:ca:d8:75:2f:2d:23:87:c1:86:c0:ab:87:0d:cd:13:49:7a:
31:d8:15:8b:8f:ea:c5:04:53:99:b0:88:9d:25:cc:0b:44:08:
f0:68:dd:d4:3f:53:e4:de:ee:20:72:ef:c1:c3:81:d0:1d:9d:
72:29:f8:63:02:d0:48:19:1b:24:62:78:32:ff:11:15:79:5d:
df:28:5e:94:ff:3f:4d:fa:82:09:19:33:cc:6f:41:00:93:b8:
4f:88:29:a9:e5:7f:50:e9:b9:0c:1a:42:1c:ba:ed:11:f1:e5:
e0:c3:be:ce:ca:80:a8:14:5b:ed:72:b1:76:63:2b:ec:13:42:
08:b5:5e:38:67:43:69:b2:70:fa:34:af:1a:40:83:15:65:59:
1a:7f:39:d2:b2:9f:35:cc:7a:88:84:f6:4d:86:25:85:3b:48:
68:06:d0:f1:bc:f6:33:8d:af:6f:1e:fd:37:ff:31:85:0f:dd:
60:4c:c0:d1:c3:d6:7c:e4:af:31:5e:53:11:56:2a:33:26:58:
19:d2:aa:be:fc:a1:27:84:f0:64:92:2b:b6:a4:a6:d4:02:0c:
14:25:2a:ff:01:fc:1c:62:09:4a:d7:1a:70:7e:13:a0:fe:ed:
33:c0:2c:fb
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAY3p65p3Gjxap/PkhAYA1zVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDM1MzkzMzY3NGE1NjA4ZjZkMWVlMmRhYjRmNjRjOGJm
ZjhmMzkwHhcNMjQwMjI3MDkzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjhmMjg4NjlkMzczMTgxMWEyOTBhOGNjMjBlODVhYWMwMDU0ZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneYypqLMFcNLMJaHOVQgbqouUsEl
M6xp9khj7BvhJgTaNezFTLwJIH2t97Z0IEcy4q/gHTZ0NEJ/twD0I4rBcMOJ1Yvv
6saV8bOfsT3VX50P2FjRH0vaitjyWO5EqR6wbGru6QbnMhFaDD//0HW4OfaHG3K8
Ed4zr5+kyJJzhrjsvL6Rm0LEnsXniiIiEUbudY3JzCImfg5/Z1osZ+7T8d28pNGG
b4bRvbnPEx739w1kYJ2HlhPZX2CvIUgGnkBgxGz0JDINfXXuj4rwQ9hALXJq7pbt
DHKHoKH22KNTPpNHp9ld3Jihd3iSOuOOdvuR2ZW/Bm7vlTFxqN/L6jOk4QIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFP+PKIadNzGBGikKjMIOharABU10MB8GA1UdIwQY
MBaAFK3TU5M2dKVgj20e4tq09kyL/485MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgt
NzJjODMxMjg3NjFiLzEvXzQ4b2hwMDNNWUVhS1FxTXdnNkZxc0FGVFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgtNzJjODMxMjg3NjFi
LzEvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBAZb
VAAwDAMEBVtUYAMEBVtVgAMEBltVwDAMAwQFwi4gAwQBwi5EMAwDBAPCLkgDBADC
Lk4wDAMEBMIuUAMEAMIuUjAMAwQA1GiBAwQA1GiCAwQA1GiEAwQA1GiIAwQA1GiP
MAwDBADUaJUDBADUaJYDBADUaJgwDAMEANRomwMEANRonAMEANRonzAMAwQE1GxQ
AwQB1GxYMA0GCSqGSIb3DQEBCwUAA4IBAQCAlIg5NBzW7fcuUyBsv5/V3oKXyth1
Ly0jh8GGwKuHDc0TSXox2BWLj+rFBFOZsIidJcwLRAjwaN3UP1Pk3u4gcu/Bw4HQ
HZ1yKfhjAtBIGRskYngy/xEVeV3fKF6U/z9N+oIJGTPMb0EAk7hPiCmp5X9Q6bkM
GkIcuu0R8eXgw77OyoCoFFvtcrF2YyvsE0IItV44Z0NpsnD6NK8aQIMVZVkafznS
sp81zHqIhPZNhiWFO0hoBtDxvPYzja9vHv03/zGFD91gTMDRw9Z85K8xXlMRVioz
JlgZ0qq+/KEnhPBkkiu2pKbUAgwUJSr/AfwcYglK1xpwfhOg/u0zwCz7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:14 2024 by rpki-client on console-fra.rpki-client.org