Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/m2w3mU8X4cqezRiSNfFy81_c-GQ.roa
File: m2w3mU8X4cqezRiSNfFy81_c-GQ.roa (raw, json)
Hash identifier: /VIGtvJ8vDlnZ7N3TCR+YTe+JUiIj6YelfoDzkLMaJk=
Subject key identifier: 9B:6C:37:99:4F:17:E1:CA:9E:CD:18:92:35:F1:72:F3:5F:DC:F8:64
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01856D53F0E3FA49732DFE0A77EC8AF24826
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/m2w3mU8X4cqezRiSNfFy81_c-GQ.roa
Signing time: Sun 01 Jan 2023 12:34:55 +0000
ROA not before: Sun 01 Jan 2023 12:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133296
IP address blocks: 91.225.14.0/24 maxlen: 24
178.157.76.0/24 maxlen: 24
178.157.108.0/24 maxlen: 24
185.76.60.0/24 maxlen: 24
185.76.62.0/24 maxlen: 24
5.157.139.0/24 maxlen: 24
5.157.136.0/24 maxlen: 24
91.235.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 May 2023 17:37:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:f0:e3:fa:49:73:2d:fe:0a:77:ec:8a:f2:48:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 1 12:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b6c37994f17e1ca9ecd189235f172f35fdcf864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:15:ee:73:27:c2:4f:6c:b8:ed:95:a4:ef:86:
8a:d3:bb:da:6e:15:97:1f:60:4b:7d:5f:e1:e7:5b:
83:40:2c:fc:5b:a1:92:43:86:9e:be:0f:2b:d1:9c:
34:77:ec:88:53:dd:fc:71:54:4d:79:68:d0:b9:87:
fc:51:f3:96:47:cc:c7:b6:5b:d6:64:6c:48:91:d5:
99:e3:21:35:08:c8:41:47:77:9b:5b:c5:4d:df:75:
18:0b:68:28:04:51:45:d5:65:d9:b1:dd:2c:0a:6c:
71:0b:8a:cb:bf:eb:ce:93:96:c4:a0:1e:81:56:ff:
6c:73:04:cf:5d:a5:78:4e:2a:70:50:3f:a1:3a:e8:
fd:87:68:d2:12:9d:33:ce:34:4e:f3:71:e2:92:e1:
b6:33:50:6e:a6:21:4c:78:c3:e8:eb:b0:0f:1b:22:
b2:ab:0e:63:58:1d:3a:ff:0f:3d:1d:8b:bb:6e:71:
13:97:4c:a3:4f:f8:ff:98:6a:dd:b8:89:4e:d2:32:
01:ab:f1:39:26:aa:d5:76:99:94:25:49:70:79:22:
dc:f1:a7:75:81:9c:5c:2e:e4:55:5a:4b:08:49:6b:
0c:48:d1:b7:8b:6c:3c:7b:a2:17:e2:b4:06:12:b1:
20:ef:da:28:de:06:59:74:52:e8:ba:19:e5:93:2d:
53:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:6C:37:99:4F:17:E1:CA:9E:CD:18:92:35:F1:72:F3:5F:DC:F8:64
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/m2w3mU8X4cqezRiSNfFy81_c-GQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0/24
5.157.139.0/24
91.225.14.0/24
91.235.123.0/24
178.157.76.0/24
178.157.108.0/24
185.76.60.0/24
185.76.62.0/24
Signature Algorithm: sha256WithRSAEncryption
41:0c:ff:8d:85:e7:8c:ee:89:b4:bc:e5:56:88:d7:a4:92:ed:
8e:b7:04:0e:e8:60:1b:c0:43:80:d0:25:3c:58:fd:44:a7:ce:
ff:1d:eb:81:45:7b:f3:cf:be:d7:08:60:34:2b:13:4a:04:fe:
b5:86:11:85:16:3d:eb:a9:55:ee:27:83:a7:e4:c9:b1:f8:9d:
c6:88:8b:b3:90:4b:01:f9:d6:38:ff:d2:cf:c1:cf:3a:3f:0c:
91:03:95:80:2b:5e:9c:1f:f1:f6:94:b2:e9:35:76:02:48:54:
6d:03:8c:ab:ce:49:d9:0b:91:2c:6f:90:51:75:23:aa:e5:08:
6d:33:35:cd:79:e7:60:79:e5:a3:b8:eb:2b:a6:c0:59:29:57:
ce:e7:69:74:9b:c8:c8:56:55:e8:65:bc:ad:ba:45:28:92:9e:
94:dd:24:34:95:00:b3:b6:43:5c:bf:6e:0e:3d:a6:f6:3a:cd:
95:f3:aa:b2:ba:de:00:de:6e:df:32:80:51:c7:45:d4:17:ae:
12:69:f7:97:03:05:df:af:5e:ca:ce:98:5b:27:7f:ce:d9:7a:
c3:12:af:85:17:77:5a:90:a9:1e:a4:ca:37:cb:a8:ff:07:95:
05:9f:35:cb:3d:fa:6e:aa:8b:e7:5a:4e:d7:1c:7c:d3:c0:ef:
16:dd:11:1e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVtU/Dj+klzLf4Kd+yK8kgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjMwMTAxMTIzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjZjMzc5OTRmMTdlMWNhOWVjZDE4OTIzNWYxNzJmMzVmZGNmODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRXucyfCT2y47ZWk74aK07vabhWX
H2BLfV/h51uDQCz8W6GSQ4aevg8r0Zw0d+yIU938cVRNeWjQuYf8UfOWR8zHtlvW
ZGxIkdWZ4yE1CMhBR3ebW8VN33UYC2goBFFF1WXZsd0sCmxxC4rLv+vOk5bEoB6B
Vv9scwTPXaV4TipwUD+hOuj9h2jSEp0zzjRO83HikuG2M1BupiFMeMPo67APGyKy
qw5jWB06/w89HYu7bnETl0yjT/j/mGrduIlO0jIBq/E5JqrVdpmUJUlweSLc8ad1
gZxcLuRVWksISWsMSNG3i2w8e6IX4rQGErEg79oo3gZZdFLouhnlky1TowIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJtsN5lPF+HKns0YkjXxcvNf3PhkMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvbTJ3M21VOFg0Y3FlelJpU05mRnk4MV9jLUdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABZ2IAwQA
BZ2LAwQAW+EOAwQAW+t7AwQAsp1MAwQAsp1sAwQAuUw8AwQAuUw+MA0GCSqGSIb3
DQEBCwUAA4IBAQBBDP+NheeM7om0vOVWiNekku2OtwQO6GAbwEOA0CU8WP1Ep87/
HeuBRXvzz77XCGA0KxNKBP61hhGFFj3rqVXuJ4On5Mmx+J3GiIuzkEsB+dY4/9LP
wc86PwyRA5WAK16cH/H2lLLpNXYCSFRtA4yrzknZC5Esb5BRdSOq5QhtMzXNeedg
eeWjuOsrpsBZKVfO52l0m8jIVlXoZbytukUokp6U3SQ0lQCztkNcv24OPab2Os2V
86qyut4A3m7fMoBRx0XUF64SafeXAwXfr17KzphbJ3/O2XrDEq+FF3dakKkepMo3
y6j/B5UFnzXLPfpuqovnWk7XHHzTwO8W3REe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org