Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b70490-fcae-48ec-9249-beba754add57/1/ueZN6JxKd1wSdYLW7kFT9SfUgEI.roa
File: ueZN6JxKd1wSdYLW7kFT9SfUgEI.roa (raw, json)
Hash identifier: lbfzgyax10tuK8nlZVVNs8yDXUjYyMMekublfo8Vroo=
Subject key identifier: B9:E6:4D:E8:9C:4A:77:5C:12:75:82:D6:EE:41:53:F5:27:D4:80:42
Certificate issuer: /CN=fe6d4a36340c3dad87a03921d0f88ff65162897a
Certificate serial: 018C68E8F425117604DA3319663E2035FB27
Authority key identifier: FE:6D:4A:36:34:0C:3D:AD:87:A0:39:21:D0:F8:8F:F6:51:62:89:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_m1KNjQMPa2HoDkh0PiP9lFiiXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b70490-fcae-48ec-9249-beba754add57/1/ueZN6JxKd1wSdYLW7kFT9SfUgEI.roa
Signing time: Thu 14 Dec 2023 15:19:06 +0000
ROA not before: Thu 14 Dec 2023 15:19:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209288
IP address blocks: 91.202.210.0/24 maxlen: 24
212.18.105.0/24 maxlen: 24
185.112.73.0/24 maxlen: 24
151.248.17.0/24 maxlen: 24
151.248.16.0/24 maxlen: 24
151.248.16.0/22 maxlen: 22
151.248.19.0/24 maxlen: 24
151.248.18.0/24 maxlen: 24
2a05:ccc0::/29 maxlen: 29
2a10:c080::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:68:e8:f4:25:11:76:04:da:33:19:66:3e:20:35:fb:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe6d4a36340c3dad87a03921d0f88ff65162897a
Validity
Not Before: Dec 14 15:19:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9e64de89c4a775c127582d6ee4153f527d48042
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ab:4b:e1:1e:f7:ef:72:28:0a:f2:55:26:e5:
eb:21:5f:80:c3:42:7c:18:fe:09:7f:2b:09:42:86:
6c:82:b5:9a:3d:63:93:3e:10:11:fd:32:b0:96:e8:
70:1e:bc:b0:5c:01:c0:fa:9e:dd:1a:a7:de:67:d1:
a7:45:e5:c8:0f:0d:20:a4:b4:95:61:df:96:aa:64:
35:e0:23:d0:20:63:5f:b6:4a:04:1f:41:ee:83:c6:
8e:1a:54:99:99:43:4e:5c:24:c8:42:9f:d5:76:c5:
90:f9:4b:ea:b5:03:1b:76:ce:da:49:bb:fc:92:5f:
15:61:5b:14:59:cb:db:9b:f2:22:08:61:27:3b:b4:
09:20:5b:45:01:af:f8:d4:99:05:31:19:f5:23:66:
02:0b:37:ff:73:41:f2:32:e8:6f:02:d0:09:d9:a6:
00:4b:0d:f7:8b:c4:6a:2b:ba:c3:2b:e4:29:12:60:
66:9c:ea:ff:3c:31:77:c3:c3:11:88:9e:d6:58:ce:
26:02:c7:7e:31:94:e0:af:b1:41:dc:ef:14:2e:3b:
e3:d2:58:fe:ec:53:36:15:e2:a8:10:e1:bc:0d:fa:
68:7c:83:26:a1:60:6f:73:54:d4:6d:aa:a5:dc:ed:
df:a0:7e:f9:1a:d7:57:1e:fe:cf:fd:b3:a0:ee:1c:
ae:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:E6:4D:E8:9C:4A:77:5C:12:75:82:D6:EE:41:53:F5:27:D4:80:42
X509v3 Authority Key Identifier:
keyid:FE:6D:4A:36:34:0C:3D:AD:87:A0:39:21:D0:F8:8F:F6:51:62:89:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_m1KNjQMPa2HoDkh0PiP9lFiiXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b70490-fcae-48ec-9249-beba754add57/1/ueZN6JxKd1wSdYLW7kFT9SfUgEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b70490-fcae-48ec-9249-beba754add57/1/_m1KNjQMPa2HoDkh0PiP9lFiiXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.210.0/24
151.248.16.0/22
185.112.73.0/24
212.18.105.0/24
IPv6:
2a05:ccc0::/29
2a10:c080::/29
Signature Algorithm: sha256WithRSAEncryption
70:fa:a8:b6:16:b8:cd:ae:e3:ca:8f:88:6d:fa:0f:b9:9e:5a:
03:19:94:c1:12:46:3d:86:63:25:76:f8:01:b6:c5:4b:60:49:
2f:62:b0:bb:bb:05:1b:26:99:8e:04:4a:26:4a:c5:c0:11:24:
ad:a6:b9:53:e6:96:62:d7:94:3b:0e:17:34:f9:bf:9b:bf:f9:
ac:29:81:73:a8:6e:b3:e9:bb:0f:ab:25:c8:af:1b:a9:a3:f7:
4c:cc:6e:e0:ee:b2:b3:a5:0a:be:96:aa:2b:2a:44:8f:7d:03:
7f:20:f8:f5:62:9d:84:15:17:96:20:79:18:5d:39:22:cb:42:
ff:87:2b:d5:a9:70:70:28:c7:56:83:0b:8d:e0:f5:27:af:b2:
a5:4c:75:a0:97:0a:27:f1:23:2f:db:b5:cb:1d:05:0c:9f:31:
99:eb:4f:c3:96:ab:c3:b3:5d:eb:41:a1:62:c2:5f:ed:ae:7a:
14:53:76:02:73:23:00:ae:45:65:c9:ac:d8:cd:ea:1e:f5:b4:
b2:72:59:68:52:de:84:ac:11:40:16:66:1e:fd:97:b7:42:24:
10:13:97:c2:09:1c:7a:54:80:aa:ed:dd:03:76:13:15:0e:33:
04:f1:18:de:f2:f7:13:7b:dc:86:4a:ae:3e:68:32:c4:ac:f4:
bb:58:53:6f
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYxo6PQlEXYE2jMZZj4gNfsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNmQ0YTM2MzQwYzNkYWQ4N2EwMzkyMWQwZjg4ZmY2NTE2
Mjg5N2EwHhcNMjMxMjE0MTUxOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWU2NGRlODljNGE3NzVjMTI3NTgyZDZlZTQxNTNmNTI3ZDQ4MDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqtL4R7373IoCvJVJuXrIV+Aw0J8
GP4JfysJQoZsgrWaPWOTPhAR/TKwluhwHrywXAHA+p7dGqfeZ9GnReXIDw0gpLSV
Yd+WqmQ14CPQIGNftkoEH0Hug8aOGlSZmUNOXCTIQp/VdsWQ+UvqtQMbds7aSbv8
kl8VYVsUWcvbm/IiCGEnO7QJIFtFAa/41JkFMRn1I2YCCzf/c0HyMuhvAtAJ2aYA
Sw33i8RqK7rDK+QpEmBmnOr/PDF3w8MRiJ7WWM4mAsd+MZTgr7FB3O8ULjvj0lj+
7FM2FeKoEOG8DfpofIMmoWBvc1TUbaql3O3foH75GtdXHv7P/bOg7hyuxQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFLnmTeicSndcEnWC1u5BU/Un1IBCMB8GA1UdIwQY
MBaAFP5tSjY0DD2th6A5IdD4j/ZRYol6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX20xS05qUU1QYTJIb0RraDBQaVA5bEZpaVhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzA0OTAtZmNhZS00OGVjLTkyNDkt
YmViYTc1NGFkZDU3LzEvdWVaTjZKeEtkMXdTZFlMVzdrRlQ5U2ZVZ0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzA0OTAtZmNhZS00OGVjLTkyNDktYmViYTc1NGFkZDU3
LzEvX20xS05qUU1QYTJIb0RraDBQaVA5bEZpaVhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQAW8rSAwQC
l/gQAwQAuXBJAwQA1BJpMBQEAgACMA4DBQMqBczAAwUDKhDAgDANBgkqhkiG9w0B
AQsFAAOCAQEAcPqotha4za7jyo+IbfoPuZ5aAxmUwRJGPYZjJXb4AbbFS2BJL2Kw
u7sFGyaZjgRKJkrFwBEkraa5U+aWYteUOw4XNPm/m7/5rCmBc6hus+m7D6slyK8b
qaP3TMxu4O6ys6UKvpaqKypEj30DfyD49WKdhBUXliB5GF05IstC/4cr1alwcCjH
VoMLjeD1J6+ypUx1oJcKJ/EjL9u1yx0FDJ8xmetPw5arw7Nd60GhYsJf7a56FFN2
AnMjAK5FZcms2M3qHvW0snJZaFLehKwRQBZmHv2Xt0IkEBOXwgkcelSAqu3dA3YT
FQ4zBPEY3vL3E3vchkquPmgyxKz0u1hTbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:20 2024 by rpki-client on console-ams.rpki-client.org