Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/FNenMi3f7HqxQWqCrtXd4_HyLuQ.roa
File: FNenMi3f7HqxQWqCrtXd4_HyLuQ.roa (raw, json)
Hash identifier: O9a+bfcSpK+ykQFICTBtBp9vUOUZa59IzhAm1usC8TA=
Subject key identifier: 14:D7:A7:32:2D:DF:EC:7A:B1:41:6A:82:AE:D5:DD:E3:F1:F2:2E:E4
Certificate issuer: /CN=480b4e6530f58db338e41d434e5c248eb8b49eb5
Certificate serial: 018A5CBA4010B135025D41488EE5ADA6E98E
Authority key identifier: 48:0B:4E:65:30:F5:8D:B3:38:E4:1D:43:4E:5C:24:8E:B8:B4:9E:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAtOZTD1jbM45B1DTlwkjri0nrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/FNenMi3f7HqxQWqCrtXd4_HyLuQ.roa
Signing time: Sun 03 Sep 2023 20:27:04 +0000
ROA not before: Sun 03 Sep 2023 20:27:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44628
IP address blocks: 91.211.176.0/24 maxlen: 24
91.211.178.0/24 maxlen: 24
91.211.179.0/24 maxlen: 24
91.237.232.0/24 maxlen: 24
195.42.136.0/23 maxlen: 23
91.237.233.0/24 maxlen: 24
91.237.234.0/24 maxlen: 24
91.237.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5c:ba:40:10:b1:35:02:5d:41:48:8e:e5:ad:a6:e9:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=480b4e6530f58db338e41d434e5c248eb8b49eb5
Validity
Not Before: Sep 3 20:27:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14d7a7322ddfec7ab1416a82aed5dde3f1f22ee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f8:e7:e0:7f:20:be:fc:ec:ee:04:f4:0b:29:
9d:dc:d2:54:58:26:60:ab:f6:76:39:32:ab:73:ce:
18:75:5d:06:ff:76:3b:91:14:e5:a3:2c:9a:8f:02:
67:60:24:ff:08:f7:c5:4c:ad:74:07:14:3d:ad:92:
a2:42:3c:7c:68:21:32:a9:06:5a:41:37:9f:d4:1d:
a1:57:64:08:bd:ac:f9:94:a6:e4:7c:cf:22:c2:12:
c8:65:ed:86:6d:fe:a4:19:c5:1a:19:14:d7:9f:c0:
f5:47:f8:b5:da:ce:ed:86:e2:1f:17:13:f2:e3:e5:
81:f0:05:b5:fb:cd:f5:55:04:a6:4e:8b:ed:be:da:
fc:3c:ba:3a:04:a0:23:c8:da:79:c6:12:d6:8d:71:
41:ab:79:23:c3:8f:97:c4:5b:a9:16:1d:c9:f2:74:
1b:0f:07:d7:0f:b5:fc:3d:92:29:7e:f6:68:37:3a:
c0:b1:fe:f0:17:f3:be:1a:3d:d0:9c:5c:e7:d2:90:
59:f1:25:e3:75:93:1f:88:ef:94:25:25:66:63:ac:
78:3b:ea:15:96:27:fb:f7:97:e7:71:5b:6a:d5:c4:
20:c2:35:d1:f7:e6:28:4d:5a:22:58:e4:cc:89:aa:
58:74:8e:5c:9f:cf:d1:a0:bc:e8:4b:b3:96:29:29:
db:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D7:A7:32:2D:DF:EC:7A:B1:41:6A:82:AE:D5:DD:E3:F1:F2:2E:E4
X509v3 Authority Key Identifier:
keyid:48:0B:4E:65:30:F5:8D:B3:38:E4:1D:43:4E:5C:24:8E:B8:B4:9E:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAtOZTD1jbM45B1DTlwkjri0nrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/FNenMi3f7HqxQWqCrtXd4_HyLuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/SAtOZTD1jbM45B1DTlwkjri0nrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.176.0/24
91.211.178.0/23
91.237.232.0/22
195.42.136.0/23
Signature Algorithm: sha256WithRSAEncryption
01:32:0e:a3:a3:2f:34:ad:54:2a:dc:64:2e:de:7b:78:a4:6d:
c9:8a:40:2c:83:80:02:ad:b7:73:a4:da:fc:d2:21:0c:73:cd:
f1:ab:27:97:a9:26:28:22:33:c8:54:78:57:3f:6c:50:db:a1:
0c:b5:2c:fa:e7:fb:a8:59:2b:52:eb:49:e5:3c:38:02:66:e0:
8a:a2:b8:10:0b:51:40:f6:d9:53:07:d8:56:e6:46:d5:6f:fe:
d5:ce:f0:f1:0c:f5:47:d6:02:84:f2:a5:e9:e0:df:75:93:09:
cf:9f:d8:6d:c8:48:89:31:ce:b5:47:a1:21:42:9d:f7:94:6d:
2d:43:7f:e5:e5:a4:5f:b8:bf:fa:a7:86:e2:60:8b:19:4a:b1:
4e:7d:f9:5f:ac:46:5f:1c:22:06:09:c8:ca:a7:02:12:4b:1b:
f1:38:0f:a6:a7:0b:5f:f1:5e:47:fa:3b:b7:39:84:c4:6a:7c:
3a:d7:01:bf:f0:38:45:88:dd:e0:41:ba:fb:5d:9d:f4:04:90:
0b:fe:23:6a:ca:3a:87:d4:1f:69:e7:15:82:13:a9:ac:9c:5a:
fd:2c:cc:5e:41:a5:af:9f:63:0a:b1:b5:52:31:23:67:bf:f6:
34:a5:51:d0:4f:05:6b:60:3f:ba:7f:c7:35:3c:6e:3c:b9:f6:
57:2b:4c:e0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYpcukAQsTUCXUFIjuWtpumOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MGI0ZTY1MzBmNThkYjMzOGU0MWQ0MzRlNWMyNDhlYjhi
NDllYjUwHhcNMjMwOTAzMjAyNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGQ3YTczMjJkZGZlYzdhYjE0MTZhODJhZWQ1ZGRlM2YxZjIyZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/jn4H8gvvzs7gT0Cymd3NJUWCZg
q/Z2OTKrc84YdV0G/3Y7kRTloyyajwJnYCT/CPfFTK10BxQ9rZKiQjx8aCEyqQZa
QTef1B2hV2QIvaz5lKbkfM8iwhLIZe2Gbf6kGcUaGRTXn8D1R/i12s7thuIfFxPy
4+WB8AW1+831VQSmTovtvtr8PLo6BKAjyNp5xhLWjXFBq3kjw4+XxFupFh3J8nQb
DwfXD7X8PZIpfvZoNzrAsf7wF/O+Gj3QnFzn0pBZ8SXjdZMfiO+UJSVmY6x4O+oV
lif795fncVtq1cQgwjXR9+YoTVoiWOTMiapYdI5cn8/RoLzoS7OWKSnbgQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBTXpzIt3+x6sUFqgq7V3ePx8i7kMB8GA1UdIwQY
MBaAFEgLTmUw9Y2zOOQdQ05cJI64tJ61MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0F0T1pURDFqYk00NUIxRFRsd2tqcmkwbnJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8yYTcyZWUtZWMxZi00MGM2LWFkOWQt
NWE0ZGY4OTZmYzNlLzEvRk5lbk1pM2Y3SHF4UVdxQ3J0WGQ0X0h5THVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8yYTcyZWUtZWMxZi00MGM2LWFkOWQtNWE0ZGY4OTZmYzNl
LzEvU0F0T1pURDFqYk00NUIxRFRsd2tqcmkwbnJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW9OwAwQB
W9OyAwQCW+3oAwQBwyqIMA0GCSqGSIb3DQEBCwUAA4IBAQABMg6joy80rVQq3GQu
3nt4pG3JikAsg4ACrbdzpNr80iEMc83xqyeXqSYoIjPIVHhXP2xQ26EMtSz65/uo
WStS60nlPDgCZuCKorgQC1FA9tlTB9hW5kbVb/7VzvDxDPVH1gKE8qXp4N91kwnP
n9htyEiJMc61R6EhQp33lG0tQ3/l5aRfuL/6p4biYIsZSrFOfflfrEZfHCIGCcjK
pwISSxvxOA+mpwtf8V5H+ju3OYTEanw61wG/8DhFiN3gQbr7XZ30BJAL/iNqyjqH
1B9p5xWCE6msnFr9LMxeQaWvn2MKsbVSMSNnv/Y0pVHQTwVrYD+6f8c1PG48ufZX
K0zg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:01 2024 by rpki-client on console-fra.rpki-client.org