Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/cUllOOQgTtXYIhTVrefS2QJWkKk.roa
File: cUllOOQgTtXYIhTVrefS2QJWkKk.roa (raw, json)
Hash identifier: ntZ3LiiaZkeXopDoG4Tg7x3jItdNBELCSe4obrocoX0=
Subject key identifier: 71:49:65:38:E4:20:4E:D5:D8:22:14:D5:AD:E7:D2:D9:02:56:90:A9
Certificate issuer: /CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
Certificate serial: 018F2A2732A304E438B70CE1E8E8899BA4B1
Authority key identifier: 48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/cUllOOQgTtXYIhTVrefS2QJWkKk.roa
Signing time: Mon 29 Apr 2024 13:59:22 +0000
ROA not before: Mon 29 Apr 2024 13:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203684
IP address blocks: 91.199.9.0/24 maxlen: 24
91.199.18.0/24 maxlen: 24
91.199.27.0/24 maxlen: 24
91.199.30.0/24 maxlen: 24
109.95.60.0/24 maxlen: 24
109.95.61.0/24 maxlen: 24
109.95.62.0/24 maxlen: 24
109.95.63.0/24 maxlen: 24
185.186.240.0/24 maxlen: 24
185.187.86.0/23 maxlen: 23
185.187.86.0/24 maxlen: 24
185.187.87.0/24 maxlen: 24
2a11:7700::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 30 Apr 2024 09:24:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2a:27:32:a3:04:e4:38:b7:0c:e1:e8:e8:89:9b:a4:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
Validity
Not Before: Apr 29 13:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71496538e4204ed5d82214d5ade7d2d9025690a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4e:89:56:22:34:da:46:15:92:a4:9e:03:36:
15:6b:5a:00:91:e5:30:55:a6:0b:0d:9d:d7:49:2f:
70:76:c9:de:56:ea:c6:b0:0a:eb:91:f4:5f:fb:8a:
79:4c:e1:0f:14:ec:71:39:9a:00:f3:2c:e4:81:d7:
b2:da:42:1e:af:36:fd:20:d0:be:fb:6c:4b:61:e3:
ed:e8:92:51:a5:58:cc:13:8c:a5:63:d0:93:49:c4:
ce:2b:8b:37:6a:14:83:f0:4b:c6:c6:e9:95:9d:54:
0d:6f:04:d5:d3:41:c2:eb:6a:ac:84:7b:ca:9b:0f:
e8:94:4f:47:a8:2e:90:54:43:21:ab:6f:f5:d4:07:
54:fc:5a:e6:07:7f:5e:33:dd:c5:bd:9c:49:6f:e4:
3b:76:a3:da:51:12:a4:8d:0c:21:21:f2:ab:ca:6e:
a9:0b:bf:ea:b2:96:d6:8a:98:e9:8c:61:b1:c7:17:
aa:57:63:f1:2f:be:5b:01:3e:84:56:7c:32:e7:c0:
04:cc:0d:9a:1b:2d:fe:42:80:fd:dd:1f:ce:76:1d:
71:7a:d2:e3:45:cb:7f:64:5c:c9:96:c4:4f:fb:58:
0b:0c:68:4f:c6:70:92:59:39:47:90:1e:3e:bd:81:
80:9a:42:b8:97:bf:e2:ac:2b:b2:4f:d2:92:6e:80:
04:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:49:65:38:E4:20:4E:D5:D8:22:14:D5:AD:E7:D2:D9:02:56:90:A9
X509v3 Authority Key Identifier:
keyid:48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/cUllOOQgTtXYIhTVrefS2QJWkKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/SAGluBYVjweoyorLN-l-LyCwaRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.9.0/24
91.199.18.0/24
91.199.27.0/24
91.199.30.0/24
109.95.60.0/22
185.186.240.0/24
185.187.86.0/23
IPv6:
2a11:7700::/29
Signature Algorithm: sha256WithRSAEncryption
72:eb:5e:31:6c:4d:46:aa:67:98:6f:62:95:41:b5:d3:12:06:
9f:14:74:29:73:1b:f2:40:d4:8a:16:cd:f3:6d:48:10:a2:be:
03:42:ae:76:a5:bf:dc:67:53:ee:70:e1:e5:a7:7c:74:f9:1e:
24:4c:ad:7a:0c:d7:49:13:4c:86:7b:5e:59:10:fb:43:fa:b0:
16:5f:cc:24:00:75:f5:94:9b:56:36:54:e3:84:fd:b4:f5:6a:
52:59:cf:5d:9d:df:81:aa:7f:17:b0:82:11:dc:c3:08:44:f7:
e7:db:f1:79:10:cf:25:77:6b:4f:ea:8a:26:73:d7:fb:7d:cb:
02:a7:ab:57:15:51:b4:eb:8d:d6:d3:2d:9f:80:06:85:94:fb:
b0:5f:37:a8:a8:73:53:4d:e9:82:ee:d4:f4:22:63:87:76:03:
f2:f1:ed:4a:63:91:da:49:bd:f3:e5:60:05:82:b0:18:11:1c:
36:68:96:52:1c:61:09:8f:49:be:a4:94:6f:3f:f5:a0:0b:05:
d0:38:05:6c:7b:08:1a:67:3d:b8:4f:7c:ed:9d:2c:84:0c:3f:
ac:25:1f:4c:69:c0:6a:c3:2a:6c:89:81:fb:de:00:fc:e8:1f:
90:32:cf:ab:ec:4b:72:96:62:5a:24:44:93:30:ef:65:48:11:
86:80:85:ef
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY8qJzKjBOQ4twzh6OiJm6SxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDFhNWI4MTYxNThmMDdhOGNhOGFjYjM3ZTk3ZTJmMjBi
MDY5MTEwHhcNMjQwNDI5MTM1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTQ5NjUzOGU0MjA0ZWQ1ZDgyMjE0ZDVhZGU3ZDJkOTAyNTY5MGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU6JViI02kYVkqSeAzYVa1oAkeUw
VaYLDZ3XSS9wdsneVurGsArrkfRf+4p5TOEPFOxxOZoA8yzkgdey2kIerzb9INC+
+2xLYePt6JJRpVjME4ylY9CTScTOK4s3ahSD8EvGxumVnVQNbwTV00HC62qshHvK
mw/olE9HqC6QVEMhq2/11AdU/FrmB39eM93FvZxJb+Q7dqPaURKkjQwhIfKrym6p
C7/qspbWipjpjGGxxxeqV2PxL75bAT6EVnwy58AEzA2aGy3+QoD93R/Odh1xetLj
Rct/ZFzJlsRP+1gLDGhPxnCSWTlHkB4+vYGAmkK4l7/irCuyT9KSboAEgQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHFJZTjkIE7V2CIU1a3n0tkCVpCpMB8GA1UdIwQY
MBaAFEgBpbgWFY8HqMqKyzfpfi8gsGkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTkt
ZWU4MTBiODNhZGNkLzEvY1VsbE9PUWdUdFhZSWhUVnJlZlMyUUpXa0trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTktZWU4MTBiODNhZGNk
LzEvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAW8cJAwQA
W8cSAwQAW8cbAwQAW8ceAwQCbV88AwQAubrwAwQBubtWMA0EAgACMAcDBQMqEXcA
MA0GCSqGSIb3DQEBCwUAA4IBAQBy614xbE1GqmeYb2KVQbXTEgafFHQpcxvyQNSK
Fs3zbUgQor4DQq52pb/cZ1PucOHlp3x0+R4kTK16DNdJE0yGe15ZEPtD+rAWX8wk
AHX1lJtWNlTjhP209WpSWc9dnd+Bqn8XsIIR3MMIRPfn2/F5EM8ld2tP6oomc9f7
fcsCp6tXFVG0643W0y2fgAaFlPuwXzeoqHNTTemC7tT0ImOHdgPy8e1KY5HaSb3z
5WAFgrAYERw2aJZSHGEJj0m+pJRvP/WgCwXQOAVsewgaZz24T3ztnSyEDD+sJR9M
acBqwypsiYH73gD86B+QMs+r7EtylmJaJESTMO9lSBGGgIXv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:29 2024 by rpki-client on console-fra.rpki-client.org