Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/QYniM2niE9SIaL6Mc4Tokr9hBPY.roa
File: QYniM2niE9SIaL6Mc4Tokr9hBPY.roa (raw, json)
Hash identifier: Trwd/G8t3XN/ScOyOkb0D2jcCuZjORmrVp9iDSRDSz8=
Subject key identifier: 41:89:E2:33:69:E2:13:D4:88:68:BE:8C:73:84:E8:92:BF:61:04:F6
Certificate issuer: /CN=f4d6af4de89bba8118953cceebfb39f45a8ed1bc
Certificate serial: 01856E144BA31A1E80ED2E1713A2FE32DC72
Authority key identifier: F4:D6:AF:4D:E8:9B:BA:81:18:95:3C:CE:EB:FB:39:F4:5A:8E:D1:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NavTeibuoEYlTzO6_s59FqO0bw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/QYniM2niE9SIaL6Mc4Tokr9hBPY.roa
Signing time: Sun 01 Jan 2023 16:05:01 +0000
ROA not before: Sun 01 Jan 2023 16:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47156
IP address blocks: 176.103.96.0/20 maxlen: 20
91.203.196.0/22 maxlen: 22
213.5.24.0/21 maxlen: 21
185.27.208.0/22 maxlen: 22
83.136.234.0/24 maxlen: 24
83.136.238.0/24 maxlen: 24
83.136.239.0/24 maxlen: 24
83.136.236.0/24 maxlen: 24
93.188.204.0/24 maxlen: 24
2a04:34c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:4b:a3:1a:1e:80:ed:2e:17:13:a2:fe:32:dc:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d6af4de89bba8118953cceebfb39f45a8ed1bc
Validity
Not Before: Jan 1 16:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4189e23369e213d48868be8c7384e892bf6104f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a8:1b:2c:c5:13:01:1b:2d:e9:1f:1a:47:1e:
a0:24:cd:7e:35:a8:97:25:e1:e7:fe:27:05:95:4d:
4e:e3:aa:63:cd:60:1f:41:fc:bf:3a:13:63:5a:fc:
92:b9:26:9f:66:e1:c6:c7:5a:d1:11:d9:df:98:ad:
54:2a:0b:67:5b:7c:82:89:cf:24:d4:72:1a:1d:d0:
be:cd:f3:85:8b:6e:92:db:b9:14:0e:53:c2:15:0d:
53:d6:8b:01:46:90:f1:68:41:bf:46:47:8e:e7:c7:
54:32:d5:83:ea:27:51:15:6e:81:3d:cb:40:e4:7c:
3b:1b:cf:d6:29:db:c9:3d:10:34:01:88:7a:e8:91:
d0:20:62:9f:7c:bc:6f:fa:10:32:13:26:d0:d1:3d:
a1:28:c0:1a:b3:9e:73:0b:58:78:e1:4f:36:c5:62:
de:ff:b3:8f:f0:ce:49:bc:63:59:6b:c7:19:15:dd:
9b:13:7b:9d:b2:43:c7:79:d0:93:b8:be:7e:f9:78:
d6:30:ae:4e:75:53:50:e2:b3:5e:e0:c2:be:d5:d2:
a1:4f:33:61:96:8a:82:3a:5b:cd:c8:c2:6d:52:74:
57:df:dc:83:ee:eb:88:f0:f6:7b:01:d0:8f:5d:51:
c4:e7:20:a5:0b:3c:e0:d3:4b:c3:9b:5d:0c:02:5e:
82:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:89:E2:33:69:E2:13:D4:88:68:BE:8C:73:84:E8:92:BF:61:04:F6
X509v3 Authority Key Identifier:
keyid:F4:D6:AF:4D:E8:9B:BA:81:18:95:3C:CE:EB:FB:39:F4:5A:8E:D1:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NavTeibuoEYlTzO6_s59FqO0bw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/QYniM2niE9SIaL6Mc4Tokr9hBPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/9NavTeibuoEYlTzO6_s59FqO0bw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.234.0/24
83.136.236.0/24
83.136.238.0/23
91.203.196.0/22
93.188.204.0/24
176.103.96.0/20
185.27.208.0/22
213.5.24.0/21
IPv6:
2a04:34c0::/29
Signature Algorithm: sha256WithRSAEncryption
91:55:24:dc:44:2b:4a:19:f8:d4:94:65:4c:21:4a:55:3d:ac:
af:60:c6:8d:36:75:3a:c9:40:91:be:58:88:55:e9:37:4c:99:
63:ad:37:22:17:ac:9c:08:bb:a0:d5:89:f3:93:50:09:91:76:
f7:a1:bb:c8:e0:03:15:bc:d8:25:c5:15:c9:06:20:d2:59:ee:
53:8e:0f:e7:a5:5d:65:c2:06:86:d0:cb:3b:e8:f8:2e:1f:76:
1b:29:2f:54:e2:06:3c:8b:3d:da:80:0f:52:ec:a3:f2:69:c0:
a6:0c:1b:4b:ef:24:96:97:e1:0e:9a:55:55:62:b4:95:03:62:
ad:aa:09:d9:b3:42:21:51:4b:79:19:00:d2:1c:ec:58:d0:78:
97:ce:5d:31:c8:25:4c:a3:4a:05:6c:7e:a5:3d:f4:0e:0d:a5:
81:54:0c:e5:07:2f:56:ff:0f:e0:76:25:24:c4:28:f3:1b:62:
23:2f:89:17:5e:2b:0f:af:56:f5:33:27:f8:00:18:74:f1:9d:
cc:ce:dd:f6:ff:29:61:20:b0:ca:ff:9b:08:3f:c5:e5:dd:ce:
f5:93:e7:01:dc:03:91:dc:84:93:c5:4b:d3:dc:a2:ce:56:d6:
df:75:11:b9:65:32:c0:c0:ac:06:d7:47:a5:ce:62:2c:5a:50:
19:df:5e:d9
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVuFEujGh6A7S4XE6L+MtxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDZhZjRkZTg5YmJhODExODk1M2NjZWViZmIzOWY0NWE4
ZWQxYmMwHhcNMjMwMTAxMTYwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTg5ZTIzMzY5ZTIxM2Q0ODg2OGJlOGM3Mzg0ZTg5MmJmNjEwNGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqgbLMUTARst6R8aRx6gJM1+NaiX
JeHn/icFlU1O46pjzWAfQfy/OhNjWvySuSafZuHGx1rREdnfmK1UKgtnW3yCic8k
1HIaHdC+zfOFi26S27kUDlPCFQ1T1osBRpDxaEG/RkeO58dUMtWD6idRFW6BPctA
5Hw7G8/WKdvJPRA0AYh66JHQIGKffLxv+hAyEybQ0T2hKMAas55zC1h44U82xWLe
/7OP8M5JvGNZa8cZFd2bE3udskPHedCTuL5++XjWMK5OdVNQ4rNe4MK+1dKhTzNh
loqCOlvNyMJtUnRX39yD7uuI8PZ7AdCPXVHE5yClCzzg00vDm10MAl6CgQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFEGJ4jNp4hPUiGi+jHOE6JK/YQT2MB8GA1UdIwQY
MBaAFPTWr03om7qBGJU8zuv7OfRajtG8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5hdlRlaWJ1b0VZbFR6TzZfczU5RnFPMGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kZDM3Y2YtYTQ2Ni00MzU0LWExNzEt
ZDhkZjhlNGM2NWZlLzEvUVluaU0ybmlFOVNJYUw2TWM0VG9rcjloQlBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kZDM3Y2YtYTQ2Ni00MzU0LWExNzEtZDhkZjhlNGM2NWZl
LzEvOU5hdlRlaWJ1b0VZbFR6TzZfczU5RnFPMGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQAU4jqAwQA
U4jsAwQBU4juAwQCW8vEAwQAXbzMAwQEsGdgAwQCuRvQAwQD1QUYMA0EAgACMAcD
BQMqBDTAMA0GCSqGSIb3DQEBCwUAA4IBAQCRVSTcRCtKGfjUlGVMIUpVPayvYMaN
NnU6yUCRvliIVek3TJljrTciF6ycCLug1Ynzk1AJkXb3obvI4AMVvNglxRXJBiDS
We5Tjg/npV1lwgaG0Ms76PguH3YbKS9U4gY8iz3agA9S7KPyacCmDBtL7ySWl+EO
mlVVYrSVA2KtqgnZs0IhUUt5GQDSHOxY0HiXzl0xyCVMo0oFbH6lPfQODaWBVAzl
By9W/w/gdiUkxCjzG2IjL4kXXisPr1b1Myf4ABh08Z3Mzt32/ylhILDK/5sIP8Xl
3c71k+cB3AOR3ISTxUvT3KLOVtbfdRG5ZTLAwKwG10elzmIsWlAZ317Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:24 2024 by rpki-client on console-ams.rpki-client.org