Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/KfdkoQ98zEbpmd4qQ6uoTwjQs8c.roa
File: KfdkoQ98zEbpmd4qQ6uoTwjQs8c.roa (raw, json)
Hash identifier: MH5Bo8Q9D6L2QYCZg3k2+cjV/cSQifssYa20O6cyCsI=
Subject key identifier: 29:F7:64:A1:0F:7C:CC:46:E9:99:DE:2A:43:AB:A8:4F:08:D0:B3:C7
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018A5000CE1637F41001EB07404BAD67A479
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/KfdkoQ98zEbpmd4qQ6uoTwjQs8c.roa
Signing time: Fri 01 Sep 2023 09:09:04 +0000
ROA not before: Fri 01 Sep 2023 09:09:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 91.92.33.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Sep 2023 09:10:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:50:00:ce:16:37:f4:10:01:eb:07:40:4b:ad:67:a4:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Sep 1 09:09:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29f764a10f7ccc46e999de2a43aba84f08d0b3c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:06:7a:ca:d0:ba:05:d0:10:ba:0a:bc:49:f4:
0c:27:9e:e6:fb:73:6f:45:3e:8a:e0:17:1f:d2:d5:
88:91:a4:cd:1e:b0:66:61:29:5c:7a:79:4e:d8:c1:
6a:a1:0a:28:64:dc:92:af:2e:78:e5:d5:24:13:c3:
7b:9a:04:95:b2:c1:d2:e1:33:f0:f3:b6:69:17:2a:
96:8a:44:e4:1d:ec:be:f5:34:30:e3:68:9c:02:cd:
99:28:0b:ac:67:31:e1:32:b0:c0:50:6a:fe:63:f8:
71:3e:aa:1b:19:4f:66:d7:3b:e8:4e:b5:80:1a:4c:
24:11:a6:36:1f:08:41:d3:3a:3d:40:6f:d2:5c:5b:
ef:73:6c:48:7f:22:4e:08:a9:ad:3b:20:d6:9b:c1:
48:67:d2:6c:25:ce:ea:82:91:a0:7f:5d:93:04:a1:
76:60:aa:c6:56:09:bf:36:f0:26:ab:53:65:a3:f6:
ff:87:59:96:74:7b:47:e0:b5:2c:c0:68:52:09:96:
56:3f:07:0f:92:71:77:c0:95:ec:d7:e4:08:2d:ed:
4e:1c:87:91:db:9a:d4:9b:b0:bf:73:47:47:06:d5:
06:41:aa:67:93:58:6b:97:24:fc:6f:20:0e:14:13:
4e:19:79:80:9e:5a:95:d8:9b:97:59:ca:75:79:bf:
ef:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F7:64:A1:0F:7C:CC:46:E9:99:DE:2A:43:AB:A8:4F:08:D0:B3:C7
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/KfdkoQ98zEbpmd4qQ6uoTwjQs8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.33.0/24
91.92.49.0/24
93.152.205.0-93.152.206.255
93.152.209.0/24
93.152.217.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:77:51:4f:de:44:30:98:21:d7:50:b3:1e:75:d3:f8:a3:04:
4f:70:2d:6a:06:c4:63:86:cf:80:b8:9a:30:bc:7a:8e:95:1f:
7a:97:81:6d:f6:bb:c2:44:27:7f:13:03:1e:28:e1:2b:68:e0:
17:44:d0:c1:12:55:c0:69:ee:fe:a1:fb:18:3f:fd:a0:05:76:
ec:8a:98:fa:a4:10:5a:a0:7b:af:89:44:8a:f1:8b:26:39:87:
21:79:7b:8b:e1:0d:6a:63:74:24:20:9b:74:06:44:e3:f8:d9:
4f:37:39:26:8f:60:8f:c7:71:18:7a:e7:c5:5e:f8:8d:1b:ac:
73:d2:50:56:1e:c2:2f:2a:ee:84:9c:ff:d1:41:22:20:b9:2e:
ba:cb:e9:5f:48:1c:58:f6:ec:ce:7b:a6:d9:34:4d:b1:cf:3f:
45:83:f0:fd:65:af:6f:75:53:bc:6c:7c:f8:e3:cd:8b:7b:e7:
1b:0a:10:17:b5:03:46:fb:43:d3:aa:a7:52:9f:2a:41:36:36:
b9:60:67:76:53:f3:ea:d8:cf:9a:a1:2c:cb:17:7e:82:3c:10:
ff:33:3b:1b:5a:da:56:26:71:71:35:65:a9:fc:b8:c3:47:2f:
3c:fc:d6:83:2b:41:80:eb:e5:48:23:ca:6b:98:fb:2a:43:18:
91:e2:b1:5b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYpQAM4WN/QQAesHQEutZ6R5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwOTAxMDkwOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWY3NjRhMTBmN2NjYzQ2ZTk5OWRlMmE0M2FiYTg0ZjA4ZDBiM2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwZ6ytC6BdAQugq8SfQMJ57m+3Nv
RT6K4Bcf0tWIkaTNHrBmYSlcenlO2MFqoQooZNySry545dUkE8N7mgSVssHS4TPw
87ZpFyqWikTkHey+9TQw42icAs2ZKAusZzHhMrDAUGr+Y/hxPqobGU9m1zvoTrWA
GkwkEaY2HwhB0zo9QG/SXFvvc2xIfyJOCKmtOyDWm8FIZ9JsJc7qgpGgf12TBKF2
YKrGVgm/NvAmq1Nlo/b/h1mWdHtH4LUswGhSCZZWPwcPknF3wJXs1+QILe1OHIeR
25rUm7C/c0dHBtUGQapnk1hrlyT8byAOFBNOGXmAnlqV2JuXWcp1eb/vWwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCn3ZKEPfMxG6ZneKkOrqE8I0LPHMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvS2Zka29ROTh6RWJwbWQ0cVE2dW9Ud2pRczhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAW1whAwQA
W1wxMAwDBABdmM0DBABdmM4DBABdmNEDBABdmNkwDQYJKoZIhvcNAQELBQADggEB
AAp3UU/eRDCYIddQsx510/ijBE9wLWoGxGOGz4C4mjC8eo6VH3qXgW32u8JEJ38T
Ax4o4Sto4BdE0MESVcBp7v6h+xg//aAFduyKmPqkEFqge6+JRIrxiyY5hyF5e4vh
DWpjdCQgm3QGROP42U83OSaPYI/HcRh658Ve+I0brHPSUFYewi8q7oSc/9FBIiC5
LrrL6V9IHFj27M57ptk0TbHPP0WD8P1lr291U7xsfPjjzYt75xsKEBe1A0b7Q9Oq
p1KfKkE2NrlgZ3ZT8+rYz5qhLMsXfoI8EP8zOxta2lYmcXE1Zan8uMNHLzz81oMr
QYDr5UgjymuY+ypDGJHisVs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:42 2024 by rpki-client on console-fra.rpki-client.org