Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/1D9uaCJZ0RHNcPcCvMsO59KjRAE.roa
File: 1D9uaCJZ0RHNcPcCvMsO59KjRAE.roa (raw, json)
Hash identifier: gkxkQe8Q/BKF3GxU2EF2k1I/IeFdSsb1a01/QPaHtU8=
Subject key identifier: D4:3F:6E:68:22:59:D1:11:CD:70:F7:02:BC:CB:0E:E7:D2:A3:44:01
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 0191136434EBF3998016F7C08A30A405AEA7
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/1D9uaCJZ0RHNcPcCvMsO59KjRAE.roa
Signing time: Fri 02 Aug 2024 14:00:19 +0000
ROA not before: Fri 02 Aug 2024 14:00:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47223
IP address blocks: 91.106.24.0/23 maxlen: 23
91.106.26.0/23 maxlen: 23
91.106.30.0/23 maxlen: 23
94.240.0.0/24 maxlen: 24
94.240.1.0/24 maxlen: 24
94.240.2.0/24 maxlen: 24
94.240.3.0/24 maxlen: 24
94.240.7.0/24 maxlen: 24
94.240.23.0/24 maxlen: 24
94.240.32.0/21 maxlen: 21
94.240.40.0/24 maxlen: 24
94.240.42.0/24 maxlen: 24
94.240.44.0/22 maxlen: 22
94.240.46.0/24 maxlen: 24
94.240.48.0/22 maxlen: 22
94.240.48.0/24 maxlen: 24
94.240.62.0/23 maxlen: 23
94.240.63.0/24 maxlen: 24
185.139.16.0/22 maxlen: 22
194.152.46.0/23 maxlen: 23
2a01:6e80::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 15 Nov 2024 07:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:13:64:34:eb:f3:99:80:16:f7:c0:8a:30:a4:05:ae:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Aug 2 14:00:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d43f6e682259d111cd70f702bccb0ee7d2a34401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:78:36:27:54:05:57:58:16:9a:01:fd:2f:d4:
96:74:28:0c:b8:c5:cc:a7:85:fa:50:6e:c2:9c:5c:
e1:be:4e:f2:6b:2c:b2:2c:9f:b0:45:71:37:e4:fc:
1f:00:65:e3:e6:80:64:23:01:50:0e:5a:76:0e:11:
e4:a4:02:7f:61:09:7a:a6:2d:ec:f1:e0:de:ba:c2:
11:6e:0c:88:70:ca:a9:30:86:46:5f:55:3c:20:05:
74:02:32:cc:02:41:b7:e2:bc:77:04:8d:cf:98:a9:
0a:db:ef:58:25:55:c3:13:78:6b:da:fb:4a:d9:95:
1f:7a:35:ea:d2:8c:3e:df:b7:e0:c0:f8:ec:0c:f6:
7e:af:91:3b:ab:20:50:aa:91:e4:fa:26:80:c6:8d:
3f:88:16:c5:ae:7a:37:65:e8:3a:17:68:66:08:f1:
26:b3:bb:8b:51:51:4d:d3:35:90:2e:e3:b6:bd:b5:
2c:fa:de:cb:ce:8d:25:cb:ee:43:1c:da:4f:74:43:
93:d8:26:10:56:b1:4f:e0:d3:b2:96:78:e3:a2:ca:
8e:61:f9:4c:05:36:a5:af:4b:20:1c:30:a2:a4:cc:
b9:b0:f1:91:6f:1b:a2:b7:ac:05:3e:62:a5:ba:c5:
cc:39:ee:1b:02:b1:3d:a1:23:54:63:68:0d:c7:56:
37:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:3F:6E:68:22:59:D1:11:CD:70:F7:02:BC:CB:0E:E7:D2:A3:44:01
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/1D9uaCJZ0RHNcPcCvMsO59KjRAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.24.0/22
91.106.30.0/23
94.240.0.0/22
94.240.7.0/24
94.240.23.0/24
94.240.32.0-94.240.40.255
94.240.42.0/24
94.240.44.0-94.240.51.255
94.240.62.0/23
185.139.16.0/22
194.152.46.0/23
IPv6:
2a01:6e80::/32
Signature Algorithm: sha256WithRSAEncryption
16:47:56:a3:a2:06:2f:5a:1d:fc:f8:94:11:ca:31:9b:f4:1f:
29:0a:de:4f:74:43:f8:77:f3:c9:83:08:c6:a2:2b:48:63:6d:
d6:6c:ac:83:07:e6:a9:ee:96:ee:ba:e1:8f:41:42:f2:eb:07:
1a:9b:c4:06:9c:45:fd:95:b1:c4:71:85:1a:c4:10:4a:e3:f4:
a2:3f:a6:57:52:48:08:c9:b6:f0:11:40:9c:5f:50:9a:5c:d5:
29:bb:69:6f:31:df:22:1c:ad:dc:9c:0a:16:7c:ad:89:e9:d5:
e0:8b:69:33:7f:7a:07:b8:16:eb:e5:30:5d:f8:04:50:9b:8e:
9b:9f:da:e4:a8:51:9d:5f:10:de:2d:40:39:87:dc:11:4c:92:
d9:d6:d4:1e:32:a4:25:6e:0f:b6:61:24:3e:2f:8a:f8:e6:34:
db:e8:09:c2:56:d7:5f:b5:03:58:73:2f:3c:e7:95:07:c7:17:
7e:57:d2:9c:e8:75:c7:48:32:33:59:41:cc:55:a0:6d:54:6f:
ac:cd:83:6e:17:54:01:fe:bb:d1:6b:bf:44:68:44:d9:18:6b:
5d:91:f0:05:70:12:97:3d:2b:ac:c2:6d:97:27:b6:f3:39:d2:
77:5a:2b:e1:a2:f3:6e:b2:08:a6:14:a5:32:e3:e7:a2:d6:e7:
12:fb:95:7d
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAZETZDTr85mAFvfAijCkBa6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjQwODAyMTQwMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDNmNmU2ODIyNTlkMTExY2Q3MGY3MDJiY2NiMGVlN2QyYTM0NDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Xg2J1QFV1gWmgH9L9SWdCgMuMXM
p4X6UG7CnFzhvk7yayyyLJ+wRXE35PwfAGXj5oBkIwFQDlp2DhHkpAJ/YQl6pi3s
8eDeusIRbgyIcMqpMIZGX1U8IAV0AjLMAkG34rx3BI3PmKkK2+9YJVXDE3hr2vtK
2ZUfejXq0ow+37fgwPjsDPZ+r5E7qyBQqpHk+iaAxo0/iBbFrno3Zeg6F2hmCPEm
s7uLUVFN0zWQLuO2vbUs+t7Lzo0ly+5DHNpPdEOT2CYQVrFP4NOylnjjosqOYflM
BTalr0sgHDCipMy5sPGRbxuit6wFPmKlusXMOe4bArE9oSNUY2gNx1Y3jwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFNQ/bmgiWdERzXD3ArzLDufSo0QBMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvMUQ5dWFDSlowUkhOY1BjQ3ZNc081OUtqUkFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSAwQCW2oYAwQB
W2oeAwQCXvAAAwQAXvAHAwQAXvAXMAwDBAVe8CADBABe8CgDBABe8CowDAMEAl7w
LAMEAl7wMAMEAV7wPgMEArmLEAMEAcKYLjANBAIAAjAHAwUAKgFugDANBgkqhkiG
9w0BAQsFAAOCAQEAFkdWo6IGL1od/PiUEcoxm/QfKQreT3RD+HfzyYMIxqIrSGNt
1mysgwfmqe6W7rrhj0FC8usHGpvEBpxF/ZWxxHGFGsQQSuP0oj+mV1JICMm28BFA
nF9QmlzVKbtpbzHfIhyt3JwKFnytienV4ItpM396B7gW6+UwXfgEUJuOm5/a5KhR
nV8Q3i1AOYfcEUyS2dbUHjKkJW4PtmEkPi+K+OY02+gJwlbXX7UDWHMvPOeVB8cX
flfSnOh1x0gyM1lBzFWgbVRvrM2DbhdUAf670Wu/RGhE2RhrXZHwBXASlz0rrMJt
lye28znSd1or4aLzbrIIphSlMuPnotbnEvuVfQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:53 2025 by rpki-client