Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/SyKpSZMjLk-l2m-j5DWwodwX0l8.roa
File: SyKpSZMjLk-l2m-j5DWwodwX0l8.roa (raw, json)
Hash identifier: kE2s78U0LJ1+z2Mvbgmmy70R3GJnqfb6Xt3hxKiHHtU=
Subject key identifier: 4B:22:A9:49:93:23:2E:4F:A5:DA:6F:A3:E4:35:B0:A1:DC:17:D2:5F
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 018A5F5FBE1BE66876A5FC901C23AD881C2C
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/SyKpSZMjLk-l2m-j5DWwodwX0l8.roa
Signing time: Mon 04 Sep 2023 08:47:04 +0000
ROA not before: Mon 04 Sep 2023 08:47:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50495
IP address blocks: 91.223.99.0/24 maxlen: 24
91.223.102.0/24 maxlen: 24
91.223.126.0/24 maxlen: 24
194.39.32.0/22 maxlen: 22
77.83.232.0/22 maxlen: 22
2a09:2c00::/29 maxlen: 29
2a06:ef40::/32 maxlen: 36
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:5f:be:1b:e6:68:76:a5:fc:90:1c:23:ad:88:1c:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Sep 4 08:47:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b22a94993232e4fa5da6fa3e435b0a1dc17d25f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c9:3b:5c:9f:39:23:dd:e4:c0:45:57:27:a7:
ff:00:1a:4f:8d:f2:67:e9:91:f3:4d:96:fe:2a:c8:
0c:87:68:ff:de:27:b5:aa:32:d9:a9:34:0b:d6:78:
bb:79:15:85:62:42:13:b5:5a:57:ce:e4:6a:8d:0c:
8a:28:49:8c:75:a4:a5:00:79:e3:3a:d9:09:da:01:
9d:66:2f:40:e9:57:f6:8e:8a:eb:1e:e1:e3:b2:4b:
a5:7e:c1:8b:5f:fa:d8:c2:ae:61:3d:d7:4f:fb:c2:
a9:8d:1a:3d:01:f7:85:0a:19:4b:65:23:9e:f6:15:
71:b9:15:3b:f9:11:06:17:ea:91:6f:5e:1e:36:fa:
e5:b8:c1:c5:5e:12:3b:8e:0f:a2:bc:12:a9:c0:20:
bc:8e:12:0f:a0:01:63:18:7c:50:95:6e:58:85:1c:
fd:d7:94:ef:80:8d:16:9b:d4:33:31:11:63:63:b1:
62:fd:9e:3a:d8:b2:8b:b5:6a:f4:7d:4a:be:d9:67:
6b:34:a5:b0:52:01:56:5d:12:e4:0c:98:cb:30:d5:
6c:e2:8f:4e:1d:a2:71:fc:53:0c:1e:f3:96:7e:3a:
96:db:63:6e:4e:1a:27:b8:1b:b4:61:85:10:f1:14:
7c:c4:1e:28:e8:d0:04:ee:cc:87:fe:6d:1c:54:12:
9b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:22:A9:49:93:23:2E:4F:A5:DA:6F:A3:E4:35:B0:A1:DC:17:D2:5F
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/SyKpSZMjLk-l2m-j5DWwodwX0l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.232.0/22
91.223.99.0/24
91.223.102.0/24
91.223.126.0/24
194.39.32.0/22
IPv6:
2a06:ef40::/32
2a09:2c00::/29
Signature Algorithm: sha256WithRSAEncryption
3c:3a:ad:ea:6b:62:ec:05:58:fa:47:8c:47:29:31:cc:d7:ff:
d6:42:81:a2:14:d0:a0:d1:4b:93:83:87:9a:d0:43:19:14:e2:
8c:94:30:c7:13:92:15:95:fd:d5:1c:37:94:81:a2:8f:91:cd:
90:68:20:88:68:a3:05:e8:5c:29:90:e4:2a:9c:97:64:5c:30:
fb:d5:0c:96:d0:be:a3:88:62:17:78:9f:d7:12:df:f0:f7:5c:
31:65:5a:c8:03:93:e2:7c:ac:8f:48:09:71:00:49:ff:f9:c7:
fa:62:d0:ea:33:f3:fc:c7:c0:f7:dc:9f:d2:41:3f:ff:a5:10:
c2:35:04:5e:d1:d6:4e:9e:65:3d:36:65:bc:97:e2:88:2b:98:
fc:ee:db:7a:c0:b9:1f:d0:ce:83:a2:fc:44:c6:80:a0:69:27:
78:9f:38:14:fc:0e:23:56:88:6b:7d:a6:29:73:2c:d1:e3:8b:
a5:a1:e1:a3:aa:2f:b9:e2:fb:37:4b:88:51:c4:5c:47:b4:ea:
76:f8:4e:9d:93:bb:5a:6c:e1:0b:6f:2b:6b:2c:94:fe:86:5d:
c5:c2:f9:e8:82:a8:1f:5c:05:d7:20:39:80:64:1d:04:2e:b6:
4e:d2:62:65:ea:f9:0e:7b:d9:ea:bd:66:40:47:c5:48:d5:84:
36:22:9e:bb
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYpfX74b5mh2pfyQHCOtiBwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjMwOTA0MDg0NzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjIyYTk0OTkzMjMyZTRmYTVkYTZmYTNlNDM1YjBhMWRjMTdkMjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMk7XJ85I93kwEVXJ6f/ABpPjfJn
6ZHzTZb+KsgMh2j/3ie1qjLZqTQL1ni7eRWFYkITtVpXzuRqjQyKKEmMdaSlAHnj
OtkJ2gGdZi9A6Vf2jorrHuHjskulfsGLX/rYwq5hPddP+8KpjRo9AfeFChlLZSOe
9hVxuRU7+REGF+qRb14eNvrluMHFXhI7jg+ivBKpwCC8jhIPoAFjGHxQlW5YhRz9
15TvgI0Wm9QzMRFjY7Fi/Z462LKLtWr0fUq+2WdrNKWwUgFWXRLkDJjLMNVs4o9O
HaJx/FMMHvOWfjqW22NuThonuBu0YYUQ8RR8xB4o6NAE7syH/m0cVBKb4wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFEsiqUmTIy5Ppdpvo+Q1sKHcF9JfMB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvU3lLcFNaTWpMay1sMm0tajVEV3dvZHdYMGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCTVPoAwQA
W99jAwQAW99mAwQAW99+AwQCwicgMBQEAgACMA4DBQAqBu9AAwUDKgksADANBgkq
hkiG9w0BAQsFAAOCAQEAPDqt6mti7AVY+keMRykxzNf/1kKBohTQoNFLk4OHmtBD
GRTijJQwxxOSFZX91Rw3lIGij5HNkGggiGijBehcKZDkKpyXZFww+9UMltC+o4hi
F3if1xLf8PdcMWVayAOT4nysj0gJcQBJ//nH+mLQ6jPz/MfA99yf0kE//6UQwjUE
XtHWTp5lPTZlvJfiiCuY/O7besC5H9DOg6L8RMaAoGkneJ84FPwOI1aIa32mKXMs
0eOLpaHho6ovueL7N0uIUcRcR7TqdvhOnZO7WmzhC28rayyU/oZdxcL56IKoH1wF
1yA5gGQdBC62TtJiZer5DnvZ6r1mQEfFSNWENiKeuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:36 2024 by rpki-client on console-ams.rpki-client.org