Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/psYDp22owA7WnB9OCT-nflpfob8.roa
File: psYDp22owA7WnB9OCT-nflpfob8.roa (raw, json)
Hash identifier: 2eO/H2g5tHhsrKxMRNCKA1EHX0BlYE2Hfclw9l8gTFE=
Subject key identifier: A6:C6:03:A7:6D:A8:C0:0E:D6:9C:1F:4E:09:3F:A7:7E:5A:5F:A1:BF
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0191D16CA032F45CEFC6EFAAF27CFBB37B2B
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/psYDp22owA7WnB9OCT-nflpfob8.roa
Signing time: Sun 08 Sep 2024 11:37:22 +0000
ROA not before: Sun 08 Sep 2024 11:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199760
IP address blocks: 91.92.40.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 08:40:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d1:6c:a0:32:f4:5c:ef:c6:ef:aa:f2:7c:fb:b3:7b:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Sep 8 11:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6c603a76da8c00ed69c1f4e093fa77e5a5fa1bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:de:58:6d:79:53:97:39:47:6e:ad:d0:c1:e0:
8c:3d:ad:c3:d6:82:26:80:d0:1d:22:a3:6f:48:05:
63:88:a3:1b:20:82:be:9e:06:71:0e:2e:46:f1:06:
99:e6:f7:10:8c:cf:4f:24:f0:45:6e:f8:5c:4d:37:
50:76:ab:1c:91:f9:4a:26:0f:f1:10:84:8c:cc:6e:
bb:b9:5d:85:99:cd:38:5a:d4:88:45:74:9a:bf:d0:
f3:d8:85:72:78:e7:fd:24:c8:9d:b0:c2:3f:70:b1:
50:1a:fc:dc:3c:ef:ff:8a:03:93:1f:b5:4c:0a:e3:
8a:76:ff:35:1d:99:78:21:7e:40:2b:3d:bb:7c:54:
ed:fc:ca:52:26:2a:7f:c5:7b:d3:ed:e8:8b:78:79:
31:d3:f4:27:df:14:ac:d4:e9:57:4b:29:b6:22:c3:
75:c1:d1:57:56:f9:79:c0:46:93:c3:3c:14:41:a6:
1d:d7:f0:53:07:10:a9:b4:c8:a5:32:83:24:d1:4f:
f0:81:28:1e:18:7f:9f:6c:05:46:69:e3:63:1f:3b:
ac:cc:72:ad:f9:78:4d:ec:94:7f:7f:ce:eb:3a:73:
b1:8f:b2:08:73:74:13:fd:32:44:d0:7b:dc:5c:1a:
52:86:f0:25:2e:63:e8:5c:06:bc:37:f6:5c:02:54:
b0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:C6:03:A7:6D:A8:C0:0E:D6:9C:1F:4E:09:3F:A7:7E:5A:5F:A1:BF
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/psYDp22owA7WnB9OCT-nflpfob8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.40.0/24
91.92.42.0/23
Signature Algorithm: sha256WithRSAEncryption
66:ff:46:b3:c0:f1:f0:03:7f:f7:c1:4c:69:c6:27:bc:bf:c3:
5e:76:e1:ff:49:40:5f:97:13:75:7c:19:e4:44:35:50:56:65:
f1:2c:f1:24:7f:e0:51:5e:b5:76:af:40:03:23:26:ce:63:c7:
ec:a2:0e:24:43:c9:0b:88:92:5b:30:c0:8f:d0:9d:0b:d2:c2:
0d:f2:6a:5b:1b:e9:af:9b:23:6f:33:50:58:5c:37:b8:aa:aa:
64:70:9d:7b:e4:69:43:86:5a:d4:a6:e8:21:be:70:25:c3:9c:
62:3f:25:78:dc:d9:a7:07:a0:95:80:c4:3a:7a:d3:6e:fa:33:
32:f6:9f:84:10:df:80:54:14:8a:c9:2c:f4:24:b2:2a:63:b6:
09:13:be:a7:9e:4d:c3:47:20:28:19:3e:74:f3:63:5f:17:b8:
f8:0f:25:69:b5:70:72:60:fe:c5:ea:18:29:57:e0:b0:a9:f3:
08:57:ba:09:da:05:38:82:c7:31:a1:f3:61:a7:ce:7b:2d:c4:
02:25:4d:92:d0:65:b9:2b:2c:ae:a9:fe:89:0f:17:8b:37:a3:
bf:0c:7a:52:79:5a:46:34:b5:fe:8e:e0:36:97:63:84:6c:71:
dc:70:b6:3c:df:8c:9a:01:4b:a2:51:49:76:75:fa:64:bf:50:
06:23:41:47
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZHRbKAy9Fzvxu+q8nz7s3srMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwOTA4MTEzNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmM2MDNhNzZkYThjMDBlZDY5YzFmNGUwOTNmYTc3ZTVhNWZhMWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN5YbXlTlzlHbq3QweCMPa3D1oIm
gNAdIqNvSAVjiKMbIIK+ngZxDi5G8QaZ5vcQjM9PJPBFbvhcTTdQdqsckflKJg/x
EISMzG67uV2Fmc04WtSIRXSav9Dz2IVyeOf9JMidsMI/cLFQGvzcPO//igOTH7VM
CuOKdv81HZl4IX5AKz27fFTt/MpSJip/xXvT7eiLeHkx0/Qn3xSs1OlXSym2IsN1
wdFXVvl5wEaTwzwUQaYd1/BTBxCptMilMoMk0U/wgSgeGH+fbAVGaeNjHzuszHKt
+XhN7JR/f87rOnOxj7IIc3QT/TJE0HvcXBpShvAlLmPoXAa8N/ZcAlSwHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKbGA6dtqMAO1pwfTgk/p35aX6G/MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvcHNZRHAyMm93QTdXbkI5T0NULW5mbHBmb2I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW1woAwQB
W1wqMA0GCSqGSIb3DQEBCwUAA4IBAQBm/0azwPHwA3/3wUxpxie8v8NeduH/SUBf
lxN1fBnkRDVQVmXxLPEkf+BRXrV2r0ADIybOY8fsog4kQ8kLiJJbMMCP0J0L0sIN
8mpbG+mvmyNvM1BYXDe4qqpkcJ175GlDhlrUpughvnAlw5xiPyV43NmnB6CVgMQ6
etNu+jMy9p+EEN+AVBSKySz0JLIqY7YJE76nnk3DRyAoGT5082NfF7j4DyVptXBy
YP7F6hgpV+CwqfMIV7oJ2gU4gscxofNhp857LcQCJU2S0GW5Kyyuqf6JDxeLN6O/
DHpSeVpGNLX+juA2l2OEbHHccLY834yaAUuiUUl2dfpkv1AGI0FH
-----END CERTIFICATE-----
Generated at Wed Sep 11 10:41:59 2024 by rpki-client on console-ams.rpki-client.org