Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/9sb4R5w-OZMbsJYr9S7M88rV8e8.roa
File: 9sb4R5w-OZMbsJYr9S7M88rV8e8.roa (raw, json)
Hash identifier: a6Hjem988tfWfU+hFFKC7M2CDeTLOH86sbc29uAOTFo=
Subject key identifier: F6:C6:F8:47:9C:3E:39:93:1B:B0:96:2B:F5:2E:CC:F3:CA:D5:F1:EF
Certificate issuer: /CN=aa0f97e63508219b96cbb2106343f5e1b6dc5a4f
Certificate serial: 019289EE59EA0E50010411337A1A088DE878
Authority key identifier: AA:0F:97:E6:35:08:21:9B:96:CB:B2:10:63:43:F5:E1:B6:DC:5A:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qg-X5jUIIZuWy7IQY0P14bbcWk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/9sb4R5w-OZMbsJYr9S7M88rV8e8.roa
Signing time: Mon 14 Oct 2024 07:29:11 +0000
ROA not before: Mon 14 Oct 2024 07:29:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24740
IP address blocks: 91.223.171.0/24 maxlen: 24
185.59.160.0/23 maxlen: 23
185.59.162.0/23 maxlen: 23
185.227.228.0/24 maxlen: 24
185.227.229.0/24 maxlen: 24
185.227.230.0/24 maxlen: 24
185.227.231.0/24 maxlen: 24
193.111.22.0/23 maxlen: 23
2a04:b4c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 14 Oct 2024 13:06:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:89:ee:59:ea:0e:50:01:04:11:33:7a:1a:08:8d:e8:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa0f97e63508219b96cbb2106343f5e1b6dc5a4f
Validity
Not Before: Oct 14 07:29:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6c6f8479c3e39931bb0962bf52eccf3cad5f1ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e2:e0:f4:9c:d8:0f:d7:cb:6c:91:fb:4b:23:
f0:b6:cb:90:d8:53:04:53:a9:90:d3:5a:c2:37:af:
8a:82:f1:ea:39:b3:66:72:7a:ba:89:a7:92:60:8a:
a0:c9:9e:18:13:f4:8b:ec:23:31:c3:19:34:f7:82:
e4:1e:5c:aa:a8:19:ed:12:76:20:d6:78:0b:4a:6e:
f2:f1:ac:d0:42:30:11:0e:8c:be:33:35:5d:b3:3d:
42:bb:59:ad:a3:24:26:f2:5a:82:a0:a0:35:9b:e6:
36:cb:7b:42:c5:17:0b:69:e5:82:4a:e4:f0:6f:ac:
c4:02:91:21:e0:ed:eb:88:5a:9b:7b:e6:eb:b3:2b:
1b:76:1d:a1:80:9c:d2:9e:dd:4a:2d:19:47:2b:66:
01:67:42:ed:42:3d:10:87:38:c4:d7:16:00:cf:28:
6f:28:b1:51:c8:a8:6b:ff:d3:2c:a8:19:bc:24:9e:
0a:cf:08:ab:41:88:81:c9:0f:0d:62:4a:8d:e7:64:
46:ff:4e:f0:33:a9:6b:f6:b8:10:18:82:0c:60:55:
90:ae:d8:30:57:59:59:fa:e8:bc:69:24:58:56:47:
59:42:05:c3:f7:b1:d2:87:a9:48:f0:fc:6e:cb:5b:
d2:ad:4b:ac:f7:e9:97:19:09:03:68:9c:d8:33:8e:
fd:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C6:F8:47:9C:3E:39:93:1B:B0:96:2B:F5:2E:CC:F3:CA:D5:F1:EF
X509v3 Authority Key Identifier:
keyid:AA:0F:97:E6:35:08:21:9B:96:CB:B2:10:63:43:F5:E1:B6:DC:5A:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qg-X5jUIIZuWy7IQY0P14bbcWk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/9sb4R5w-OZMbsJYr9S7M88rV8e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/qg-X5jUIIZuWy7IQY0P14bbcWk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.171.0/24
185.59.160.0/22
185.227.228.0/22
193.111.22.0/23
IPv6:
2a04:b4c0::/29
Signature Algorithm: sha256WithRSAEncryption
1a:5c:b3:dd:61:b2:c4:69:a8:38:9c:0a:8d:bb:b2:2e:92:b6:
a9:43:c2:37:2a:7c:b0:a9:7d:e0:a5:c5:a9:34:0e:9c:a4:63:
2b:97:f2:c1:cf:bf:25:33:b7:e2:19:9d:e9:86:96:d8:dc:e1:
59:4d:6f:db:41:f8:25:2c:34:f8:c0:fe:f0:15:79:dd:36:d6:
bf:4a:bb:7f:6f:34:b8:cc:55:77:63:dc:ab:14:56:30:30:c5:
58:3f:7d:a3:d5:55:01:04:05:e5:9c:55:73:e3:ea:89:fb:77:
05:df:2a:5d:42:77:d4:84:dc:09:9d:87:ae:cf:f8:40:fb:25:
81:4e:29:c0:61:37:bd:dc:f1:7a:dc:77:f2:b8:2c:8d:f4:02:
23:74:c0:4b:1c:02:4e:3c:39:b1:a2:3c:80:4f:77:37:40:eb:
31:de:15:43:37:59:24:88:05:fa:0d:3e:d7:d4:2d:ef:34:cf:
78:14:19:cc:01:3f:7c:3d:4a:18:e0:f4:bc:75:2f:5a:33:4c:
7d:96:3d:27:2b:24:8c:7d:34:56:bd:9a:93:28:52:f4:db:b7:
0a:06:81:03:17:14:6e:96:81:ca:56:fe:06:55:8f:61:f3:7e:
00:b5:7e:53:ef:8c:c8:e1:e5:c4:4c:19:de:b0:99:ef:76:5d:
d2:44:98:67
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZKJ7lnqDlABBBEzehoIjeh4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMGY5N2U2MzUwODIxOWI5NmNiYjIxMDYzNDNmNWUxYjZk
YzVhNGYwHhcNMjQxMDE0MDcyOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmM2Zjg0NzljM2UzOTkzMWJiMDk2MmJmNTJlY2NmM2NhZDVmMWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+Lg9JzYD9fLbJH7SyPwtsuQ2FME
U6mQ01rCN6+KgvHqObNmcnq6iaeSYIqgyZ4YE/SL7CMxwxk094LkHlyqqBntEnYg
1ngLSm7y8azQQjARDoy+MzVdsz1Cu1mtoyQm8lqCoKA1m+Y2y3tCxRcLaeWCSuTw
b6zEApEh4O3riFqbe+brsysbdh2hgJzSnt1KLRlHK2YBZ0LtQj0QhzjE1xYAzyhv
KLFRyKhr/9MsqBm8JJ4KzwirQYiByQ8NYkqN52RG/07wM6lr9rgQGIIMYFWQrtgw
V1lZ+ui8aSRYVkdZQgXD97HSh6lI8Pxuy1vSrUus9+mXGQkDaJzYM479PwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPbG+EecPjmTG7CWK/UuzPPK1fHvMB8GA1UdIwQY
MBaAFKoPl+Y1CCGblsuyEGND9eG23FpPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWctWDVqVUlJWnVXeTdJUVkwUDE0YmJjV2s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8xYjY2ZmUtNjk5YS00MTNiLWEyZmMt
ZjUxMWZkNjg4ZWRhLzEvOXNiNFI1dy1PWk1ic0pZcjlTN004OHJWOGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8xYjY2ZmUtNjk5YS00MTNiLWEyZmMtZjUxMWZkNjg4ZWRh
LzEvcWctWDVqVUlJWnVXeTdJUVkwUDE0YmJjV2s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9+rAwQC
uTugAwQCuePkAwQBwW8WMA0EAgACMAcDBQMqBLTAMA0GCSqGSIb3DQEBCwUAA4IB
AQAaXLPdYbLEaag4nAqNu7IukrapQ8I3KnywqX3gpcWpNA6cpGMrl/LBz78lM7fi
GZ3phpbY3OFZTW/bQfglLDT4wP7wFXndNta/Srt/bzS4zFV3Y9yrFFYwMMVYP32j
1VUBBAXlnFVz4+qJ+3cF3ypdQnfUhNwJnYeuz/hA+yWBTinAYTe93PF63HfyuCyN
9AIjdMBLHAJOPDmxojyAT3c3QOsx3hVDN1kkiAX6DT7X1C3vNM94FBnMAT98PUoY
4PS8dS9aM0x9lj0nKySMfTRWvZqTKFL027cKBoEDFxRuloHKVv4GVY9h834AtX5T
74zI4eXETBnesJnvdl3SRJhn
-----END CERTIFICATE-----
Generated at Mon Oct 14 17:29:55 2024 by rpki-client on console-ams.rpki-client.org