Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/SGQ_4o9QOoy-NtVhit8CqwBvuf4.roa
File: SGQ_4o9QOoy-NtVhit8CqwBvuf4.roa (raw, json)
Hash identifier: zjfCVm0TlK0sfzcDID6CbAL+dGkznXAXHpBCzS39Alg=
Subject key identifier: 48:64:3F:E2:8F:50:3A:8C:BE:36:D5:61:8A:DF:02:AB:00:6F:B9:FE
Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial: 018E37B7EF67187BD05F90A3677885E7D41F
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/SGQ_4o9QOoy-NtVhit8CqwBvuf4.roa
Signing time: Wed 13 Mar 2024 12:09:45 +0000
ROA not before: Wed 13 Mar 2024 12:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200370
IP address blocks: 46.36.97.0/24 maxlen: 24
46.36.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 11:03:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:37:b7:ef:67:18:7b:d0:5f:90:a3:67:78:85:e7:d4:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Validity
Not Before: Mar 13 12:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48643fe28f503a8cbe36d5618adf02ab006fb9fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:48:b6:c4:4d:73:23:bd:56:3c:30:bc:a3:1f:
28:fb:a6:9c:71:5d:08:dc:8b:e5:4e:f2:bc:a5:a2:
2c:d5:df:91:af:14:04:c1:32:35:ae:c5:04:0a:90:
fb:20:bf:d0:b8:53:2d:71:66:5e:b3:f0:d3:f0:c0:
96:23:8c:7e:93:70:23:da:41:d0:47:94:55:95:c2:
b7:7e:11:54:11:a3:86:64:4c:5d:49:bf:3a:88:6c:
98:61:5d:c7:fd:39:16:3e:c3:65:3d:3a:ce:7d:ac:
89:b8:b1:5d:a1:7b:28:b5:4a:82:f9:34:ad:f3:e0:
f4:f0:f1:2d:7a:a6:f5:8c:18:54:6c:06:32:06:58:
2d:f2:98:67:c6:9a:95:f1:a8:6c:a7:93:15:d9:14:
92:9f:5f:60:7c:cf:8d:83:d3:e7:5f:87:56:65:30:
a3:14:88:e0:42:3f:6e:81:22:12:4b:c3:bf:99:fb:
fa:d7:db:ea:5d:e0:87:5c:a1:b1:ee:a0:3a:98:44:
a6:aa:a5:39:5b:b5:6f:31:a8:6c:36:b5:a1:ab:23:
61:94:4a:11:43:41:ec:af:cf:64:78:99:22:00:56:
e8:a3:c8:7a:86:cc:9c:72:6c:88:36:7d:f4:93:e1:
28:a5:ef:dd:a1:1f:3f:1a:96:80:32:38:15:ed:ec:
1c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:64:3F:E2:8F:50:3A:8C:BE:36:D5:61:8A:DF:02:AB:00:6F:B9:FE
X509v3 Authority Key Identifier:
keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/SGQ_4o9QOoy-NtVhit8CqwBvuf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.97.0/24
46.36.106.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:dc:71:23:0c:28:c2:4d:e9:63:ab:17:b7:94:22:80:3e:2e:
3a:5d:26:be:ac:fe:76:93:9c:c4:49:c0:84:62:1e:d6:30:c7:
16:f6:46:cc:a8:80:87:20:b9:30:6c:b1:e6:2e:dd:3b:0b:c5:
50:d9:2a:dc:8c:42:74:37:e2:df:36:2c:3c:3c:46:ce:05:13:
26:6a:79:cb:a1:41:f0:d1:9f:1f:58:7f:69:e1:be:22:b1:74:
95:63:32:e4:df:8a:ba:ad:a3:c3:e2:ab:e2:a0:bf:5a:b1:c9:
72:1d:35:c1:27:9d:ae:a7:6b:4e:4f:7b:c9:f0:0a:41:40:20:
62:4e:6e:85:93:f7:81:b1:d4:9a:48:f0:75:bb:d5:81:87:04:
15:57:c8:69:e1:a7:76:e4:26:6f:38:f7:49:c5:f9:e4:60:d2:
84:d5:7a:d7:dd:13:c1:24:4e:14:c3:92:75:f4:c8:a9:76:6c:
50:56:b9:4e:1d:df:2b:ef:d3:16:2f:cb:c9:ee:ae:6b:fe:3e:
aa:a4:94:39:20:6e:de:46:08:e3:53:5e:da:80:c8:61:e2:a5:
5d:c6:d4:ce:f2:73:ad:9d:30:50:7b:2b:c7:7a:21:b5:5e:a1:
35:05:93:49:61:a2:40:6d:6c:ac:3b:0f:51:bb:a0:ec:5b:44:
86:25:bc:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY43t+9nGHvQX5CjZ3iF59QfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjQwMzEzMTIwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODY0M2ZlMjhmNTAzYThjYmUzNmQ1NjE4YWRmMDJhYjAwNmZiOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEi2xE1zI71WPDC8ox8o+6accV0I
3IvlTvK8paIs1d+RrxQEwTI1rsUECpD7IL/QuFMtcWZes/DT8MCWI4x+k3Aj2kHQ
R5RVlcK3fhFUEaOGZExdSb86iGyYYV3H/TkWPsNlPTrOfayJuLFdoXsotUqC+TSt
8+D08PEteqb1jBhUbAYyBlgt8phnxpqV8ahsp5MV2RSSn19gfM+Ng9PnX4dWZTCj
FIjgQj9ugSISS8O/mfv619vqXeCHXKGx7qA6mESmqqU5W7VvMahsNrWhqyNhlEoR
Q0Hsr89keJkiAFboo8h6hsyccmyINn30k+Eope/doR8/GpaAMjgV7ewc6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEhkP+KPUDqMvjbVYYrfAqsAb7n+MB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvU0dRXzRvOVFPb3ktTnRWaGl0OENxd0J2dWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiRhAwQA
LiRqMA0GCSqGSIb3DQEBCwUAA4IBAQCO3HEjDCjCTeljqxe3lCKAPi46XSa+rP52
k5zEScCEYh7WMMcW9kbMqICHILkwbLHmLt07C8VQ2SrcjEJ0N+LfNiw8PEbOBRMm
annLoUHw0Z8fWH9p4b4isXSVYzLk34q6raPD4qvioL9asclyHTXBJ52up2tOT3vJ
8ApBQCBiTm6Fk/eBsdSaSPB1u9WBhwQVV8hp4ad25CZvOPdJxfnkYNKE1XrX3RPB
JE4Uw5J19MipdmxQVrlOHd8r79MWL8vJ7q5r/j6qpJQ5IG7eRgjjU17agMhh4qVd
xtTO8nOtnTBQeyvHeiG1XqE1BZNJYaJAbWysOw9Ru6DsW0SGJbx/
-----END CERTIFICATE-----
Generated at Tue Oct 22 13:48:37 2024 by rpki-client on console-ams.rpki-client.org