Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/SHlmlWsL61f_bdKeG9Ge6wSLgXE.roa
File: SHlmlWsL61f_bdKeG9Ge6wSLgXE.roa (raw, json)
Hash identifier: mFn+3FViwmKsfgwCD3DOuCo0ro7nVWN//TKI6dWnypg=
Subject key identifier: 48:79:66:95:6B:0B:EB:57:FF:6D:D2:9E:1B:D1:9E:EB:04:8B:81:71
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 018DDA713382752E3C39995BC27EE48713BE
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/SHlmlWsL61f_bdKeG9Ge6wSLgXE.roa
Signing time: Sat 24 Feb 2024 09:27:48 +0000
ROA not before: Sat 24 Feb 2024 09:27:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6712
IP address blocks: 82.117.240.0/24 maxlen: 24
82.117.246.0/24 maxlen: 24
91.250.0.0/19 maxlen: 24
91.250.32.0/19 maxlen: 24
2a00:1210:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:da:71:33:82:75:2e:3c:39:99:5b:c2:7e:e4:87:13:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Feb 24 09:27:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=487966956b0beb57ff6dd29e1bd19eeb048b8171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:21:ee:e5:a6:b8:07:c7:a4:e4:bf:ab:0e:06:
21:9b:30:21:18:85:70:e3:66:a7:34:be:31:3d:b6:
97:e7:db:c6:48:36:ef:1c:b8:1c:27:c9:e2:26:98:
15:81:a6:51:ac:94:8a:92:ff:95:eb:59:a5:20:77:
51:87:08:e6:8c:29:4c:11:80:15:a4:94:2e:b3:83:
dd:f8:85:71:b9:d9:f6:ba:80:f3:0c:7b:2b:44:e6:
7b:cd:1f:02:2d:a0:e7:5e:be:8e:8e:d2:f3:9e:6a:
0f:4e:f0:8f:92:c4:2c:c5:a5:84:70:ab:ba:75:91:
63:44:fb:5f:1b:31:51:6b:06:a5:9e:6c:52:1b:c2:
47:9a:aa:cb:c3:e0:c8:54:cb:2a:1e:5c:1d:b5:00:
a0:a4:29:0c:43:a4:1a:85:3e:b0:dd:e7:c2:96:75:
35:50:f5:71:9a:4d:1b:6c:f3:28:e8:15:29:d8:5f:
5c:69:26:e1:ee:69:f3:5b:35:76:8e:9b:00:5c:05:
34:b9:15:44:07:85:cc:67:54:ad:df:32:fa:38:4a:
c0:88:e9:2a:4f:0d:bd:b9:db:3e:65:b0:f8:16:5f:
63:9d:64:4b:09:b7:31:79:0d:14:42:75:8c:45:b7:
ed:67:2f:d7:47:f6:9a:47:b8:17:8f:12:7e:58:de:
31:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:79:66:95:6B:0B:EB:57:FF:6D:D2:9E:1B:D1:9E:EB:04:8B:81:71
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/SHlmlWsL61f_bdKeG9Ge6wSLgXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.117.240.0/24
82.117.246.0/24
91.250.0.0/18
IPv6:
2a00:1210:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
15:ef:cd:0e:5c:cf:5c:e7:76:9b:22:55:fc:cc:44:8b:69:93:
5a:67:46:3f:2b:2a:8e:0d:54:9e:5b:32:ef:09:4d:af:89:20:
58:70:5c:02:9f:bb:d4:1f:80:d5:42:d5:de:7c:a4:83:da:4c:
98:aa:63:c6:e3:bf:a0:c3:23:42:ae:f6:17:ef:28:a2:be:16:
3a:59:11:e5:7f:78:f4:22:92:8b:2c:48:0a:9a:d9:24:e1:f3:
a7:18:5f:c6:1a:c8:a7:30:7c:61:38:82:cc:c9:a5:02:4d:d7:
f8:b3:ad:11:67:aa:62:03:fc:32:64:c3:0b:b9:e9:4f:fc:31:
bc:60:03:42:21:95:4f:fb:e0:bd:08:6b:ff:63:20:13:40:7f:
0d:44:95:4f:be:22:f2:b2:84:e8:95:b1:e8:8a:11:b9:5f:08:
78:3b:4a:da:24:e7:f4:aa:fa:31:1e:9a:34:60:a5:bc:70:fe:
4a:fe:de:7e:34:cb:bb:bf:ce:7a:cd:f5:f7:23:74:5a:f7:6d:
09:b7:9d:f4:cd:c4:30:b9:e7:c4:9a:89:c7:ce:26:16:ee:75:
72:0d:c1:31:5b:36:0d:0e:4c:9c:1a:bd:dd:21:91:5d:bc:04:
bf:93:10:a9:10:9b:04:a7:35:20:73:9b:af:5d:42:c1:64:57:
ca:b1:45:fb
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY3acTOCdS48OZlbwn7khxO+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2E5YjE3NDVhNWE3MGMzYmY3YmNjMmMyZWUxNjY0NjBh
ZmY3YTgwHhcNMjQwMjI0MDkyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODc5NjY5NTZiMGJlYjU3ZmY2ZGQyOWUxYmQxOWVlYjA0OGI4MTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSHu5aa4B8ek5L+rDgYhmzAhGIVw
42anNL4xPbaX59vGSDbvHLgcJ8niJpgVgaZRrJSKkv+V61mlIHdRhwjmjClMEYAV
pJQus4Pd+IVxudn2uoDzDHsrROZ7zR8CLaDnXr6OjtLznmoPTvCPksQsxaWEcKu6
dZFjRPtfGzFRawalnmxSG8JHmqrLw+DIVMsqHlwdtQCgpCkMQ6QahT6w3efClnU1
UPVxmk0bbPMo6BUp2F9caSbh7mnzWzV2jpsAXAU0uRVEB4XMZ1St3zL6OErAiOkq
Tw29uds+ZbD4Fl9jnWRLCbcxeQ0UQnWMRbftZy/XR/aaR7gXjxJ+WN4xwwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEh5ZpVrC+tX/23SnhvRnusEi4FxMB8GA1UdIwQY
MBaAFK56mxdFpacMO/e8wsLuFmRgr/eoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMt
Y2M5YTc1OGM5OTE2LzEvU0hsbWxXc0w2MWZfYmRLZUc5R2U2d1NMZ1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMtY2M5YTc1OGM5OTE2
LzEvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAUnXwAwQA
UnX2AwQGW/oAMA8EAgACMAkDBwAqABIQ//8wDQYJKoZIhvcNAQELBQADggEBABXv
zQ5cz1zndpsiVfzMRItpk1pnRj8rKo4NVJ5bMu8JTa+JIFhwXAKfu9QfgNVC1d58
pIPaTJiqY8bjv6DDI0Ku9hfvKKK+FjpZEeV/ePQikossSAqa2STh86cYX8YayKcw
fGE4gszJpQJN1/izrRFnqmID/DJkwwu56U/8MbxgA0IhlU/74L0Ia/9jIBNAfw1E
lU++IvKyhOiVseiKEblfCHg7Stok5/Sq+jEemjRgpbxw/kr+3n40y7u/znrN9fcj
dFr3bQm3nfTNxDC558SaicfOJhbudXINwTFbNg0OTJwavd0hkV28BL+TEKkQmwSn
NSBzm69dQsFkV8qxRfs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:10 2025 by rpki-client