Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/DL7F2iahypjbmVNBR_ewuFrhwXw.roa
File: DL7F2iahypjbmVNBR_ewuFrhwXw.roa (raw, json)
Hash identifier: Tmmlp5CE4kuDOxqnDnb0SEn9wxqbdRJuzg3VkGo6tlg=
Subject key identifier: 0C:BE:C5:DA:26:A1:CA:98:DB:99:53:41:47:F7:B0:B8:5A:E1:C1:7C
Certificate issuer: /CN=29c9b04016f6f02183307c17df630a0289ec5bb5
Certificate serial: 018CC425484906A9E92DE01531731BD6F6A1
Authority key identifier: 29:C9:B0:40:16:F6:F0:21:83:30:7C:17:DF:63:0A:02:89:EC:5B:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KcmwQBb28CGDMHwX32MKAonsW7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/DL7F2iahypjbmVNBR_ewuFrhwXw.roa
Signing time: Mon 01 Jan 2024 08:30:26 +0000
ROA not before: Mon 01 Jan 2024 08:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29286
IP address blocks: 185.20.148.0/24 maxlen: 24
91.102.104.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 24 Jan 2024 14:32:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:48:49:06:a9:e9:2d:e0:15:31:73:1b:d6:f6:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29c9b04016f6f02183307c17df630a0289ec5bb5
Validity
Not Before: Jan 1 08:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cbec5da26a1ca98db99534147f7b0b85ae1c17c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:14:8f:99:04:b7:28:00:36:5a:25:eb:8b:18:
99:3d:b9:6f:3f:23:de:25:db:1a:bf:42:5d:d2:cc:
50:e8:e6:ef:61:53:b0:77:92:12:eb:fb:30:74:6b:
46:05:09:96:a3:f4:13:51:0e:06:05:05:1c:b4:24:
15:9d:aa:97:21:09:71:e7:f8:0a:46:41:23:03:94:
cc:23:6f:e2:5c:f5:9f:cf:bb:34:23:e4:fd:6a:0e:
79:a6:fc:2a:f0:e4:c9:2b:a3:d2:05:d0:69:64:c9:
fb:6e:81:95:fc:e0:6a:b8:1e:0d:93:8e:a0:e8:a4:
1e:ef:ca:ed:8f:82:6f:cd:47:18:ea:96:e8:58:09:
35:20:de:c9:a0:b4:b3:b3:50:01:78:86:fc:9f:56:
a2:05:33:9e:07:0c:c0:86:28:cf:00:1b:69:34:d1:
60:cd:f2:dc:48:f1:02:e3:97:d4:47:3c:0e:f1:ed:
f0:ef:7a:49:7b:d1:41:46:ca:0d:31:8e:48:a6:61:
39:af:8b:c5:7f:4c:36:cb:e2:ee:e9:d7:04:fd:8a:
fb:0e:90:ec:66:c7:66:79:dd:a1:6f:86:b8:2c:7c:
48:06:2c:45:69:37:99:d1:79:64:84:d5:21:f9:d2:
73:b5:06:fb:95:2a:02:b6:49:0c:77:38:68:36:0b:
70:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:BE:C5:DA:26:A1:CA:98:DB:99:53:41:47:F7:B0:B8:5A:E1:C1:7C
X509v3 Authority Key Identifier:
keyid:29:C9:B0:40:16:F6:F0:21:83:30:7C:17:DF:63:0A:02:89:EC:5B:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KcmwQBb28CGDMHwX32MKAonsW7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/DL7F2iahypjbmVNBR_ewuFrhwXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/KcmwQBb28CGDMHwX32MKAonsW7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.104.0/21
185.20.148.0/24
Signature Algorithm: sha256WithRSAEncryption
64:7f:f3:c1:83:49:ee:3e:67:65:33:68:6e:af:12:0d:e8:2c:
b2:90:da:d9:52:89:cf:56:58:a0:ca:bb:ec:5f:44:12:96:ad:
b8:c4:47:d3:cf:35:72:bf:d1:d7:b0:b0:3a:e1:4a:68:5a:1b:
0b:dd:37:b1:17:57:40:6e:0f:eb:ce:70:e4:d1:7a:bb:c1:b1:
75:08:7d:4d:24:1b:e0:2a:8c:06:fa:4c:74:4a:9d:d6:96:7b:
31:d1:0a:e5:66:f4:ef:75:c9:8d:cf:a7:95:05:a4:a3:f3:28:
e8:6f:ac:ac:26:6f:55:4a:0d:ce:76:4e:c4:9c:50:6e:b2:07:
51:62:b5:08:bd:67:e4:da:97:3a:a8:b3:24:f5:bf:4f:f0:84:
32:b8:dd:26:83:f5:ed:bf:d0:84:89:5b:06:8b:56:55:09:30:
f0:57:ec:d8:1d:a8:2d:21:6b:eb:60:53:37:ec:8d:48:73:2c:
e0:78:e2:fd:a7:93:77:fd:c8:35:60:14:ea:96:23:d4:30:84:
e7:72:12:5c:c6:30:64:5c:62:10:9f:a2:47:30:16:13:53:66:
0a:02:9c:8c:48:f2:04:ce:d7:42:96:58:20:4f:4e:fe:83:03:
68:41:a0:01:3a:24:6d:6a:11:38:d1:bf:bf:84:65:75:24:fa:
4f:7d:5d:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJUhJBqnpLeAVMXMb1vahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YzliMDQwMTZmNmYwMjE4MzMwN2MxN2RmNjMwYTAyODll
YzViYjUwHhcNMjQwMTAxMDgzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2JlYzVkYTI2YTFjYTk4ZGI5OTUzNDE0N2Y3YjBiODVhZTFjMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhSPmQS3KAA2WiXrixiZPblvPyPe
Jdsav0Jd0sxQ6ObvYVOwd5IS6/swdGtGBQmWo/QTUQ4GBQUctCQVnaqXIQlx5/gK
RkEjA5TMI2/iXPWfz7s0I+T9ag55pvwq8OTJK6PSBdBpZMn7boGV/OBquB4Nk46g
6KQe78rtj4JvzUcY6pboWAk1IN7JoLSzs1ABeIb8n1aiBTOeBwzAhijPABtpNNFg
zfLcSPEC45fURzwO8e3w73pJe9FBRsoNMY5IpmE5r4vFf0w2y+Lu6dcE/Yr7DpDs
Zsdmed2hb4a4LHxIBixFaTeZ0XlkhNUh+dJztQb7lSoCtkkMdzhoNgtw1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAy+xdomocqY25lTQUf3sLha4cF8MB8GA1UdIwQY
MBaAFCnJsEAW9vAhgzB8F99jCgKJ7Fu1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Ntd1FCYjI4Q0dETUh3WDMyTUtBb25zVzdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NTE4NDctMzMyZC00ZTI3LWI0N2Et
MWQ1OTFiYmQ0MDYwLzEvREw3RjJpYWh5cGpibVZOQlJfZXd1RnJod1h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NTE4NDctMzMyZC00ZTI3LWI0N2EtMWQ1OTFiYmQ0MDYw
LzEvS2Ntd1FCYjI4Q0dETUh3WDMyTUtBb25zVzdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDW2ZoAwQA
uRSUMA0GCSqGSIb3DQEBCwUAA4IBAQBkf/PBg0nuPmdlM2hurxIN6CyykNrZUonP
VligyrvsX0QSlq24xEfTzzVyv9HXsLA64UpoWhsL3TexF1dAbg/rznDk0Xq7wbF1
CH1NJBvgKowG+kx0Sp3Wlnsx0QrlZvTvdcmNz6eVBaSj8yjob6ysJm9VSg3Odk7E
nFBusgdRYrUIvWfk2pc6qLMk9b9P8IQyuN0mg/Xtv9CEiVsGi1ZVCTDwV+zYHagt
IWvrYFM37I1IcyzgeOL9p5N3/cg1YBTqliPUMITnchJcxjBkXGIQn6JHMBYTU2YK
ApyMSPIEztdCllggT07+gwNoQaABOiRtahE40b+/hGV1JPpPfV2J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:28 2024 by rpki-client on console-fra.rpki-client.org