Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/68N_DqgXZ48HsVIh26-C_uNUIyM.roa
File: 68N_DqgXZ48HsVIh26-C_uNUIyM.roa (raw, json)
Hash identifier: qhOgakUHRPsW5r4yuPI7bjjbcPk6zqTLEme+k8Tb5r8=
Subject key identifier: EB:C3:7F:0E:A8:17:67:8F:07:B1:52:21:DB:AF:82:FE:E3:54:23:23
Certificate issuer: /CN=91d8c32a703972aaea093a01f8dedf57f9675575
Certificate serial: 018ACC0A4DC3D851984D109D2949BF0397B9
Authority key identifier: 91:D8:C3:2A:70:39:72:AA:EA:09:3A:01:F8:DE:DF:57:F9:67:55:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdjDKnA5cqrqCToB-N7fV_lnVXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/68N_DqgXZ48HsVIh26-C_uNUIyM.roa
Signing time: Mon 25 Sep 2023 11:12:21 +0000
ROA not before: Mon 25 Sep 2023 11:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24730
IP address blocks: 81.23.224.0/20 maxlen: 20
81.173.4.0/24 maxlen: 24
81.173.124.0/24 maxlen: 24
185.236.176.0/22 maxlen: 22
2001:15b8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cc:0a:4d:c3:d8:51:98:4d:10:9d:29:49:bf:03:97:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d8c32a703972aaea093a01f8dedf57f9675575
Validity
Not Before: Sep 25 11:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebc37f0ea817678f07b15221dbaf82fee3542323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:dc:eb:4b:0e:f4:cc:5b:1f:1c:a8:49:d6:87:
b3:a9:46:0b:e4:8f:2e:5e:4a:55:3c:8c:37:17:60:
df:84:b8:44:0f:5b:b0:9f:5b:bc:13:0e:01:6b:e8:
d5:0f:6f:2b:98:32:48:5f:00:c4:70:22:02:e5:cd:
86:7a:25:b3:04:7b:ad:7a:ce:b2:9f:89:8a:30:ef:
5b:b1:49:fc:39:44:c2:24:9c:96:98:09:18:dc:4f:
a0:16:46:69:91:cb:94:27:53:f5:f8:18:1a:c6:9b:
be:6a:88:c8:7e:f1:50:ff:26:6e:f6:d1:68:9e:fc:
d1:3a:a3:3c:d1:3e:96:6f:f0:e5:ed:33:20:40:7b:
44:54:de:69:a9:60:d3:2c:b6:a0:28:aa:8b:d6:ab:
02:b9:a0:54:ce:5e:94:55:f2:ad:88:cd:03:31:76:
da:2d:b6:25:ce:1f:10:7c:12:b4:66:d4:0b:e5:7f:
55:16:23:1d:f2:99:b1:50:ad:e5:3b:f4:e9:b3:c2:
91:26:aa:59:38:02:16:c7:c8:ca:a4:0a:d4:5b:76:
38:fe:6c:a9:cb:97:3c:65:27:67:47:cd:0b:c1:b3:
5a:60:55:c6:92:48:93:77:ab:08:7a:e7:0b:e8:8e:
a0:1e:2d:7f:0a:a5:2d:a8:0b:c2:96:19:46:09:d2:
cb:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C3:7F:0E:A8:17:67:8F:07:B1:52:21:DB:AF:82:FE:E3:54:23:23
X509v3 Authority Key Identifier:
keyid:91:D8:C3:2A:70:39:72:AA:EA:09:3A:01:F8:DE:DF:57:F9:67:55:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdjDKnA5cqrqCToB-N7fV_lnVXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/68N_DqgXZ48HsVIh26-C_uNUIyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/kdjDKnA5cqrqCToB-N7fV_lnVXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.224.0/20
81.173.4.0/24
81.173.124.0/24
185.236.176.0/22
IPv6:
2001:15b8::/32
Signature Algorithm: sha256WithRSAEncryption
51:7b:8f:14:0c:70:b4:5f:2e:d0:4a:76:36:89:5a:6c:50:94:
6d:e9:cf:61:65:ed:fd:0f:21:bf:4b:75:af:61:df:e2:91:96:
4c:09:97:6b:79:75:43:31:96:19:94:9e:20:59:23:c5:24:c4:
be:ae:14:e9:af:21:ca:3c:81:98:fa:b5:e8:9c:a8:ac:27:9a:
c3:80:c8:4e:c2:41:d7:1c:ce:30:32:01:5d:9a:e2:7c:82:24:
3e:6a:bc:fa:3d:32:a1:38:4a:43:9b:44:38:0c:86:c3:3f:b5:
00:f7:51:74:7d:1c:73:7c:37:6d:a4:87:7a:1c:c4:36:b4:1a:
85:78:3a:07:3a:61:3c:01:1a:b3:15:d8:3f:8b:94:fe:68:f7:
54:3f:cb:97:00:eb:01:b8:57:82:7f:90:b9:b0:da:ae:ed:b9:
36:24:aa:49:9a:2a:97:f7:ac:fd:ab:ca:46:95:2b:39:0e:3d:
2d:66:a7:99:13:42:1f:71:67:81:25:a8:86:58:c3:d2:4b:2f:
73:c4:a8:31:72:46:23:07:71:8d:16:b0:e0:36:75:50:30:9f:
e6:7e:f9:c5:40:c4:16:5c:e4:12:4f:9f:25:4b:e7:c8:d0:f0:
ba:c1:cc:f1:38:5c:42:06:68:bb:10:fa:dc:7a:c6:94:69:6b:
a8:59:9f:90
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYrMCk3D2FGYTRCdKUm/A5e5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDhjMzJhNzAzOTcyYWFlYTA5M2EwMWY4ZGVkZjU3Zjk2
NzU1NzUwHhcNMjMwOTI1MTExMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmMzN2YwZWE4MTc2NzhmMDdiMTUyMjFkYmFmODJmZWUzNTQyMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9zrSw70zFsfHKhJ1oezqUYL5I8u
XkpVPIw3F2DfhLhED1uwn1u8Ew4Ba+jVD28rmDJIXwDEcCIC5c2GeiWzBHutes6y
n4mKMO9bsUn8OUTCJJyWmAkY3E+gFkZpkcuUJ1P1+Bgaxpu+aojIfvFQ/yZu9tFo
nvzROqM80T6Wb/Dl7TMgQHtEVN5pqWDTLLagKKqL1qsCuaBUzl6UVfKtiM0DMXba
LbYlzh8QfBK0ZtQL5X9VFiMd8pmxUK3lO/Tps8KRJqpZOAIWx8jKpArUW3Y4/myp
y5c8ZSdnR80LwbNaYFXGkkiTd6sIeucL6I6gHi1/CqUtqAvClhlGCdLLzQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOvDfw6oF2ePB7FSIduvgv7jVCMjMB8GA1UdIwQY
MBaAFJHYwypwOXKq6gk6Afje31f5Z1V1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RqREtuQTVjcXJxQ1RvQi1ON2ZWX2xuVlhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC80ZTgxNmQtZDhlYy00MzdjLTk4NmEt
M2MxMjc4MWUyMDJkLzEvNjhOX0RxZ1haNDhIc1ZJaDI2LUNfdU5VSXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC80ZTgxNmQtZDhlYy00MzdjLTk4NmEtM2MxMjc4MWUyMDJk
LzEva2RqREtuQTVjcXJxQ1RvQi1ON2ZWX2xuVlhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEURfgAwQA
Ua0EAwQAUa18AwQCueywMA0EAgACMAcDBQAgARW4MA0GCSqGSIb3DQEBCwUAA4IB
AQBRe48UDHC0Xy7QSnY2iVpsUJRt6c9hZe39DyG/S3WvYd/ikZZMCZdreXVDMZYZ
lJ4gWSPFJMS+rhTpryHKPIGY+rXonKisJ5rDgMhOwkHXHM4wMgFdmuJ8giQ+arz6
PTKhOEpDm0Q4DIbDP7UA91F0fRxzfDdtpId6HMQ2tBqFeDoHOmE8ARqzFdg/i5T+
aPdUP8uXAOsBuFeCf5C5sNqu7bk2JKpJmiqX96z9q8pGlSs5Dj0tZqeZE0IfcWeB
JaiGWMPSSy9zxKgxckYjB3GNFrDgNnVQMJ/mfvnFQMQWXOQST58lS+fI0PC6wczx
OFxCBmi7EPrcesaUaWuoWZ+Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:18 2024 by rpki-client on console-fra.rpki-client.org