Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/85tUtfj8YsJrntuMif3EDPIM4rs.roa
File: 85tUtfj8YsJrntuMif3EDPIM4rs.roa (raw, json)
Hash identifier: Uo1a9BScpP3nxBSWIP4hcJaMAp89APYUDxQzOMDiRnk=
Subject key identifier: F3:9B:54:B5:F8:FC:62:C2:6B:9E:DB:8C:89:FD:C4:0C:F2:0C:E2:BB
Certificate issuer: /CN=aa0f97e63508219b96cbb2106343f5e1b6dc5a4f
Certificate serial: 01928B237ECC37EE32A06C6E24F73E76A17A
Authority key identifier: AA:0F:97:E6:35:08:21:9B:96:CB:B2:10:63:43:F5:E1:B6:DC:5A:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qg-X5jUIIZuWy7IQY0P14bbcWk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/85tUtfj8YsJrntuMif3EDPIM4rs.roa
Signing time: Mon 14 Oct 2024 13:06:52 +0000
ROA not before: Mon 14 Oct 2024 13:06:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24740
IP address blocks: 91.223.171.0/24 maxlen: 24
185.59.160.0/23 maxlen: 23
185.59.162.0/23 maxlen: 23
185.227.228.0/22 maxlen: 22
193.111.22.0/23 maxlen: 23
2a04:b4c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 17 Oct 2024 07:27:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8b:23:7e:cc:37:ee:32:a0:6c:6e:24:f7:3e:76:a1:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa0f97e63508219b96cbb2106343f5e1b6dc5a4f
Validity
Not Before: Oct 14 13:06:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f39b54b5f8fc62c26b9edb8c89fdc40cf20ce2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:09:d2:4b:00:04:e7:65:69:09:32:c8:91:ab:
7e:1d:41:d1:cd:be:17:da:ef:0e:c9:71:2d:93:d7:
48:e1:05:b4:82:b8:18:f7:5b:e0:ee:25:97:2b:5c:
a1:99:54:1a:1e:7a:ad:43:df:b9:c1:a5:19:33:e8:
0a:19:23:f5:77:68:32:8a:74:70:f0:96:10:9d:e8:
8a:64:56:c5:fc:2e:bf:e0:f2:b2:f4:28:63:0c:9b:
f5:96:fc:2b:85:d4:de:19:e5:3f:ba:27:66:9b:6d:
4f:ea:12:80:a9:c6:f6:ad:de:b6:cb:64:26:48:9d:
93:ea:7f:13:82:9f:46:0e:89:67:bd:ef:2c:12:42:
69:31:10:7d:40:e7:fe:7c:09:03:17:c7:f2:9b:c3:
09:73:d2:f0:d5:46:64:74:4d:fa:d5:3e:4a:33:62:
52:30:af:90:1e:98:44:2b:71:84:f2:2a:6a:c2:85:
fc:38:99:cf:dd:e5:c1:bb:80:29:6f:70:c3:bb:2d:
51:d9:74:3e:13:43:f7:49:25:e2:41:b6:44:c1:84:
05:1d:24:6f:95:0c:24:48:11:7e:46:5b:a0:59:d6:
56:cb:d2:89:1c:d9:77:65:9e:37:86:3a:9d:98:26:
6d:48:41:f7:f7:8b:4e:c7:be:d2:c8:0a:ea:9e:9b:
a3:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:9B:54:B5:F8:FC:62:C2:6B:9E:DB:8C:89:FD:C4:0C:F2:0C:E2:BB
X509v3 Authority Key Identifier:
keyid:AA:0F:97:E6:35:08:21:9B:96:CB:B2:10:63:43:F5:E1:B6:DC:5A:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qg-X5jUIIZuWy7IQY0P14bbcWk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/85tUtfj8YsJrntuMif3EDPIM4rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/qg-X5jUIIZuWy7IQY0P14bbcWk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.171.0/24
185.59.160.0/22
185.227.228.0/22
193.111.22.0/23
IPv6:
2a04:b4c0::/29
Signature Algorithm: sha256WithRSAEncryption
50:c0:82:6d:45:98:55:73:4e:ae:83:b2:dd:ed:d5:44:5b:8f:
c1:ae:ab:89:e5:1d:99:d9:a6:9d:ab:ae:b1:bd:f9:88:a4:f9:
5b:eb:37:e5:19:e7:10:7d:f9:ca:b2:e7:b1:9a:40:d5:ca:80:
1e:60:43:a7:5f:82:d8:f6:0d:2c:ef:6e:81:c6:06:b0:49:e6:
8c:7c:5d:b7:65:89:dc:f7:72:75:0c:55:ec:87:d1:ba:ca:dc:
c8:6f:a7:46:1a:29:79:56:33:11:a9:d2:23:72:fc:f2:21:e3:
6f:98:32:7f:9e:ab:15:8a:b9:fa:df:dc:3a:d0:f1:54:52:d4:
03:54:ba:63:5f:6d:e3:b0:d3:c4:a1:04:99:f8:a5:6d:7d:40:
89:ce:81:7a:69:16:63:6f:a5:b2:2d:d9:5c:71:d2:f0:7e:ba:
a3:e6:16:c6:b5:02:72:46:79:10:fa:d4:f0:6b:10:77:45:b6:
0e:92:9f:cb:4a:20:17:76:45:25:8f:12:92:3a:a7:c5:8b:55:
90:aa:4e:85:5b:cf:76:43:ae:bc:6f:37:77:e7:2b:e3:da:f4:
1f:3e:bb:fc:02:0f:7f:bd:01:01:5c:7d:c1:fb:d4:7d:a5:a4:
e6:5f:11:c9:03:b8:47:26:fd:51:78:38:5e:a1:14:fe:6d:d5:
81:5d:f3:19
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZKLI37MN+4yoGxuJPc+dqF6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMGY5N2U2MzUwODIxOWI5NmNiYjIxMDYzNDNmNWUxYjZk
YzVhNGYwHhcNMjQxMDE0MTMwNjUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzliNTRiNWY4ZmM2MmMyNmI5ZWRiOGM4OWZkYzQwY2YyMGNlMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQnSSwAE52VpCTLIkat+HUHRzb4X
2u8OyXEtk9dI4QW0grgY91vg7iWXK1yhmVQaHnqtQ9+5waUZM+gKGSP1d2gyinRw
8JYQneiKZFbF/C6/4PKy9ChjDJv1lvwrhdTeGeU/uidmm21P6hKAqcb2rd62y2Qm
SJ2T6n8Tgp9GDolnve8sEkJpMRB9QOf+fAkDF8fym8MJc9Lw1UZkdE361T5KM2JS
MK+QHphEK3GE8ipqwoX8OJnP3eXBu4Apb3DDuy1R2XQ+E0P3SSXiQbZEwYQFHSRv
lQwkSBF+RlugWdZWy9KJHNl3ZZ43hjqdmCZtSEH394tOx77SyArqnpujsQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPObVLX4/GLCa57bjIn9xAzyDOK7MB8GA1UdIwQY
MBaAFKoPl+Y1CCGblsuyEGND9eG23FpPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWctWDVqVUlJWnVXeTdJUVkwUDE0YmJjV2s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8xYjY2ZmUtNjk5YS00MTNiLWEyZmMt
ZjUxMWZkNjg4ZWRhLzEvODV0VXRmajhZc0pybnR1TWlmM0VEUElNNHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8xYjY2ZmUtNjk5YS00MTNiLWEyZmMtZjUxMWZkNjg4ZWRh
LzEvcWctWDVqVUlJWnVXeTdJUVkwUDE0YmJjV2s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9+rAwQC
uTugAwQCuePkAwQBwW8WMA0EAgACMAcDBQMqBLTAMA0GCSqGSIb3DQEBCwUAA4IB
AQBQwIJtRZhVc06ug7Ld7dVEW4/BrquJ5R2Z2aadq66xvfmIpPlb6zflGecQffnK
suexmkDVyoAeYEOnX4LY9g0s726BxgawSeaMfF23ZYnc93J1DFXsh9G6ytzIb6dG
Gil5VjMRqdIjcvzyIeNvmDJ/nqsVirn639w60PFUUtQDVLpjX23jsNPEoQSZ+KVt
fUCJzoF6aRZjb6WyLdlccdLwfrqj5hbGtQJyRnkQ+tTwaxB3RbYOkp/LSiAXdkUl
jxKSOqfFi1WQqk6FW892Q668bzd35yvj2vQfPrv8Ag9/vQEBXH3B+9R9paTmXxHJ
A7hHJv1ReDheoRT+bdWBXfMZ
-----END CERTIFICATE-----
Generated at Thu Oct 17 10:58:36 2024 by rpki-client on console-ams.rpki-client.org