Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/SDGZUYJyUrhrGCOoIxI7eKgiO-g.roa
File: SDGZUYJyUrhrGCOoIxI7eKgiO-g.roa (raw, json)
Hash identifier: AYDQ6vhW27UcaqHAZu4+9Iddo1/n/VxHs98pox5IM8o=
Subject key identifier: 48:31:99:51:82:72:52:B8:6B:18:23:A8:23:12:3B:78:A8:22:3B:E8
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018FB56678DD5AF103ABDC337E9A3B4F14AE
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/SDGZUYJyUrhrGCOoIxI7eKgiO-g.roa
Signing time: Sun 26 May 2024 14:55:42 +0000
ROA not before: Sun 26 May 2024 14:55:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4648
IP address blocks: 109.111.44.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b5:66:78:dd:5a:f1:03:ab:dc:33:7e:9a:3b:4f:14:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: May 26 14:55:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48319951827252b86b1823a823123b78a8223be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c4:58:be:3a:e7:c6:f9:1c:73:42:3e:25:ba:
8f:63:9f:ea:97:43:5f:28:b8:77:29:f8:ed:ad:98:
ee:bf:0e:8a:68:ec:92:a9:f2:55:ab:9e:38:54:b4:
88:7d:45:aa:ea:8d:fc:3f:0c:d3:72:4d:cd:06:29:
cb:80:06:96:55:54:a2:62:e3:37:f9:9a:e4:22:75:
67:83:06:a9:04:7b:e4:90:0d:3f:4a:92:f1:6d:b4:
44:81:23:a5:19:95:61:05:8b:da:ae:6a:19:5d:61:
54:17:86:f5:4a:ac:65:5f:a0:7c:72:91:31:7d:33:
12:76:67:58:0f:20:ce:e1:99:5e:79:1f:9c:c2:25:
ca:d5:23:90:35:dc:55:68:44:6e:50:65:9f:af:72:
09:ce:cf:c4:4f:32:8c:b7:78:aa:da:3c:9b:07:ad:
c2:78:dc:33:6e:7d:c6:00:0f:92:4e:c1:7f:a1:fc:
77:05:b0:45:e7:29:b3:ef:12:99:9e:e4:d6:93:a0:
c5:38:aa:a2:35:6b:44:66:1f:4b:31:19:53:32:3e:
5e:f4:16:6d:f6:db:d4:91:00:84:13:40:18:7f:97:
28:3b:22:0b:58:02:9d:c5:0b:d2:6f:d6:32:e9:3b:
7a:fb:f8:11:4c:21:2f:f7:e0:20:be:45:96:ce:21:
8a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:31:99:51:82:72:52:B8:6B:18:23:A8:23:12:3B:78:A8:22:3B:E8
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/SDGZUYJyUrhrGCOoIxI7eKgiO-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.44.0/22
Signature Algorithm: sha256WithRSAEncryption
82:f7:24:6f:c8:c2:51:0a:f6:cf:52:d6:22:b5:06:6d:56:39:
5e:ba:28:89:12:ea:35:0e:4c:f6:e2:8a:9e:80:b4:87:e4:16:
10:d7:c6:30:56:bf:a8:7d:a7:ef:ec:2b:70:85:0e:67:0d:2a:
4f:09:0c:5d:0e:59:20:d9:fb:72:7a:7b:58:19:d8:7b:91:27:
e6:5c:fb:86:a8:8f:b4:f2:c6:6b:bc:5d:ef:d5:b1:33:cf:fb:
c7:90:bd:98:c4:cf:7d:bd:81:46:e3:af:f4:17:bf:c6:4e:ca:
9c:3f:79:d4:02:1a:80:41:08:59:fe:bf:d5:c5:c0:87:aa:19:
a2:d9:b3:00:0f:43:fb:1e:5c:73:98:95:7c:ee:da:c9:4b:52:
7d:77:18:7a:12:1e:c7:b4:96:85:ef:7e:32:2d:77:48:a4:7e:
0b:34:51:57:31:d8:c7:8e:3a:94:2e:e6:e1:16:5f:a9:87:6e:
d2:bb:08:a5:3f:88:01:9d:ec:07:05:de:1e:3d:23:aa:71:87:
c4:91:24:65:71:be:12:84:fd:3f:b9:52:89:9b:aa:50:2c:17:
bb:a3:72:85:28:a8:6a:65:d9:25:77:aa:35:8e:97:d2:c0:18:
b0:c2:ba:2e:87:ba:cc:f9:97:38:a2:fb:04:f1:d0:49:bb:f6:
f2:d9:6d:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+1ZnjdWvEDq9wzfpo7TxSuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwNTI2MTQ1NTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODMxOTk1MTgyNzI1MmI4NmIxODIzYTgyMzEyM2I3OGE4MjIzYmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMRYvjrnxvkcc0I+JbqPY5/ql0Nf
KLh3KfjtrZjuvw6KaOySqfJVq544VLSIfUWq6o38PwzTck3NBinLgAaWVVSiYuM3
+ZrkInVngwapBHvkkA0/SpLxbbREgSOlGZVhBYvarmoZXWFUF4b1SqxlX6B8cpEx
fTMSdmdYDyDO4ZleeR+cwiXK1SOQNdxVaERuUGWfr3IJzs/ETzKMt3iq2jybB63C
eNwzbn3GAA+STsF/ofx3BbBF5ymz7xKZnuTWk6DFOKqiNWtEZh9LMRlTMj5e9BZt
9tvUkQCEE0AYf5coOyILWAKdxQvSb9Yy6Tt6+/gRTCEv9+AgvkWWziGKnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEgxmVGCclK4axgjqCMSO3ioIjvoMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvU0RHWlVZSnlVcmhyR0NPb0l4STdlS2dpTy1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbW8sMA0G
CSqGSIb3DQEBCwUAA4IBAQCC9yRvyMJRCvbPUtYitQZtVjleuiiJEuo1Dkz24oqe
gLSH5BYQ18YwVr+ofafv7CtwhQ5nDSpPCQxdDlkg2ftyentYGdh7kSfmXPuGqI+0
8sZrvF3v1bEzz/vHkL2YxM99vYFG46/0F7/GTsqcP3nUAhqAQQhZ/r/VxcCHqhmi
2bMAD0P7HlxzmJV87trJS1J9dxh6Eh7HtJaF734yLXdIpH4LNFFXMdjHjjqULubh
Fl+ph27SuwilP4gBnewHBd4ePSOqcYfEkSRlcb4ShP0/uVKJm6pQLBe7o3KFKKhq
Zdkld6o1jpfSwBiwwrouh7rM+Zc4ovsE8dBJu/by2W2h
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:09:58 2025 by rpki-client