Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/aLbc8T09qa7hcGkdz8maa7PX2hA.roa
File: aLbc8T09qa7hcGkdz8maa7PX2hA.roa (raw, json)
Hash identifier: XrRbkHxqTDXpS2hSk4iAhG9OohUmkdIXA4GXCAjFz8w=
Subject key identifier: 68:B6:DC:F1:3D:3D:A9:AE:E1:70:69:1D:CF:C9:9A:6B:B3:D7:DA:10
Certificate issuer: /CN=d1df4803e54b084a99cb7bb044bf791327594b73
Certificate serial: 018CC7947F3E7CDA175AD4085CCE01A3572C
Authority key identifier: D1:DF:48:03:E5:4B:08:4A:99:CB:7B:B0:44:BF:79:13:27:59:4B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0d9IA-VLCEqZy3uwRL95EydZS3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/aLbc8T09qa7hcGkdz8maa7PX2hA.roa
Signing time: Tue 02 Jan 2024 00:30:46 +0000
ROA not before: Tue 02 Jan 2024 00:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48981
IP address blocks: 91.198.28.0/24 maxlen: 24
91.142.133.0/24 maxlen: 24
91.142.140.0/24 maxlen: 24
91.193.74.0/24 maxlen: 24
2a0f:5c40::/29 maxlen: 64
Validation: Failed, certificate revoked on Mon 22 Jul 2024 05:14:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:7f:3e:7c:da:17:5a:d4:08:5c:ce:01:a3:57:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1df4803e54b084a99cb7bb044bf791327594b73
Validity
Not Before: Jan 2 00:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68b6dcf13d3da9aee170691dcfc99a6bb3d7da10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2c:7b:c7:9f:67:fe:9d:c2:23:0c:e6:bb:d4:
96:f4:7a:aa:7a:5a:1f:fb:9e:6f:2b:d4:5b:a9:f5:
aa:12:6f:65:5e:30:26:f0:b8:dc:a0:af:bb:ff:80:
ad:0d:c4:8c:c1:52:46:a2:13:24:ec:d5:23:3c:a3:
51:0e:b7:b5:21:56:df:ba:38:d9:32:cd:45:c3:95:
bc:04:51:c0:9e:c2:3b:4b:5f:a8:c5:67:3c:3b:45:
95:95:8a:cb:91:fb:72:ac:06:bb:73:93:56:41:dd:
cc:84:dd:e8:be:36:da:5c:90:48:39:db:ff:20:03:
df:76:3f:0b:a4:72:09:07:69:0c:eb:20:6f:f7:85:
75:ce:cf:e3:ce:3e:d0:90:9e:85:8a:03:d3:db:ff:
f4:37:29:a6:58:13:34:a8:8d:49:c7:a2:44:27:38:
e0:57:c8:af:b3:b3:70:65:9d:13:8e:86:e2:30:c7:
a1:38:1a:3f:10:84:43:4f:1e:5e:0f:fd:07:d0:92:
80:37:62:16:84:9b:2d:45:01:8a:d0:cc:39:28:9a:
ed:41:cf:db:3e:7a:20:16:7d:bb:a6:e3:c1:6f:46:
20:58:ed:f3:8d:94:c5:c0:7a:90:42:66:60:b9:d8:
b5:74:51:52:2c:60:30:c5:d3:01:ee:a9:0c:f0:96:
b9:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B6:DC:F1:3D:3D:A9:AE:E1:70:69:1D:CF:C9:9A:6B:B3:D7:DA:10
X509v3 Authority Key Identifier:
keyid:D1:DF:48:03:E5:4B:08:4A:99:CB:7B:B0:44:BF:79:13:27:59:4B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d9IA-VLCEqZy3uwRL95EydZS3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/aLbc8T09qa7hcGkdz8maa7PX2hA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/0d9IA-VLCEqZy3uwRL95EydZS3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.133.0/24
91.142.140.0/24
91.193.74.0/24
91.198.28.0/24
IPv6:
2a0f:5c40::/29
Signature Algorithm: sha256WithRSAEncryption
93:5b:a5:9a:dc:a0:19:6b:6d:a1:e2:72:93:6d:b4:55:57:d3:
23:f2:a6:36:dc:a2:e7:2d:3f:59:82:4c:55:80:4a:d2:3c:90:
ff:a6:bb:46:fa:8a:ae:62:bf:74:17:13:4c:61:8f:b4:9e:a6:
82:1e:97:01:8e:5b:88:a8:47:56:3a:1d:98:74:92:70:a1:aa:
11:fb:37:90:45:95:f7:b7:9b:77:ac:01:e6:72:cf:21:a1:c7:
e4:35:48:bc:4a:25:d9:57:f5:eb:f9:72:80:40:dd:e4:23:4f:
fb:1e:9f:e6:41:ea:5c:02:6d:7f:48:ad:94:8e:49:30:82:8b:
94:5b:5e:67:51:61:8c:b5:50:bf:22:da:d4:14:d0:22:27:0b:
ce:08:e1:0f:1d:70:35:78:18:a5:1e:d9:0c:63:9f:d5:c4:04:
b8:4b:79:54:ed:3e:a1:4e:25:0d:70:46:ba:d5:3a:8b:39:53:
c6:de:2f:53:05:0e:f8:13:bc:97:28:d1:5b:5d:0c:45:d8:ad:
0f:9d:ac:73:72:dc:cd:c6:2a:6d:92:48:e0:ee:a7:83:b5:36:
95:1e:cb:56:4f:15:2a:4f:e0:6e:b9:00:2a:f1:0a:fb:cd:ff:
27:ba:91:a8:43:3a:37:e0:60:27:cc:ab:fc:4d:44:4a:3c:b0:
ee:4f:bd:25
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzHlH8+fNoXWtQIXM4Bo1csMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGY0ODAzZTU0YjA4NGE5OWNiN2JiMDQ0YmY3OTEzMjc1
OTRiNzMwHhcNMjQwMTAyMDAzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGI2ZGNmMTNkM2RhOWFlZTE3MDY5MWRjZmM5OWE2YmIzZDdkYTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmix7x59n/p3CIwzmu9SW9Hqqelof
+55vK9RbqfWqEm9lXjAm8LjcoK+7/4CtDcSMwVJGohMk7NUjPKNRDre1IVbfujjZ
Ms1Fw5W8BFHAnsI7S1+oxWc8O0WVlYrLkftyrAa7c5NWQd3MhN3ovjbaXJBIOdv/
IAPfdj8LpHIJB2kM6yBv94V1zs/jzj7QkJ6FigPT2//0NymmWBM0qI1Jx6JEJzjg
V8ivs7NwZZ0TjobiMMehOBo/EIRDTx5eD/0H0JKAN2IWhJstRQGK0Mw5KJrtQc/b
PnogFn27puPBb0YgWO3zjZTFwHqQQmZgudi1dFFSLGAwxdMB7qkM8Ja5cQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGi23PE9Pamu4XBpHc/Jmmuz19oQMB8GA1UdIwQY
MBaAFNHfSAPlSwhKmct7sES/eRMnWUtzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQ5SUEtVkxDRXFaeTN1d1JMOTVFeWRaUzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8wZDVmNTMtOTY1My00N2ZiLWE5Nzct
NDhmNWU4NzY3ZDAyLzEvYUxiYzhUMDlxYTdoY0drZHo4bWFhN1BYMmhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8wZDVmNTMtOTY1My00N2ZiLWE5NzctNDhmNWU4NzY3ZDAy
LzEvMGQ5SUEtVkxDRXFaeTN1d1JMOTVFeWRaUzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW46FAwQA
W46MAwQAW8FKAwQAW8YcMA0EAgACMAcDBQMqD1xAMA0GCSqGSIb3DQEBCwUAA4IB
AQCTW6Wa3KAZa22h4nKTbbRVV9Mj8qY23KLnLT9ZgkxVgErSPJD/prtG+oquYr90
FxNMYY+0nqaCHpcBjluIqEdWOh2YdJJwoaoR+zeQRZX3t5t3rAHmcs8hocfkNUi8
SiXZV/Xr+XKAQN3kI0/7Hp/mQepcAm1/SK2UjkkwgouUW15nUWGMtVC/ItrUFNAi
JwvOCOEPHXA1eBilHtkMY5/VxAS4S3lU7T6hTiUNcEa61TqLOVPG3i9TBQ74E7yX
KNFbXQxF2K0PnaxzctzNxiptkkjg7qeDtTaVHstWTxUqT+BuuQAq8Qr7zf8nupGo
Qzo34GAnzKv8TURKPLDuT70l
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:10 2025 by rpki-client