Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/SBzbD2WFabtAM1fi2qbLZUYGYwM.roa
File: SBzbD2WFabtAM1fi2qbLZUYGYwM.roa (raw, json)
Hash identifier: 6XXTOI0aNFYc2ZtlJzm2yslzyJ9nnubFZ+1P8apGgHo=
Subject key identifier: 48:1C:DB:0F:65:85:69:BB:40:33:57:E2:DA:A6:CB:65:46:06:63:03
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 018F73C1BBADFE975611322CA40B4C33212A
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/SBzbD2WFabtAM1fi2qbLZUYGYwM.roa
Signing time: Mon 13 May 2024 21:00:27 +0000
ROA not before: Mon 13 May 2024 21:00:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60707
IP address blocks: 91.151.83.0/24 maxlen: 24
91.151.84.0/24 maxlen: 24
213.142.135.0/24 maxlen: 24
213.142.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 May 2024 14:38:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:73:c1:bb:ad:fe:97:56:11:32:2c:a4:0b:4c:33:21:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: May 13 21:00:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=481cdb0f658569bb403357e2daa6cb6546066303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2b:91:68:ce:bf:ba:f0:d3:5b:bf:43:5b:2d:
c7:fc:b8:aa:80:a2:2b:94:c2:e0:45:e2:ef:5e:d5:
8a:0b:b9:f0:7c:69:53:b7:db:0e:70:50:98:84:98:
b0:01:19:15:31:2f:d0:f8:47:81:13:33:aa:d5:7c:
dd:0d:09:30:5d:c1:e4:7c:e2:ff:7a:e5:02:c3:08:
d3:6b:5a:2d:a4:d7:00:9e:ad:65:51:d6:bf:bd:a1:
fa:43:af:b1:77:a6:3c:d4:17:f2:69:2b:69:9b:70:
07:a8:e8:02:af:39:58:bb:ea:2d:b5:7a:fb:90:64:
b6:f1:c5:bc:28:b6:d2:ea:74:12:21:d6:51:a0:88:
3d:03:7e:8e:7c:b7:2f:67:80:bd:0e:6a:29:69:d8:
0e:aa:db:38:e2:9a:75:10:fb:35:12:4f:b7:29:2e:
d5:ec:dd:e0:86:a7:47:8a:1b:f7:af:36:2b:00:1e:
94:b5:40:ab:4d:ef:96:ed:db:8c:3e:5c:ee:e8:1e:
d3:5b:9f:c4:a5:af:ed:49:80:71:26:54:0f:0e:4e:
02:dc:45:73:a5:4c:af:d1:21:6e:86:2d:a2:5c:5a:
7a:fc:50:bb:45:39:84:ef:71:15:8a:e3:7e:44:a0:
2a:68:8a:3e:34:53:1e:65:aa:a7:21:51:de:90:c2:
dd:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:1C:DB:0F:65:85:69:BB:40:33:57:E2:DA:A6:CB:65:46:06:63:03
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/SBzbD2WFabtAM1fi2qbLZUYGYwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.83.0-91.151.84.255
213.142.135.0/24
213.142.143.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:27:4e:b4:70:1d:97:47:3e:4b:62:f4:14:4d:7e:1c:f0:54:
37:9a:8c:bc:66:21:7f:b4:e1:d3:3f:c4:28:87:e4:66:d9:9d:
2e:60:cb:9b:4c:c1:f8:32:40:7c:4b:cb:34:4c:8a:db:95:dc:
22:5a:5e:8e:e5:5a:0d:41:5c:12:97:6b:3e:0e:7f:26:b0:f4:
cd:c0:d7:cf:22:e0:6c:69:6e:03:cd:52:99:76:b0:f3:be:e9:
95:75:28:61:6a:6f:54:1e:fd:58:74:9a:2b:4b:1e:37:b5:94:
00:89:a7:0c:67:d5:f6:b3:36:7a:41:d6:bf:31:1d:5c:f5:15:
cd:c6:c2:54:1b:e2:ed:cc:12:11:a7:b8:1c:f5:d0:f8:f4:b0:
00:ba:ae:77:c1:98:26:2f:85:26:1c:5a:1a:8b:cb:16:12:9f:
fd:df:0b:57:8d:19:49:38:20:6b:50:1a:f5:da:4b:ed:34:49:
fc:1f:2a:d7:cb:8e:77:5c:39:74:4a:a0:46:40:ea:14:bb:87:
8f:8c:a3:63:32:de:23:36:62:b4:fe:6f:87:d2:b6:7a:0c:13:
23:06:c2:b8:49:b6:d1:4a:27:ab:e8:5a:50:33:e0:b2:e4:35:
ab:4f:9a:9d:13:40:ff:4c:8d:a3:7f:29:69:ab:97:56:d7:63:
38:f2:bc:a4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY9zwbut/pdWETIspAtMMyEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjQwNTEzMjEwMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODFjZGIwZjY1ODU2OWJiNDAzMzU3ZTJkYWE2Y2I2NTQ2MDY2MzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziuRaM6/uvDTW79DWy3H/LiqgKIr
lMLgReLvXtWKC7nwfGlTt9sOcFCYhJiwARkVMS/Q+EeBEzOq1XzdDQkwXcHkfOL/
euUCwwjTa1otpNcAnq1lUda/vaH6Q6+xd6Y81BfyaStpm3AHqOgCrzlYu+ottXr7
kGS28cW8KLbS6nQSIdZRoIg9A36OfLcvZ4C9DmopadgOqts44pp1EPs1Ek+3KS7V
7N3ghqdHihv3rzYrAB6UtUCrTe+W7duMPlzu6B7TW5/Epa/tSYBxJlQPDk4C3EVz
pUyv0SFuhi2iXFp6/FC7RTmE73EViuN+RKAqaIo+NFMeZaqnIVHekMLdjQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEgc2w9lhWm7QDNX4tqmy2VGBmMDMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvU0J6YkQyV0ZhYnRBTTFmaTJxYkxaVVlHWXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABbl1MD
BABbl1QDBADVjocDBADVjo8wDQYJKoZIhvcNAQELBQADggEBAG8nTrRwHZdHPkti
9BRNfhzwVDeajLxmIX+04dM/xCiH5GbZnS5gy5tMwfgyQHxLyzRMituV3CJaXo7l
Wg1BXBKXaz4Ofyaw9M3A188i4GxpbgPNUpl2sPO+6ZV1KGFqb1Qe/Vh0mitLHje1
lACJpwxn1fazNnpB1r8xHVz1Fc3GwlQb4u3MEhGnuBz10Pj0sAC6rnfBmCYvhSYc
WhqLyxYSn/3fC1eNGUk4IGtQGvXaS+00SfwfKtfLjndcOXRKoEZA6hS7h4+Mo2My
3iM2YrT+b4fStnoMEyMGwrhJttFKJ6voWlAz4LLkNatPmp0TQP9MjaN/KWmrl1bX
YzjyvKQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:04 2024 by rpki-client on console-fra.rpki-client.org