Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/13f8c5-ab7a-4f37-b2d7-8b51792c6660/1/SgdbY3UUCWvewaf43AcHh0W-_YQ.roa
File: SgdbY3UUCWvewaf43AcHh0W-_YQ.roa (raw, json)
Hash identifier: MCzYmeumAjPBRQYCFo+he8KUS/06d/Y4EgsQybA8AAM=
Subject key identifier: 4A:07:5B:63:75:14:09:6B:DE:C1:A7:F8:DC:07:07:87:45:BE:FD:84
Certificate issuer: /CN=1893eddef5cfc38d613eaa81774de30034b19d22
Certificate serial: 01857227EABFDE28F6B79613812C5586C7FF
Authority key identifier: 18:93:ED:DE:F5:CF:C3:8D:61:3E:AA:81:77:4D:E3:00:34:B1:9D:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJPt3vXPw41hPqqBd03jADSxnSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/13f8c5-ab7a-4f37-b2d7-8b51792c6660/1/SgdbY3UUCWvewaf43AcHh0W-_YQ.roa
Signing time: Mon 02 Jan 2023 11:04:56 +0000
ROA not before: Mon 02 Jan 2023 11:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31725
IP address blocks: 91.201.244.0/23 maxlen: 23
91.201.244.0/22 maxlen: 22
91.201.246.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:ea:bf:de:28:f6:b7:96:13:81:2c:55:86:c7:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1893eddef5cfc38d613eaa81774de30034b19d22
Validity
Not Before: Jan 2 11:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a075b637514096bdec1a7f8dc07078745befd84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:08:24:e8:d5:c4:a6:d2:a6:4a:94:e5:2c:96:
9c:a7:26:7e:71:c9:4a:ef:ff:e8:c4:d2:b4:21:59:
38:cb:fa:01:42:ba:f7:c6:0d:b8:dc:64:d8:70:c4:
a6:0d:c4:64:5c:b2:a5:0e:e8:d6:46:54:53:a9:b2:
bd:b9:e9:c2:3e:d9:5c:98:4b:2c:8c:4c:69:3a:74:
79:6e:5f:e2:ab:73:14:e5:06:1a:32:a1:b0:a2:49:
87:6e:35:c4:1c:48:f0:e7:08:fa:8f:d6:06:27:3a:
9f:d6:83:37:2a:d9:c9:72:c3:8d:34:5f:dc:ed:47:
26:11:e1:0e:1f:ed:56:06:3d:47:a8:8d:0e:ff:cb:
04:ec:42:d5:1e:c9:94:6a:24:bc:2a:98:85:4a:0c:
4f:53:65:4a:2d:e3:8f:79:a2:12:8b:cc:a6:1b:4e:
e8:07:e3:98:11:af:01:d7:b2:35:02:2d:78:66:e3:
73:dd:11:b4:1f:4b:0f:40:02:6c:9a:3c:e7:6b:f8:
5e:e9:b4:a3:f0:31:b9:96:21:dc:bb:b9:07:68:d8:
63:5b:b3:42:ee:5c:ef:83:7f:1c:e0:37:c4:a3:85:
95:47:e7:c7:10:fe:90:46:6c:14:89:24:16:27:d2:
1c:49:2c:fc:63:15:61:3e:15:c1:8f:9c:af:04:01:
d7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:07:5B:63:75:14:09:6B:DE:C1:A7:F8:DC:07:07:87:45:BE:FD:84
X509v3 Authority Key Identifier:
keyid:18:93:ED:DE:F5:CF:C3:8D:61:3E:AA:81:77:4D:E3:00:34:B1:9D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJPt3vXPw41hPqqBd03jADSxnSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/13f8c5-ab7a-4f37-b2d7-8b51792c6660/1/SgdbY3UUCWvewaf43AcHh0W-_YQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/13f8c5-ab7a-4f37-b2d7-8b51792c6660/1/GJPt3vXPw41hPqqBd03jADSxnSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.244.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:ab:97:dd:02:f1:80:59:33:09:cf:cd:30:b4:3b:8a:2b:24:
9f:30:ac:8b:61:02:77:f6:10:c7:fb:c3:7e:d0:e0:17:df:de:
a1:3c:f1:d8:aa:5c:be:34:1a:38:76:bc:e7:3b:33:bb:aa:9f:
bb:67:40:1d:3a:e3:28:70:ef:0b:90:9c:94:ae:a9:5f:61:ab:
87:11:fd:62:bd:a6:3f:63:b9:77:92:05:6d:d7:b6:c6:39:57:
c6:ce:3b:8e:59:ca:2f:ff:4a:d9:53:89:71:4f:44:33:dc:00:
ba:5d:eb:19:31:3f:33:72:59:99:a9:52:95:30:11:8f:c8:8e:
f4:46:0f:39:e5:ff:ae:25:2d:d2:19:a1:af:72:1f:b3:98:c3:
99:43:07:42:8a:62:3a:1d:95:d1:00:b0:ee:f0:a7:8c:42:f2:
d1:86:5b:f3:5f:55:26:87:07:b2:82:3d:cb:17:10:91:28:f6:
54:c1:37:69:c2:1e:e8:1e:ff:c7:5b:41:eb:6e:b9:4c:13:c9:
62:44:d8:ca:81:75:de:ee:c1:c1:f9:dc:d1:62:8b:68:be:44:
ce:04:6f:04:6b:ff:fd:27:bf:69:6d:a7:97:46:23:b3:f4:31:
69:5f:40:f0:7e:2e:36:0d:4e:0a:d9:e6:bb:09:6d:f9:2c:72:
47:e6:8d:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyJ+q/3ij2t5YTgSxVhsf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OTNlZGRlZjVjZmMzOGQ2MTNlYWE4MTc3NGRlMzAwMzRi
MTlkMjIwHhcNMjMwMTAyMTEwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTA3NWI2Mzc1MTQwOTZiZGVjMWE3ZjhkYzA3MDc4NzQ1YmVmZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwgk6NXEptKmSpTlLJacpyZ+cclK
7//oxNK0IVk4y/oBQrr3xg243GTYcMSmDcRkXLKlDujWRlRTqbK9uenCPtlcmEss
jExpOnR5bl/iq3MU5QYaMqGwokmHbjXEHEjw5wj6j9YGJzqf1oM3KtnJcsONNF/c
7UcmEeEOH+1WBj1HqI0O/8sE7ELVHsmUaiS8KpiFSgxPU2VKLeOPeaISi8ymG07o
B+OYEa8B17I1Ai14ZuNz3RG0H0sPQAJsmjzna/he6bSj8DG5liHcu7kHaNhjW7NC
7lzvg38c4DfEo4WVR+fHEP6QRmwUiSQWJ9IcSSz8YxVhPhXBj5yvBAHXTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEoHW2N1FAlr3sGn+NwHB4dFvv2EMB8GA1UdIwQY
MBaAFBiT7d71z8ONYT6qgXdN4wA0sZ0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0pQdDN2WFB3NDFoUHFxQmQwM2pBRFN4blNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8xM2Y4YzUtYWI3YS00ZjM3LWIyZDct
OGI1MTc5MmM2NjYwLzEvU2dkYlkzVVVDV3Zld2FmNDNBY0hoMFctX1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8xM2Y4YzUtYWI3YS00ZjM3LWIyZDctOGI1MTc5MmM2NjYw
LzEvR0pQdDN2WFB3NDFoUHFxQmQwM2pBRFN4blNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8n0MA0G
CSqGSIb3DQEBCwUAA4IBAQClq5fdAvGAWTMJz80wtDuKKySfMKyLYQJ39hDH+8N+
0OAX396hPPHYqly+NBo4drznOzO7qp+7Z0AdOuMocO8LkJyUrqlfYauHEf1ivaY/
Y7l3kgVt17bGOVfGzjuOWcov/0rZU4lxT0Qz3AC6XesZMT8zclmZqVKVMBGPyI70
Rg855f+uJS3SGaGvch+zmMOZQwdCimI6HZXRALDu8KeMQvLRhlvzX1Umhweygj3L
FxCRKPZUwTdpwh7oHv/HW0HrbrlME8liRNjKgXXe7sHB+dzRYotovkTOBG8Ea//9
J79pbaeXRiOz9DFpX0Dwfi42DU4K2ea7CW35LHJH5o2Z
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:04 2024 by rpki-client on console-fra.rpki-client.org