Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/2Hiu8EmLK6K2H8RIhMNnn82u4oQ.roa
File: 2Hiu8EmLK6K2H8RIhMNnn82u4oQ.roa (raw, json)
Hash identifier: UXuZQMxM1DTnMSB1XqQMxWyBgFlD4lc00PVsBkL4QNU=
Subject key identifier: D8:78:AE:F0:49:8B:2B:A2:B6:1F:C4:48:84:C3:67:9F:CD:AE:E2:84
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 018570FBD828154D3232F370706E48B0BB07
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/2Hiu8EmLK6K2H8RIhMNnn82u4oQ.roa
Signing time: Mon 02 Jan 2023 05:37:11 +0000
ROA not before: Mon 02 Jan 2023 05:37:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25124
IP address blocks: 109.162.192.0/20 maxlen: 20
109.162.208.0/20 maxlen: 20
109.162.224.0/20 maxlen: 20
109.162.144.0/20 maxlen: 20
109.162.160.0/20 maxlen: 20
109.162.176.0/24 maxlen: 24
81.91.138.112/28 maxlen: 28
81.91.138.80/28 maxlen: 28
81.91.138.48/28 maxlen: 28
109.162.176.0/20 maxlen: 20
213.207.208.0/20 maxlen: 20
213.207.224.0/20 maxlen: 20
91.184.80.0/20 maxlen: 20
81.91.138.40/29 maxlen: 29
213.207.240.0/20 maxlen: 20
109.162.128.0/20 maxlen: 20
81.91.128.0/20 maxlen: 20
81.91.128.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 21 Feb 2023 13:46:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:d8:28:15:4d:32:32:f3:70:70:6e:48:b0:bb:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Jan 2 05:37:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d878aef0498b2ba2b61fc44884c3679fcdaee284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:46:a3:b3:ae:a1:06:7e:6e:0f:b9:9b:db:62:
8d:e8:a4:0b:b5:49:d9:6d:aa:af:88:e9:9c:d2:13:
7d:ca:90:65:e5:4f:d8:79:43:59:38:6f:34:f0:af:
b8:36:7a:ff:d8:1d:2f:5d:75:0b:88:22:0b:33:de:
c6:13:1c:53:cb:2d:3e:41:fe:c9:60:fa:44:b9:66:
18:36:3e:da:82:1c:19:3f:3d:7d:0e:46:e4:b8:27:
99:21:ba:2d:59:50:cb:0a:fc:6b:f2:5e:0a:25:58:
bd:6e:c5:62:96:dc:17:9c:9a:29:8c:1f:79:a6:6a:
33:a7:8f:9e:56:d7:35:be:08:4d:b7:1c:bc:4a:9d:
8f:6f:0c:4e:7a:ab:9c:61:05:7b:27:54:65:b6:3d:
97:a9:f1:92:68:6b:48:5d:bc:83:a6:0d:d8:29:ea:
e9:40:33:d5:00:9b:ff:30:ac:4a:ef:00:d4:84:78:
7c:75:5e:bf:27:9e:35:90:b2:4f:c1:82:b2:5e:e9:
3d:82:da:17:5a:83:c1:8a:6d:0b:27:3c:63:9d:d9:
a5:30:3e:4d:4f:26:e0:36:5b:ab:79:03:95:08:39:
6a:50:90:de:4f:9a:38:a2:fa:de:a3:4a:b6:13:66:
68:7a:77:83:6b:23:2e:cc:2d:0c:4c:82:e8:cb:6c:
7b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:78:AE:F0:49:8B:2B:A2:B6:1F:C4:48:84:C3:67:9F:CD:AE:E2:84
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/2Hiu8EmLK6K2H8RIhMNnn82u4oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.128.0/20
91.184.80.0/20
109.162.128.0-109.162.239.255
213.207.208.0-213.207.255.255
Signature Algorithm: sha256WithRSAEncryption
41:f3:2d:a1:28:88:3d:67:f7:df:d1:7f:9d:10:61:59:64:93:
ea:12:77:89:c0:1f:0e:60:62:8c:54:41:a2:05:bb:6f:90:70:
2f:cd:00:04:a4:57:10:93:91:61:79:db:7b:6d:7f:43:34:ce:
a3:ed:18:c6:1c:c9:38:fe:2b:9d:f6:41:44:86:0e:14:49:00:
d7:9f:d0:17:4e:72:a8:7b:76:b6:19:2b:3a:b3:60:be:b4:ec:
51:3f:00:9f:f4:89:3a:a0:d0:37:dd:55:7b:b4:88:4a:24:44:
78:d8:40:d0:3c:8c:13:4b:37:d5:b9:8c:09:7d:3a:7a:d1:7d:
ca:7c:7c:b8:a2:d1:0d:f8:d7:86:25:ab:07:21:d5:0e:3b:1f:
9b:c3:4e:1e:53:c9:3b:24:74:38:d5:a2:6c:31:5f:c1:65:32:
5e:8f:f7:16:ba:1b:b7:4a:be:0b:f9:51:0c:40:ec:80:e4:bf:
9e:46:b6:31:8e:0c:63:03:0e:4a:c8:76:be:f4:c8:4f:03:27:
fa:fc:40:fa:7d:e4:ac:24:57:b6:e5:e3:85:d0:77:e1:28:3b:
8e:fc:67:04:1f:5d:64:a0:92:d5:73:c3:73:2f:83:25:e0:93:
6f:4d:1e:0c:fc:4e:d7:2e:96:fb:30:b4:2c:7c:7b:eb:85:27:
fe:91:4c:3e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVw+9goFU0yMvNwcG5IsLsHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjMwMTAyMDUzNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODc4YWVmMDQ5OGIyYmEyYjYxZmM0NDg4NGMzNjc5ZmNkYWVlMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0ajs66hBn5uD7mb22KN6KQLtUnZ
baqviOmc0hN9ypBl5U/YeUNZOG808K+4Nnr/2B0vXXULiCILM97GExxTyy0+Qf7J
YPpEuWYYNj7aghwZPz19DkbkuCeZIbotWVDLCvxr8l4KJVi9bsViltwXnJopjB95
pmozp4+eVtc1vghNtxy8Sp2PbwxOequcYQV7J1Rltj2XqfGSaGtIXbyDpg3YKerp
QDPVAJv/MKxK7wDUhHh8dV6/J541kLJPwYKyXuk9gtoXWoPBim0LJzxjndmlMD5N
TybgNlureQOVCDlqUJDeT5o4ovreo0q2E2ZoeneDayMuzC0MTILoy2x70QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNh4rvBJiyuith/ESITDZ5/NruKEMB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvMkhpdThFbUxLNksySDhSSWhNTm5uODJ1NG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwQEUVuAAwQE
W7hQMAwDBAdtooADBARtouAwCwMEBNXP0AMDBNXAMA0GCSqGSIb3DQEBCwUAA4IB
AQBB8y2hKIg9Z/ff0X+dEGFZZJPqEneJwB8OYGKMVEGiBbtvkHAvzQAEpFcQk5Fh
edt7bX9DNM6j7RjGHMk4/iud9kFEhg4USQDXn9AXTnKoe3a2GSs6s2C+tOxRPwCf
9Ik6oNA33VV7tIhKJER42EDQPIwTSzfVuYwJfTp60X3KfHy4otEN+NeGJasHIdUO
Ox+bw04eU8k7JHQ41aJsMV/BZTJej/cWuhu3Sr4L+VEMQOyA5L+eRrYxjgxjAw5K
yHa+9MhPAyf6/ED6feSsJFe25eOF0HfhKDuO/GcEH11koJLVc8NzL4Ml4JNvTR4M
/E7XLpb7MLQsfHvrhSf+kUw+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:21 2024 by rpki-client on console-fra.rpki-client.org