Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/sp--Mh9sCLd_-fdvqCtYMzUPIS8.roa
File: sp--Mh9sCLd_-fdvqCtYMzUPIS8.roa (raw, json)
Hash identifier: i1mYHqM3BN5HYUjXw9aQIXLJ9LZp1n5qor9GyFxATx8=
Subject key identifier: B2:9F:BE:32:1F:6C:08:B7:7F:F9:F7:6F:A8:2B:58:33:35:0F:21:2F
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 018CF3D178D44E0A660680351B47402485B0
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/sp--Mh9sCLd_-fdvqCtYMzUPIS8.roa
Signing time: Wed 10 Jan 2024 14:40:40 +0000
ROA not before: Wed 10 Jan 2024 14:40:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207326
IP address blocks: 81.29.147.0/24 maxlen: 24
81.29.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jan 2024 09:16:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:d1:78:d4:4e:0a:66:06:80:35:1b:47:40:24:85:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jan 10 14:40:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b29fbe321f6c08b77ff9f76fa82b5833350f212f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:05:6b:ea:c0:aa:63:a3:fe:6c:8c:89:5f:f4:
6f:40:e8:02:f9:35:5a:8e:5e:06:a6:d2:bc:27:94:
bd:31:cb:59:ed:66:bc:85:12:89:d6:6c:1f:69:52:
ff:f5:84:be:c7:10:0c:0f:b0:60:2a:f3:15:5f:46:
88:ce:d5:57:c2:2e:5d:1f:77:11:28:d9:a9:49:cc:
db:91:8b:b2:54:a9:bd:0b:d9:db:92:1e:e9:b5:14:
93:39:d0:55:b6:42:6e:e1:05:d8:aa:5e:36:c0:de:
19:90:17:f8:be:16:cd:df:eb:cf:bd:1c:b6:0b:0e:
d4:5a:1a:03:2b:3e:b8:fd:2f:89:e1:43:41:e5:b6:
21:ee:fe:af:02:7a:82:c4:46:09:fa:b5:2f:00:65:
64:95:9d:21:17:13:d3:3e:f2:d3:e9:c3:8b:69:d6:
f9:09:96:45:da:3d:d2:7f:5e:64:2d:dc:3b:44:64:
f0:d1:38:ff:c0:70:c9:17:e1:62:d9:03:56:20:9b:
86:39:bc:a6:ec:f0:ad:fb:61:68:20:f3:bc:7a:66:
48:65:7e:b0:a4:59:23:50:56:c5:bf:db:bf:35:24:
34:a3:73:fe:9f:1e:b6:20:ba:7b:db:83:de:3d:34:
59:0e:23:7a:1a:83:54:f9:55:64:54:8c:be:21:26:
8f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:9F:BE:32:1F:6C:08:B7:7F:F9:F7:6F:A8:2B:58:33:35:0F:21:2F
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/sp--Mh9sCLd_-fdvqCtYMzUPIS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.147.0/24
81.29.155.0/24
Signature Algorithm: sha256WithRSAEncryption
76:d5:30:35:b7:ee:d6:0c:8d:e4:34:e4:ac:93:c5:f3:11:fe:
ac:76:2c:d7:29:0d:6a:2d:8c:d2:76:c3:52:b3:98:3c:35:3a:
43:7f:14:9f:d0:f3:41:66:fb:5c:3f:5c:28:85:e3:5a:79:5d:
d3:58:f3:b7:6e:fa:00:05:8c:22:fb:eb:fd:2f:0d:9a:72:11:
1b:5d:0e:ab:24:1c:ee:3c:26:95:6e:19:f4:24:bf:60:2d:4d:
61:f0:e7:87:03:41:89:2a:50:4f:6c:86:44:ec:54:a5:b0:5a:
99:17:ed:35:df:2a:22:d0:d5:20:78:9d:bc:ab:c5:4e:2e:af:
82:46:aa:5f:2e:92:d6:b7:9b:32:7b:0a:fc:ee:dd:1e:5e:b8:
31:7b:7e:f3:cb:8c:ee:c2:17:70:ec:e1:00:8c:54:28:f0:95:
d7:08:fb:81:d1:7a:b8:7b:c4:4b:bd:e7:59:2a:1b:d8:47:63:
6c:66:5f:71:81:5b:ca:1c:91:56:3f:98:ca:09:d7:14:44:6b:
8f:27:a8:ab:26:af:1a:4b:d2:5a:b7:29:c9:60:c7:df:32:0f:
36:6f:ea:f3:95:8d:ba:d0:92:16:bb:d2:16:c7:a0:0a:82:eb:
99:25:ea:9c:52:9a:9c:3e:cc:32:8a:63:6f:6a:86:fd:9b:4b:
89:b8:80:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzz0XjUTgpmBoA1G0dAJIWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjQwMTEwMTQ0MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjlmYmUzMjFmNmMwOGI3N2ZmOWY3NmZhODJiNTgzMzM1MGYyMTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQVr6sCqY6P+bIyJX/RvQOgC+TVa
jl4GptK8J5S9MctZ7Wa8hRKJ1mwfaVL/9YS+xxAMD7BgKvMVX0aIztVXwi5dH3cR
KNmpSczbkYuyVKm9C9nbkh7ptRSTOdBVtkJu4QXYql42wN4ZkBf4vhbN3+vPvRy2
Cw7UWhoDKz64/S+J4UNB5bYh7v6vAnqCxEYJ+rUvAGVklZ0hFxPTPvLT6cOLadb5
CZZF2j3Sf15kLdw7RGTw0Tj/wHDJF+Fi2QNWIJuGObym7PCt+2FoIPO8emZIZX6w
pFkjUFbFv9u/NSQ0o3P+nx62ILp724PePTRZDiN6GoNU+VVkVIy+ISaPRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLKfvjIfbAi3f/n3b6grWDM1DyEvMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvc3AtLU1oOXNDTGRfLWZkdnFDdFlNelVQSVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUR2TAwQA
UR2bMA0GCSqGSIb3DQEBCwUAA4IBAQB21TA1t+7WDI3kNOSsk8XzEf6sdizXKQ1q
LYzSdsNSs5g8NTpDfxSf0PNBZvtcP1woheNaeV3TWPO3bvoABYwi++v9Lw2achEb
XQ6rJBzuPCaVbhn0JL9gLU1h8OeHA0GJKlBPbIZE7FSlsFqZF+013yoi0NUgeJ28
q8VOLq+CRqpfLpLWt5syewr87t0eXrgxe37zy4zuwhdw7OEAjFQo8JXXCPuB0Xq4
e8RLvedZKhvYR2NsZl9xgVvKHJFWP5jKCdcURGuPJ6irJq8aS9JatynJYMffMg82
b+rzlY260JIWu9IWx6AKguuZJeqcUpqcPswyimNvaob9m0uJuIBg
-----END CERTIFICATE-----
Generated at Fri Jan 12 14:08:54 2024 by rpki-client on console-fra.rpki-client.org