Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/990595-5157-4036-b601-60843b5bbb81/1/SokLiV26qs0gT7aZd6Wy_nW9yDk.roa
File: SokLiV26qs0gT7aZd6Wy_nW9yDk.roa (raw, json)
Hash identifier: sGYRyp0bk3rgP8e6rweFtNmjCuI81nD4Z5L+ISFDLQk=
Subject key identifier: 4A:89:0B:89:5D:BA:AA:CD:20:4F:B6:99:77:A5:B2:FE:75:BD:C8:39
Certificate issuer: /CN=4a75fa95475badeeb71f844e0b0b44b6a8fea9fe
Certificate serial: 018CC86F5A9C6D36444BF4629F07ADFE23A9
Authority key identifier: 4A:75:FA:95:47:5B:AD:EE:B7:1F:84:4E:0B:0B:44:B6:A8:FE:A9:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SnX6lUdbre63H4ROCwtEtqj-qf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/990595-5157-4036-b601-60843b5bbb81/1/SokLiV26qs0gT7aZd6Wy_nW9yDk.roa
Signing time: Tue 02 Jan 2024 04:29:50 +0000
ROA not before: Tue 02 Jan 2024 04:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42755
IP address blocks: 91.198.27.0/24 maxlen: 24
91.199.206.0/24 maxlen: 24
195.184.64.0/23 maxlen: 23
195.184.64.0/24 maxlen: 24
195.184.65.0/24 maxlen: 24
185.138.208.0/22 maxlen: 22
91.195.200.0/23 maxlen: 23
91.195.200.0/24 maxlen: 24
91.195.201.0/24 maxlen: 24
91.196.168.0/22 maxlen: 22
46.21.164.0/24 maxlen: 24
46.21.165.0/24 maxlen: 24
46.21.160.0/20 maxlen: 20
2a02:27f8::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 03 Oct 2024 09:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:5a:9c:6d:36:44:4b:f4:62:9f:07:ad:fe:23:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a75fa95475badeeb71f844e0b0b44b6a8fea9fe
Validity
Not Before: Jan 2 04:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a890b895dbaaacd204fb69977a5b2fe75bdc839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:0e:e2:4d:dd:48:dd:1c:b2:69:ea:67:69:cc:
4a:64:0e:ed:26:67:42:93:22:3f:85:64:36:8d:30:
65:b8:b6:22:0b:d6:7c:85:85:32:e7:d8:85:11:73:
10:33:ea:b5:c9:d1:5b:69:cc:5e:3a:e4:d2:58:d7:
23:6a:5f:70:90:df:49:7a:a7:e6:e3:0e:68:68:1a:
f8:30:b7:de:e7:96:99:58:1c:0e:5b:be:f1:69:40:
0a:87:b8:eb:be:82:13:05:bf:11:4a:d1:f6:d5:92:
14:2e:13:02:57:6b:b3:41:54:30:dd:f4:ef:e8:e8:
69:0d:54:41:77:8c:50:98:11:de:d4:aa:e9:fb:27:
13:c4:08:57:9c:5e:a3:71:f4:2a:e6:ef:9a:7c:14:
e2:72:93:62:7a:49:40:95:32:55:16:2c:45:9d:a8:
aa:5a:0c:d5:81:9b:ed:1e:ac:05:5e:3b:7e:ac:47:
9f:7d:79:c4:d0:72:3e:59:63:f1:e0:f9:18:0b:2a:
ee:c1:63:ef:93:82:7e:77:4f:8c:dd:4e:c2:7a:ef:
72:03:91:ee:95:a5:86:3c:3e:28:0b:fb:1e:6a:14:
1c:b1:32:b4:3f:3e:51:f6:df:32:cf:60:78:7c:27:
97:b0:fa:5f:44:de:84:13:f2:3e:03:91:4f:61:b7:
60:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:89:0B:89:5D:BA:AA:CD:20:4F:B6:99:77:A5:B2:FE:75:BD:C8:39
X509v3 Authority Key Identifier:
keyid:4A:75:FA:95:47:5B:AD:EE:B7:1F:84:4E:0B:0B:44:B6:A8:FE:A9:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SnX6lUdbre63H4ROCwtEtqj-qf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/990595-5157-4036-b601-60843b5bbb81/1/SokLiV26qs0gT7aZd6Wy_nW9yDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/990595-5157-4036-b601-60843b5bbb81/1/SnX6lUdbre63H4ROCwtEtqj-qf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.160.0/20
91.195.200.0/23
91.196.168.0/22
91.198.27.0/24
91.199.206.0/24
185.138.208.0/22
195.184.64.0/23
IPv6:
2a02:27f8::/32
Signature Algorithm: sha256WithRSAEncryption
56:03:86:79:b5:88:4c:6a:0d:16:cf:b5:e0:67:41:6c:a1:0f:
f8:b3:e7:e3:84:7b:4b:6a:a7:df:d6:2d:13:09:0c:e6:36:3e:
50:81:38:cb:64:5c:10:3d:e9:8d:b0:da:14:7a:dd:60:57:a8:
3a:9b:39:de:72:aa:35:13:5a:53:ac:7d:f5:06:fb:66:54:6a:
9b:9e:1d:c2:ff:56:a3:50:d2:31:9a:30:e5:90:dd:ce:6f:51:
50:1d:e9:8d:9a:b6:27:d9:13:c8:49:12:89:ed:78:c1:ad:78:
48:b3:1c:41:6c:6f:90:a6:0e:18:5e:86:9b:cb:31:16:34:63:
4c:47:9b:7f:05:48:5c:32:1f:f3:2c:b8:2a:49:86:c8:1a:88:
29:1e:e8:88:75:81:f3:7c:27:ca:3d:30:b2:b6:ac:28:f7:d0:
e9:fb:cd:be:c0:f7:f5:29:61:71:40:82:f7:7a:53:6f:d3:d3:
88:51:7c:e4:82:2d:ff:11:39:22:f1:b3:7d:db:04:77:47:1c:
6b:65:99:e8:cd:2e:1f:83:a5:5f:6d:45:15:c1:a1:0e:8b:6a:
0b:12:90:8f:46:e2:11:e3:11:d9:a7:b2:c7:e8:46:81:ed:90:
83:4e:5f:59:15:a7:ef:ec:c3:56:4b:1e:f3:fb:8f:7c:cc:67:
1b:7c:92:10
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzIb1qcbTZES/Rinwet/iOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNzVmYTk1NDc1YmFkZWViNzFmODQ0ZTBiMGI0NGI2YThm
ZWE5ZmUwHhcNMjQwMTAyMDQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTg5MGI4OTVkYmFhYWNkMjA0ZmI2OTk3N2E1YjJmZTc1YmRjODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3g7iTd1I3RyyaepnacxKZA7tJmdC
kyI/hWQ2jTBluLYiC9Z8hYUy59iFEXMQM+q1ydFbacxeOuTSWNcjal9wkN9Jeqfm
4w5oaBr4MLfe55aZWBwOW77xaUAKh7jrvoITBb8RStH21ZIULhMCV2uzQVQw3fTv
6OhpDVRBd4xQmBHe1Krp+ycTxAhXnF6jcfQq5u+afBTicpNieklAlTJVFixFnaiq
WgzVgZvtHqwFXjt+rEeffXnE0HI+WWPx4PkYCyruwWPvk4J+d0+M3U7Ceu9yA5Hu
laWGPD4oC/seahQcsTK0Pz5R9t8yz2B4fCeXsPpfRN6EE/I+A5FPYbdgSwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFEqJC4lduqrNIE+2mXelsv51vcg5MB8GA1UdIwQY
MBaAFEp1+pVHW63utx+ETgsLRLao/qn+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU25YNmxVZGJyZTYzSDRST0N3dEV0cWotcWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy85OTA1OTUtNTE1Ny00MDM2LWI2MDEt
NjA4NDNiNWJiYjgxLzEvU29rTGlWMjZxczBnVDdhWmQ2V3lfblc5eURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy85OTA1OTUtNTE1Ny00MDM2LWI2MDEtNjA4NDNiNWJiYjgx
LzEvU25YNmxVZGJyZTYzSDRST0N3dEV0cWotcWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQELhWgAwQB
W8PIAwQCW8SoAwQAW8YbAwQAW8fOAwQCuYrQAwQBw7hAMA0EAgACMAcDBQAqAif4
MA0GCSqGSIb3DQEBCwUAA4IBAQBWA4Z5tYhMag0Wz7XgZ0FsoQ/4s+fjhHtLaqff
1i0TCQzmNj5QgTjLZFwQPemNsNoUet1gV6g6mznecqo1E1pTrH31BvtmVGqbnh3C
/1ajUNIxmjDlkN3Ob1FQHemNmrYn2RPISRKJ7XjBrXhIsxxBbG+Qpg4YXoabyzEW
NGNMR5t/BUhcMh/zLLgqSYbIGogpHuiIdYHzfCfKPTCytqwo99Dp+82+wPf1KWFx
QIL3elNv09OIUXzkgi3/ETki8bN92wR3RxxrZZnozS4fg6VfbUUVwaEOi2oLEpCP
RuIR4xHZp7LH6EaB7ZCDTl9ZFafv7MNWSx7z+498zGcbfJIQ
-----END CERTIFICATE-----
Generated at Thu Oct 3 12:20:05 2024 by rpki-client on console-ams.rpki-client.org