Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/1-36rLBJ96rmDMLgFPPDSj-dzaP0.roa
File: 1-36rLBJ96rmDMLgFPPDSj-dzaP0.roa (raw, json)
Hash identifier: oIHuEOEjRVzjHs1ABOfpArdM3h61XFD0C+o2xyqC4sE=
Subject key identifier: FB:7E:AB:2C:12:7D:EA:B9:83:30:B8:05:3C:F0:D2:8F:E7:73:68:FD
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 01896478EFB0D7D2D862D5C85B7608322B93
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/1-36rLBJ96rmDMLgFPPDSj-dzaP0.roa
Signing time: Mon 17 Jul 2023 15:29:54 +0000
ROA not before: Mon 17 Jul 2023 15:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48031
IP address blocks: 91.220.223.0/24 maxlen: 24
91.239.238.0/24 maxlen: 24
91.213.29.0/24 maxlen: 24
92.63.183.0/24 maxlen: 24
92.63.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jul 2023 16:05:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:78:ef:b0:d7:d2:d8:62:d5:c8:5b:76:08:32:2b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Jul 17 15:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb7eab2c127deab98330b8053cf0d28fe77368fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:bd:6e:a0:74:76:b7:71:7b:63:71:f2:12:24:
74:b9:b4:01:73:cb:6f:d3:f7:ba:1b:86:97:72:a7:
55:c6:20:ed:e5:cd:1c:57:b3:d7:bb:df:6c:33:c5:
23:72:d4:cc:57:80:3b:fc:ec:b5:c3:b6:1f:33:6a:
6f:c6:ad:40:ad:be:28:44:c6:b8:f7:a1:7b:23:69:
9b:c4:01:92:0b:8d:66:50:bb:5d:04:ae:e7:02:c7:
f6:f8:04:d6:c7:8f:6e:69:34:a3:1a:4f:34:83:15:
57:57:66:af:7f:96:e7:99:24:63:1a:0a:60:ad:0d:
61:d1:61:46:57:9e:0a:72:85:41:bd:de:25:3b:2d:
d9:7e:2d:a7:45:a5:b6:f6:85:00:f5:62:7a:5e:d3:
0c:4d:a1:53:e7:99:83:94:ce:53:a5:89:d8:38:07:
8b:6c:55:32:62:c9:81:34:e9:f5:2c:bc:5b:f9:d4:
76:52:d0:6a:7b:4a:56:b2:a7:e8:d2:9a:1a:e5:89:
42:a3:1c:72:ca:33:3c:78:1f:3c:c6:4e:df:b6:14:
1c:18:ce:30:f8:01:f7:79:a1:80:41:54:ca:d6:4f:
f3:93:4a:5b:c3:c4:33:fa:00:a7:69:52:cb:c7:30:
25:96:70:57:ff:79:64:76:3b:3b:b0:d7:d6:2b:a0:
ab:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:7E:AB:2C:12:7D:EA:B9:83:30:B8:05:3C:F0:D2:8F:E7:73:68:FD
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/1-36rLBJ96rmDMLgFPPDSj-dzaP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.29.0/24
91.220.223.0/24
91.239.238.0/24
92.63.182.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:f4:a5:0c:05:e1:27:c0:f4:0b:ae:17:7a:83:d2:2b:bf:4c:
47:12:88:a2:c9:f9:e3:91:56:f1:3c:7b:b8:68:86:0f:c1:7a:
53:db:cc:a5:fe:94:97:f7:7e:0b:5a:f0:e2:d8:20:2f:cf:3e:
1b:94:7c:9a:f1:d2:92:bf:b0:95:8b:69:ea:a2:e0:2c:9a:85:
fc:c3:15:e7:81:ea:ae:e8:83:4f:58:82:7d:4b:59:36:a4:3f:
b8:ff:92:92:70:fc:e3:75:de:1e:71:20:7e:94:a2:e7:8a:4f:
73:2f:4b:70:f5:bc:a4:3b:d4:7e:79:c6:b8:90:5f:93:b8:0d:
b9:3d:13:40:ce:80:02:19:d9:20:f1:16:9b:6b:1f:da:5e:8e:
67:27:f4:82:16:b4:bf:26:9d:34:c9:ff:26:75:d6:40:e2:03:
ec:fd:85:b2:78:83:2c:ad:28:d2:00:f4:1d:b9:17:14:ad:6c:
b9:09:27:89:02:cb:f4:c4:92:28:f2:6a:6b:5b:4f:91:40:5d:
ee:97:73:39:de:c4:b2:4c:a1:bf:8c:91:dd:49:6b:29:92:40:
fa:0e:40:bc:96:4c:0a:ae:9a:3f:5f:3a:76:58:48:4f:11:51:
8d:f4:71:0c:b2:1f:f1:95:3c:95:c6:c4:f8:ee:32:f9:46:b9:
85:7e:e5:fd
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYlkeO+w19LYYtXIW3YIMiuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjMwNzE3MTUyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjdlYWIyYzEyN2RlYWI5ODMzMGI4MDUzY2YwZDI4ZmU3NzM2OGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzr1uoHR2t3F7Y3HyEiR0ubQBc8tv
0/e6G4aXcqdVxiDt5c0cV7PXu99sM8UjctTMV4A7/Oy1w7YfM2pvxq1Arb4oRMa4
96F7I2mbxAGSC41mULtdBK7nAsf2+ATWx49uaTSjGk80gxVXV2avf5bnmSRjGgpg
rQ1h0WFGV54KcoVBvd4lOy3Zfi2nRaW29oUA9WJ6XtMMTaFT55mDlM5TpYnYOAeL
bFUyYsmBNOn1LLxb+dR2UtBqe0pWsqfo0poa5YlCoxxyyjM8eB88xk7fthQcGM4w
+AH3eaGAQVTK1k/zk0pbw8Qz+gCnaVLLxzAllnBX/3lkdjs7sNfWK6CrFwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPt+qywSfeq5gzC4BTzw0o/nc2j9MB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvMS0zNnJMQko5NnJtRE1MZ0ZQUERTai1kemFQMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTAvNTNjN2I4LTVlNGItNDlmZC04YzkxLWJhOThmMTEyMjEy
MS8xL1lZUjQ4WmotVnBBUXc5OWlHUlF2VXd4UFhsWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFvVHQME
AFvc3wMEAFvv7gMEAVw/tjANBgkqhkiG9w0BAQsFAAOCAQEAi/SlDAXhJ8D0C64X
eoPSK79MRxKIosn545FW8Tx7uGiGD8F6U9vMpf6Ul/d+C1rw4tggL88+G5R8mvHS
kr+wlYtp6qLgLJqF/MMV54HqruiDT1iCfUtZNqQ/uP+SknD843XeHnEgfpSi54pP
cy9LcPW8pDvUfnnGuJBfk7gNuT0TQM6AAhnZIPEWm2sf2l6OZyf0gha0vyadNMn/
JnXWQOID7P2FsniDLK0o0gD0HbkXFK1suQkniQLL9MSSKPJqa1tPkUBd7pdzOd7E
skyhv4yR3UlrKZJA+g5AvJZMCq6aP186dlhITxFRjfRxDLIf8ZU8lcbE+O4y+Ua5
hX7l/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:51 2024 by rpki-client on console-fra.rpki-client.org