Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/Sf5v0XZTFMnw98IWyzqtpsUJAGU.roa
File: Sf5v0XZTFMnw98IWyzqtpsUJAGU.roa (raw, json)
Hash identifier: ZpYfsVsr4zPiRhhwAgalllFHq66IfLGJNIkje1E9eKg=
Subject key identifier: 49:FE:6F:D1:76:53:14:C9:F0:F7:C2:16:CB:3A:AD:A6:C5:09:00:65
Certificate issuer: /CN=29c9b04016f6f02183307c17df630a0289ec5bb5
Certificate serial: 018D5B06A92F44D599BD0962A3E942B37957
Authority key identifier: 29:C9:B0:40:16:F6:F0:21:83:30:7C:17:DF:63:0A:02:89:EC:5B:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KcmwQBb28CGDMHwX32MKAonsW7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/Sf5v0XZTFMnw98IWyzqtpsUJAGU.roa
Signing time: Tue 30 Jan 2024 15:39:39 +0000
ROA not before: Tue 30 Jan 2024 15:39:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29286
IP address blocks: 91.102.104.0/21 maxlen: 21
185.20.148.0/24 maxlen: 24
185.20.149.0/24 maxlen: 24
185.20.150.0/24 maxlen: 24
185.20.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 08:09:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5b:06:a9:2f:44:d5:99:bd:09:62:a3:e9:42:b3:79:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29c9b04016f6f02183307c17df630a0289ec5bb5
Validity
Not Before: Jan 30 15:39:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49fe6fd1765314c9f0f7c216cb3aada6c5090065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fa:a0:c8:33:0e:b3:42:68:5b:08:d7:67:ab:
b8:f8:3a:3d:40:b8:f6:c3:77:88:b6:26:bf:9f:cc:
e8:76:27:f2:4c:8f:59:c9:2b:ba:71:fe:86:ef:5a:
06:de:f9:1f:93:d6:54:78:fa:3e:bf:22:8e:35:dd:
77:79:a8:82:f5:69:b8:57:66:f7:0c:8b:66:fc:56:
8f:2f:cc:82:79:2f:3c:33:bc:56:86:21:e7:7e:e4:
d7:9d:b2:5e:da:21:7c:53:3d:fe:55:1b:4a:96:4e:
1b:21:0a:e1:b7:e7:7b:44:e9:a6:3f:d9:a7:09:4a:
b9:c8:61:03:88:67:1d:80:c5:70:75:6d:ee:46:45:
b1:fa:86:c3:9f:78:f7:3d:00:7f:b8:ed:ea:11:3b:
ec:1b:c0:74:92:83:e1:5a:22:99:8d:5d:f0:5a:ce:
8a:bb:69:c2:20:ca:27:24:0f:9b:40:28:68:d2:dd:
67:7d:08:77:3a:65:4f:b5:08:d2:fe:84:c4:82:3e:
b9:92:4b:a7:8e:67:a0:32:52:43:e3:59:1d:36:15:
fb:26:82:13:c0:bd:7d:23:3b:e2:ec:31:b9:4b:f1:
57:9b:3d:d9:08:85:4e:44:da:1f:6d:2b:bb:d1:95:
2d:0c:20:79:c4:e8:39:43:76:e5:70:cd:9d:41:0d:
a2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:FE:6F:D1:76:53:14:C9:F0:F7:C2:16:CB:3A:AD:A6:C5:09:00:65
X509v3 Authority Key Identifier:
keyid:29:C9:B0:40:16:F6:F0:21:83:30:7C:17:DF:63:0A:02:89:EC:5B:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KcmwQBb28CGDMHwX32MKAonsW7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/Sf5v0XZTFMnw98IWyzqtpsUJAGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/KcmwQBb28CGDMHwX32MKAonsW7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.104.0/21
185.20.148.0/22
Signature Algorithm: sha256WithRSAEncryption
45:bd:cc:88:f7:87:c4:c0:ea:aa:08:77:de:cd:b9:2e:3a:e4:
26:a5:4a:21:ff:15:2a:02:3f:fa:41:1f:5e:ab:98:e9:84:98:
70:59:57:96:40:15:62:d3:db:4f:48:4b:95:20:50:5c:3a:bc:
19:74:ad:a4:7d:7f:d5:e8:ec:34:84:63:bd:9e:0a:21:fb:8a:
16:db:04:64:87:5d:02:3c:6e:51:86:ae:a0:e3:8b:ac:42:b4:
a5:ef:49:21:43:0b:60:4e:e7:53:e0:ee:9c:4b:e9:c0:6f:02:
c0:28:bc:80:87:3f:33:db:2c:85:2a:85:9f:dc:58:c2:27:0d:
b2:a8:75:13:c9:9e:e7:73:e3:26:ba:46:b5:84:2e:af:8f:63:
ee:65:65:ec:0b:e3:05:2f:29:ce:bd:b0:75:73:ec:aa:c2:08:
2a:85:bc:d0:f9:68:3a:9f:aa:44:c6:84:5e:ab:63:90:0d:65:
5e:42:c9:af:56:7b:1a:19:ba:3a:88:ca:d6:77:ff:d8:83:f4:
9c:1b:dd:5a:15:c2:31:5a:84:b9:f9:ad:c7:0b:8e:5c:6d:e3:
38:c0:ba:c6:a1:3b:6f:00:ab:bb:02:4e:c3:f2:f9:c0:95:42:
68:71:6d:ca:4c:0b:74:9e:a9:ad:16:6c:65:8d:02:6c:82:5a:
32:85:8e:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1bBqkvRNWZvQlio+lCs3lXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YzliMDQwMTZmNmYwMjE4MzMwN2MxN2RmNjMwYTAyODll
YzViYjUwHhcNMjQwMTMwMTUzOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWZlNmZkMTc2NTMxNGM5ZjBmN2MyMTZjYjNhYWRhNmM1MDkwMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/qgyDMOs0JoWwjXZ6u4+Do9QLj2
w3eItia/n8zodifyTI9ZySu6cf6G71oG3vkfk9ZUePo+vyKONd13eaiC9Wm4V2b3
DItm/FaPL8yCeS88M7xWhiHnfuTXnbJe2iF8Uz3+VRtKlk4bIQrht+d7ROmmP9mn
CUq5yGEDiGcdgMVwdW3uRkWx+obDn3j3PQB/uO3qETvsG8B0koPhWiKZjV3wWs6K
u2nCIMonJA+bQCho0t1nfQh3OmVPtQjS/oTEgj65kkunjmegMlJD41kdNhX7JoIT
wL19Izvi7DG5S/FXmz3ZCIVORNofbSu70ZUtDCB5xOg5Q3blcM2dQQ2iuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEn+b9F2UxTJ8PfCFss6rabFCQBlMB8GA1UdIwQY
MBaAFCnJsEAW9vAhgzB8F99jCgKJ7Fu1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Ntd1FCYjI4Q0dETUh3WDMyTUtBb25zVzdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NTE4NDctMzMyZC00ZTI3LWI0N2Et
MWQ1OTFiYmQ0MDYwLzEvU2Y1djBYWlRGTW53OThJV3l6cXRwc1VKQUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NTE4NDctMzMyZC00ZTI3LWI0N2EtMWQ1OTFiYmQ0MDYw
LzEvS2Ntd1FCYjI4Q0dETUh3WDMyTUtBb25zVzdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDW2ZoAwQC
uRSUMA0GCSqGSIb3DQEBCwUAA4IBAQBFvcyI94fEwOqqCHfezbkuOuQmpUoh/xUq
Aj/6QR9eq5jphJhwWVeWQBVi09tPSEuVIFBcOrwZdK2kfX/V6Ow0hGO9ngoh+4oW
2wRkh10CPG5Rhq6g44usQrSl70khQwtgTudT4O6cS+nAbwLAKLyAhz8z2yyFKoWf
3FjCJw2yqHUTyZ7nc+Mmuka1hC6vj2PuZWXsC+MFLynOvbB1c+yqwggqhbzQ+Wg6
n6pExoReq2OQDWVeQsmvVnsaGbo6iMrWd//Yg/ScG91aFcIxWoS5+a3HC45cbeM4
wLrGoTtvAKu7Ak7D8vnAlUJocW3KTAt0nqmtFmxljQJsgloyhY7q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:02 2024 by rpki-client on console-ams.rpki-client.org