Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/dqfD2gjk0meG9ZrCXWb8-wqQ8RY.roa
File: dqfD2gjk0meG9ZrCXWb8-wqQ8RY.roa (raw, json)
Hash identifier: RwJ/DhXcrBbrY5+OqM2sn8Fwvkn3I8XqB57cQ20jLSI=
Subject key identifier: 76:A7:C3:DA:08:E4:D2:67:86:F5:9A:C2:5D:66:FC:FB:0A:90:F1:16
Certificate issuer: /CN=7021d7528be713a4ba2cb4db5e58d64d882eb555
Certificate serial: 0190BBC343A826D771985383CF76B0AEE519
Authority key identifier: 70:21:D7:52:8B:E7:13:A4:BA:2C:B4:DB:5E:58:D6:4D:88:2E:B5:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cCHXUovnE6S6LLTbXljWTYgutVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/dqfD2gjk0meG9ZrCXWb8-wqQ8RY.roa
Signing time: Tue 16 Jul 2024 13:37:34 +0000
ROA not before: Tue 16 Jul 2024 13:37:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212219
IP address blocks: 91.151.88.0/24 maxlen: 24
91.151.89.0/24 maxlen: 24
91.151.95.0/24 maxlen: 24
213.142.148.0/24 maxlen: 24
213.142.151.0/24 maxlen: 24
213.142.159.0/24 maxlen: 24
2a0f:bf00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 26 Sep 2024 13:38:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:c3:43:a8:26:d7:71:98:53:83:cf:76:b0:ae:e5:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7021d7528be713a4ba2cb4db5e58d64d882eb555
Validity
Not Before: Jul 16 13:37:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76a7c3da08e4d26786f59ac25d66fcfb0a90f116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ff:44:44:91:71:d6:1c:45:7c:5d:92:48:a0:
bb:34:a9:c4:94:76:97:77:47:78:c6:08:7f:47:16:
e6:7e:90:16:d3:89:eb:b2:b2:a0:42:33:1f:01:ed:
fc:5c:02:ee:36:44:a1:ae:5e:e4:ed:46:31:d0:b0:
17:29:48:f7:78:10:4e:75:ae:b8:af:e4:df:51:7a:
60:ce:cf:67:66:1f:37:3f:05:0e:30:5f:bc:0f:c2:
f7:e9:72:9a:81:41:0d:68:a5:3d:4b:83:58:d7:e8:
91:64:6d:22:a5:5c:f2:af:8f:61:4c:97:82:d2:a2:
17:37:03:58:61:f3:28:70:ab:7b:ad:1c:d3:85:4a:
6f:3e:e4:b3:de:69:3b:a4:70:a4:91:b6:f7:38:eb:
cd:3a:22:02:c4:63:35:25:75:cf:8d:b1:ba:03:e3:
90:2d:32:c3:87:ac:33:02:e4:f0:52:37:d3:24:9c:
3c:dc:3a:76:3b:7c:37:b9:5a:e5:9e:27:72:3b:46:
12:44:99:a6:c8:0b:d6:55:73:70:7c:97:af:5f:08:
41:a2:07:e8:45:c4:e8:49:b1:90:37:1d:9a:92:72:
7a:59:39:93:fc:f8:05:f5:b1:53:64:7b:5c:17:c4:
64:90:79:4d:cf:e7:2f:71:76:85:f3:46:eb:66:82:
23:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:A7:C3:DA:08:E4:D2:67:86:F5:9A:C2:5D:66:FC:FB:0A:90:F1:16
X509v3 Authority Key Identifier:
keyid:70:21:D7:52:8B:E7:13:A4:BA:2C:B4:DB:5E:58:D6:4D:88:2E:B5:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCHXUovnE6S6LLTbXljWTYgutVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/dqfD2gjk0meG9ZrCXWb8-wqQ8RY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/cCHXUovnE6S6LLTbXljWTYgutVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.88.0/23
91.151.95.0/24
213.142.148.0/24
213.142.151.0/24
213.142.159.0/24
IPv6:
2a0f:bf00::/29
Signature Algorithm: sha256WithRSAEncryption
3f:38:ca:c8:a8:5b:bb:ec:6e:66:04:ba:23:f7:8c:cc:6d:41:
08:0f:f0:5f:76:d2:4e:28:7c:f5:6c:aa:54:cc:3d:8c:14:1f:
99:2d:44:a2:dd:77:2a:de:24:f2:0e:b3:e0:27:69:06:1a:24:
4d:19:0c:55:8e:fe:f1:f5:e4:9a:35:fe:fe:ac:59:b9:1c:41:
45:e4:72:da:b9:1b:94:dd:68:50:8d:41:6a:d1:f3:a2:73:a4:
0c:9c:8a:e8:d8:f7:40:11:ba:e5:c1:2d:40:60:b2:df:2a:9f:
02:0a:c3:99:81:cf:4b:43:83:98:8d:0a:21:18:39:11:ea:42:
05:08:a7:0c:6e:cd:af:03:e2:9f:14:fd:d8:3a:bf:63:ab:4f:
98:d1:10:08:78:c9:0a:a0:85:09:96:6d:d2:ed:0b:9e:f8:43:
f4:d4:c2:92:75:8f:94:49:65:6a:fb:6f:d3:09:52:ab:aa:97:
fa:f6:a0:05:f8:41:fb:e3:0c:81:f2:43:68:2e:4d:98:be:8c:
b1:40:4f:a9:92:5d:9c:77:db:c9:34:64:6f:8e:95:d3:0c:f0:
f0:7f:83:37:5a:44:58:b7:36:6c:b1:6b:c6:e1:70:7a:74:4a:
62:c8:d0:6b:1e:f0:38:2d:51:e3:cc:3c:5e:44:36:15:66:d3:
81:a4:7b:52
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZC7w0OoJtdxmFODz3awruUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjFkNzUyOGJlNzEzYTRiYTJjYjRkYjVlNThkNjRkODgy
ZWI1NTUwHhcNMjQwNzE2MTMzNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmE3YzNkYTA4ZTRkMjY3ODZmNTlhYzI1ZDY2ZmNmYjBhOTBmMTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0f9ERJFx1hxFfF2SSKC7NKnElHaX
d0d4xgh/RxbmfpAW04nrsrKgQjMfAe38XALuNkShrl7k7UYx0LAXKUj3eBBOda64
r+TfUXpgzs9nZh83PwUOMF+8D8L36XKagUENaKU9S4NY1+iRZG0ipVzyr49hTJeC
0qIXNwNYYfMocKt7rRzThUpvPuSz3mk7pHCkkbb3OOvNOiICxGM1JXXPjbG6A+OQ
LTLDh6wzAuTwUjfTJJw83Dp2O3w3uVrlnidyO0YSRJmmyAvWVXNwfJevXwhBogfo
RcToSbGQNx2aknJ6WTmT/PgF9bFTZHtcF8RkkHlNz+cvcXaF80brZoIjGQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHanw9oI5NJnhvWawl1m/PsKkPEWMB8GA1UdIwQY
MBaAFHAh11KL5xOkuiy0215Y1k2ILrVVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0NIWFVvdm5FNlM2TExUYlhsaldUWWd1dFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8wMWIwYzAtMWI4Ny00ZDZmLTllOTAt
OTI4MWYwZDIzZGJmLzEvZHFmRDJnamswbWVHOVpyQ1hXYjgtd3FROFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8wMWIwYzAtMWI4Ny00ZDZmLTllOTAtOTI4MWYwZDIzZGJm
LzEvY0NIWFVvdm5FNlM2TExUYlhsaldUWWd1dFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBW5dYAwQA
W5dfAwQA1Y6UAwQA1Y6XAwQA1Y6fMA0EAgACMAcDBQMqD78AMA0GCSqGSIb3DQEB
CwUAA4IBAQA/OMrIqFu77G5mBLoj94zMbUEID/BfdtJOKHz1bKpUzD2MFB+ZLUSi
3Xcq3iTyDrPgJ2kGGiRNGQxVjv7x9eSaNf7+rFm5HEFF5HLauRuU3WhQjUFq0fOi
c6QMnIro2PdAEbrlwS1AYLLfKp8CCsOZgc9LQ4OYjQohGDkR6kIFCKcMbs2vA+Kf
FP3YOr9jq0+Y0RAIeMkKoIUJlm3S7Que+EP01MKSdY+USWVq+2/TCVKrqpf69qAF
+EH74wyB8kNoLk2YvoyxQE+pkl2cd9vJNGRvjpXTDPDwf4M3WkRYtzZssWvG4XB6
dEpiyNBrHvA4LVHjzDxeRDYVZtOBpHtS
-----END CERTIFICATE-----
Generated at Thu Sep 26 16:48:10 2024 by rpki-client on console-ams.rpki-client.org