Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/0u9bAXqZuQx3qC3DSRlJU__n2pQ.roa
File: 0u9bAXqZuQx3qC3DSRlJU__n2pQ.roa (raw, json)
Hash identifier: hWbhohjxcpLrRBLocmA6nZxVp/3ytt3NgjPDg5Z9ZuI=
Subject key identifier: D2:EF:5B:01:7A:99:B9:0C:77:A8:2D:C3:49:19:49:53:FF:E7:DA:94
Certificate issuer: /CN=acf910f36291c3c224ddb596d956543197f163de
Certificate serial: 01862C2C59E2A53F18E7F6A1D1454A84E831
Authority key identifier: AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/0u9bAXqZuQx3qC3DSRlJU__n2pQ.roa
Signing time: Tue 07 Feb 2023 13:59:09 +0000
ROA not before: Tue 07 Feb 2023 13:59:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201071
IP address blocks: 217.147.125.0/24 maxlen: 24
217.147.124.0/22 maxlen: 22
217.147.124.0/24 maxlen: 24
217.147.122.0/24 maxlen: 24
217.147.121.0/24 maxlen: 24
217.147.120.0/24 maxlen: 24
217.147.127.0/24 maxlen: 24
217.147.126.0/24 maxlen: 24
92.249.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2c:2c:59:e2:a5:3f:18:e7:f6:a1:d1:45:4a:84:e8:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf910f36291c3c224ddb596d956543197f163de
Validity
Not Before: Feb 7 13:59:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2ef5b017a99b90c77a82dc349194953ffe7da94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:bb:f2:fc:dc:13:3c:1f:24:89:76:08:06:37:
b5:58:e4:6a:99:4e:9a:51:96:d6:9f:9e:99:f1:73:
45:22:2c:a9:19:13:2b:bb:fb:e3:9c:0a:9e:2a:91:
3f:9e:c4:d3:a9:c0:ca:ed:c7:ed:33:0f:5f:3f:62:
51:a2:54:bc:77:5c:27:13:e6:3e:84:fc:31:0a:8b:
ff:00:81:55:10:71:52:f8:7d:a5:0f:28:b3:de:4c:
ba:d9:5c:fc:41:79:0d:b7:84:e3:78:49:92:dd:fe:
c5:45:7d:d9:45:f3:39:1e:e2:2c:f7:a0:5a:18:db:
5c:f0:78:8a:22:3e:d6:f8:85:61:32:d5:36:08:22:
20:b0:3d:be:6b:e8:a8:18:3c:39:2a:01:eb:ce:51:
c7:5b:35:2c:f1:22:3f:7d:c3:4b:84:0e:e5:00:ec:
29:f4:b7:f1:10:40:7e:19:33:bb:c3:47:18:5d:62:
b4:71:44:a1:2a:8f:20:fc:b6:fb:4d:10:f8:d1:8a:
22:d9:5d:7b:c4:b2:7d:9d:78:ed:e5:6c:14:1f:e5:
3c:19:34:b1:f0:ff:60:58:1f:9c:89:0f:99:f7:9d:
46:b6:9f:22:14:05:18:61:66:86:23:fb:36:26:98:
f6:23:95:83:11:5a:16:d2:78:f0:54:ff:a3:88:23:
54:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:EF:5B:01:7A:99:B9:0C:77:A8:2D:C3:49:19:49:53:FF:E7:DA:94
X509v3 Authority Key Identifier:
keyid:AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/0u9bAXqZuQx3qC3DSRlJU__n2pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/rPkQ82KRw8Ik3bWW2VZUMZfxY94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.5.0/24
217.147.120.0-217.147.122.255
217.147.124.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:03:50:d0:ac:a0:02:ab:ab:5e:4f:71:4c:72:01:d6:ed:7f:
c0:23:94:35:58:5a:50:74:35:07:cd:4f:4e:ff:3d:59:58:09:
c9:bb:94:59:1f:43:23:dc:41:8d:7c:69:4d:d2:af:a4:41:b6:
30:00:c6:ab:19:ef:5e:09:7b:04:5c:85:de:cc:e0:4c:91:03:
15:df:38:0a:ae:55:d4:7b:61:36:88:68:6c:5b:7c:a0:aa:56:
02:87:d6:00:b0:a2:3c:a1:95:05:6a:44:7c:09:97:41:fc:9e:
df:cc:3f:02:46:66:64:9c:84:ca:fe:43:77:21:cb:b3:4d:f0:
26:3f:f1:e6:c4:a6:01:7c:10:60:8c:d4:a4:c6:2a:78:44:69:
3c:81:de:6f:4d:8b:46:79:22:bf:03:72:01:d3:b9:41:86:c2:
b8:26:e6:09:99:f9:13:ba:a1:22:16:31:80:bd:47:cc:6f:23:
8f:a5:27:df:bc:d7:38:e6:4d:b4:c9:57:09:87:94:6a:db:3d:
df:ac:17:6c:5c:b2:6b:5a:33:7d:a5:a9:11:61:98:39:5c:5f:
19:79:7c:66:b0:b9:f4:21:24:1d:fb:f5:9f:4c:52:ff:fc:e1:
72:3f:60:ce:a4:3b:d2:8f:8e:6a:a5:a9:19:32:00:ac:f8:4f:
8b:11:aa:bc
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYYsLFnipT8Y5/ah0UVKhOgxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjkxMGYzNjI5MWMzYzIyNGRkYjU5NmQ5NTY1NDMxOTdm
MTYzZGUwHhcNMjMwMjA3MTM1OTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmVmNWIwMTdhOTliOTBjNzdhODJkYzM0OTE5NDk1M2ZmZTdkYTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrvy/NwTPB8kiXYIBje1WORqmU6a
UZbWn56Z8XNFIiypGRMru/vjnAqeKpE/nsTTqcDK7cftMw9fP2JRolS8d1wnE+Y+
hPwxCov/AIFVEHFS+H2lDyiz3ky62Vz8QXkNt4TjeEmS3f7FRX3ZRfM5HuIs96Ba
GNtc8HiKIj7W+IVhMtU2CCIgsD2+a+ioGDw5KgHrzlHHWzUs8SI/fcNLhA7lAOwp
9LfxEEB+GTO7w0cYXWK0cUShKo8g/Lb7TRD40Yoi2V17xLJ9nXjt5WwUH+U8GTSx
8P9gWB+ciQ+Z951Gtp8iFAUYYWaGI/s2Jpj2I5WDEVoW0njwVP+jiCNULQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNLvWwF6mbkMd6gtw0kZSVP/59qUMB8GA1UdIwQY
MBaAFKz5EPNikcPCJN21ltlWVDGX8WPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBrUTgyS1J3OElrM2JXVzJWWlVNWmZ4WTk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xZjVlMDctMzJiNi00MTE0LThiMGQt
ZDNiNThmNjk4MTQ4LzEvMHU5YkFYcVp1UXgzcUMzRFNSbEpVX19uMnBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xZjVlMDctMzJiNi00MTE0LThiMGQtZDNiNThmNjk4MTQ4
LzEvclBrUTgyS1J3OElrM2JXVzJWWlVNWmZ4WTk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAXPkFMAwD
BAPZk3gDBADZk3oDBALZk3wwDQYJKoZIhvcNAQELBQADggEBAG4DUNCsoAKrq15P
cUxyAdbtf8AjlDVYWlB0NQfNT07/PVlYCcm7lFkfQyPcQY18aU3Sr6RBtjAAxqsZ
714JewRchd7M4EyRAxXfOAquVdR7YTaIaGxbfKCqVgKH1gCwojyhlQVqRHwJl0H8
nt/MPwJGZmSchMr+Q3chy7NN8CY/8ebEpgF8EGCM1KTGKnhEaTyB3m9Ni0Z5Ir8D
cgHTuUGGwrgm5gmZ+RO6oSIWMYC9R8xvI4+lJ9+81zjmTbTJVwmHlGrbPd+sF2xc
smtaM32lqRFhmDlcXxl5fGawufQhJB379Z9MUv/84XI/YM6kO9KPjmqlqRkyAKz4
T4sRqrw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:53 2024 by rpki-client on console-fra.rpki-client.org