Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/o9vIUuUoNHUCdPpFZEsh-2d1zJI.roa
File: o9vIUuUoNHUCdPpFZEsh-2d1zJI.roa (raw, json)
Hash identifier: G3VYxaouVIEKW/Lzdz96InS4RN+OvpBP5iaZG60Ax4Y=
Subject key identifier: A3:DB:C8:52:E5:28:34:75:02:74:FA:45:64:4B:21:FB:67:75:CC:92
Certificate issuer: /CN=b562ac701c14d34bb2e4475ec51152a40c9d3d3c
Certificate serial: 018FCE211D4BF24258544D6738814887EE1F
Authority key identifier: B5:62:AC:70:1C:14:D3:4B:B2:E4:47:5E:C5:11:52:A4:0C:9D:3D:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tWKscBwU00uy5EdexRFSpAydPTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/o9vIUuUoNHUCdPpFZEsh-2d1zJI.roa
Signing time: Fri 31 May 2024 10:10:27 +0000
ROA not before: Fri 31 May 2024 10:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51341
IP address blocks: 91.218.84.0/24 maxlen: 24
91.218.85.0/24 maxlen: 24
91.218.86.0/24 maxlen: 24
91.218.87.0/24 maxlen: 24
91.236.140.0/24 maxlen: 24
91.236.141.0/24 maxlen: 24
91.236.142.0/24 maxlen: 24
91.236.143.0/24 maxlen: 24
213.109.201.0/24 maxlen: 24
2a13:af80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 22 Jul 2024 10:23:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ce:21:1d:4b:f2:42:58:54:4d:67:38:81:48:87:ee:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b562ac701c14d34bb2e4475ec51152a40c9d3d3c
Validity
Not Before: May 31 10:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3dbc852e52834750274fa45644b21fb6775cc92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b1:6b:e9:c7:55:c1:df:9f:27:1f:ad:cc:11:
76:13:88:c7:26:59:3f:8a:d5:f6:3c:22:ea:ec:9a:
c3:f7:25:f9:ac:a0:a7:d4:73:08:72:31:21:13:59:
fe:50:bc:ea:b5:83:41:9f:fd:34:8d:af:53:ae:68:
53:5c:ac:73:88:a7:76:e6:5c:b0:03:42:9b:12:2f:
57:b7:96:95:75:dd:4d:fb:df:b5:0f:60:f6:8e:99:
4c:89:87:20:44:18:28:7f:f8:e3:ee:49:ea:0b:02:
e1:de:bb:94:fd:6e:e2:d4:85:a2:19:31:6f:c7:ce:
45:be:3a:75:b5:25:81:c0:2a:34:10:8d:55:89:7a:
a9:a9:1c:23:75:ac:99:21:2b:56:8d:dd:fe:b6:23:
af:6d:0f:1f:94:be:01:48:5b:39:a0:85:e6:75:e7:
84:1e:4b:18:47:17:85:39:2b:b3:f5:26:33:ff:29:
c4:de:e3:55:14:45:98:3a:58:c7:19:10:94:61:ec:
f6:2c:6c:f7:72:cd:2c:ce:df:07:98:7a:c4:be:ec:
43:26:9a:ed:68:ff:f1:ce:69:60:53:ab:f4:70:90:
c7:b1:96:8c:05:e4:5b:61:25:bc:24:ad:8d:17:4d:
29:2a:d0:9b:ba:1b:5c:94:a3:d1:22:c7:6f:4e:c6:
41:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:DB:C8:52:E5:28:34:75:02:74:FA:45:64:4B:21:FB:67:75:CC:92
X509v3 Authority Key Identifier:
keyid:B5:62:AC:70:1C:14:D3:4B:B2:E4:47:5E:C5:11:52:A4:0C:9D:3D:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWKscBwU00uy5EdexRFSpAydPTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/o9vIUuUoNHUCdPpFZEsh-2d1zJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/tWKscBwU00uy5EdexRFSpAydPTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.84.0/22
91.236.140.0/22
213.109.201.0/24
IPv6:
2a13:af80::/29
Signature Algorithm: sha256WithRSAEncryption
79:cf:0f:09:fe:c8:17:2e:2f:25:9c:8d:44:db:16:79:6e:b9:
60:52:70:aa:03:20:78:f9:48:84:66:03:ee:85:c8:45:9c:ed:
3b:dc:af:36:a0:bf:64:aa:19:42:05:fb:0b:0b:9c:ea:51:7f:
8e:54:16:1f:35:a5:d5:b4:7a:ab:dc:bb:ac:e3:e0:f7:fd:91:
a6:32:7f:d7:7e:a2:47:6e:b0:07:6b:59:ed:ac:45:d5:9b:05:
ba:c0:6b:90:dd:72:ba:c7:62:c9:14:ac:0b:e8:01:17:46:7c:
48:39:a9:e8:25:3d:1d:b7:2c:a3:1e:79:e6:10:07:5c:3f:71:
4c:71:77:df:d8:d4:49:d5:2b:ae:4e:a3:ab:35:e1:df:ef:0c:
fa:54:21:3f:22:84:20:7b:f9:b1:31:12:1d:80:fb:ad:a5:79:
c7:9d:4b:02:e8:8e:3e:4b:c5:4b:c3:63:95:34:4a:7e:6f:5d:
5a:d1:08:a9:4e:08:73:cd:42:99:98:6c:5e:cb:6a:84:ed:2b:
91:da:7d:42:2e:e4:9a:e1:2b:93:22:5e:10:d8:02:b7:98:4e:
81:91:f1:1c:36:16:f7:83:52:d2:9a:d5:ce:d2:21:ff:fa:07:
fd:a3:4c:5e:fb:82:a3:b6:3c:7b:fe:e2:27:9a:b6:4e:5f:47:
a8:17:2b:b2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY/OIR1L8kJYVE1nOIFIh+4fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NjJhYzcwMWMxNGQzNGJiMmU0NDc1ZWM1MTE1MmE0MGM5
ZDNkM2MwHhcNMjQwNTMxMTAxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2RiYzg1MmU1MjgzNDc1MDI3NGZhNDU2NDRiMjFmYjY3NzVjYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7Fr6cdVwd+fJx+tzBF2E4jHJlk/
itX2PCLq7JrD9yX5rKCn1HMIcjEhE1n+ULzqtYNBn/00ja9TrmhTXKxziKd25lyw
A0KbEi9Xt5aVdd1N+9+1D2D2jplMiYcgRBgof/jj7knqCwLh3ruU/W7i1IWiGTFv
x85Fvjp1tSWBwCo0EI1ViXqpqRwjdayZIStWjd3+tiOvbQ8flL4BSFs5oIXmdeeE
HksYRxeFOSuz9SYz/ynE3uNVFEWYOljHGRCUYez2LGz3cs0szt8HmHrEvuxDJprt
aP/xzmlgU6v0cJDHsZaMBeRbYSW8JK2NF00pKtCbuhtclKPRIsdvTsZBpwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKPbyFLlKDR1AnT6RWRLIftndcySMB8GA1UdIwQY
MBaAFLVirHAcFNNLsuRHXsURUqQMnT08MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdLc2NCd1UwMHV5NUVkZXhSRlNwQXlkUFR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84ZjAxYjMtMjU3Yi00OGQ1LTgyZTIt
MDk3MzI0ZGQ5ZWM4LzEvbzl2SVV1VW9OSFVDZFBwRlpFc2gtMmQxekpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84ZjAxYjMtMjU3Yi00OGQ1LTgyZTItMDk3MzI0ZGQ5ZWM4
LzEvdFdLc2NCd1UwMHV5NUVkZXhSRlNwQXlkUFR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCW9pUAwQC
W+yMAwQA1W3JMA0EAgACMAcDBQMqE6+AMA0GCSqGSIb3DQEBCwUAA4IBAQB5zw8J
/sgXLi8lnI1E2xZ5brlgUnCqAyB4+UiEZgPuhchFnO073K82oL9kqhlCBfsLC5zq
UX+OVBYfNaXVtHqr3Lus4+D3/ZGmMn/XfqJHbrAHa1ntrEXVmwW6wGuQ3XK6x2LJ
FKwL6AEXRnxIOanoJT0dtyyjHnnmEAdcP3FMcXff2NRJ1SuuTqOrNeHf7wz6VCE/
IoQge/mxMRIdgPutpXnHnUsC6I4+S8VLw2OVNEp+b11a0QipTghzzUKZmGxey2qE
7SuR2n1CLuSa4SuTIl4Q2AK3mE6BkfEcNhb3g1LSmtXO0iH/+gf9o0xe+4Kjtjx7
/uInmrZOX0eoFyuy
-----END CERTIFICATE-----
Generated at Mon Jul 22 13:23:22 2024 by rpki-client on console-fra.rpki-client.org