Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/235e61-42e4-4225-8fa6-0cadd847448b/1/iQRHHx589ZK_FU04nIxH4Er0KFk.roa
File: iQRHHx589ZK_FU04nIxH4Er0KFk.roa (raw, json)
Hash identifier: wXwzH8eKAVYKi5zRncp2M4aDQ9rtHduwnu296Dbd1dE=
Subject key identifier: 89:04:47:1F:1E:7C:F5:92:BF:15:4D:38:9C:8C:47:E0:4A:F4:28:59
Certificate issuer: /CN=e68ce86d409e824376560fe3b1a168f2ba0082e3
Certificate serial: 01856F949372D91ECF19F1FC89AD139F23AD
Authority key identifier: E6:8C:E8:6D:40:9E:82:43:76:56:0F:E3:B1:A1:68:F2:BA:00:82:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5ozobUCegkN2Vg_jsaFo8roAguM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/235e61-42e4-4225-8fa6-0cadd847448b/1/iQRHHx589ZK_FU04nIxH4Er0KFk.roa
Signing time: Sun 01 Jan 2023 23:04:46 +0000
ROA not before: Sun 01 Jan 2023 23:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42475
IP address blocks: 91.207.34.0/24 maxlen: 24
91.207.35.0/24 maxlen: 24
185.82.55.0/24 maxlen: 24
185.82.52.0/24 maxlen: 24
185.82.53.0/24 maxlen: 24
185.82.54.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:93:72:d9:1e:cf:19:f1:fc:89:ad:13:9f:23:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e68ce86d409e824376560fe3b1a168f2ba0082e3
Validity
Not Before: Jan 1 23:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8904471f1e7cf592bf154d389c8c47e04af42859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2a:dc:80:4b:08:2c:5a:16:73:a8:48:da:2f:
3f:67:6c:67:ec:ab:16:20:9e:6b:39:d5:d3:92:5f:
0d:21:d1:95:d8:32:be:ad:a6:5a:7d:f6:bf:6d:9d:
55:c3:ea:a9:d4:26:a1:c3:48:21:69:22:fc:0c:45:
05:b7:de:a5:98:12:5b:7f:f9:07:7f:11:85:1f:cb:
2c:79:fb:5f:c4:d5:04:ed:f1:cb:fb:04:25:bd:2b:
b0:2d:7b:e2:79:a4:82:cb:22:08:70:be:78:ea:ff:
b7:d1:ce:d3:2d:d3:55:0a:fd:6b:6f:70:cc:5a:5c:
8d:b6:fd:ba:f7:d0:78:6d:6e:f4:d6:ab:94:8c:0c:
a5:4d:14:51:64:78:12:e1:6f:0b:62:6e:57:4a:3d:
8f:b1:5b:9c:43:cd:45:c3:0b:42:1f:52:e7:ae:57:
1f:c2:ba:1e:ef:59:4d:82:d7:51:06:fd:55:1a:c6:
4e:78:37:66:94:7f:9a:92:64:dc:24:88:c5:09:a0:
10:84:81:23:48:e4:64:fc:57:c3:9c:25:51:ee:9b:
05:62:d9:8c:36:4a:ad:6d:1c:0f:75:df:bf:98:44:
04:fd:dd:0f:c1:12:47:ec:12:38:44:18:83:a4:7b:
10:ce:5a:12:2c:5c:69:5b:53:67:c4:d0:69:24:f4:
84:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:04:47:1F:1E:7C:F5:92:BF:15:4D:38:9C:8C:47:E0:4A:F4:28:59
X509v3 Authority Key Identifier:
keyid:E6:8C:E8:6D:40:9E:82:43:76:56:0F:E3:B1:A1:68:F2:BA:00:82:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5ozobUCegkN2Vg_jsaFo8roAguM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/235e61-42e4-4225-8fa6-0cadd847448b/1/iQRHHx589ZK_FU04nIxH4Er0KFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/235e61-42e4-4225-8fa6-0cadd847448b/1/5ozobUCegkN2Vg_jsaFo8roAguM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.34.0/23
185.82.52.0/22
Signature Algorithm: sha256WithRSAEncryption
44:75:78:72:87:60:07:15:1c:7f:34:4f:02:1d:0a:d6:7b:15:
e2:fa:a2:24:9d:68:4c:52:e9:7f:b4:0c:37:95:6b:54:5f:e1:
b9:d8:c0:f8:32:02:b5:b5:1e:4d:c7:bc:34:df:8e:91:0f:cb:
a6:72:16:c7:49:ee:23:39:66:dd:24:2a:e5:fa:1b:b4:22:8c:
4c:ed:fd:7e:ae:c1:3a:1c:34:91:da:e3:76:e0:a0:7b:f3:98:
d3:de:dc:c2:aa:63:2f:f0:25:db:76:5a:7d:6c:ef:4c:f0:f2:
04:71:d2:c0:38:04:78:5c:b5:0a:bb:2f:a7:d6:e5:09:6a:5c:
31:cb:db:a9:53:b7:26:10:0a:4c:fa:a3:5e:24:bb:bf:6a:99:
ab:61:95:b7:35:c8:f9:6b:cc:49:4a:c4:85:27:52:3f:3b:5f:
b1:3f:98:9b:32:8f:43:cb:4f:37:fe:c6:94:7e:e2:19:3e:5c:
75:0a:e3:29:e4:c3:34:3d:ac:c0:32:6e:09:ff:17:41:a5:7b:
4c:96:c1:b9:59:35:b8:e4:e4:7d:a7:20:84:0f:0f:30:20:e0:
f6:08:cd:23:f9:d0:27:94:97:8e:8f:55:a2:bf:8d:a5:b9:ee:
e0:69:b4:82:63:33:19:e1:f0:a5:44:68:e9:81:3d:40:d3:f3:
41:53:a4:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvlJNy2R7PGfH8ia0TnyOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2OGNlODZkNDA5ZTgyNDM3NjU2MGZlM2IxYTE2OGYyYmEw
MDgyZTMwHhcNMjMwMTAxMjMwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTA0NDcxZjFlN2NmNTkyYmYxNTRkMzg5YzhjNDdlMDRhZjQyODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyrcgEsILFoWc6hI2i8/Z2xn7KsW
IJ5rOdXTkl8NIdGV2DK+raZaffa/bZ1Vw+qp1Cahw0ghaSL8DEUFt96lmBJbf/kH
fxGFH8sseftfxNUE7fHL+wQlvSuwLXvieaSCyyIIcL546v+30c7TLdNVCv1rb3DM
WlyNtv2699B4bW701quUjAylTRRRZHgS4W8LYm5XSj2PsVucQ81FwwtCH1Lnrlcf
wroe71lNgtdRBv1VGsZOeDdmlH+akmTcJIjFCaAQhIEjSORk/FfDnCVR7psFYtmM
NkqtbRwPdd+/mEQE/d0PwRJH7BI4RBiDpHsQzloSLFxpW1NnxNBpJPSE5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIkERx8efPWSvxVNOJyMR+BK9ChZMB8GA1UdIwQY
MBaAFOaM6G1AnoJDdlYP47GhaPK6AILjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNW96b2JVQ2Vna04yVmdfanNhRm84cm9BZ3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8yMzVlNjEtNDJlNC00MjI1LThmYTYt
MGNhZGQ4NDc0NDhiLzEvaVFSSEh4NTg5WktfRlUwNG5JeEg0RXIwS0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8yMzVlNjEtNDJlNC00MjI1LThmYTYtMGNhZGQ4NDc0NDhi
LzEvNW96b2JVQ2Vna04yVmdfanNhRm84cm9BZ3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW88iAwQC
uVI0MA0GCSqGSIb3DQEBCwUAA4IBAQBEdXhyh2AHFRx/NE8CHQrWexXi+qIknWhM
Uul/tAw3lWtUX+G52MD4MgK1tR5Nx7w0346RD8umchbHSe4jOWbdJCrl+hu0IoxM
7f1+rsE6HDSR2uN24KB785jT3tzCqmMv8CXbdlp9bO9M8PIEcdLAOAR4XLUKuy+n
1uUJalwxy9upU7cmEApM+qNeJLu/apmrYZW3Ncj5a8xJSsSFJ1I/O1+xP5ibMo9D
y083/saUfuIZPlx1CuMp5MM0PazAMm4J/xdBpXtMlsG5WTW45OR9pyCEDw8wIOD2
CM0j+dAnlJeOj1Wiv42lue7gabSCYzMZ4fClRGjpgT1A0/NBU6Q6
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:21 2024 by rpki-client on console-fra.rpki-client.org