Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/pi_72PTnMnnhW2FMkGWuekIIbT4.roa
File: pi_72PTnMnnhW2FMkGWuekIIbT4.roa (raw, json)
Hash identifier: gkgXBp48n04raikdC0rFX3pQqvDKbYwEEvcx9qJSic8=
Subject key identifier: A6:2F:FB:D8:F4:E7:32:79:E1:5B:61:4C:90:65:AE:7A:42:08:6D:3E
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019006836CC27F6B6122DE4EE168F958143E
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/pi_72PTnMnnhW2FMkGWuekIIbT4.roa
Signing time: Tue 11 Jun 2024 08:56:34 +0000
ROA not before: Tue 11 Jun 2024 08:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199218
IP address blocks: 91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
93.152.219.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 07:29:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:06:83:6c:c2:7f:6b:61:22:de:4e:e1:68:f9:58:14:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jun 11 08:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a62ffbd8f4e73279e15b614c9065ae7a42086d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e2:7d:95:3a:ed:60:3b:b2:a4:c7:87:6d:3b:
8f:ef:98:ce:2e:b5:af:26:0b:7c:9e:21:84:62:91:
4f:bd:53:69:57:1c:4e:03:e0:9f:41:45:d2:76:54:
5b:2e:73:3b:32:c3:65:a6:31:1b:3c:fa:df:5a:8c:
93:45:16:46:a0:69:ac:18:53:ba:0a:fc:67:23:26:
43:30:d6:eb:d6:ce:55:f2:0f:38:17:90:8c:70:a9:
0d:34:48:7c:92:3a:56:14:5c:fc:ac:b9:50:06:c6:
db:ec:c4:f6:7a:a8:42:98:c7:c5:83:61:9b:74:25:
a0:93:f7:f2:cb:7f:77:4e:d4:0d:ae:e4:16:38:39:
bd:3d:a2:9f:40:e8:72:88:fc:78:cb:fc:08:d2:02:
df:4c:89:a8:27:90:ad:c5:3a:58:a5:74:a5:00:95:
20:0a:60:34:6b:b9:ff:2f:4b:e6:53:19:45:d4:18:
0e:e0:29:93:36:30:66:72:dd:dd:bf:e7:60:e1:10:
90:70:36:5c:ba:28:94:3d:3e:01:16:dc:57:a7:8c:
42:c2:dc:e5:38:ac:17:81:e2:a2:8c:11:6e:8d:34:
6c:85:d8:5b:89:ff:c4:07:cb:bf:9b:e7:58:8a:83:
9c:da:6e:cd:ac:99:c0:ea:c9:fe:ce:06:ae:25:80:
0a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:2F:FB:D8:F4:E7:32:79:E1:5B:61:4C:90:65:AE:7A:42:08:6D:3E
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/pi_72PTnMnnhW2FMkGWuekIIbT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.45.0-91.92.46.255
93.152.219.0/24
93.152.225.0/24
94.26.90.0/24
94.190.195.0/24
Signature Algorithm: sha256WithRSAEncryption
79:5a:85:e3:54:62:ef:cf:e8:1b:07:53:eb:74:b1:15:6a:4b:
68:c5:18:8e:23:2e:06:37:e7:bc:a5:b3:fd:f4:f6:c6:4e:17:
a0:16:28:b7:3d:53:be:b6:75:f6:26:2b:2e:f0:4a:8f:f8:5c:
6a:e4:df:31:d8:6b:a1:3f:0f:43:a0:dd:b4:59:d8:62:82:7d:
4d:94:18:08:13:18:db:ab:11:9b:57:60:99:2f:af:16:2a:b3:
43:63:9b:22:b8:da:0d:4e:d2:06:75:0e:dc:0d:9b:ba:b3:20:
10:98:3f:0e:d8:ea:12:59:f2:fd:5c:8b:e5:86:46:d9:fa:1a:
5b:7c:da:a6:18:b3:6a:ca:d6:7f:3d:0e:2a:58:51:62:a9:ac:
c9:2c:6a:e3:91:9b:88:df:c0:5f:b9:e3:4b:96:4a:a5:5d:33:
e7:5d:ff:fe:19:82:d5:ce:d5:7e:6c:2e:df:cd:62:51:81:34:
48:30:f3:83:77:ab:0c:33:c4:79:2f:b1:4b:ee:3d:aa:e2:b6:
e1:d6:b4:8f:00:09:2e:98:81:0f:6a:8b:d3:21:67:f5:b7:2f:
bb:4e:20:d3:41:27:92:2c:9f:49:ba:7a:01:68:2b:34:d6:7a:
a3:2d:a5:6d:26:6a:8d:95:18:b1:20:ca:0e:db:9c:7d:74:50:
33:6e:4b:02
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZAGg2zCf2thIt5O4Wj5WBQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwNjExMDg1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjJmZmJkOGY0ZTczMjc5ZTE1YjYxNGM5MDY1YWU3YTQyMDg2ZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+J9lTrtYDuypMeHbTuP75jOLrWv
Jgt8niGEYpFPvVNpVxxOA+CfQUXSdlRbLnM7MsNlpjEbPPrfWoyTRRZGoGmsGFO6
CvxnIyZDMNbr1s5V8g84F5CMcKkNNEh8kjpWFFz8rLlQBsbb7MT2eqhCmMfFg2Gb
dCWgk/fyy393TtQNruQWODm9PaKfQOhyiPx4y/wI0gLfTImoJ5CtxTpYpXSlAJUg
CmA0a7n/L0vmUxlF1BgO4CmTNjBmct3dv+dg4RCQcDZcuiiUPT4BFtxXp4xCwtzl
OKwXgeKijBFujTRshdhbif/EB8u/m+dYioOc2m7NrJnA6sn+zgauJYAKVQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKYv+9j05zJ54VthTJBlrnpCCG0+MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvcGlfNzJQVG5Nbm5oVzJGTWtHV3Vla0lJYlQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABbXC0D
BABbXC4DBABdmNsDBABdmOEDBABeGloDBABevsMwDQYJKoZIhvcNAQELBQADggEB
AHlaheNUYu/P6BsHU+t0sRVqS2jFGI4jLgY357yls/309sZOF6AWKLc9U762dfYm
Ky7wSo/4XGrk3zHYa6E/D0Og3bRZ2GKCfU2UGAgTGNurEZtXYJkvrxYqs0NjmyK4
2g1O0gZ1DtwNm7qzIBCYPw7Y6hJZ8v1ci+WGRtn6Glt82qYYs2rK1n89DipYUWKp
rMksauORm4jfwF+540uWSqVdM+dd//4ZgtXO1X5sLt/NYlGBNEgw84N3qwwzxHkv
sUvuParituHWtI8ACS6YgQ9qi9MhZ/W3L7tOINNBJ5Isn0m6egFoKzTWeqMtpW0m
ao2VGLEgyg7bnH10UDNuSwI=
-----END CERTIFICATE-----
Generated at Fri Nov 1 10:59:35 2024 by rpki-client on console-ams.rpki-client.org