Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/SygdQjC33pdhMutOrCwyoT3MLHw.roa
File: SygdQjC33pdhMutOrCwyoT3MLHw.roa (raw, json)
Hash identifier: V3O7M+1nFeF2yapzsx6z4DO2EvhoNOi7xRggjDqxR3U=
Subject key identifier: 4B:28:1D:42:30:B7:DE:97:61:32:EB:4E:AC:2C:32:A1:3D:CC:2C:7C
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 018709F38430E29260BC86D40CFBB485D626
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/SygdQjC33pdhMutOrCwyoT3MLHw.roa
Signing time: Wed 22 Mar 2023 15:32:46 +0000
ROA not before: Wed 22 Mar 2023 15:32:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26383
IP address blocks: 91.149.232.0/23 maxlen: 23
91.149.240.0/24 maxlen: 24
91.149.239.0/24 maxlen: 24
91.149.238.0/24 maxlen: 24
91.149.236.0/23 maxlen: 23
91.149.243.0/24 maxlen: 24
91.149.242.0/24 maxlen: 24
91.149.241.0/24 maxlen: 24
91.149.253.0/24 maxlen: 24
91.149.255.0/24 maxlen: 24
91.149.254.0/24 maxlen: 24
91.149.202.0/23 maxlen: 23
91.149.218.0/24 maxlen: 24
91.149.222.0/23 maxlen: 23
91.149.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Mar 2023 15:42:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:09:f3:84:30:e2:92:60:bc:86:d4:0c:fb:b4:85:d6:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Mar 22 15:32:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b281d4230b7de976132eb4eac2c32a13dcc2c7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ea:82:15:7e:b6:49:d7:89:e2:d0:60:83:25:
c5:1c:24:77:7b:55:53:9b:94:7a:67:9f:60:23:ac:
89:1c:28:fa:44:d4:79:1c:db:76:d9:3d:dc:3a:da:
17:66:78:4c:3f:9f:62:f5:75:ce:4c:99:ab:e8:85:
1b:8f:18:bb:1b:cc:f4:1d:a8:78:8d:8c:b8:f3:90:
37:ff:93:46:0f:aa:30:10:64:73:a4:13:66:7c:91:
ba:ad:0f:2b:73:f5:ff:ef:9f:ae:9b:54:b4:44:f4:
d4:59:95:b7:e2:68:08:81:86:70:42:38:fb:a0:d0:
76:55:4f:db:bd:ee:05:13:80:26:d1:17:18:04:fd:
57:aa:58:ea:04:f2:10:70:f7:4a:cd:69:d9:cd:a2:
7b:ef:62:44:ad:f4:a4:df:30:20:fa:91:3b:9e:8f:
87:82:0b:5b:ed:f0:49:fd:51:c6:ed:21:52:b7:fe:
b9:9a:e5:4f:ea:ff:6d:45:ed:c4:c8:a2:9f:31:e7:
a6:04:aa:ce:0e:a9:2d:e3:ba:2d:2d:80:86:c3:d6:
c2:1d:66:5d:ee:7b:77:62:f0:9f:2d:46:75:a6:d6:
5b:8f:5d:3b:4c:4b:cf:7d:ec:fd:cb:d4:98:aa:48:
d3:83:ed:b2:4c:64:fa:ba:8e:a6:03:d4:00:17:3a:
b7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:28:1D:42:30:B7:DE:97:61:32:EB:4E:AC:2C:32:A1:3D:CC:2C:7C
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/SygdQjC33pdhMutOrCwyoT3MLHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.202.0/23
91.149.218.0/24
91.149.221.0-91.149.223.255
91.149.232.0/23
91.149.236.0-91.149.243.255
91.149.253.0-91.149.255.255
Signature Algorithm: sha256WithRSAEncryption
5c:a4:00:20:6b:e3:a4:01:32:74:1b:75:d6:b1:7f:25:ba:ce:
14:20:67:71:5d:ef:76:00:34:74:61:94:4a:78:8f:29:ae:03:
78:50:56:eb:83:46:a7:58:2b:74:a1:51:34:6a:4a:09:b6:e6:
ab:71:db:82:ee:e4:af:36:9d:e0:30:a7:98:9a:00:77:ad:50:
61:b7:7a:7d:2b:eb:1c:44:b7:76:b4:80:46:88:8f:fb:83:07:
2f:94:57:ff:86:1d:d5:d0:ad:14:3e:16:8d:9d:a4:52:43:e0:
ba:b0:3c:e4:9a:99:0d:92:d3:15:4a:11:16:73:c9:3b:f4:4a:
e5:4f:5b:10:2e:c3:ef:4b:d6:f0:c7:59:a3:92:bd:1f:b6:63:
b2:9d:d2:62:8a:02:7b:73:2f:1a:f1:e6:48:6b:52:4b:03:2c:
8e:60:27:ed:bf:33:8a:5f:44:99:f8:1f:6a:90:22:37:4a:e6:
57:1d:bf:dc:b1:90:cc:bf:95:db:02:6d:79:6d:86:1b:f5:e4:
fe:fb:34:45:26:d8:8b:66:59:6c:ef:bf:29:85:c3:4d:ff:e9:
1f:f1:06:e7:67:bf:c7:4c:0f:0c:99:ff:3f:97:77:0d:38:ef:
77:53:a2:04:90:4c:85:23:2e:18:62:a6:34:fd:5d:8e:0a:f5:
17:98:a1:fd
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYcJ84Qw4pJgvIbUDPu0hdYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjMwMzIyMTUzMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjI4MWQ0MjMwYjdkZTk3NjEzMmViNGVhYzJjMzJhMTNkY2MyYzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+qCFX62SdeJ4tBggyXFHCR3e1VT
m5R6Z59gI6yJHCj6RNR5HNt22T3cOtoXZnhMP59i9XXOTJmr6IUbjxi7G8z0Hah4
jYy485A3/5NGD6owEGRzpBNmfJG6rQ8rc/X/75+um1S0RPTUWZW34mgIgYZwQjj7
oNB2VU/bve4FE4Am0RcYBP1XqljqBPIQcPdKzWnZzaJ772JErfSk3zAg+pE7no+H
ggtb7fBJ/VHG7SFSt/65muVP6v9tRe3EyKKfMeemBKrODqkt47otLYCGw9bCHWZd
7nt3YvCfLUZ1ptZbj107TEvPfez9y9SYqkjTg+2yTGT6uo6mA9QAFzq3FwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFEsoHUIwt96XYTLrTqwsMqE9zCx8MB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvU3lnZFFqQzMzcGRoTXV0T3JDd3lvVDNNTEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzBBBAIAATA7AwQBW5XKAwQA
W5XaMAwDBABbld0DBAVblcADBAFblegwDAMEAluV7AMEAluV8DALAwQAW5X9AwMB
W5QwDQYJKoZIhvcNAQELBQADggEBAFykACBr46QBMnQbddaxfyW6zhQgZ3Fd73YA
NHRhlEp4jymuA3hQVuuDRqdYK3ShUTRqSgm25qtx24Lu5K82neAwp5iaAHetUGG3
en0r6xxEt3a0gEaIj/uDBy+UV/+GHdXQrRQ+Fo2dpFJD4LqwPOSamQ2S0xVKERZz
yTv0SuVPWxAuw+9L1vDHWaOSvR+2Y7Kd0mKKAntzLxrx5khrUksDLI5gJ+2/M4pf
RJn4H2qQIjdK5lcdv9yxkMy/ldsCbXlthhv15P77NEUm2ItmWWzvvymFw03/6R/x
Budnv8dMDwyZ/z+Xdw0473dTogSQTIUjLhhipjT9XY4K9ReYof0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:21 2024 by rpki-client on console-fra.rpki-client.org