Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/M9V8pFYZefqGArlrKYKlxt4G9Uc.roa
File: M9V8pFYZefqGArlrKYKlxt4G9Uc.roa (raw, json)
Hash identifier: pp6uyW6Iq+LPW/TvrqsHTfbMfi1whaGMhc0ZnJKRblM=
Subject key identifier: 33:D5:7C:A4:56:19:79:FA:86:02:B9:6B:29:82:A5:C6:DE:06:F5:47
Certificate issuer: /CN=29c9b04016f6f02183307c17df630a0289ec5bb5
Certificate serial: 018D7D76D311B3A2E2B45B4A0B61FECAFC99
Authority key identifier: 29:C9:B0:40:16:F6:F0:21:83:30:7C:17:DF:63:0A:02:89:EC:5B:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KcmwQBb28CGDMHwX32MKAonsW7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/M9V8pFYZefqGArlrKYKlxt4G9Uc.roa
Signing time: Tue 06 Feb 2024 08:09:15 +0000
ROA not before: Tue 06 Feb 2024 08:09:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29286
IP address blocks: 91.102.104.0/21 maxlen: 21
185.20.148.0/22 maxlen: 22
185.20.148.0/24 maxlen: 24
185.20.149.0/24 maxlen: 24
185.20.150.0/24 maxlen: 24
185.20.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 May 2024 11:37:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:76:d3:11:b3:a2:e2:b4:5b:4a:0b:61:fe:ca:fc:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29c9b04016f6f02183307c17df630a0289ec5bb5
Validity
Not Before: Feb 6 08:09:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33d57ca4561979fa8602b96b2982a5c6de06f547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fe:20:57:a7:d1:c0:97:e1:87:8d:4f:d2:58:
cd:7d:09:4e:72:75:09:80:43:ef:84:7c:d7:9d:6b:
22:ad:cb:51:2c:aa:1f:f7:5f:91:00:3a:f2:23:b1:
fc:14:d2:f8:3e:8d:7b:c5:72:a5:16:29:94:e8:ca:
bb:1a:8a:56:a5:f0:2d:e7:c7:b6:83:64:82:cf:7e:
93:e6:a8:2b:37:1d:a2:21:5c:a0:bd:01:26:05:f7:
28:41:43:6a:0c:fe:e7:ca:55:aa:84:53:35:75:19:
06:c9:ca:ab:a3:f6:57:6c:df:ff:4e:f4:5a:b4:da:
22:32:9d:ad:c0:b0:c0:6c:c7:2e:04:c8:7f:97:79:
a8:19:0c:82:d2:72:ac:d7:5e:f6:c2:da:e3:c7:c5:
99:7a:fd:0f:52:fa:88:8c:13:41:08:30:ba:9a:4a:
8d:ad:af:e3:a1:51:aa:bd:df:74:2b:8f:a8:e8:a5:
67:c7:11:a1:0a:cc:ad:af:12:15:3e:2b:5e:ac:ec:
cd:03:2a:a9:f6:41:c8:16:cf:75:f4:d2:40:96:5e:
4f:8f:9f:a1:b8:c2:39:ba:01:26:c8:ac:6a:88:f6:
dc:e8:7f:3e:10:f0:8f:df:2f:7f:84:68:73:ff:b4:
a4:a2:0b:de:37:09:ff:69:68:7b:f9:0f:80:43:35:
ca:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D5:7C:A4:56:19:79:FA:86:02:B9:6B:29:82:A5:C6:DE:06:F5:47
X509v3 Authority Key Identifier:
keyid:29:C9:B0:40:16:F6:F0:21:83:30:7C:17:DF:63:0A:02:89:EC:5B:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KcmwQBb28CGDMHwX32MKAonsW7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/M9V8pFYZefqGArlrKYKlxt4G9Uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/KcmwQBb28CGDMHwX32MKAonsW7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.104.0/21
185.20.148.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:60:c8:f6:10:eb:58:d1:87:54:76:6c:c7:75:50:b5:1b:36:
b2:39:79:49:e4:16:7e:8e:95:f4:c6:78:de:fc:ec:05:84:36:
9d:21:82:63:1c:97:84:5a:18:a3:cf:7a:3f:8f:90:19:f9:37:
9c:54:27:8e:db:72:de:2e:12:b7:40:05:09:6c:a5:88:7d:c2:
5c:77:9e:8d:1a:21:d6:c1:be:4c:c9:af:70:60:04:fb:73:b5:
94:d1:4a:4e:18:99:b9:22:54:3a:e8:fb:63:de:b9:9b:0c:1c:
91:81:af:ee:55:78:2e:cc:37:55:4a:cb:e1:f8:5f:7b:eb:d5:
81:73:da:7a:44:d5:62:b5:19:ac:2f:b1:c8:61:90:60:03:9e:
fb:3a:77:fd:dd:13:f4:f2:e1:ac:fe:f7:17:cb:81:bd:6d:fc:
75:14:7d:f8:ab:cd:03:fe:a6:0a:b6:55:b2:6d:8a:f3:2d:05:
16:ef:f8:00:70:d4:40:a6:2d:09:0e:d0:3d:e1:b4:e9:85:0c:
e6:9b:77:29:9c:bc:2e:7c:95:5e:0a:36:e0:c9:44:46:c9:17:
e5:89:ec:de:aa:1f:67:e9:84:d4:8c:bb:97:be:81:63:44:2c:
5d:13:c7:dc:9b:95:aa:47:7e:d4:40:3f:c3:ec:6c:cf:0e:66:
40:02:9f:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY19dtMRs6LitFtKC2H+yvyZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YzliMDQwMTZmNmYwMjE4MzMwN2MxN2RmNjMwYTAyODll
YzViYjUwHhcNMjQwMjA2MDgwOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2Q1N2NhNDU2MTk3OWZhODYwMmI5NmIyOTgyYTVjNmRlMDZmNTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/4gV6fRwJfhh41P0ljNfQlOcnUJ
gEPvhHzXnWsirctRLKof91+RADryI7H8FNL4Po17xXKlFimU6Mq7GopWpfAt58e2
g2SCz36T5qgrNx2iIVygvQEmBfcoQUNqDP7nylWqhFM1dRkGycqro/ZXbN//TvRa
tNoiMp2twLDAbMcuBMh/l3moGQyC0nKs1172wtrjx8WZev0PUvqIjBNBCDC6mkqN
ra/joVGqvd90K4+o6KVnxxGhCsytrxIVPiterOzNAyqp9kHIFs919NJAll5Pj5+h
uMI5ugEmyKxqiPbc6H8+EPCP3y9/hGhz/7SkogveNwn/aWh7+Q+AQzXKkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDPVfKRWGXn6hgK5aymCpcbeBvVHMB8GA1UdIwQY
MBaAFCnJsEAW9vAhgzB8F99jCgKJ7Fu1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Ntd1FCYjI4Q0dETUh3WDMyTUtBb25zVzdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NTE4NDctMzMyZC00ZTI3LWI0N2Et
MWQ1OTFiYmQ0MDYwLzEvTTlWOHBGWVplZnFHQXJscktZS2x4dDRHOVVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NTE4NDctMzMyZC00ZTI3LWI0N2EtMWQ1OTFiYmQ0MDYw
LzEvS2Ntd1FCYjI4Q0dETUh3WDMyTUtBb25zVzdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDW2ZoAwQC
uRSUMA0GCSqGSIb3DQEBCwUAA4IBAQCdYMj2EOtY0YdUdmzHdVC1GzayOXlJ5BZ+
jpX0xnje/OwFhDadIYJjHJeEWhijz3o/j5AZ+TecVCeO23LeLhK3QAUJbKWIfcJc
d56NGiHWwb5Mya9wYAT7c7WU0UpOGJm5IlQ66Ptj3rmbDByRga/uVXguzDdVSsvh
+F9769WBc9p6RNVitRmsL7HIYZBgA577Onf93RP08uGs/vcXy4G9bfx1FH34q80D
/qYKtlWybYrzLQUW7/gAcNRApi0JDtA94bTphQzmm3cpnLwufJVeCjbgyURGyRfl
iezeqh9n6YTUjLuXvoFjRCxdE8fcm5WqR37UQD/D7GzPDmZAAp9w
-----END CERTIFICATE-----
Generated at Fri May 3 14:21:12 2024 by rpki-client on console-ams.rpki-client.org