Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/RqnoHgwYnQkAd0Xr0Y3fsinrfEU.roa
File: RqnoHgwYnQkAd0Xr0Y3fsinrfEU.roa (raw, json)
Hash identifier: mmeNbKcKAr+viFX+5EuqEtAPfQ7/VezjYl3tXIb0jZY=
Subject key identifier: 46:A9:E8:1E:0C:18:9D:09:00:77:45:EB:D1:8D:DF:B2:29:EB:7C:45
Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial: 01914C3B4A44B6672248C8EF3298398F9744
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/RqnoHgwYnQkAd0Xr0Y3fsinrfEU.roa
Signing time: Tue 13 Aug 2024 14:53:59 +0000
ROA not before: Tue 13 Aug 2024 14:53:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205516
IP address blocks: 5.35.80.0/24 maxlen: 24
5.35.81.0/24 maxlen: 24
90.156.252.0/23 maxlen: 24
91.218.140.0/24 maxlen: 24
91.218.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Aug 2024 15:34:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4c:3b:4a:44:b6:67:22:48:c8:ef:32:98:39:8f:97:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Validity
Not Before: Aug 13 14:53:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46a9e81e0c189d09007745ebd18ddfb229eb7c45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8b:cc:77:f2:74:93:34:f1:de:db:6f:f3:94:
26:43:27:d7:38:e7:87:c2:05:3f:93:a2:36:2c:aa:
14:32:a9:1c:6e:e4:67:86:1d:61:02:a5:24:4d:f3:
87:75:a8:63:b5:b3:d4:ac:86:4d:95:00:36:af:96:
54:78:1a:b1:71:1d:a3:a8:2e:44:07:de:a4:9c:33:
a3:19:5f:ee:b7:53:df:33:c8:eb:bd:d7:cd:12:99:
d0:0e:53:d3:5a:ee:12:df:cf:a1:71:78:1d:d3:be:
bf:9b:b7:c7:60:8f:ed:27:9b:1c:32:ad:e6:6d:ff:
ac:9e:28:61:bf:ec:2a:1e:71:32:f1:2d:82:f4:7b:
68:59:05:40:84:77:47:19:66:02:1a:9b:f8:6e:59:
ee:7a:50:7b:c7:13:90:63:42:d7:44:68:9b:4c:31:
fe:e1:58:81:84:4b:4f:4b:d2:62:b2:b9:6a:8d:d5:
4b:d1:25:f5:17:fe:93:27:f4:22:b0:9d:74:b6:76:
13:cf:a6:0d:8a:f9:7c:2c:e5:fd:58:4a:7f:c6:0b:
a9:a9:d5:a4:3c:5f:77:75:34:f7:79:a2:a2:89:d6:
72:9d:df:d1:30:04:62:27:8e:39:d8:99:8a:f1:e3:
ca:8e:39:76:ac:d3:8f:ce:a6:87:1d:80:41:3d:45:
7e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A9:E8:1E:0C:18:9D:09:00:77:45:EB:D1:8D:DF:B2:29:EB:7C:45
X509v3 Authority Key Identifier:
keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/RqnoHgwYnQkAd0Xr0Y3fsinrfEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.80.0/23
90.156.252.0/23
91.218.140.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:c2:d9:18:3d:b0:eb:d3:37:41:cc:cc:83:09:d3:30:da:0e:
1e:06:18:6b:94:f1:ec:99:58:a0:cf:08:10:3c:fc:2a:c3:8d:
1e:2c:82:83:9d:ea:e8:f5:a4:1a:90:2a:78:7b:55:3f:0b:04:
20:73:08:94:76:c6:db:e1:e5:e9:1d:9a:3f:84:cc:8c:88:9c:
67:03:0c:0d:25:f1:e1:cb:c5:e7:20:87:95:3d:73:20:49:41:
88:8a:71:07:0f:0c:28:8f:e1:9d:a2:20:f2:06:c3:55:00:dd:
b8:fb:1a:1f:20:b1:a4:3d:b1:c3:33:f3:fa:20:55:64:28:b6:
80:73:c5:8b:6a:ae:73:64:6a:6c:67:8f:fe:3d:a8:9e:0d:57:
1a:e8:95:a8:73:b9:2f:80:05:48:58:37:09:4f:f8:89:3a:93:
77:28:83:d4:76:80:37:3c:53:d3:a8:56:0a:7b:5c:1c:8a:ae:
d2:dc:f6:68:75:1f:b9:48:50:17:65:12:45:24:35:5a:43:0c:
ea:0c:d4:fb:0a:90:5b:29:2b:b4:33:66:78:3e:8b:e7:15:0d:
6d:e8:a3:9f:ce:43:dc:02:42:fb:0e:1c:1d:ec:43:dc:80:8f:
ad:19:d0:aa:d2:5f:86:7b:31:26:62:12:a0:3c:7b:6a:b8:9d:
56:0b:78:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFMO0pEtmciSMjvMpg5j5dEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjQwODEzMTQ1MzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmE5ZTgxZTBjMTg5ZDA5MDA3NzQ1ZWJkMThkZGZiMjI5ZWI3YzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4vMd/J0kzTx3ttv85QmQyfXOOeH
wgU/k6I2LKoUMqkcbuRnhh1hAqUkTfOHdahjtbPUrIZNlQA2r5ZUeBqxcR2jqC5E
B96knDOjGV/ut1PfM8jrvdfNEpnQDlPTWu4S38+hcXgd076/m7fHYI/tJ5scMq3m
bf+snihhv+wqHnEy8S2C9HtoWQVAhHdHGWYCGpv4blnuelB7xxOQY0LXRGibTDH+
4ViBhEtPS9JisrlqjdVL0SX1F/6TJ/QisJ10tnYTz6YNivl8LOX9WEp/xgupqdWk
PF93dTT3eaKiidZynd/RMARiJ4452JmK8ePKjjl2rNOPzqaHHYBBPUV+wQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEap6B4MGJ0JAHdF69GN37Ip63xFMB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEvUnFub0hnd1luUWtBZDBYcjBZM2ZzaW5yZkVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBSNQAwQB
Wpz8AwQBW9qMMA0GCSqGSIb3DQEBCwUAA4IBAQCMwtkYPbDr0zdBzMyDCdMw2g4e
BhhrlPHsmVigzwgQPPwqw40eLIKDnero9aQakCp4e1U/CwQgcwiUdsbb4eXpHZo/
hMyMiJxnAwwNJfHhy8XnIIeVPXMgSUGIinEHDwwoj+GdoiDyBsNVAN24+xofILGk
PbHDM/P6IFVkKLaAc8WLaq5zZGpsZ4/+PaieDVca6JWoc7kvgAVIWDcJT/iJOpN3
KIPUdoA3PFPTqFYKe1wciq7S3PZodR+5SFAXZRJFJDVaQwzqDNT7CpBbKSu0M2Z4
PovnFQ1t6KOfzkPcAkL7Dhwd7EPcgI+tGdCq0l+GezEmYhKgPHtquJ1WC3gA
-----END CERTIFICATE-----
Generated at Tue Aug 27 18:20:06 2024 by rpki-client on console-fra.rpki-client.org