Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/_SUtDYoUWy4QrRhQr9oiayK_8QI.roa
File: _SUtDYoUWy4QrRhQr9oiayK_8QI.roa (raw, json)
Hash identifier: vkmJeOQPLGMB7SyjejxQHRDdZPZvn7AcP9VkYjSbOKc=
Subject key identifier: FD:25:2D:0D:8A:14:5B:2E:10:AD:18:50:AF:DA:22:6B:22:BF:F1:02
Certificate issuer: /CN=0babd682c1a8fc5037adbf68143ae77fd00f38ab
Certificate serial: 018B0006824438959AF5A759387837131AB7
Authority key identifier: 0B:AB:D6:82:C1:A8:FC:50:37:AD:BF:68:14:3A:E7:7F:D0:0F:38:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6vWgsGo_FA3rb9oFDrnf9APOKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/_SUtDYoUWy4QrRhQr9oiayK_8QI.roa
Signing time: Thu 05 Oct 2023 13:28:28 +0000
ROA not before: Thu 05 Oct 2023 13:28:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50833
IP address blocks: 91.224.59.0/24 maxlen: 24
193.150.129.0/24 maxlen: 24
185.159.89.0/24 maxlen: 24
193.150.128.0/24 maxlen: 24
2a10:24c0:6c2::/48 maxlen: 48
2a10:24c0:ada1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:00:06:82:44:38:95:9a:f5:a7:59:38:78:37:13:1a:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0babd682c1a8fc5037adbf68143ae77fd00f38ab
Validity
Not Before: Oct 5 13:28:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd252d0d8a145b2e10ad1850afda226b22bff102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:46:c6:96:ed:fb:90:cf:8e:e9:c6:98:f4:a5:
bb:70:a3:fb:81:8f:a8:76:55:1e:28:93:eb:e2:88:
dd:58:43:5e:fe:8b:9e:71:6d:25:19:f1:03:dd:4a:
3a:c6:36:ae:08:43:01:1b:b8:3f:8a:98:ac:a4:11:
0d:d5:f0:0f:b6:cf:30:01:f3:70:f6:90:89:86:80:
85:b5:21:f5:32:1c:d6:c7:65:0e:b9:9a:e1:1c:a9:
08:23:a8:81:28:1c:ab:76:c4:5a:80:36:03:0a:4b:
47:5f:fa:2a:86:75:d5:99:05:fb:3b:5f:4b:ea:43:
cf:2f:7e:d9:fb:c0:58:68:39:cb:2e:3f:0b:05:d9:
28:7a:6c:f0:5b:b0:e3:2f:41:a7:40:3f:83:e1:9f:
d1:e1:3f:11:da:b5:95:8c:2a:2d:38:44:fc:77:a9:
21:6f:1b:88:fb:b3:e1:ad:11:0b:c5:c3:d4:92:df:
e1:4d:dd:f2:73:6b:b8:85:6a:82:10:6c:6c:8b:00:
39:44:30:b7:2f:ea:73:11:25:75:7e:40:9f:6e:66:
26:ec:de:14:22:21:85:4d:e8:f4:8c:d6:5f:5d:c2:
d8:bf:a7:3d:69:a6:d0:5e:1e:38:4d:aa:28:c0:95:
9a:ee:76:7b:83:17:67:5e:36:bd:38:58:8b:71:85:
f7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:25:2D:0D:8A:14:5B:2E:10:AD:18:50:AF:DA:22:6B:22:BF:F1:02
X509v3 Authority Key Identifier:
keyid:0B:AB:D6:82:C1:A8:FC:50:37:AD:BF:68:14:3A:E7:7F:D0:0F:38:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6vWgsGo_FA3rb9oFDrnf9APOKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/_SUtDYoUWy4QrRhQr9oiayK_8QI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/C6vWgsGo_FA3rb9oFDrnf9APOKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.59.0/24
185.159.89.0/24
193.150.128.0/23
IPv6:
2a10:24c0:6c2::/48
2a10:24c0:ada1::/48
Signature Algorithm: sha256WithRSAEncryption
0d:25:c8:8f:32:bd:df:ed:44:0c:91:36:6b:7d:28:9d:4b:26:
e7:fd:d7:31:96:dd:2c:b3:6f:63:f3:89:d7:f6:af:f9:fa:29:
de:d1:88:65:97:cf:e7:22:5a:5c:60:30:e4:d4:24:5f:c2:06:
c7:28:ae:b0:af:f1:63:be:2e:65:61:a6:21:57:9d:f7:b8:c8:
b8:b6:87:f3:c0:9b:b3:0a:f0:fc:b2:26:c1:ab:d7:87:1a:ce:
4a:54:8b:dc:c4:d3:30:83:29:69:df:ea:c6:f7:90:82:c6:fe:
18:3b:ea:80:b7:ed:0b:e5:33:83:7e:2f:5d:f6:74:8c:05:48:
43:d4:67:82:4b:9e:89:f4:a8:c9:4e:22:87:cf:df:fe:e6:72:
bd:0c:f4:4f:46:ea:8f:4b:4b:f0:73:ab:54:ba:54:42:c4:9e:
ef:e3:a1:76:6e:e0:2b:ba:73:ea:ba:e3:04:71:06:32:98:ec:
20:79:e1:84:f4:be:d3:7a:e1:b2:ae:64:0b:de:b4:57:19:a6:
2c:78:ec:23:68:c1:52:21:bf:79:43:ff:4e:4e:6d:5b:b1:0a:
03:03:5a:61:e9:c7:d6:e0:42:6e:cd:ac:19:74:a8:67:a9:ea:
60:78:65:58:80:70:c8:76:83:c9:92:a6:c4:79:d2:b2:92:1c:
df:af:ff:f6
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYsABoJEOJWa9adZOHg3Exq3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWJkNjgyYzFhOGZjNTAzN2FkYmY2ODE0M2FlNzdmZDAw
ZjM4YWIwHhcNMjMxMDA1MTMyODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDI1MmQwZDhhMTQ1YjJlMTBhZDE4NTBhZmRhMjI2YjIyYmZmMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0bGlu37kM+O6caY9KW7cKP7gY+o
dlUeKJPr4ojdWENe/ouecW0lGfED3Uo6xjauCEMBG7g/ipispBEN1fAPts8wAfNw
9pCJhoCFtSH1MhzWx2UOuZrhHKkII6iBKByrdsRagDYDCktHX/oqhnXVmQX7O19L
6kPPL37Z+8BYaDnLLj8LBdkoemzwW7DjL0GnQD+D4Z/R4T8R2rWVjCotOET8d6kh
bxuI+7PhrRELxcPUkt/hTd3yc2u4hWqCEGxsiwA5RDC3L+pzESV1fkCfbmYm7N4U
IiGFTej0jNZfXcLYv6c9aabQXh44TaoowJWa7nZ7gxdnXja9OFiLcYX3hwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFP0lLQ2KFFsuEK0YUK/aImsiv/ECMB8GA1UdIwQY
MBaAFAur1oLBqPxQN62/aBQ653/QDzirMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ2V2dzR29fRkEzcmI5b0ZEcm5mOUFQT0tzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9iYzQwMWEtNjkzOC00ZmRjLTljNmUt
ZmFjM2Q1NTQzYTJjLzEvX1NVdERZb1VXeTRRclJoUXI5b2lheUtfOFFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9iYzQwMWEtNjkzOC00ZmRjLTljNmUtZmFjM2Q1NTQzYTJj
LzEvQzZ2V2dzR29fRkEzcmI5b0ZEcm5mOUFQT0tzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAW+A7AwQA
uZ9ZAwQBwZaAMBgEAgACMBIDBwAqECTABsIDBwAqECTAraEwDQYJKoZIhvcNAQEL
BQADggEBAA0lyI8yvd/tRAyRNmt9KJ1LJuf91zGW3Syzb2Pzidf2r/n6Kd7RiGWX
z+ciWlxgMOTUJF/CBscorrCv8WO+LmVhpiFXnfe4yLi2h/PAm7MK8PyyJsGr14ca
zkpUi9zE0zCDKWnf6sb3kILG/hg76oC37QvlM4N+L132dIwFSEPUZ4JLnon0qMlO
IofP3/7mcr0M9E9G6o9LS/Bzq1S6VELEnu/joXZu4Cu6c+q64wRxBjKY7CB54YT0
vtN64bKuZAvetFcZpix47CNowVIhv3lD/05ObVuxCgMDWmHpx9bgQm7NrBl0qGep
6mB4ZViAcMh2g8mSpsR50rKSHN+v//Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:06 2024 by rpki-client on console-ams.rpki-client.org