Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/1SqBxKyDtAvbsNJnI54CYX1cr0Q.roa
File: 1SqBxKyDtAvbsNJnI54CYX1cr0Q.roa (raw, json)
Hash identifier: 5V9x8qBaK61djOrGL3fYzJ7VbxmSU1U5MRHGVmxoFCs=
Subject key identifier: D5:2A:81:C4:AC:83:B4:0B:DB:B0:D2:67:23:9E:02:61:7D:5C:AF:44
Certificate issuer: /CN=b7733e9de9485b44671c8e511da221e4153c711b
Certificate serial: 018CBCBF9588B285C9CB8592C5FA279D0001
Authority key identifier: B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/1SqBxKyDtAvbsNJnI54CYX1cr0Q.roa
Signing time: Sat 30 Dec 2023 22:02:01 +0000
ROA not before: Sat 30 Dec 2023 22:02:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209828
IP address blocks: 91.241.50.0/24 maxlen: 24
91.241.49.0/24 maxlen: 24
194.5.236.0/24 maxlen: 24
194.5.237.0/24 maxlen: 24
2a0c:8dc6::/32 maxlen: 32
2a0c:8dc5::/32 maxlen: 32
2a0c:8dc0::/29 maxlen: 32
2a0c:8dc4::/32 maxlen: 32
2a0c:8dc0::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:bc:bf:95:88:b2:85:c9:cb:85:92:c5:fa:27:9d:00:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7733e9de9485b44671c8e511da221e4153c711b
Validity
Not Before: Dec 30 22:02:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d52a81c4ac83b40bdbb0d267239e02617d5caf44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:33:4d:81:68:39:50:a8:4b:81:cd:1b:10:70:
3b:d0:62:df:84:81:5c:b5:db:48:e7:2c:da:c1:e9:
cf:02:6f:0d:4b:69:74:a3:b3:1a:dc:d3:7e:9e:34:
a4:f8:42:40:82:db:f5:22:5b:36:e9:f0:ea:e1:c3:
b9:b5:09:bf:b1:b4:be:ad:d0:0e:84:17:b0:aa:44:
98:2d:e2:79:a7:5a:cf:93:26:4a:0b:b2:ff:23:f3:
19:d5:34:a0:5a:d8:f9:11:80:b5:48:b7:5a:3b:1d:
26:c7:93:05:e4:e8:27:55:cd:d8:26:d3:f7:60:b1:
71:ef:52:6e:2a:11:44:ea:09:d9:2c:d0:df:ac:03:
08:b8:31:7c:06:e8:f2:63:99:37:b8:8d:0b:63:80:
a8:06:6b:d1:28:b4:f3:1a:25:7f:26:b8:05:c2:06:
79:b1:d6:b6:54:dc:fb:3f:98:75:0f:ae:8f:20:98:
1d:e7:92:95:48:41:94:12:aa:12:ce:a0:2d:8f:98:
13:3e:62:df:45:b6:8a:8a:eb:7a:ac:60:ee:b7:d8:
5c:ad:88:29:1d:0d:73:c7:49:db:52:39:ab:0b:99:
6a:4c:fe:5b:34:cf:77:94:e2:3d:fe:32:78:95:5a:
de:6f:11:00:28:d2:3c:e5:c3:ea:3f:93:9f:3c:76:
a4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:2A:81:C4:AC:83:B4:0B:DB:B0:D2:67:23:9E:02:61:7D:5C:AF:44
X509v3 Authority Key Identifier:
keyid:B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/1SqBxKyDtAvbsNJnI54CYX1cr0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.49.0-91.241.50.255
194.5.236.0/23
IPv6:
2a0c:8dc0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:db:2e:02:36:17:6c:60:dc:47:03:f3:52:43:68:4c:33:da:
5d:d8:0c:c1:af:9f:b9:ea:06:4a:82:a6:7d:4e:bc:ec:d3:f2:
d4:a0:97:37:ba:a7:ac:13:be:54:ad:37:12:25:5e:2c:8e:22:
0c:d8:36:69:ab:28:5d:b1:89:f0:fb:81:7b:58:39:12:26:df:
9c:d9:18:af:63:09:05:58:cc:05:ae:67:53:84:ed:7e:b0:ce:
f5:1b:34:86:99:ec:7b:b2:9f:60:8f:9d:7a:21:f8:ba:d7:b6:
f6:65:df:ee:bc:f9:ca:36:99:45:5b:81:cb:57:ce:a9:34:c7:
2f:a5:6d:2a:a6:f7:d3:e4:90:68:58:e0:d3:59:c4:30:1a:f1:
16:83:a6:a0:f7:f0:81:b6:4d:73:89:97:ca:41:f5:82:0a:4b:
76:39:cc:82:e3:bc:55:44:54:4d:74:2a:75:9d:9d:f0:0c:18:
33:7a:61:62:cb:69:54:5f:97:98:45:b5:6c:a3:df:32:4c:e9:
0f:bc:44:77:86:32:1d:a0:06:67:5f:d4:63:ef:3f:40:a8:26:
83:8a:45:f9:0a:80:90:09:4a:76:97:e5:ac:96:26:49:88:2a:
4f:92:dc:f1:71:31:64:60:b8:fc:3d:55:23:8d:b9:49:99:82:
9b:f7:ab:86
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYy8v5WIsoXJy4WSxfonnQABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzMzZTlkZTk0ODViNDQ2NzFjOGU1MTFkYTIyMWU0MTUz
YzcxMWIwHhcNMjMxMjMwMjIwMjAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTJhODFjNGFjODNiNDBiZGJiMGQyNjcyMzllMDI2MTdkNWNhZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjNNgWg5UKhLgc0bEHA70GLfhIFc
tdtI5yzawenPAm8NS2l0o7Ma3NN+njSk+EJAgtv1Ils26fDq4cO5tQm/sbS+rdAO
hBewqkSYLeJ5p1rPkyZKC7L/I/MZ1TSgWtj5EYC1SLdaOx0mx5MF5OgnVc3YJtP3
YLFx71JuKhFE6gnZLNDfrAMIuDF8BujyY5k3uI0LY4CoBmvRKLTzGiV/JrgFwgZ5
sda2VNz7P5h1D66PIJgd55KVSEGUEqoSzqAtj5gTPmLfRbaKiut6rGDut9hcrYgp
HQ1zx0nbUjmrC5lqTP5bNM93lOI9/jJ4lVrebxEAKNI85cPqP5OfPHakMwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNUqgcSsg7QL27DSZyOeAmF9XK9EMB8GA1UdIwQY
MBaAFLdzPp3pSFtEZxyOUR2iIeQVPHEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUt
NTE4Y2QxNDcxM2ViLzEvMVNxQnhLeUR0QXZic05Kbkk1NENZWDFjcjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUtNTE4Y2QxNDcxM2Vi
LzEvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBABb8TED
BABb8TIDBAHCBewwDQQCAAIwBwMFAyoMjcAwDQYJKoZIhvcNAQELBQADggEBAI7b
LgI2F2xg3EcD81JDaEwz2l3YDMGvn7nqBkqCpn1OvOzT8tSglze6p6wTvlStNxIl
XiyOIgzYNmmrKF2xifD7gXtYORIm35zZGK9jCQVYzAWuZ1OE7X6wzvUbNIaZ7Huy
n2CPnXoh+LrXtvZl3+68+co2mUVbgctXzqk0xy+lbSqm99PkkGhY4NNZxDAa8RaD
pqD38IG2TXOJl8pB9YIKS3Y5zILjvFVEVE10KnWdnfAMGDN6YWLLaVRfl5hFtWyj
3zJM6Q+8RHeGMh2gBmdf1GPvP0CoJoOKRfkKgJAJSnaX5ayWJkmIKk+S3PFxMWRg
uPw9VSONuUmZgpv3q4Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:22 2024 by rpki-client on console-fra.rpki-client.org