Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/s0rUXdNFo2DZHsJyaMGWYnHABkE.roa
File: s0rUXdNFo2DZHsJyaMGWYnHABkE.roa (raw, json)
Hash identifier: zyFti/i7teK27IAiXFEEckepK/CcoAufbLmWtc+Qojw=
Subject key identifier: B3:4A:D4:5D:D3:45:A3:60:D9:1E:C2:72:68:C1:96:62:71:C0:06:41
Certificate issuer: /CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
Certificate serial: 018BC219DFF0367936B5B39D715A1B940CE0
Authority key identifier: 48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/s0rUXdNFo2DZHsJyaMGWYnHABkE.roa
Signing time: Sun 12 Nov 2023 05:55:57 +0000
ROA not before: Sun 12 Nov 2023 05:55:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203684
IP address blocks: 91.199.9.0/24 maxlen: 24
91.199.18.0/24 maxlen: 24
91.199.30.0/24 maxlen: 24
91.199.27.0/24 maxlen: 24
185.187.86.0/23 maxlen: 23
185.187.86.0/24 maxlen: 24
185.187.87.0/24 maxlen: 24
185.186.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c2:19:df:f0:36:79:36:b5:b3:9d:71:5a:1b:94:0c:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
Validity
Not Before: Nov 12 05:55:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b34ad45dd345a360d91ec27268c1966271c00641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:68:1f:b2:41:d8:8b:3c:43:1a:79:f6:fc:d5:
0d:0c:d0:1e:3b:9a:98:fc:c1:c4:8e:7d:f5:c1:15:
fa:e1:65:a4:a9:b2:14:f9:6c:c6:48:6e:51:29:9f:
22:c1:17:2a:20:7a:c2:ff:b1:b2:c7:78:f3:98:df:
a5:48:dd:b2:f0:04:30:e4:51:cc:97:61:14:73:8b:
8d:04:67:ea:11:90:26:44:88:99:c8:a5:8a:f1:11:
94:a9:e1:62:23:6e:71:02:e6:21:d1:3f:b8:80:ff:
d1:72:b4:93:90:25:8e:bd:3f:f7:78:99:2f:17:76:
fc:81:10:a0:4b:47:25:23:31:90:0c:bc:fd:78:fe:
36:b7:07:2f:f2:42:95:75:19:49:1c:be:88:b0:4a:
3c:59:e3:81:b3:cc:eb:49:6f:a1:37:fe:62:72:c5:
39:8e:22:22:de:71:21:d1:f4:0b:e8:bd:a3:c9:67:
19:25:3a:4d:b3:0c:f0:16:91:05:81:1d:4d:89:8b:
b9:02:f6:ce:70:a6:a6:fd:0f:cf:19:3f:1c:ce:d9:
0a:34:2f:81:a2:d5:76:96:4a:c0:70:41:0d:bf:0c:
5d:b8:0b:2d:e6:fa:73:f7:ce:32:d3:b4:76:d4:1e:
bf:c4:5c:e2:b9:9e:1e:87:37:50:94:16:b8:d0:0e:
21:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:4A:D4:5D:D3:45:A3:60:D9:1E:C2:72:68:C1:96:62:71:C0:06:41
X509v3 Authority Key Identifier:
keyid:48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/s0rUXdNFo2DZHsJyaMGWYnHABkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/SAGluBYVjweoyorLN-l-LyCwaRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.9.0/24
91.199.18.0/24
91.199.27.0/24
91.199.30.0/24
185.186.240.0/24
185.187.86.0/23
Signature Algorithm: sha256WithRSAEncryption
53:5f:1e:1a:bb:2e:d1:ca:de:35:3a:a4:2a:88:79:26:34:43:
26:8d:f3:93:4a:f3:8d:6d:77:9b:d0:2b:89:d1:04:d9:fe:f2:
a1:4b:4d:f6:a5:b4:0e:5e:2e:e4:3f:c0:8e:a7:fc:3d:d6:b7:
5b:f5:3a:5d:bf:4b:df:c1:b0:38:56:53:3c:8d:02:e8:0f:e5:
b0:78:84:10:ec:52:41:68:a4:4c:21:cd:af:49:f1:8a:66:79:
a2:09:67:9e:f2:2b:dc:75:23:d0:19:e2:58:92:81:fd:9f:63:
5c:71:52:31:90:3e:27:83:bf:0c:23:c7:01:ed:e6:63:ca:1a:
cf:71:d1:4d:79:ee:af:51:14:94:3a:29:1c:2d:55:12:01:a9:
bc:90:d0:db:a8:0d:8b:a0:78:28:99:7d:9b:5f:46:9f:b8:9d:
28:ea:ec:c6:2a:21:15:9d:ac:eb:ee:05:1b:93:5f:58:54:27:
54:27:a5:1c:29:10:7b:2a:2d:57:ab:a9:7c:d2:c6:c0:09:19:
94:cd:61:d2:38:87:47:4c:60:32:dc:93:1d:1c:b8:5b:99:2c:
a2:77:2b:3b:d2:3f:91:8f:10:25:62:97:b7:56:2d:93:6f:4a:
1c:42:9b:55:d6:1e:93:64:16:8a:e7:1a:42:96:c2:e4:62:cf:
01:eb:dc:fc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYvCGd/wNnk2tbOdcVoblAzgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDFhNWI4MTYxNThmMDdhOGNhOGFjYjM3ZTk3ZTJmMjBi
MDY5MTEwHhcNMjMxMTEyMDU1NTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzRhZDQ1ZGQzNDVhMzYwZDkxZWMyNzI2OGMxOTY2MjcxYzAwNjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGgfskHYizxDGnn2/NUNDNAeO5qY
/MHEjn31wRX64WWkqbIU+WzGSG5RKZ8iwRcqIHrC/7Gyx3jzmN+lSN2y8AQw5FHM
l2EUc4uNBGfqEZAmRIiZyKWK8RGUqeFiI25xAuYh0T+4gP/RcrSTkCWOvT/3eJkv
F3b8gRCgS0clIzGQDLz9eP42twcv8kKVdRlJHL6IsEo8WeOBs8zrSW+hN/5icsU5
jiIi3nEh0fQL6L2jyWcZJTpNswzwFpEFgR1NiYu5AvbOcKam/Q/PGT8cztkKNC+B
otV2lkrAcEENvwxduAst5vpz984y07R21B6/xFziuZ4ehzdQlBa40A4hZwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLNK1F3TRaNg2R7CcmjBlmJxwAZBMB8GA1UdIwQY
MBaAFEgBpbgWFY8HqMqKyzfpfi8gsGkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTkt
ZWU4MTBiODNhZGNkLzEvczByVVhkTkZvMkRaSHNKeWFNR1dZbkhBQmtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTktZWU4MTBiODNhZGNk
LzEvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW8cJAwQA
W8cSAwQAW8cbAwQAW8ceAwQAubrwAwQBubtWMA0GCSqGSIb3DQEBCwUAA4IBAQBT
Xx4auy7Ryt41OqQqiHkmNEMmjfOTSvONbXeb0CuJ0QTZ/vKhS032pbQOXi7kP8CO
p/w91rdb9Tpdv0vfwbA4VlM8jQLoD+WweIQQ7FJBaKRMIc2vSfGKZnmiCWee8ivc
dSPQGeJYkoH9n2NccVIxkD4ng78MI8cB7eZjyhrPcdFNee6vURSUOikcLVUSAam8
kNDbqA2LoHgomX2bX0afuJ0o6uzGKiEVnazr7gUbk19YVCdUJ6UcKRB7Ki1Xq6l8
0sbACRmUzWHSOIdHTGAy3JMdHLhbmSyidys70j+RjxAlYpe3Vi2Tb0ocQptV1h6T
ZBaK5xpClsLkYs8B69z8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:46 2024 by rpki-client on console-ams.rpki-client.org