Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/91-UzJNMTkGliHJmbsQQcJ7FtiI.roa
File: 91-UzJNMTkGliHJmbsQQcJ7FtiI.roa (raw, json)
Hash identifier: VyF77wNX50zqdpQ7m+aw3co82ZuB5N9g5wLAVoFCTVk=
Subject key identifier: F7:5F:94:CC:93:4C:4E:41:A5:88:72:66:6E:C4:10:70:9E:C5:B6:22
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018BA39162BFF1F09C36FEEB5EAB32065272
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/91-UzJNMTkGliHJmbsQQcJ7FtiI.roa
Signing time: Mon 06 Nov 2023 07:38:16 +0000
ROA not before: Mon 06 Nov 2023 07:38:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.213.180.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
82.153.136.0/22 maxlen: 22
89.213.4.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.148.0/22 maxlen: 24
109.176.248.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
213.152.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Nov 2023 07:46:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a3:91:62:bf:f1:f0:9c:36:fe:eb:5e:ab:32:06:52:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 6 07:38:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f75f94cc934c4e41a58872666ec410709ec5b622
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:10:cd:a5:38:6d:20:21:00:ba:a0:30:80:f6:
b8:fd:0c:e0:7e:eb:e4:cf:8a:76:15:12:41:b0:34:
3e:bc:b9:c9:f1:0f:a6:bd:b4:9d:ce:20:42:d4:f1:
cf:ff:64:08:0c:fc:c3:a7:d0:37:ef:85:b2:71:91:
68:d2:54:2b:9a:39:ca:d7:ed:9b:9b:92:49:22:0a:
43:fa:28:1b:6e:63:af:6c:e2:c4:22:b2:de:ba:b8:
f2:aa:bb:23:87:8b:03:f4:a9:a2:a5:95:1a:2c:ba:
a7:03:14:bb:0f:83:09:0c:e7:42:64:a2:b2:91:11:
13:ba:3f:1a:8f:b9:19:6b:8c:7e:7e:43:f9:c2:12:
72:fe:33:5c:50:d6:f6:f4:c9:0d:c2:45:22:87:fe:
26:8b:d6:ce:1d:3f:64:e4:58:df:9e:75:7f:39:be:
2e:dc:18:13:f6:a6:85:19:9f:f0:bc:f6:23:e4:72:
35:00:20:7d:bb:40:ae:af:20:9a:f7:c9:3b:bf:72:
e4:71:72:ee:9e:1c:07:0b:8f:d8:c4:73:94:03:95:
44:8b:c5:70:c4:97:4a:7a:6a:f4:8b:4d:bd:5f:e3:
2c:88:71:80:a1:86:59:0e:89:3a:f4:4d:ec:dd:14:
35:c5:af:b6:73:fd:8e:9f:d6:5e:31:e3:08:6c:86:
16:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:5F:94:CC:93:4C:4E:41:A5:88:72:66:6E:C4:10:70:9E:C5:B6:22
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/91-UzJNMTkGliHJmbsQQcJ7FtiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
81.168.123.0/24
82.153.136.0/22
89.213.4.0/24
89.213.148.0-89.213.159.255
89.213.180.0/22
109.176.248.0/24
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
40:ff:85:c6:4c:d0:bd:05:05:9c:34:c5:fa:2c:e1:41:7a:62:
05:c0:83:16:eb:93:c0:91:57:f6:ff:cd:bd:85:91:2c:1a:26:
4e:3d:64:8f:85:14:4e:24:fa:4b:2b:44:f4:6f:ce:9c:7f:58:
d7:3e:fb:2e:68:83:30:a3:e5:2e:45:5d:37:9b:5d:10:dc:85:
f0:f2:30:b9:a7:1c:e6:79:56:e9:fe:57:9f:d8:c4:e2:d1:ff:
99:19:e8:f5:6d:58:f2:33:70:9c:b9:c6:35:57:9e:5e:d5:7d:
30:24:fb:c9:bf:19:98:a4:f6:56:af:3a:ff:d8:b5:52:02:5a:
a8:b4:3e:9b:cb:62:91:99:d9:8b:95:8e:fa:3c:67:42:19:76:
94:92:61:b8:32:fc:28:91:46:36:fd:49:e3:c6:99:e9:ee:8d:
04:ec:75:14:db:6a:bc:2d:99:ca:6c:34:15:50:af:29:37:07:
69:07:96:d8:12:4f:8e:f1:7b:46:80:3c:44:e5:f1:1b:a1:27:
e8:11:27:92:24:13:ef:ec:66:d4:00:ea:fd:3b:ec:0b:df:4a:
3c:44:af:69:0d:16:b4:65:43:42:a6:24:52:f9:25:66:12:ed:
f3:07:47:f9:57:1d:5c:1e:5d:5c:4f:2e:8a:93:cc:00:4b:22:
11:36:54:2d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYujkWK/8fCcNv7rXqsyBlJyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTA2MDczODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzVmOTRjYzkzNGM0ZTQxYTU4ODcyNjY2ZWM0MTA3MDllYzViNjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRDNpThtICEAuqAwgPa4/Qzgfuvk
z4p2FRJBsDQ+vLnJ8Q+mvbSdziBC1PHP/2QIDPzDp9A374WycZFo0lQrmjnK1+2b
m5JJIgpD+igbbmOvbOLEIrLeurjyqrsjh4sD9KmipZUaLLqnAxS7D4MJDOdCZKKy
kRETuj8aj7kZa4x+fkP5whJy/jNcUNb29MkNwkUih/4mi9bOHT9k5FjfnnV/Ob4u
3BgT9qaFGZ/wvPYj5HI1ACB9u0CuryCa98k7v3LkcXLunhwHC4/YxHOUA5VEi8Vw
xJdKemr0i029X+MsiHGAoYZZDok69E3s3RQ1xa+2c/2On9ZeMeMIbIYW7wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFPdflMyTTE5BpYhyZm7EEHCexbYiMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOTEtVXpKTk1Ua0dsaUhKbWJzUVFjSjdGdGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAUah3AwQA
Uah7AwQCUpmIAwQAWdUEMAwDBAJZ1ZQDBAVZ1YADBAJZ1bQDBABtsPgDBAG5MX4D
BADVmCowDQYJKoZIhvcNAQELBQADggEBAED/hcZM0L0FBZw0xfos4UF6YgXAgxbr
k8CRV/b/zb2FkSwaJk49ZI+FFE4k+ksrRPRvzpx/WNc++y5ogzCj5S5FXTebXRDc
hfDyMLmnHOZ5Vun+V5/YxOLR/5kZ6PVtWPIzcJy5xjVXnl7VfTAk+8m/GZik9lav
Ov/YtVICWqi0PpvLYpGZ2YuVjvo8Z0IZdpSSYbgy/CiRRjb9SePGmenujQTsdRTb
arwtmcpsNBVQryk3B2kHltgST47xe0aAPETl8RuhJ+gRJ5IkE+/sZtQA6v077Avf
SjxEr2kNFrRlQ0KmJFL5JWYS7fMHR/lXHVweXVxPLoqTzABLIhE2VC0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org