Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/U9_OWx6t6wuW_Pa7PHk5OTM252U.roa
File: U9_OWx6t6wuW_Pa7PHk5OTM252U.roa (raw, json)
Hash identifier: mpdY3bWe1CrElVKbI4+Cy8W5PXCfCoLqyu/gVS1FWzw=
Subject key identifier: 53:DF:CE:5B:1E:AD:EB:0B:96:FC:F6:BB:3C:79:39:39:33:36:E7:65
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 018E189599A591C8DF5045C3C46650B28493
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/U9_OWx6t6wuW_Pa7PHk5OTM252U.roa
Signing time: Thu 07 Mar 2024 11:04:01 +0000
ROA not before: Thu 07 Mar 2024 11:04:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 92.53.160.0/22 maxlen: 24
92.53.164.0/22 maxlen: 24
92.53.172.0/22 maxlen: 24
92.53.184.0/22 maxlen: 24
92.53.188.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 13:53:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:18:95:99:a5:91:c8:df:50:45:c3:c4:66:50:b2:84:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Mar 7 11:04:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53dfce5b1eadeb0b96fcf6bb3c7939393336e765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0e:58:1b:2d:d5:cb:b7:f8:24:d7:11:3e:d7:
29:d1:89:51:37:ee:fd:63:33:7a:b2:1f:18:bd:57:
d2:b2:6d:ff:3a:47:d3:74:0d:b2:be:14:c6:59:5d:
76:05:0b:85:7c:42:ae:ef:a3:1a:bb:09:5d:5a:ed:
5a:65:15:e2:1d:fa:46:6a:13:c2:b3:0d:44:1b:11:
e1:53:a9:32:7a:3c:97:81:3c:91:de:0e:3e:86:e2:
d2:f7:2d:34:0b:59:06:08:4c:09:ab:37:86:26:3f:
7d:fd:60:73:3e:c8:54:75:26:07:7a:2d:54:26:71:
c6:73:9e:c6:d0:09:b9:85:a7:52:83:cf:eb:ec:b4:
c9:77:32:08:51:cf:dd:76:f2:ff:96:90:70:cb:17:
1e:b5:9f:1c:ce:6f:f8:89:0f:5e:94:03:6b:0a:12:
3c:c0:0d:2a:a1:6b:d8:1f:f8:50:b8:a0:f2:55:99:
ae:d7:de:5f:4d:a9:70:bd:70:c7:5e:67:6a:f5:db:
13:c2:93:83:4c:52:61:64:08:78:7b:da:0c:01:b7:
fd:78:39:eb:65:6f:67:ff:74:11:ae:1e:18:92:a4:
1a:80:9f:25:77:38:de:4e:b5:20:dc:b9:ab:91:8c:
99:f3:cf:6b:3f:77:83:64:39:90:bc:96:cb:bf:8a:
26:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:DF:CE:5B:1E:AD:EB:0B:96:FC:F6:BB:3C:79:39:39:33:36:E7:65
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/U9_OWx6t6wuW_Pa7PHk5OTM252U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.160.0/21
92.53.172.0/22
92.53.184.0/21
Signature Algorithm: sha256WithRSAEncryption
01:2a:0a:45:8d:b3:a4:45:38:97:3b:0f:47:52:11:fa:16:0d:
7a:c1:50:57:e7:3d:71:a0:c5:13:1c:7e:82:18:31:05:73:5b:
95:b0:9d:0c:a1:6a:f7:86:01:7a:b1:58:39:bc:49:f5:d0:01:
29:d4:0f:85:36:ff:b6:fa:e1:18:d1:15:1d:0b:75:65:33:ed:
36:38:65:e1:0b:32:66:b6:08:d9:9e:0a:64:01:58:04:92:8f:
72:93:da:aa:f5:72:9e:14:1e:66:bd:aa:da:a2:b6:b6:33:48:
e9:ce:9f:c7:32:41:3d:91:a9:c4:7c:d0:30:3c:a1:f9:d2:45:
45:87:ea:39:73:6b:fe:97:50:b2:80:7e:e3:9a:77:2f:2c:34:
14:08:9f:d6:45:dc:74:30:79:5b:d1:2a:dc:bd:19:4f:41:c3:
9e:d7:a9:57:c6:10:a4:5b:b6:28:b9:58:d0:d0:45:51:da:56:
9f:f0:57:7b:f7:29:b1:14:67:05:95:ad:90:55:ec:77:6d:8e:
0f:5b:d6:2d:e1:6d:b7:c9:76:16:36:70:48:47:cf:f3:b9:c5:
44:a3:56:98:b9:e2:fd:30:26:a1:eb:0c:01:40:98:8b:6b:32:
0b:c1:73:76:cc:af:de:83:bf:4a:e1:ee:d4:64:3b:62:34:34:
ae:ea:fa:e0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4YlZmlkcjfUEXDxGZQsoSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjQwMzA3MTEwNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2RmY2U1YjFlYWRlYjBiOTZmY2Y2YmIzYzc5MzkzOTMzMzZlNzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApg5YGy3Vy7f4JNcRPtcp0YlRN+79
YzN6sh8YvVfSsm3/OkfTdA2yvhTGWV12BQuFfEKu76MauwldWu1aZRXiHfpGahPC
sw1EGxHhU6kyejyXgTyR3g4+huLS9y00C1kGCEwJqzeGJj99/WBzPshUdSYHei1U
JnHGc57G0Am5hadSg8/r7LTJdzIIUc/ddvL/lpBwyxcetZ8czm/4iQ9elANrChI8
wA0qoWvYH/hQuKDyVZmu195fTalwvXDHXmdq9dsTwpODTFJhZAh4e9oMAbf9eDnr
ZW9n/3QRrh4YkqQagJ8ldzjeTrUg3LmrkYyZ889rP3eDZDmQvJbLv4omyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFPfzlseresLlvz2uzx5OTkzNudlMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvVTlfT1d4NnQ2d3VXX1BhN1BIazVPVE0yNTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDXDWgAwQC
XDWsAwQDXDW4MA0GCSqGSIb3DQEBCwUAA4IBAQABKgpFjbOkRTiXOw9HUhH6Fg16
wVBX5z1xoMUTHH6CGDEFc1uVsJ0MoWr3hgF6sVg5vEn10AEp1A+FNv+2+uEY0RUd
C3VlM+02OGXhCzJmtgjZngpkAVgEko9yk9qq9XKeFB5mvaraora2M0jpzp/HMkE9
kanEfNAwPKH50kVFh+o5c2v+l1CygH7jmncvLDQUCJ/WRdx0MHlb0SrcvRlPQcOe
16lXxhCkW7YouVjQ0EVR2laf8Fd79ymxFGcFla2QVex3bY4PW9Yt4W23yXYWNnBI
R8/zucVEo1aYueL9MCah6wwBQJiLazILwXN2zK/eg79K4e7UZDtiNDSu6vrg
-----END CERTIFICATE-----
Generated at Wed Apr 17 17:48:18 2024 by rpki-client on console-ams.rpki-client.org