Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ai2qUM334CJQycBzc5_6fqaXkco.roa
File: ai2qUM334CJQycBzc5_6fqaXkco.roa (raw, json)
Hash identifier: 5nxd60Jl1q4NfV/dmjbWKWt2jAyPC7mldEomxxIStSI=
Subject key identifier: 6A:2D:AA:50:CD:F7:E0:22:50:C9:C0:73:73:9F:FA:7E:A6:97:91:CA
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018572DF211F7C1C30BC910366520A891703
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ai2qUM334CJQycBzc5_6fqaXkco.roa
Signing time: Mon 02 Jan 2023 14:25:03 +0000
ROA not before: Mon 02 Jan 2023 14:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 91.92.34.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
45.141.232.0/24 maxlen: 24
93.152.219.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:df:21:1f:7c:1c:30:bc:91:03:66:52:0a:89:17:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 2 14:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a2daa50cdf7e02250c9c073739ffa7ea69791ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f0:e3:13:b4:03:db:7d:08:18:c7:0f:64:85:
db:8e:db:08:05:c8:61:b3:f0:b2:36:99:1f:9a:c5:
89:e7:d6:08:03:52:de:10:33:15:4f:7a:df:ce:27:
53:d9:19:2c:81:a3:33:ea:48:4f:01:cb:e1:21:df:
11:48:b7:d1:00:94:8f:61:6d:71:1a:b3:7b:c4:df:
44:cd:40:99:2b:b8:3a:16:72:5f:0f:90:6a:07:6f:
d5:e9:0d:ff:0f:d3:04:aa:21:19:2a:00:e4:55:28:
89:e9:d9:47:3b:ef:8e:7b:19:91:c1:63:10:17:b0:
9b:24:34:7d:c4:f6:61:91:f1:0c:4d:15:12:ef:28:
8b:e6:bf:3d:59:54:9e:f0:81:e5:58:ef:4f:f6:68:
f7:bb:bd:1b:8e:d6:53:48:37:74:c3:0f:ec:10:ee:
8f:8f:0c:3c:86:1d:9e:51:9c:76:75:5e:88:92:62:
ce:c9:49:1c:be:20:05:52:4f:a7:d2:eb:bc:16:51:
0e:b2:e7:38:b0:f4:57:e0:b7:bd:b7:90:65:6e:3e:
5c:12:31:7e:d8:40:76:de:69:6e:37:59:e7:ea:09:
48:ea:ec:28:03:01:9f:b3:e1:13:0d:58:69:73:1e:
08:1d:15:a2:09:75:b0:e0:10:c5:13:25:2d:f0:0b:
32:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:2D:AA:50:CD:F7:E0:22:50:C9:C0:73:73:9F:FA:7E:A6:97:91:CA
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ai2qUM334CJQycBzc5_6fqaXkco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
91.92.34.0/24
93.152.207.0/24
93.152.219.0/24
93.152.223.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:7f:55:87:ae:19:b5:b9:6e:df:61:f0:8a:1e:7d:0e:f6:18:
8d:b9:47:3d:90:96:c0:54:0f:4e:de:b4:24:f2:d1:ae:d9:5f:
87:d7:32:2a:d2:3a:e8:ae:74:d0:03:03:66:ff:61:7c:fc:f1:
ac:b7:c8:aa:2a:a2:22:15:bb:2b:9d:e6:e1:e6:0d:b8:25:96:
a1:ef:91:69:2f:b5:e8:aa:ab:3c:85:80:73:52:47:3c:fa:3d:
0c:05:83:99:bd:ff:0f:db:fd:ef:f7:45:09:8f:68:2e:02:9a:
08:79:62:96:5e:e1:6a:86:11:60:2a:ae:f4:ba:c5:80:83:da:
60:4c:a5:11:0a:74:f8:c6:b4:96:cc:cf:3d:e8:d3:c9:4e:2d:
a1:c5:d9:00:ff:2a:d1:4c:9c:09:4d:f2:8b:8c:00:75:7b:86:
f6:34:c7:7f:0a:59:26:0f:b3:e2:dd:b3:eb:f3:32:6e:b4:d7:
53:de:43:04:ac:48:33:21:cf:d7:20:38:00:15:e0:f1:44:c2:
11:88:69:0c:e2:2f:82:f0:c0:f8:5a:05:b0:1f:bf:8d:1f:39:
7d:c1:03:06:35:5e:c1:fe:32:85:c2:a0:6d:38:b2:2d:cf:de:
8f:bb:30:2a:b5:33:a2:72:38:40:44:af:45:36:5b:38:cf:5c:
37:e2:d4:37
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVy3yEffBwwvJEDZlIKiRcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwMTAyMTQyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTJkYWE1MGNkZjdlMDIyNTBjOWMwNzM3MzlmZmE3ZWE2OTc5MWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPDjE7QD230IGMcPZIXbjtsIBchh
s/CyNpkfmsWJ59YIA1LeEDMVT3rfzidT2RksgaMz6khPAcvhId8RSLfRAJSPYW1x
GrN7xN9EzUCZK7g6FnJfD5BqB2/V6Q3/D9MEqiEZKgDkVSiJ6dlHO++OexmRwWMQ
F7CbJDR9xPZhkfEMTRUS7yiL5r89WVSe8IHlWO9P9mj3u70bjtZTSDd0ww/sEO6P
jww8hh2eUZx2dV6IkmLOyUkcviAFUk+n0uu8FlEOsuc4sPRX4Le9t5Blbj5cEjF+
2EB23mluN1nn6glI6uwoAwGfs+ETDVhpcx4IHRWiCXWw4BDFEyUt8AsyeQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGotqlDN9+AiUMnAc3Of+n6ml5HKMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvYWkycVVNMzM0Q0pReWNCemM1XzZmcWFYa2NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALY3oAwQA
W1wiAwQAXZjPAwQAXZjbAwQAXZjfMA0GCSqGSIb3DQEBCwUAA4IBAQAsf1WHrhm1
uW7fYfCKHn0O9hiNuUc9kJbAVA9O3rQk8tGu2V+H1zIq0jrornTQAwNm/2F8/PGs
t8iqKqIiFbsrnebh5g24JZah75FpL7Xoqqs8hYBzUkc8+j0MBYOZvf8P2/3v90UJ
j2guApoIeWKWXuFqhhFgKq70usWAg9pgTKURCnT4xrSWzM896NPJTi2hxdkA/yrR
TJwJTfKLjAB1e4b2NMd/ClkmD7Pi3bPr8zJutNdT3kMErEgzIc/XIDgAFeDxRMIR
iGkM4i+C8MD4WgWwH7+NHzl9wQMGNV7B/jKFwqBtOLItz96PuzAqtTOicjhARK9F
Nls4z1w34tQ3
-----END CERTIFICATE-----
Generated at Thu Nov 9 14:19:14 2023 by rpki-client on console-fra.rpki-client.org