Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/kTo96vNe-n41UugGsnn8SkryOnY.roa
File: kTo96vNe-n41UugGsnn8SkryOnY.roa (raw, json)
Hash identifier: ankrynXP3KPGTLiqQw5M385vfR9rq3j3zT2zxqfjwV0=
Subject key identifier: 91:3A:3D:EA:F3:5E:FA:7E:35:52:E8:06:B2:79:FC:4A:4A:F2:3A:76
Certificate issuer: /CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Certificate serial: 01896EDE0AB17F7DFBD35B98EAB56FE22BF3
Authority key identifier: 30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/kTo96vNe-n41UugGsnn8SkryOnY.roa
Signing time: Wed 19 Jul 2023 15:56:32 +0000
ROA not before: Wed 19 Jul 2023 15:56:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203596
IP address blocks: 185.122.100.0/22 maxlen: 24
91.213.223.0/24 maxlen: 24
185.222.88.0/22 maxlen: 24
2a06:a400::/29 maxlen: 29
2a06:a402::/32 maxlen: 32
2a06:a400:20::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6e:de:0a:b1:7f:7d:fb:d3:5b:98:ea:b5:6f:e2:2b:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Validity
Not Before: Jul 19 15:56:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=913a3deaf35efa7e3552e806b279fc4a4af23a76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6b:6b:37:6e:96:6d:36:62:73:ea:09:6a:04:
87:62:c9:1c:24:da:57:ff:1d:9b:a5:9a:96:15:14:
5d:a2:83:59:30:fc:50:bb:d5:97:be:1c:92:c7:7a:
e7:fb:51:89:58:7c:d3:9e:01:e9:2f:87:f7:51:df:
a0:6c:21:2d:4d:b0:92:cf:f7:da:f3:cb:77:ee:d6:
f8:65:ec:52:f8:05:00:e7:ef:36:e4:e2:4d:57:c6:
fc:4a:1a:4e:c4:78:4d:f4:3b:e3:ec:22:2f:bf:40:
fc:eb:18:50:19:52:e9:46:62:06:fc:fb:8a:02:6b:
47:ca:d5:21:7b:97:e4:16:cc:16:b0:ca:67:40:6e:
17:2e:a7:f3:fc:2b:51:aa:58:b2:14:f4:a3:c2:9f:
42:13:c1:81:73:18:8a:70:58:9c:a3:d3:a6:92:12:
33:e4:2a:df:62:40:18:13:5c:23:e8:e3:be:90:03:
35:7e:37:3c:4f:5b:16:46:d5:7d:67:3e:ad:14:b3:
02:9e:8c:6b:95:95:ea:b7:29:6e:5d:8c:3c:0e:ac:
c5:8b:0b:fe:c0:24:ae:ed:81:01:c6:71:38:c5:20:
ad:81:f0:ed:f8:98:16:d5:7e:51:1b:91:2f:5f:14:
5f:34:43:8c:8f:0a:7f:01:c9:b0:c0:87:bf:45:b2:
2e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3A:3D:EA:F3:5E:FA:7E:35:52:E8:06:B2:79:FC:4A:4A:F2:3A:76
X509v3 Authority Key Identifier:
keyid:30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/kTo96vNe-n41UugGsnn8SkryOnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.223.0/24
185.122.100.0/22
185.222.88.0/22
IPv6:
2a06:a400::/29
Signature Algorithm: sha256WithRSAEncryption
96:12:08:6a:f7:59:fa:d1:aa:b7:f1:70:87:ae:0d:79:ef:be:
5d:28:5c:93:43:98:86:d4:cb:0d:7b:62:a3:50:97:c7:56:31:
79:b4:79:c3:0d:61:23:7d:b1:f7:a4:6a:2a:44:4f:c1:ac:20:
52:a7:22:d0:04:ec:78:ab:c2:1d:44:4e:c8:0e:bc:db:9b:95:
a5:f4:fd:1f:9a:04:f0:e3:0e:e3:6d:3f:05:8a:26:fb:cb:a8:
c0:9a:44:b2:2a:8e:91:d2:31:fa:5e:17:fb:5c:e2:69:95:49:
ce:96:ff:ec:b8:16:70:8d:cb:a7:6a:54:1a:7e:3a:ec:ae:90:
1d:d7:8d:f9:da:13:b8:fd:13:39:fc:e8:fa:13:67:4f:22:ff:
34:0c:45:53:29:0d:31:fa:56:e8:a9:55:eb:53:32:da:69:cc:
e5:1e:d2:71:51:5b:a4:54:f0:81:1f:f0:40:44:e0:a2:51:37:
92:b6:af:ef:2f:f3:3f:b8:c0:4a:67:e5:53:4d:7e:45:b5:22:
bf:df:42:14:97:52:41:04:4f:c4:c2:c6:66:2d:ba:56:32:da:
56:c5:1d:ca:47:d5:82:4b:c1:8e:d6:ff:9f:c8:bb:79:34:ec:
65:d8:e0:96:8f:a0:1d:a2:4c:d5:f3:8e:9a:fd:10:4d:c2:37:
8e:5e:21:87
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYlu3gqxf33701uY6rVv4ivzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjFiYTYxMTFjOGYxZDNmMzdjMWI3YzFhNWVkNzM3NDAy
MTkyZjIwHhcNMjMwNzE5MTU1NjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTNhM2RlYWYzNWVmYTdlMzU1MmU4MDZiMjc5ZmM0YTRhZjIzYTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmtrN26WbTZic+oJagSHYskcJNpX
/x2bpZqWFRRdooNZMPxQu9WXvhySx3rn+1GJWHzTngHpL4f3Ud+gbCEtTbCSz/fa
88t37tb4ZexS+AUA5+825OJNV8b8ShpOxHhN9Dvj7CIvv0D86xhQGVLpRmIG/PuK
AmtHytUhe5fkFswWsMpnQG4XLqfz/CtRqliyFPSjwp9CE8GBcxiKcFico9OmkhIz
5CrfYkAYE1wj6OO+kAM1fjc8T1sWRtV9Zz6tFLMCnoxrlZXqtyluXYw8DqzFiwv+
wCSu7YEBxnE4xSCtgfDt+JgW1X5RG5EvXxRfNEOMjwp/AcmwwIe/RbIuLwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJE6PerzXvp+NVLoBrJ5/EpK8jp2MB8GA1UdIwQY
MBaAFDDxumERyPHT83wbfBpe1zdAIZLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQt
YzMzMDE4NjMzZDMzLzEva1RvOTZ2TmUtbjQxVXVnR3NubjhTa3J5T25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQtYzMzMDE4NjMzZDMz
LzEvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9XfAwQC
uXpkAwQCud5YMA0EAgACMAcDBQMqBqQAMA0GCSqGSIb3DQEBCwUAA4IBAQCWEghq
91n60aq38XCHrg15775dKFyTQ5iG1MsNe2KjUJfHVjF5tHnDDWEjfbH3pGoqRE/B
rCBSpyLQBOx4q8IdRE7IDrzbm5Wl9P0fmgTw4w7jbT8Fiib7y6jAmkSyKo6R0jH6
Xhf7XOJplUnOlv/suBZwjcunalQafjrsrpAd14352hO4/RM5/Oj6E2dPIv80DEVT
KQ0x+lboqVXrUzLaaczlHtJxUVukVPCBH/BAROCiUTeStq/vL/M/uMBKZ+VTTX5F
tSK/30IUl1JBBE/EwsZmLbpWMtpWxR3KR9WCS8GO1v+fyLt5NOxl2OCWj6AdokzV
846a/RBNwjeOXiGH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:33 2024 by rpki-client on console-fra.rpki-client.org