Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/b90729-83d2-4c18-8063-11fe27d8e170/1/RD9LHwxn_q3N0LwrLKstECpRS7Y.roa
File: RD9LHwxn_q3N0LwrLKstECpRS7Y.roa (raw, json)
Hash identifier: CECoybP3tvh0aO4sjSoeuLnU9yWqpB29IniWKwF1JtE=
Subject key identifier: 44:3F:4B:1F:0C:67:FE:AD:CD:D0:BC:2B:2C:AB:2D:10:2A:51:4B:B6
Certificate issuer: /CN=ae04106f302c0077e90b66762ebb222e611b33dd
Certificate serial: 018E438E553408547E7D05A7AC51B339E6B2
Authority key identifier: AE:04:10:6F:30:2C:00:77:E9:0B:66:76:2E:BB:22:2E:61:1B:33:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rgQQbzAsAHfpC2Z2LrsiLmEbM90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/b90729-83d2-4c18-8063-11fe27d8e170/1/RD9LHwxn_q3N0LwrLKstECpRS7Y.roa
Signing time: Fri 15 Mar 2024 19:19:45 +0000
ROA not before: Fri 15 Mar 2024 19:19:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39199
IP address blocks: 91.218.88.0/22 maxlen: 22
91.218.88.0/24 maxlen: 24
91.218.89.0/24 maxlen: 24
91.218.90.0/24 maxlen: 24
91.218.91.0/24 maxlen: 24
195.34.204.0/22 maxlen: 22
195.34.204.0/24 maxlen: 24
195.34.205.0/24 maxlen: 24
195.34.206.0/24 maxlen: 24
195.34.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:43:8e:55:34:08:54:7e:7d:05:a7:ac:51:b3:39:e6:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae04106f302c0077e90b66762ebb222e611b33dd
Validity
Not Before: Mar 15 19:19:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=443f4b1f0c67feadcdd0bc2b2cab2d102a514bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6a:5d:9e:cb:62:88:a8:09:4c:78:85:09:2f:
69:02:81:37:e3:a6:a5:5f:51:16:33:fb:ce:ad:3d:
6f:87:77:97:94:0d:7a:21:de:e6:07:bf:0f:46:f7:
9f:77:21:a8:2f:7c:5d:3d:d5:88:f3:39:7e:8c:01:
60:06:39:42:22:d5:bb:3d:89:b1:45:f5:1f:db:64:
fb:1b:7c:83:72:89:d6:01:dd:d6:c6:b1:f2:fc:91:
dc:42:cb:83:52:fc:be:69:ea:17:8d:24:87:0f:8e:
c4:1d:99:10:f1:c7:c5:1d:ff:ca:ac:38:17:ba:0c:
e7:e3:49:5f:60:24:8b:fe:0a:38:c9:a8:3a:d5:c4:
1b:a0:fb:3b:63:fc:0d:05:9a:ff:31:0f:7d:ef:0f:
82:79:c9:02:32:19:65:c6:68:01:c7:b0:64:9b:1c:
1e:91:be:31:95:bd:c6:2f:96:be:a3:c8:ed:34:d7:
f6:bb:74:07:62:e1:5e:79:83:67:9e:4e:7f:aa:6a:
bf:73:97:3f:c3:1c:9c:ba:0b:95:0f:bc:7e:84:42:
23:cc:a0:93:fa:ea:10:bc:67:70:79:c8:eb:2e:01:
f2:93:1f:df:ad:14:f0:16:a9:36:b3:45:55:63:4c:
ba:ba:ba:e6:02:00:e7:bf:76:bc:0a:6e:3c:32:26:
a6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:3F:4B:1F:0C:67:FE:AD:CD:D0:BC:2B:2C:AB:2D:10:2A:51:4B:B6
X509v3 Authority Key Identifier:
keyid:AE:04:10:6F:30:2C:00:77:E9:0B:66:76:2E:BB:22:2E:61:1B:33:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rgQQbzAsAHfpC2Z2LrsiLmEbM90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/b90729-83d2-4c18-8063-11fe27d8e170/1/RD9LHwxn_q3N0LwrLKstECpRS7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/b90729-83d2-4c18-8063-11fe27d8e170/1/rgQQbzAsAHfpC2Z2LrsiLmEbM90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.88.0/22
195.34.204.0/22
Signature Algorithm: sha256WithRSAEncryption
47:ac:00:0a:0d:3e:5a:bf:fa:25:d8:e8:1d:cc:ef:f1:4e:9a:
e9:74:b6:d5:e2:5e:68:f6:49:da:97:c6:6b:11:4a:b4:6d:28:
58:bb:33:e2:95:f5:18:ad:5d:fc:d6:98:08:d0:9b:ca:e9:9c:
54:31:8d:1c:58:2d:ab:d1:3d:6f:b9:69:80:6e:07:0c:5a:a4:
1c:6b:57:08:80:c2:4f:1c:d2:96:18:b9:ff:0e:38:97:dc:a0:
c5:69:de:76:15:a8:ea:0a:87:8f:5c:79:65:42:bb:06:28:c4:
e7:c8:44:7c:aa:58:90:50:d8:d9:86:83:37:64:60:56:bd:6f:
0c:d0:9f:10:36:46:99:02:28:77:0c:56:b9:7a:3d:25:79:38:
40:e2:7e:c3:b2:3f:05:ec:3c:95:5f:96:57:28:98:4b:de:6a:
bf:66:88:e9:3a:2b:43:6b:ca:63:40:a0:ef:70:67:ba:c9:8c:
9b:26:ed:13:7f:ae:d1:02:7d:41:53:c0:40:c5:25:ca:14:8d:
f3:dd:57:32:bf:8b:c6:5d:8e:d9:1b:6f:d2:6c:f4:a3:eb:7c:
a6:9f:cd:b3:b4:cd:3a:65:b6:28:1d:af:52:7b:f3:92:3b:2b:
51:96:18:03:bb:19:54:33:17:1c:bb:5a:91:b7:e2:f0:1b:76:
e5:eb:fb:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5DjlU0CFR+fQWnrFGzOeayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMDQxMDZmMzAyYzAwNzdlOTBiNjY3NjJlYmIyMjJlNjEx
YjMzZGQwHhcNMjQwMzE1MTkxOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDNmNGIxZjBjNjdmZWFkY2RkMGJjMmIyY2FiMmQxMDJhNTE0YmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAompdnstiiKgJTHiFCS9pAoE346al
X1EWM/vOrT1vh3eXlA16Id7mB78PRvefdyGoL3xdPdWI8zl+jAFgBjlCItW7PYmx
RfUf22T7G3yDconWAd3WxrHy/JHcQsuDUvy+aeoXjSSHD47EHZkQ8cfFHf/KrDgX
ugzn40lfYCSL/go4yag61cQboPs7Y/wNBZr/MQ997w+CeckCMhllxmgBx7Bkmxwe
kb4xlb3GL5a+o8jtNNf2u3QHYuFeeYNnnk5/qmq/c5c/wxycuguVD7x+hEIjzKCT
+uoQvGdwecjrLgHykx/frRTwFqk2s0VVY0y6urrmAgDnv3a8Cm48MiamAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEQ/Sx8MZ/6tzdC8KyyrLRAqUUu2MB8GA1UdIwQY
MBaAFK4EEG8wLAB36Qtmdi67Ii5hGzPdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmdRUWJ6QXNBSGZwQzJaMkxyc2lMbUViTTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9iOTA3MjktODNkMi00YzE4LTgwNjMt
MTFmZTI3ZDhlMTcwLzEvUkQ5TEh3eG5fcTNOMEx3ckxLc3RFQ3BSUzdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9iOTA3MjktODNkMi00YzE4LTgwNjMtMTFmZTI3ZDhlMTcw
LzEvcmdRUWJ6QXNBSGZwQzJaMkxyc2lMbUViTTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9pYAwQC
wyLMMA0GCSqGSIb3DQEBCwUAA4IBAQBHrAAKDT5av/ol2OgdzO/xTprpdLbV4l5o
9knal8ZrEUq0bShYuzPilfUYrV381pgI0JvK6ZxUMY0cWC2r0T1vuWmAbgcMWqQc
a1cIgMJPHNKWGLn/DjiX3KDFad52FajqCoePXHllQrsGKMTnyER8qliQUNjZhoM3
ZGBWvW8M0J8QNkaZAih3DFa5ej0leThA4n7Dsj8F7DyVX5ZXKJhL3mq/ZojpOitD
a8pjQKDvcGe6yYybJu0Tf67RAn1BU8BAxSXKFI3z3Vcyv4vGXY7ZG2/SbPSj63ym
n82ztM06ZbYoHa9Se/OSOytRlhgDuxlUMxccu1qRt+LwG3bl6/vU
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:07 2025 by rpki-client