Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/b61a1c-ba6f-4327-bacd-89718ebc3847/1/SQrJLFKuiT6DIxVquqIIXGZ9-y0.roa
File: SQrJLFKuiT6DIxVquqIIXGZ9-y0.roa (raw, json)
Hash identifier: 315cXKtSWYWs4Ufs8JB2/UqgLZ9CPZKa3/r7NcH4tUk=
Subject key identifier: 49:0A:C9:2C:52:AE:89:3E:83:23:15:6A:BA:A2:08:5C:66:7D:FB:2D
Certificate issuer: /CN=39ae828573f39413f806b51ee040cd34bc5f63ae
Certificate serial: 018CC9BCC7ECE407C5BB6D46280AD52C018E
Authority key identifier: 39:AE:82:85:73:F3:94:13:F8:06:B5:1E:E0:40:CD:34:BC:5F:63:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oa6ChXPzlBP4BrUe4EDNNLxfY64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/b61a1c-ba6f-4327-bacd-89718ebc3847/1/SQrJLFKuiT6DIxVquqIIXGZ9-y0.roa
Signing time: Tue 02 Jan 2024 10:34:01 +0000
ROA not before: Tue 02 Jan 2024 10:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197669
IP address blocks: 91.228.242.0/24 maxlen: 24
185.28.212.0/22 maxlen: 24
2a04:3fc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:c7:ec:e4:07:c5:bb:6d:46:28:0a:d5:2c:01:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39ae828573f39413f806b51ee040cd34bc5f63ae
Validity
Not Before: Jan 2 10:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=490ac92c52ae893e8323156abaa2085c667dfb2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:33:b1:12:44:33:f0:97:34:0a:c2:41:f4:98:
7d:f5:a4:38:bb:11:db:ec:86:05:7d:dc:35:9e:26:
b8:3a:88:91:42:6c:7a:4d:2a:ae:64:38:fc:19:36:
7a:e5:fb:db:3a:71:da:b0:3a:bf:0e:47:de:63:f9:
a2:c8:7b:3a:c5:02:74:0d:9e:9d:42:03:cf:59:d3:
1b:0d:88:e7:ed:6d:af:9c:29:fe:fc:c4:6c:56:cb:
3b:26:1f:c8:65:e1:77:1a:f5:9c:e1:8c:78:aa:a1:
0b:10:d0:9e:40:dd:f7:eb:78:c7:5a:e7:ab:d8:f4:
7c:d8:c4:20:fe:af:1d:00:82:7b:1f:e7:a4:ca:70:
28:b9:81:39:c6:d1:53:e4:63:17:73:2c:1f:49:42:
61:75:fc:2d:ee:e8:2c:85:50:55:3b:ae:31:a3:77:
a3:6b:36:60:be:2c:89:09:bd:ae:3e:fa:5e:c5:ef:
b4:c9:aa:91:d6:68:5c:25:fb:64:35:2b:44:03:fd:
a4:27:e2:80:2d:fe:3c:a3:d0:21:99:0e:87:13:dd:
26:bd:f0:2e:45:2d:0b:aa:1d:52:37:d7:10:aa:c5:
bd:47:86:6c:4b:b9:42:2b:74:6c:d7:32:29:b0:11:
70:ca:55:5c:6c:75:65:d9:76:48:62:fe:57:37:b3:
74:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:0A:C9:2C:52:AE:89:3E:83:23:15:6A:BA:A2:08:5C:66:7D:FB:2D
X509v3 Authority Key Identifier:
keyid:39:AE:82:85:73:F3:94:13:F8:06:B5:1E:E0:40:CD:34:BC:5F:63:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oa6ChXPzlBP4BrUe4EDNNLxfY64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/b61a1c-ba6f-4327-bacd-89718ebc3847/1/SQrJLFKuiT6DIxVquqIIXGZ9-y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/b61a1c-ba6f-4327-bacd-89718ebc3847/1/Oa6ChXPzlBP4BrUe4EDNNLxfY64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.242.0/24
185.28.212.0/22
IPv6:
2a04:3fc0::/29
Signature Algorithm: sha256WithRSAEncryption
24:59:eb:11:c6:98:28:c6:84:94:a6:5d:a7:d6:ae:84:49:ed:
db:99:71:21:2f:a2:35:07:24:32:a4:74:46:54:16:e1:76:a9:
5e:2e:95:e3:ae:11:f4:ae:6b:b6:5e:0d:36:81:e1:fe:35:77:
ea:61:5c:ed:30:00:e4:87:99:a8:bf:f4:6e:fb:d0:76:67:05:
c0:fc:25:44:bc:db:07:e7:a6:d7:e3:df:c3:14:d8:8b:f1:5d:
cd:23:81:be:f9:73:d7:41:97:b9:0d:76:c2:78:65:df:05:12:
61:24:d2:c4:38:40:6f:94:e9:7f:35:09:ef:36:d3:70:ec:12:
db:81:0b:cf:3c:54:de:c4:2f:6b:52:97:e2:b0:81:bd:07:2b:
e9:34:c8:c7:30:56:35:d2:54:b9:8d:01:0d:69:30:6f:8f:d0:
fd:25:55:11:7c:6f:df:af:63:6e:34:78:1b:c7:7a:ed:ae:df:
13:56:a0:9c:c6:6f:57:8c:67:aa:c5:0a:dd:db:19:e2:75:62:
59:b2:a1:7c:8a:74:60:f3:2d:d3:b1:a1:80:0c:8e:1f:ec:af:
96:82:de:01:33:cf:2b:f5:3c:e4:7d:9f:1b:8c:49:b7:3c:39:
70:a8:28:79:9f:6f:ab:92:b5:a4:fc:3d:9a:b3:f5:b6:56:9e:
68:67:50:6a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvMfs5AfFu21GKArVLAGOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5YWU4Mjg1NzNmMzk0MTNmODA2YjUxZWUwNDBjZDM0YmM1
ZjYzYWUwHhcNMjQwMTAyMTAzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTBhYzkyYzUyYWU4OTNlODMyMzE1NmFiYWEyMDg1YzY2N2RmYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjOxEkQz8Jc0CsJB9Jh99aQ4uxHb
7IYFfdw1nia4OoiRQmx6TSquZDj8GTZ65fvbOnHasDq/DkfeY/miyHs6xQJ0DZ6d
QgPPWdMbDYjn7W2vnCn+/MRsVss7Jh/IZeF3GvWc4Yx4qqELENCeQN3363jHWuer
2PR82MQg/q8dAIJ7H+ekynAouYE5xtFT5GMXcywfSUJhdfwt7ugshVBVO64xo3ej
azZgviyJCb2uPvpexe+0yaqR1mhcJftkNStEA/2kJ+KALf48o9AhmQ6HE90mvfAu
RS0Lqh1SN9cQqsW9R4ZsS7lCK3Rs1zIpsBFwylVcbHVl2XZIYv5XN7N0XQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEkKySxSrok+gyMVarqiCFxmffstMB8GA1UdIwQY
MBaAFDmugoVz85QT+Aa1HuBAzTS8X2OuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2E2Q2hYUHpsQlA0QnJVZTRFRE5OTHhmWTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9iNjFhMWMtYmE2Zi00MzI3LWJhY2Qt
ODk3MThlYmMzODQ3LzEvU1FySkxGS3VpVDZESXhWcXVxSUlYR1o5LXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9iNjFhMWMtYmE2Zi00MzI3LWJhY2QtODk3MThlYmMzODQ3
LzEvT2E2Q2hYUHpsQlA0QnJVZTRFRE5OTHhmWTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW+TyAwQC
uRzUMA0EAgACMAcDBQMqBD/AMA0GCSqGSIb3DQEBCwUAA4IBAQAkWesRxpgoxoSU
pl2n1q6ESe3bmXEhL6I1ByQypHRGVBbhdqleLpXjrhH0rmu2Xg02geH+NXfqYVzt
MADkh5mov/Ru+9B2ZwXA/CVEvNsH56bX49/DFNiL8V3NI4G++XPXQZe5DXbCeGXf
BRJhJNLEOEBvlOl/NQnvNtNw7BLbgQvPPFTexC9rUpfisIG9ByvpNMjHMFY10lS5
jQENaTBvj9D9JVURfG/fr2NuNHgbx3rtrt8TVqCcxm9XjGeqxQrd2xnidWJZsqF8
inRg8y3TsaGADI4f7K+Wgt4BM88r9TzkfZ8bjEm3PDlwqCh5n2+rkrWk/D2as/W2
Vp5oZ1Bq
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:23:03 2025 by rpki-client