Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/rkFybeEb7gDFIFsUHadCGJXxy58.roa
File: rkFybeEb7gDFIFsUHadCGJXxy58.roa (raw, json)
Hash identifier: wLbCWa3sUq3hPIYRefenl5n/D4r7U11eyWJ370RuwS8=
Subject key identifier: AE:41:72:6D:E1:1B:EE:00:C5:20:5B:14:1D:A7:42:18:95:F1:CB:9F
Certificate issuer: /CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Certificate serial: 018F353FADA361946591BAD0CC819B33E041
Authority key identifier: 84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/rkFybeEb7gDFIFsUHadCGJXxy58.roa
Signing time: Wed 01 May 2024 17:41:56 +0000
ROA not before: Wed 01 May 2024 17:41:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206238
IP address blocks: 91.132.40.0/22 maxlen: 22
178.239.16.0/22 maxlen: 24
188.212.112.0/22 maxlen: 22
188.213.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 19:43:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:35:3f:ad:a3:61:94:65:91:ba:d0:cc:81:9b:33:e0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Validity
Not Before: May 1 17:41:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae41726de11bee00c5205b141da7421895f1cb9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d2:a1:e8:25:52:eb:56:bc:3c:a4:68:8e:00:
25:35:1a:71:e3:3d:9a:a5:70:e5:3e:26:1e:e1:e8:
bb:1a:ab:61:d4:01:53:6b:e6:4e:26:bf:07:74:61:
a0:11:18:df:77:59:47:84:b4:49:27:85:0d:10:f7:
a7:95:f2:32:8c:32:46:ce:f4:25:4b:c4:6d:a8:42:
e5:5a:34:07:81:25:e8:f1:ee:3e:98:e8:37:8b:4b:
ef:dd:12:11:cd:e3:3a:aa:10:e2:e9:30:e9:0b:ff:
cd:5c:a2:e3:ba:f2:30:c2:d2:dd:f1:b4:e8:b6:91:
66:f5:9e:87:0c:44:e9:90:ad:90:ca:0a:64:51:1b:
25:5b:43:c1:6f:40:88:0e:98:3d:4f:c0:bf:c8:e6:
f5:aa:f1:e6:bc:6e:ef:bb:08:07:12:c4:f3:65:9f:
48:37:2f:69:44:ea:9b:d3:b7:22:c9:24:60:5c:2b:
57:7c:a1:8c:b5:29:3e:99:49:0a:ad:df:13:a3:ac:
01:ad:b1:70:b1:fa:41:47:b1:f7:17:35:da:4f:b7:
e8:74:5a:a6:85:a0:6a:49:81:7c:d6:d8:bd:fe:3f:
2a:63:8d:fe:e8:23:db:dc:c9:c6:f3:4b:a8:24:5c:
86:c5:a9:c8:a3:96:29:94:14:f2:3d:4b:34:18:2c:
57:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:41:72:6D:E1:1B:EE:00:C5:20:5B:14:1D:A7:42:18:95:F1:CB:9F
X509v3 Authority Key Identifier:
keyid:84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/rkFybeEb7gDFIFsUHadCGJXxy58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.40.0/22
178.239.16.0/22
188.212.112.0/22
188.213.88.0/21
Signature Algorithm: sha256WithRSAEncryption
0a:96:2d:4e:04:b0:f6:27:6c:84:43:0f:e0:a1:64:c7:4c:76:
eb:0e:da:70:1e:c4:47:ab:f2:2d:f8:1f:7c:90:87:2a:b3:97:
b1:01:75:0a:e9:cd:a3:0b:92:5e:44:1b:05:f7:30:37:72:91:
5b:d2:dd:ec:e2:ee:26:54:cd:e2:71:59:41:10:ca:6c:58:36:
a4:d8:be:49:8c:c3:34:2f:f9:e2:66:4e:e9:e6:e7:c8:02:9b:
34:fe:49:45:c4:ac:5c:b8:45:b7:6a:79:e8:80:c3:cf:62:4b:
60:97:ca:12:e2:93:f9:e6:46:47:4f:1d:3c:eb:36:30:bc:11:
3d:fc:50:05:da:56:17:36:70:c8:5c:30:50:a6:06:74:3a:d4:
c8:ec:ab:20:6b:4e:b3:9c:76:42:68:75:2e:0f:81:bb:5f:66:
76:1b:93:fd:cd:e4:00:57:54:bd:75:55:8f:2e:aa:d5:b5:6e:
c4:31:07:8e:b9:a0:48:48:00:c1:83:38:56:1e:a5:f7:78:7c:
ae:2a:42:3a:8b:f9:23:b4:5d:05:c5:df:8f:34:62:a0:f6:35:
ef:a4:c4:2e:fa:55:7b:27:36:2c:39:9f:b0:81:53:25:f5:cd:
23:b5:bf:68:89:6c:f6:cb:26:1e:32:07:8f:2d:0f:72:07:d2:
3c:96:ca:38
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY81P62jYZRlkbrQzIGbM+BBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YmZjNDUxZmM0ZjI0MTFhZGRkMDBhOWZiYjE3MzQ2YWQ2
ZTg5OTYwHhcNMjQwNTAxMTc0MTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTQxNzI2ZGUxMWJlZTAwYzUyMDViMTQxZGE3NDIxODk1ZjFjYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9Kh6CVS61a8PKRojgAlNRpx4z2a
pXDlPiYe4ei7Gqth1AFTa+ZOJr8HdGGgERjfd1lHhLRJJ4UNEPenlfIyjDJGzvQl
S8RtqELlWjQHgSXo8e4+mOg3i0vv3RIRzeM6qhDi6TDpC//NXKLjuvIwwtLd8bTo
tpFm9Z6HDETpkK2QygpkURslW0PBb0CIDpg9T8C/yOb1qvHmvG7vuwgHEsTzZZ9I
Ny9pROqb07ciySRgXCtXfKGMtSk+mUkKrd8To6wBrbFwsfpBR7H3FzXaT7fodFqm
haBqSYF81ti9/j8qY43+6CPb3MnG80uoJFyGxanIo5YplBTyPUs0GCxXrQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK5Bcm3hG+4AxSBbFB2nQhiV8cufMB8GA1UdIwQY
MBaAFIS/xFH8TyQRrd0Aqfuxc0atbomWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYt
ZjY2MzE3OTc3OTY4LzEvcmtGeWJlRWI3Z0RGSUZzVUhhZENHSlh4eTU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYtZjY2MzE3OTc3OTY4
LzEvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW4QoAwQC
su8QAwQCvNRwAwQDvNVYMA0GCSqGSIb3DQEBCwUAA4IBAQAKli1OBLD2J2yEQw/g
oWTHTHbrDtpwHsRHq/It+B98kIcqs5exAXUK6c2jC5JeRBsF9zA3cpFb0t3s4u4m
VM3icVlBEMpsWDak2L5JjMM0L/niZk7p5ufIAps0/klFxKxcuEW3annogMPPYktg
l8oS4pP55kZHTx086zYwvBE9/FAF2lYXNnDIXDBQpgZ0OtTI7Ksga06znHZCaHUu
D4G7X2Z2G5P9zeQAV1S9dVWPLqrVtW7EMQeOuaBISADBgzhWHqX3eHyuKkI6i/kj
tF0Fxd+PNGKg9jXvpMQu+lV7JzYsOZ+wgVMl9c0jtb9oiWz2yyYeMgePLQ9yB9I8
lso4
-----END CERTIFICATE-----
Generated at Tue Oct 15 22:18:33 2024 by rpki-client on console-fra.rpki-client.org