Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/D_owIcxVF50zpPybaRva3ltyKFg.roa
File: D_owIcxVF50zpPybaRva3ltyKFg.roa (raw, json)
Hash identifier: HluES4lGZ+4Q2Xe7xK6LrJM8MQX38fmCa7lkMDBIlNU=
Subject key identifier: 0F:FA:30:21:CC:55:17:9D:33:A4:FC:9B:69:1B:DA:DE:5B:72:28:58
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 0188DD7427DC6DBBAEF34E41F25968D88C85
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/D_owIcxVF50zpPybaRva3ltyKFg.roa
Signing time: Wed 21 Jun 2023 10:15:57 +0000
ROA not before: Wed 21 Jun 2023 10:15:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25124
IP address blocks: 109.162.192.0/20 maxlen: 20
109.162.208.0/20 maxlen: 20
109.162.224.0/20 maxlen: 20
109.162.144.0/20 maxlen: 20
109.162.144.0/21 maxlen: 21
109.162.160.0/20 maxlen: 20
109.162.176.0/24 maxlen: 24
81.91.138.112/28 maxlen: 28
81.91.138.80/28 maxlen: 28
81.91.138.48/28 maxlen: 28
109.162.176.0/20 maxlen: 20
213.207.208.0/20 maxlen: 20
213.207.224.0/20 maxlen: 20
91.184.80.0/20 maxlen: 20
81.91.138.40/29 maxlen: 29
213.207.240.0/20 maxlen: 20
109.162.128.0/20 maxlen: 20
81.91.130.0/23 maxlen: 23
81.91.128.0/20 maxlen: 20
81.91.132.0/22 maxlen: 22
81.91.132.0/23 maxlen: 23
81.91.128.0/23 maxlen: 23
81.91.128.0/22 maxlen: 22
81.91.128.0/21 maxlen: 21
81.91.138.0/24 maxlen: 24
81.91.138.0/23 maxlen: 23
81.91.134.0/23 maxlen: 23
81.91.136.0/23 maxlen: 23
81.91.136.0/22 maxlen: 22
81.91.140.0/23 maxlen: 23
81.91.140.0/22 maxlen: 22
81.91.142.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 04 Sep 2023 12:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dd:74:27:dc:6d:bb:ae:f3:4e:41:f2:59:68:d8:8c:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Jun 21 10:15:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ffa3021cc55179d33a4fc9b691bdade5b722858
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4a:42:fa:b5:5c:22:a3:46:08:96:3a:22:38:
33:89:b9:19:83:ca:91:86:40:3b:08:4c:47:0f:4e:
a2:93:a2:cf:32:56:56:76:83:a4:cc:a0:1f:99:0a:
e5:8a:9b:30:b1:19:c6:75:9f:41:0c:6a:a4:d4:d6:
b1:e6:b8:b2:b3:22:7b:bd:b6:4b:e6:e4:98:8b:da:
89:60:be:77:e6:1f:e1:03:68:15:be:53:52:97:79:
80:47:c6:5c:e1:70:20:c6:26:72:f7:8b:f1:29:80:
e1:e4:1a:5c:af:22:2c:3d:1e:42:32:f4:31:e4:01:
74:50:46:89:99:cb:9d:8c:be:9b:4f:df:3e:8c:49:
60:9b:60:ce:66:4f:96:63:bf:86:20:6a:4b:ba:d7:
07:e7:24:8d:27:85:cc:94:44:cc:2e:3a:f2:62:0d:
bc:82:36:d8:c6:6e:c0:53:a0:c1:dd:81:2b:45:8d:
8b:b6:f1:c6:21:db:31:99:38:5a:74:e6:2c:0a:20:
42:12:7e:a7:80:c2:87:e4:32:11:0f:3f:5c:d4:51:
86:1c:21:c9:24:04:83:05:7d:db:3b:ea:60:83:ca:
8d:3b:09:fb:70:df:a3:87:d0:e5:42:9c:bf:a4:60:
f9:51:8a:4f:02:ce:99:d2:00:3d:81:68:72:96:c2:
31:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:FA:30:21:CC:55:17:9D:33:A4:FC:9B:69:1B:DA:DE:5B:72:28:58
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/D_owIcxVF50zpPybaRva3ltyKFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.128.0/20
91.184.80.0/20
109.162.128.0-109.162.239.255
213.207.208.0-213.207.255.255
Signature Algorithm: sha256WithRSAEncryption
1b:eb:d0:16:3a:3d:83:f0:78:15:27:4d:6e:52:18:dd:e2:70:
1b:74:52:cb:a6:ac:f1:ca:8c:d8:27:41:7a:05:75:16:18:0a:
5b:9d:62:4c:3f:57:d6:54:73:4a:de:3c:0e:90:b5:e9:00:79:
c7:d3:f4:eb:bb:5c:b0:10:7c:70:63:89:30:0a:b2:d3:a9:2d:
ee:3d:b5:fb:08:da:fd:70:81:e4:89:9f:c0:b4:d6:1e:0d:52:
53:b7:16:60:a2:e6:e7:ba:67:62:cd:19:1b:b1:48:87:91:e2:
08:f3:60:7d:7c:7f:6f:4f:da:d5:bf:69:6d:f4:5a:6e:90:f6:
44:b3:68:2c:3f:5f:42:7b:47:0b:79:df:87:3b:fc:38:da:ea:
fa:3c:23:24:c8:08:fa:f3:8e:91:8f:7c:1d:dc:25:d6:b4:fe:
27:44:e2:37:7a:89:15:57:66:b3:e5:67:d9:1d:3f:15:1f:0c:
6d:0f:3e:6a:1a:27:a6:a6:1e:fa:ba:0c:50:99:3d:49:7d:06:
e8:c1:0c:e0:3f:5f:fb:4c:b5:15:f5:15:f7:5d:4a:85:d9:e6:
a5:f3:28:10:7d:24:28:46:ad:d0:5f:24:e3:8a:7a:22:f1:19:
94:a9:49:7f:c3:70:0b:74:18:98:78:b6:ce:18:a1:ce:d8:d3:
3b:4a:fc:43
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYjddCfcbbuu805B8llo2IyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjMwNjIxMTAxNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmZhMzAyMWNjNTUxNzlkMzNhNGZjOWI2OTFiZGFkZTViNzIyODU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEpC+rVcIqNGCJY6IjgzibkZg8qR
hkA7CExHD06ik6LPMlZWdoOkzKAfmQrlipswsRnGdZ9BDGqk1Nax5riysyJ7vbZL
5uSYi9qJYL535h/hA2gVvlNSl3mAR8Zc4XAgxiZy94vxKYDh5BpcryIsPR5CMvQx
5AF0UEaJmcudjL6bT98+jElgm2DOZk+WY7+GIGpLutcH5ySNJ4XMlETMLjryYg28
gjbYxm7AU6DB3YErRY2LtvHGIdsxmThadOYsCiBCEn6ngMKH5DIRDz9c1FGGHCHJ
JASDBX3bO+pgg8qNOwn7cN+jh9DlQpy/pGD5UYpPAs6Z0gA9gWhylsIxyQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFA/6MCHMVRedM6T8m2kb2t5bcihYMB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvRF9vd0ljeFZGNTB6cFB5YmFSdmEzbHR5S0ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwQEUVuAAwQE
W7hQMAwDBAdtooADBARtouAwCwMEBNXP0AMDBNXAMA0GCSqGSIb3DQEBCwUAA4IB
AQAb69AWOj2D8HgVJ01uUhjd4nAbdFLLpqzxyozYJ0F6BXUWGApbnWJMP1fWVHNK
3jwOkLXpAHnH0/Tru1ywEHxwY4kwCrLTqS3uPbX7CNr9cIHkiZ/AtNYeDVJTtxZg
oubnumdizRkbsUiHkeII82B9fH9vT9rVv2lt9FpukPZEs2gsP19Ce0cLed+HO/w4
2ur6PCMkyAj6846Rj3wd3CXWtP4nROI3eokVV2az5WfZHT8VHwxtDz5qGiemph76
ugxQmT1JfQbowQzgP1/7TLUV9RX3XUqF2eal8ygQfSQoRq3QXyTjinoi8RmUqUl/
w3ALdBiYeLbOGKHO2NM7SvxD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:52 2024 by rpki-client on console-ams.rpki-client.org