Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/SP6ujSjlLQrCWX60bclrCdwjGXg.roa
File: SP6ujSjlLQrCWX60bclrCdwjGXg.roa (raw, json)
Hash identifier: x/nHIK0jKthixghPdZWCgCxcwAuD6k8tcnzL/5iwA18=
Subject key identifier: 48:FE:AE:8D:28:E5:2D:0A:C2:59:7E:B4:6D:C9:6B:09:DC:23:19:78
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019266CAF0D1C70483D55156FBF3B30316F7
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/SP6ujSjlLQrCWX60bclrCdwjGXg.roa
Signing time: Mon 07 Oct 2024 11:43:48 +0000
ROA not before: Mon 07 Oct 2024 11:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.210.145.0/24 maxlen: 24
109.122.41.0/24 maxlen: 24
109.122.42.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
176.97.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 19:53:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:66:ca:f0:d1:c7:04:83:d5:51:56:fb:f3:b3:03:16:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 7 11:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48feae8d28e52d0ac2597eb46dc96b09dc231978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:db:54:ed:d5:d5:e9:bf:2b:49:18:7a:ab:d4:
06:ed:57:b0:35:0a:43:73:5c:ca:03:aa:2e:8d:43:
20:c0:1c:8e:a5:aa:2c:9f:b1:bf:be:e7:b8:93:4b:
3b:e6:4a:ff:eb:11:8e:1e:9b:0e:49:33:bb:26:03:
7c:07:0b:90:62:5a:1b:2d:7e:c8:d6:76:9a:15:f2:
c4:23:55:d0:7c:48:68:b2:6e:d1:fd:3b:c7:20:ea:
cd:43:8a:24:db:89:bf:c2:2f:d9:61:cd:7e:2c:b2:
c9:8f:06:26:2f:96:9f:a0:55:55:0f:11:f9:ee:dc:
9b:ba:3f:30:c6:c0:60:41:cb:f4:2d:68:fe:cc:94:
60:45:42:f9:82:83:4d:81:20:07:cf:7e:20:33:c9:
27:a9:81:3c:b3:c2:70:d8:ce:b9:f6:06:b2:21:4a:
61:82:3b:ed:76:fe:a3:5f:6d:11:fe:fb:5e:b7:b3:
b0:27:c5:b1:47:0d:26:0e:5a:f8:96:ac:23:05:8f:
ba:38:0b:dc:5e:26:f9:c8:de:11:ec:a6:fa:94:60:
7f:e3:e9:b7:dc:97:9b:29:47:51:93:ac:e2:75:fe:
7c:32:17:e0:60:fa:a1:e8:71:29:a0:2b:1f:90:6d:
1e:46:57:69:2f:13:ff:aa:33:87:7d:36:0d:ec:88:
ff:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:FE:AE:8D:28:E5:2D:0A:C2:59:7E:B4:6D:C9:6B:09:DC:23:19:78
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/SP6ujSjlLQrCWX60bclrCdwjGXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.145.0/24
109.122.41.0-109.122.42.255
109.122.46.0/24
176.97.205.0/24
Signature Algorithm: sha256WithRSAEncryption
39:66:e0:a1:61:2c:61:49:fb:5d:5d:db:b2:38:07:5c:19:3d:
50:a4:bb:41:e5:0b:6a:da:ae:11:53:a7:06:cd:bb:11:c4:18:
79:0f:4d:df:0e:c0:b5:62:81:d1:6d:e3:cc:49:c0:ee:04:77:
c8:fb:57:79:0d:52:87:0a:68:0c:22:d4:84:80:65:a3:41:56:
af:35:97:72:a5:f8:1a:c3:28:b2:3b:7c:f0:a3:93:d6:77:a3:
8a:04:b0:4a:fd:92:f8:65:21:e3:7f:da:80:b7:f7:00:72:00:
cd:f9:e4:a4:64:2d:26:de:38:6e:39:0d:b2:7c:82:bc:53:22:
d8:ed:e1:3b:bd:34:3c:7c:17:2a:49:66:25:0f:a6:16:34:85:
1b:9d:88:00:55:d5:a9:59:81:c1:c7:c4:07:56:d6:66:dd:41:
91:69:42:22:cf:8c:db:e1:a7:8b:0c:4b:ef:e5:87:86:a9:6c:
85:2e:65:d5:e2:bf:5f:78:54:1e:d2:69:83:6d:d6:64:b6:9c:
81:4c:8f:8b:00:7d:25:a5:7c:d4:0c:99:8e:a1:84:68:ae:43:
02:22:fc:4d:02:15:9d:fa:dd:ab:a9:77:55:a8:c9:8f:d0:08:
fc:e1:7d:67:d9:b9:dd:d5:82:b0:93:50:86:be:d8:1b:5d:05:
f8:b4:63:63
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZJmyvDRxwSD1VFW+/OzAxb3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMDA3MTE0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGZlYWU4ZDI4ZTUyZDBhYzI1OTdlYjQ2ZGM5NmIwOWRjMjMxOTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9tU7dXV6b8rSRh6q9QG7VewNQpD
c1zKA6oujUMgwByOpaosn7G/vue4k0s75kr/6xGOHpsOSTO7JgN8BwuQYlobLX7I
1naaFfLEI1XQfEhosm7R/TvHIOrNQ4ok24m/wi/ZYc1+LLLJjwYmL5afoFVVDxH5
7tybuj8wxsBgQcv0LWj+zJRgRUL5goNNgSAHz34gM8knqYE8s8Jw2M659gayIUph
gjvtdv6jX20R/vtet7OwJ8WxRw0mDlr4lqwjBY+6OAvcXib5yN4R7Kb6lGB/4+m3
3JebKUdRk6zidf58MhfgYPqh6HEpoCsfkG0eRldpLxP/qjOHfTYN7Ij/twIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEj+ro0o5S0Kwll+tG3JawncIxl4MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvU1A2dWpTamxMUXJDV1g2MGJjbHJDZHdqR1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAW9KRMAwD
BABteikDBABteioDBABtei4DBACwYc0wDQYJKoZIhvcNAQELBQADggEBADlm4KFh
LGFJ+11d27I4B1wZPVCku0HlC2rarhFTpwbNuxHEGHkPTd8OwLVigdFt48xJwO4E
d8j7V3kNUocKaAwi1ISAZaNBVq81l3Kl+BrDKLI7fPCjk9Z3o4oEsEr9kvhlIeN/
2oC39wByAM355KRkLSbeOG45DbJ8grxTItjt4Tu9NDx8FypJZiUPphY0hRudiABV
1alZgcHHxAdW1mbdQZFpQiLPjNvhp4sMS+/lh4apbIUuZdXiv194VB7SaYNt1mS2
nIFMj4sAfSWlfNQMmY6hhGiuQwIi/E0CFZ363aupd1WoyY/QCPzhfWfZud3VgrCT
UIa+2BtdBfi0Y2M=
-----END CERTIFICATE-----
Generated at Tue Oct 8 00:11:48 2024 by rpki-client on console-fra.rpki-client.org