Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/Sg1RPNLNkm0yEc-IQ66TfCkzSms.roa
File: Sg1RPNLNkm0yEc-IQ66TfCkzSms.roa (raw, json)
Hash identifier: WB4Dajd9GyK2dXmdrd8XEUHVFH6Hux+MUU0R4MMOZyw=
Subject key identifier: 4A:0D:51:3C:D2:CD:92:6D:32:11:CF:88:43:AE:93:7C:29:33:4A:6B
Certificate issuer: /CN=64d4e8723450d0a710c32d90ffea18529104e538
Certificate serial: 018BD1C3E0C54E90B4D9849CFD0C64455973
Authority key identifier: 64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/Sg1RPNLNkm0yEc-IQ66TfCkzSms.roa
Signing time: Wed 15 Nov 2023 06:55:57 +0000
ROA not before: Wed 15 Nov 2023 06:55:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48031
IP address blocks: 195.211.40.0/23 maxlen: 23
91.226.212.0/23 maxlen: 23
176.103.48.0/20 maxlen: 20
91.207.60.0/24 maxlen: 24
193.169.86.0/23 maxlen: 23
91.217.91.0/24 maxlen: 24
91.217.90.0/24 maxlen: 24
2a13:f580:1::/48 maxlen: 48
2001:678:334::/48 maxlen: 48
2a13:f580:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 24 Nov 2023 13:12:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d1:c3:e0:c5:4e:90:b4:d9:84:9c:fd:0c:64:45:59:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d4e8723450d0a710c32d90ffea18529104e538
Validity
Not Before: Nov 15 06:55:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a0d513cd2cd926d3211cf8843ae937c29334a6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0e:53:ca:7f:21:12:ff:ac:d9:04:14:29:b8:
d2:7a:53:56:d9:d9:14:8d:cd:b3:68:07:95:86:28:
c2:5d:62:1f:5e:be:96:b4:84:c8:4e:61:f6:7e:5f:
db:ae:60:22:08:5a:b8:32:82:a6:a9:78:10:c9:a8:
48:26:ca:47:e5:ee:d2:b0:09:0f:f5:67:e5:21:d7:
91:5e:e3:a6:83:1c:52:24:82:1b:ec:80:17:8c:c7:
dc:fc:27:89:3a:cb:aa:e9:a0:4c:99:47:cf:82:58:
aa:67:b0:b6:e4:9c:e9:41:01:52:1e:1f:3b:46:ce:
84:ff:3a:44:0d:2b:f2:87:07:07:38:1b:c3:22:fa:
ca:9b:0b:eb:db:cd:15:43:61:69:6b:fd:52:2d:b2:
d9:b2:3d:04:b7:38:07:78:6c:c8:d0:f0:37:1e:a1:
61:2b:6f:a7:60:d6:94:a5:f4:84:1d:d5:45:9d:fa:
c6:8e:b9:65:32:ed:0b:1a:95:86:a5:be:3c:cb:a0:
4f:04:93:a8:09:b7:8c:cb:34:f5:e2:9d:0e:4f:b3:
fa:58:d0:52:17:dd:1d:52:1d:93:ca:73:b9:8e:e9:
d6:ea:32:da:c3:6b:37:c0:20:44:39:d6:e9:68:c9:
26:9b:dc:66:7d:c0:ff:09:d9:b0:9c:3c:dd:5a:5e:
40:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:0D:51:3C:D2:CD:92:6D:32:11:CF:88:43:AE:93:7C:29:33:4A:6B
X509v3 Authority Key Identifier:
keyid:64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/Sg1RPNLNkm0yEc-IQ66TfCkzSms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.60.0/24
91.217.90.0/23
91.226.212.0/23
176.103.48.0/20
193.169.86.0/23
195.211.40.0/23
IPv6:
2001:678:334::/48
2a13:f580:1::/48
2a13:f580:4::/48
Signature Algorithm: sha256WithRSAEncryption
27:dd:80:f0:e7:7d:29:0a:d4:65:ed:7f:14:96:7a:88:42:ff:
e2:5c:fa:49:36:fc:1b:38:cf:b4:ec:ac:ae:99:47:6e:79:60:
f7:de:31:2d:b5:cf:46:20:53:5d:19:e6:39:fa:46:3a:03:98:
b5:5b:29:06:7d:30:58:5f:8f:0c:de:65:8f:90:7c:75:81:49:
1c:ce:13:08:a1:b6:f3:3b:10:37:c8:37:59:7f:8b:43:9c:6d:
84:b8:99:6b:3b:3b:28:34:72:54:24:23:9c:9e:56:18:91:dd:
64:5d:ac:a8:f1:74:e7:5d:f7:6a:32:3c:e2:1f:58:27:b7:c3:
45:82:e6:14:a1:a1:ca:e9:04:b0:5a:6a:80:f8:ff:95:2f:a9:
ee:ea:0b:51:7d:b1:bf:9b:8f:00:a2:52:46:05:34:49:a5:9e:
77:1d:fe:fe:cf:6e:54:ad:6a:87:37:16:10:01:1e:f0:f5:03:
0f:86:4b:80:9a:6f:9a:d6:31:5f:00:cf:d5:f1:d9:52:18:40:
05:40:6e:71:cb:1d:99:41:e8:35:ea:43:e4:ae:8a:8b:41:27:
9a:c5:35:e2:0f:9d:c6:ed:3c:fb:2a:08:e3:c3:5c:85:3a:5d:
6a:5f:e5:42:f0:dd:40:ba:de:a5:3b:cd:85:11:52:6d:e7:88:
3d:07:7c:e1
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYvRw+DFTpC02YSc/QxkRVlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDRlODcyMzQ1MGQwYTcxMGMzMmQ5MGZmZWExODUyOTEw
NGU1MzgwHhcNMjMxMTE1MDY1NTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTBkNTEzY2QyY2Q5MjZkMzIxMWNmODg0M2FlOTM3YzI5MzM0YTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg5Tyn8hEv+s2QQUKbjSelNW2dkU
jc2zaAeVhijCXWIfXr6WtITITmH2fl/brmAiCFq4MoKmqXgQyahIJspH5e7SsAkP
9WflIdeRXuOmgxxSJIIb7IAXjMfc/CeJOsuq6aBMmUfPgliqZ7C25JzpQQFSHh87
Rs6E/zpEDSvyhwcHOBvDIvrKmwvr280VQ2Fpa/1SLbLZsj0EtzgHeGzI0PA3HqFh
K2+nYNaUpfSEHdVFnfrGjrllMu0LGpWGpb48y6BPBJOoCbeMyzT14p0OT7P6WNBS
F90dUh2TynO5junW6jLaw2s3wCBEOdbpaMkmm9xmfcD/CdmwnDzdWl5AAQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEoNUTzSzZJtMhHPiEOuk3wpM0prMB8GA1UdIwQY
MBaAFGTU6HI0UNCnEMMtkP/qGFKRBOU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzIt
NDIyYWVkM2E3NzAyLzEvU2cxUlBOTE5rbTB5RWMtSVE2NlRmQ2t6U21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzItNDIyYWVkM2E3NzAy
LzEvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAqBAIAATAkAwQAW888AwQB
W9laAwQBW+LUAwQEsGcwAwQBwalWAwQBw9MoMCEEAgACMBsDBwAgAQZ4AzQDBwAq
E/WAAAEDBwAqE/WAAAQwDQYJKoZIhvcNAQELBQADggEBACfdgPDnfSkK1GXtfxSW
eohC/+Jc+kk2/Bs4z7TsrK6ZR255YPfeMS21z0YgU10Z5jn6RjoDmLVbKQZ9MFhf
jwzeZY+QfHWBSRzOEwihtvM7EDfIN1l/i0OcbYS4mWs7Oyg0clQkI5yeVhiR3WRd
rKjxdOdd92oyPOIfWCe3w0WC5hShocrpBLBaaoD4/5Uvqe7qC1F9sb+bjwCiUkYF
NEmlnncd/v7PblStaoc3FhABHvD1Aw+GS4Cab5rWMV8Az9Xx2VIYQAVAbnHLHZlB
6DXqQ+SuiotBJ5rFNeIPncbtPPsqCOPDXIU6XWpf5ULw3UC63qU7zYURUm3niD0H
fOE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:37 2024 by rpki-client on console-ams.rpki-client.org