Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/31dca4-1ce8-4318-956c-d4f08be050d5/1/X1-P9s7Gj34Ll1Fy6cHeUNQeulI.roa
File: X1-P9s7Gj34Ll1Fy6cHeUNQeulI.roa (raw, json)
Hash identifier: YXFo0zaT4BArDlNXLCgbxoppkSJAbwSWeVkDzkBVMkU=
Subject key identifier: 5F:5F:8F:F6:CE:C6:8F:7E:0B:97:51:72:E9:C1:DE:50:D4:1E:BA:52
Certificate issuer: /CN=f1f42360a3970a808016fdf8d8dba396c5a1d034
Certificate serial: 018CCA2B7D53662BE5114FB70E62682A92D7
Authority key identifier: F1:F4:23:60:A3:97:0A:80:80:16:FD:F8:D8:DB:A3:96:C5:A1:D0:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8fQjYKOXCoCAFv342NujlsWh0DQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/31dca4-1ce8-4318-956c-d4f08be050d5/1/X1-P9s7Gj34Ll1Fy6cHeUNQeulI.roa
Signing time: Tue 02 Jan 2024 12:34:56 +0000
ROA not before: Tue 02 Jan 2024 12:34:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55002
IP address blocks: 45.82.106.0/24 maxlen: 24
45.82.107.0/24 maxlen: 24
185.16.89.0/24 maxlen: 24
185.16.88.0/24 maxlen: 24
185.16.90.0/24 maxlen: 24
185.16.91.0/24 maxlen: 24
86.104.226.0/24 maxlen: 24
91.235.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 23:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:7d:53:66:2b:e5:11:4f:b7:0e:62:68:2a:92:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1f42360a3970a808016fdf8d8dba396c5a1d034
Validity
Not Before: Jan 2 12:34:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f5f8ff6cec68f7e0b975172e9c1de50d41eba52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:92:fd:fe:0d:1e:1b:f1:a6:31:b6:57:07:43:
b4:db:e1:fa:12:5a:6a:86:f8:db:b4:52:57:16:0d:
13:08:18:99:80:98:54:d2:c1:d2:ac:be:3f:82:f2:
55:7d:a2:9d:43:25:a6:06:00:b2:aa:35:46:b9:ee:
f5:0c:01:0f:6d:ed:68:b4:a5:a6:bb:a0:83:5d:82:
cc:aa:39:a5:d7:ab:1c:ea:6d:09:20:78:a0:4c:47:
2c:1e:3c:c9:f3:f5:a9:c4:43:14:dc:2a:b3:24:60:
60:25:cc:51:94:57:e6:da:8f:d5:6f:1c:07:da:cc:
43:d8:fd:0d:ee:eb:fe:9f:7d:50:de:7f:8f:0b:52:
c0:d2:b1:b7:c1:be:b5:8b:1e:cd:cc:f2:6c:75:17:
52:b1:a1:3c:83:db:1a:96:e1:06:d2:89:f3:ba:33:
d3:bc:b5:a9:36:44:d4:ba:da:64:76:58:42:2f:50:
63:26:76:fd:b9:06:fd:0e:87:c8:ca:4c:39:0e:2c:
82:4c:39:45:74:bc:eb:cf:bf:22:94:cc:0c:cc:02:
74:44:e9:f1:5b:f7:ec:c6:fd:10:ef:1c:6f:09:ca:
5e:5f:6b:a3:ba:1b:1f:29:eb:09:b7:d3:bc:45:3a:
ec:46:e1:e3:d1:e3:ba:5d:e9:d5:52:89:74:34:26:
56:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:5F:8F:F6:CE:C6:8F:7E:0B:97:51:72:E9:C1:DE:50:D4:1E:BA:52
X509v3 Authority Key Identifier:
keyid:F1:F4:23:60:A3:97:0A:80:80:16:FD:F8:D8:DB:A3:96:C5:A1:D0:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8fQjYKOXCoCAFv342NujlsWh0DQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/31dca4-1ce8-4318-956c-d4f08be050d5/1/X1-P9s7Gj34Ll1Fy6cHeUNQeulI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/31dca4-1ce8-4318-956c-d4f08be050d5/1/8fQjYKOXCoCAFv342NujlsWh0DQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.106.0/23
86.104.226.0/24
91.235.107.0/24
185.16.88.0/22
Signature Algorithm: sha256WithRSAEncryption
48:ea:f5:e8:50:8a:7f:2b:d7:f2:9d:00:26:5f:c7:a5:73:de:
1d:f0:66:dd:f1:0f:e1:7e:bd:98:88:c7:d7:3f:c1:48:67:be:
ea:13:34:ea:5d:c5:93:96:5f:2a:c5:1c:3b:bf:e1:81:b7:bb:
72:33:43:29:54:1b:d1:7e:a1:b8:53:e1:b5:4d:d9:94:c4:84:
ca:f8:79:14:f4:92:cb:66:22:d1:74:12:f9:78:39:7d:51:67:
6f:ee:30:34:36:07:9c:18:03:ed:77:71:c4:fe:55:c3:f8:62:
a6:75:00:21:1a:0f:37:72:d2:31:0e:40:25:6c:92:1a:20:ff:
a2:24:c4:58:31:54:a2:66:42:30:2e:24:15:4d:f8:21:aa:1c:
48:42:03:c2:07:8d:66:70:cb:ff:7c:2a:72:cf:70:fc:92:49:
5f:4b:d1:7b:3f:51:88:f3:a1:3c:be:73:16:23:c5:3e:b0:ec:
64:13:3e:0d:5a:b6:1e:f4:2b:b8:ab:bd:b8:3f:32:48:64:fa:
bb:45:25:5f:69:fc:91:36:58:32:0c:44:6f:c9:4f:06:8d:04:
16:75:d7:68:7d:aa:cc:d0:b2:8e:55:da:21:0e:f7:a9:fd:23:
b4:fd:ba:0f:50:cc:f9:35:b3:a3:32:c1:50:f0:7a:a4:ce:cc:
fe:e7:e7:08
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKK31TZivlEU+3DmJoKpLXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZjQyMzYwYTM5NzBhODA4MDE2ZmRmOGQ4ZGJhMzk2YzVh
MWQwMzQwHhcNMjQwMTAyMTIzNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjVmOGZmNmNlYzY4ZjdlMGI5NzUxNzJlOWMxZGU1MGQ0MWViYTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspL9/g0eG/GmMbZXB0O02+H6Elpq
hvjbtFJXFg0TCBiZgJhU0sHSrL4/gvJVfaKdQyWmBgCyqjVGue71DAEPbe1otKWm
u6CDXYLMqjml16sc6m0JIHigTEcsHjzJ8/WpxEMU3CqzJGBgJcxRlFfm2o/VbxwH
2sxD2P0N7uv+n31Q3n+PC1LA0rG3wb61ix7NzPJsdRdSsaE8g9saluEG0onzujPT
vLWpNkTUutpkdlhCL1BjJnb9uQb9DofIykw5DiyCTDlFdLzrz78ilMwMzAJ0ROnx
W/fsxv0Q7xxvCcpeX2ujuhsfKesJt9O8RTrsRuHj0eO6XenVUol0NCZWhQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF9fj/bOxo9+C5dRcunB3lDUHrpSMB8GA1UdIwQY
MBaAFPH0I2CjlwqAgBb9+Njbo5bFodA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGZRallLT1hDb0NBRnYzNDJOdWpsc1doMERRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zMWRjYTQtMWNlOC00MzE4LTk1NmMt
ZDRmMDhiZTA1MGQ1LzEvWDEtUDlzN0dqMzRMbDFGeTZjSGVVTlFldWxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8zMWRjYTQtMWNlOC00MzE4LTk1NmMtZDRmMDhiZTA1MGQ1
LzEvOGZRallLT1hDb0NBRnYzNDJOdWpsc1doMERRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLVJqAwQA
VmjiAwQAW+trAwQCuRBYMA0GCSqGSIb3DQEBCwUAA4IBAQBI6vXoUIp/K9fynQAm
X8elc94d8Gbd8Q/hfr2YiMfXP8FIZ77qEzTqXcWTll8qxRw7v+GBt7tyM0MpVBvR
fqG4U+G1TdmUxITK+HkU9JLLZiLRdBL5eDl9UWdv7jA0NgecGAPtd3HE/lXD+GKm
dQAhGg83ctIxDkAlbJIaIP+iJMRYMVSiZkIwLiQVTfghqhxIQgPCB41mcMv/fCpy
z3D8kklfS9F7P1GI86E8vnMWI8U+sOxkEz4NWrYe9Cu4q724PzJIZPq7RSVfafyR
NlgyDERvyU8GjQQWdddofarM0LKOVdohDvep/SO0/boPUMz5NbOjMsFQ8Hqkzsz+
5+cI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:44 2024 by rpki-client on console-ams.rpki-client.org