Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/d07c07-b962-4f4b-a3a0-b51b35def6de/1/Km36yQc1HxnW17gSzz6ZustDFug.roa
File: Km36yQc1HxnW17gSzz6ZustDFug.roa (raw, json)
Hash identifier: vL/XNYBRWJZY2F6kTiyjfQAUV7TKnjE5tNyex5KrpP8=
Subject key identifier: 2A:6D:FA:C9:07:35:1F:19:D6:D7:B8:12:CF:3E:99:BA:CB:43:16:E8
Certificate issuer: /CN=fbed9439a4e4b2d32e4bee647f3b61055b169e3d
Certificate serial: 01856E01CC0A0065CE11103C52377060CB23
Authority key identifier: FB:ED:94:39:A4:E4:B2:D3:2E:4B:EE:64:7F:3B:61:05:5B:16:9E:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1--2UOaTkstMuS-5kfzthBVsWnj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/d07c07-b962-4f4b-a3a0-b51b35def6de/1/Km36yQc1HxnW17gSzz6ZustDFug.roa
Signing time: Sun 01 Jan 2023 15:44:49 +0000
ROA not before: Sun 01 Jan 2023 15:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39832
IP address blocks: 91.203.96.0/22 maxlen: 24
141.0.8.0/21 maxlen: 24
195.189.142.0/23 maxlen: 24
82.145.208.0/20 maxlen: 24
185.26.180.0/22 maxlen: 24
37.228.104.0/21 maxlen: 24
2001:4c28::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:cc:0a:00:65:ce:11:10:3c:52:37:70:60:cb:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbed9439a4e4b2d32e4bee647f3b61055b169e3d
Validity
Not Before: Jan 1 15:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a6dfac907351f19d6d7b812cf3e99bacb4316e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:31:0d:ef:11:10:3a:4e:a8:0d:be:36:82:49:
5f:52:ec:27:9b:d0:a8:28:15:66:fa:db:8d:a9:32:
3a:2a:52:0e:20:34:a7:e6:aa:37:ae:76:a8:9b:b7:
32:c6:7d:83:cc:aa:b4:b9:50:f7:71:24:64:a4:53:
71:8f:34:c8:0d:25:84:7a:3c:7d:3f:c3:9f:e6:4a:
0a:81:ca:bf:2d:f8:4d:92:90:5b:96:90:16:5b:8d:
48:9b:7b:b7:70:5e:85:73:6a:18:1c:20:a9:03:f7:
64:8f:c0:81:64:5b:23:2b:4d:ed:e8:5e:aa:89:e4:
47:0b:48:d0:2a:13:b0:9f:93:1c:8b:4c:81:0d:c8:
a8:22:c4:e9:1d:d8:50:b4:3d:c3:96:99:11:9c:1c:
b1:8e:c2:94:c6:cf:4c:b2:15:a0:58:65:e4:68:d8:
8e:7e:0d:50:79:10:59:af:ac:bd:06:36:d3:49:89:
43:a5:cf:dc:c6:62:25:ac:c6:20:4e:d3:39:8a:74:
28:04:38:d2:f2:40:e7:5e:a9:83:c8:92:a7:cc:20:
c0:71:49:da:aa:4e:6f:90:20:c2:84:21:90:52:ef:
dd:cb:6a:5f:a6:6a:63:e1:7d:12:7a:2c:f9:76:0d:
64:b5:66:11:06:13:7e:5e:63:41:71:4c:a4:42:dd:
b4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:6D:FA:C9:07:35:1F:19:D6:D7:B8:12:CF:3E:99:BA:CB:43:16:E8
X509v3 Authority Key Identifier:
keyid:FB:ED:94:39:A4:E4:B2:D3:2E:4B:EE:64:7F:3B:61:05:5B:16:9E:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1--2UOaTkstMuS-5kfzthBVsWnj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d07c07-b962-4f4b-a3a0-b51b35def6de/1/Km36yQc1HxnW17gSzz6ZustDFug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d07c07-b962-4f4b-a3a0-b51b35def6de/1/1--2UOaTkstMuS-5kfzthBVsWnj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.104.0/21
82.145.208.0/20
91.203.96.0/22
141.0.8.0/21
185.26.180.0/22
195.189.142.0/23
IPv6:
2001:4c28::/32
Signature Algorithm: sha256WithRSAEncryption
88:d6:e1:60:d2:20:35:d1:5d:9c:b5:8e:06:67:a3:23:f4:65:
5e:80:99:ac:c4:ca:3e:20:72:a4:f8:20:94:80:ec:c5:ed:9d:
1e:96:eb:a1:16:f7:8b:d0:3f:16:18:19:11:6d:41:d7:77:13:
fc:ff:a0:91:02:18:81:c8:8a:f0:7c:80:16:da:40:e3:41:1c:
a4:79:b0:09:78:6a:73:2d:51:fc:64:a6:cc:82:fb:4b:33:8b:
90:ca:f6:9f:65:3c:8d:d9:9a:8e:31:b3:19:4f:c5:8f:bb:ad:
5f:c8:e7:6a:bf:d2:0c:09:b0:c5:f4:a3:27:08:e8:8b:02:6d:
36:81:a3:0a:a8:9e:ce:18:1d:19:a9:42:52:2c:4a:3f:2d:3c:
0a:65:d3:56:9a:71:ec:85:64:b0:d8:87:cd:9e:7c:c6:d9:0c:
d6:41:32:22:b4:2e:93:22:57:40:ee:91:2d:c2:9f:a5:c7:be:
6d:bd:f1:4a:5c:31:07:ba:a3:6a:12:d5:ec:cb:03:3d:d8:df:
0f:c4:25:18:0d:b0:cd:5a:58:44:65:56:5f:60:2b:62:1f:c2:
81:97:b7:f4:7e:1e:e5:c3:a9:91:a4:c0:ca:5b:cf:27:1c:21:
f5:4b:80:24:09:e8:05:99:17:89:2a:f0:d5:5c:5e:2e:66:40:
cb:66:22:fc
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVuAcwKAGXOERA8UjdwYMsjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZWQ5NDM5YTRlNGIyZDMyZTRiZWU2NDdmM2I2MTA1NWIx
NjllM2QwHhcNMjMwMTAxMTU0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTZkZmFjOTA3MzUxZjE5ZDZkN2I4MTJjZjNlOTliYWNiNDMxNmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDEN7xEQOk6oDb42gklfUuwnm9Co
KBVm+tuNqTI6KlIOIDSn5qo3rnaom7cyxn2DzKq0uVD3cSRkpFNxjzTIDSWEejx9
P8Of5koKgcq/LfhNkpBblpAWW41Im3u3cF6Fc2oYHCCpA/dkj8CBZFsjK03t6F6q
ieRHC0jQKhOwn5Mci0yBDcioIsTpHdhQtD3DlpkRnByxjsKUxs9MshWgWGXkaNiO
fg1QeRBZr6y9BjbTSYlDpc/cxmIlrMYgTtM5inQoBDjS8kDnXqmDyJKnzCDAcUna
qk5vkCDChCGQUu/dy2pfpmpj4X0Seiz5dg1ktWYRBhN+XmNBcUykQt20BQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFCpt+skHNR8Z1te4Es8+mbrLQxboMB8GA1UdIwQY
MBaAFPvtlDmk5LLTLkvuZH87YQVbFp49MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0tMlVPYVRrc3RNdVMtNWtmenRoQlZzV25qMC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAvZDA3YzA3LWI5NjItNGY0Yi1hM2Ew
LWI1MWIzNWRlZjZkZS8xL0ttMzZ5UWMxSHhuVzE3Z1N6ejZadXN0REZ1Zy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTAvZDA3YzA3LWI5NjItNGY0Yi1hM2EwLWI1MWIzNWRlZjZk
ZS8xLzEtLTJVT2FUa3N0TXVTLTVrZnp0aEJWc1duajAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTAYIKwYBBQUHAQcBAf8EPTA7MCoEAgABMCQDBAMl5GgD
BARSkdADBAJby2ADBAONAAgDBAK5GrQDBAHDvY4wDQQCAAIwBwMFACABTCgwDQYJ
KoZIhvcNAQELBQADggEBAIjW4WDSIDXRXZy1jgZnoyP0ZV6AmazEyj4gcqT4IJSA
7MXtnR6W66EW94vQPxYYGRFtQdd3E/z/oJECGIHIivB8gBbaQONBHKR5sAl4anMt
UfxkpsyC+0szi5DK9p9lPI3Zmo4xsxlPxY+7rV/I52q/0gwJsMX0oycI6IsCbTaB
owqons4YHRmpQlIsSj8tPApl01aaceyFZLDYh82efMbZDNZBMiK0LpMiV0DukS3C
n6XHvm298UpcMQe6o2oS1ezLAz3Y3w/EJRgNsM1aWERlVl9gK2IfwoGXt/R+HuXD
qZGkwMpbzyccIfVLgCQJ6AWZF4kq8NVcXi5mQMtmIvw=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:25 2024 by rpki-client on console-ams.rpki-client.org