Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/SPQ2GWtfcgwl9L3My93s4BHCKNw.roa
File: SPQ2GWtfcgwl9L3My93s4BHCKNw.roa (raw, json)
Hash identifier: rIDvlE6uSlCdZeR+WxzRtKLgWeoEYAhzTSeV3hWRn74=
Subject key identifier: 48:F4:36:19:6B:5F:72:0C:25:F4:BD:CC:CB:DD:EC:E0:11:C2:28:DC
Certificate issuer: /CN=4fb2bb7bad50f1921810a028e78edd65f81f6a7d
Certificate serial: 0185720C7C6E1D799DB0B27B8616B08F7A63
Authority key identifier: 4F:B2:BB:7B:AD:50:F1:92:18:10:A0:28:E7:8E:DD:65:F8:1F:6A:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/SPQ2GWtfcgwl9L3My93s4BHCKNw.roa
Signing time: Mon 02 Jan 2023 10:34:58 +0000
ROA not before: Mon 02 Jan 2023 10:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64249
IP address blocks: 91.238.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:7c:6e:1d:79:9d:b0:b2:7b:86:16:b0:8f:7a:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fb2bb7bad50f1921810a028e78edd65f81f6a7d
Validity
Not Before: Jan 2 10:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48f436196b5f720c25f4bdcccbddece011c228dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9b:60:4d:b6:1e:05:72:c6:18:e8:af:8d:9e:
28:27:b5:13:22:74:40:12:4c:1c:26:de:4e:61:89:
6c:e3:7f:9a:23:3f:67:76:bb:d1:5e:41:b3:be:6c:
f1:b3:ef:45:a1:b8:cb:a2:9e:4f:ff:d6:55:7f:b7:
12:58:a8:7a:3a:1e:5a:0d:47:6e:07:5a:fb:c5:24:
3e:98:fc:4a:06:e8:66:b1:06:34:d3:82:67:0c:fe:
39:a4:7e:49:e9:be:19:1e:b1:3e:b4:43:11:c9:62:
ad:c4:26:2a:45:52:c4:5a:b2:1a:1b:01:6a:e0:0d:
18:7a:0f:d4:aa:b3:ae:aa:d0:8a:6d:a6:ee:49:0a:
e6:b5:c8:4d:c4:cb:04:5f:4f:b1:2d:fd:5e:7b:e1:
70:7f:44:9f:c0:75:e6:9a:60:8e:8d:e3:67:d8:18:
7b:66:db:67:0d:20:f0:99:93:6a:54:d4:0f:5f:53:
f3:b0:5a:8e:ed:1e:cb:23:d2:21:a7:1c:bd:ce:33:
f4:f7:bb:2f:1a:1e:74:9d:44:c8:ae:04:29:e3:39:
0d:cb:84:97:f2:22:f0:c2:c7:42:20:5a:4b:bc:ab:
3c:b7:26:b2:f6:e6:99:bb:9b:0a:80:a7:51:99:c1:
4f:0e:a1:46:2a:34:6a:51:b3:5a:73:cf:d0:03:0e:
5c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:F4:36:19:6B:5F:72:0C:25:F4:BD:CC:CB:DD:EC:E0:11:C2:28:DC
X509v3 Authority Key Identifier:
keyid:4F:B2:BB:7B:AD:50:F1:92:18:10:A0:28:E7:8E:DD:65:F8:1F:6A:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/SPQ2GWtfcgwl9L3My93s4BHCKNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/T7K7e61Q8ZIYEKAo547dZfgfan0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.71.0/24
Signature Algorithm: sha256WithRSAEncryption
39:25:74:64:c0:53:aa:38:95:53:31:ca:29:ca:f4:dc:c3:b5:
21:fb:cf:be:2c:ca:7d:e1:89:b0:50:cb:cd:a6:d5:4a:d3:6d:
3d:b0:53:b5:dd:26:4c:c0:64:83:95:c6:4d:3b:6a:cf:3c:0f:
81:35:e4:41:2a:ec:d7:ce:1a:a7:43:2a:5e:9f:94:a6:76:0b:
7f:49:ff:01:73:34:7a:ca:ff:76:91:da:a5:85:8e:3d:e2:4f:
f6:1d:7b:7a:82:e2:b1:cf:9d:c1:45:12:ef:a3:17:85:78:68:
ec:ca:05:3f:c4:f3:3d:e0:c1:e7:0a:96:f2:cb:78:2f:ba:32:
9f:50:d5:4d:fa:8a:c6:d4:a4:5b:c2:cc:4d:83:6c:ce:20:3f:
64:35:ec:2f:77:3e:31:89:be:1f:17:30:08:ce:dd:e1:17:18:
e8:61:92:41:ab:05:7c:fc:f7:1f:6f:9a:93:46:26:2a:23:c1:
ff:35:15:75:ea:38:86:42:99:f9:19:fb:55:1a:4f:29:93:e2:
6c:37:6e:11:97:de:5c:b4:d8:d9:0c:f1:47:6a:1b:e3:a7:ee:
63:36:0f:3f:2c:98:24:ab:09:76:52:e1:d0:89:83:6d:4b:28:
68:fb:90:70:09:5a:95:96:84:45:80:55:af:ac:dd:96:31:26:
63:ef:91:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDHxuHXmdsLJ7hhawj3pjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYjJiYjdiYWQ1MGYxOTIxODEwYTAyOGU3OGVkZDY1Zjgx
ZjZhN2QwHhcNMjMwMTAyMTAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGY0MzYxOTZiNWY3MjBjMjVmNGJkY2NjYmRkZWNlMDExYzIyOGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZtgTbYeBXLGGOivjZ4oJ7UTInRA
EkwcJt5OYYls43+aIz9ndrvRXkGzvmzxs+9FobjLop5P/9ZVf7cSWKh6Oh5aDUdu
B1r7xSQ+mPxKBuhmsQY004JnDP45pH5J6b4ZHrE+tEMRyWKtxCYqRVLEWrIaGwFq
4A0Yeg/UqrOuqtCKbabuSQrmtchNxMsEX0+xLf1ee+Fwf0SfwHXmmmCOjeNn2Bh7
ZttnDSDwmZNqVNQPX1PzsFqO7R7LI9Ihpxy9zjP097svGh50nUTIrgQp4zkNy4SX
8iLwwsdCIFpLvKs8tyay9uaZu5sKgKdRmcFPDqFGKjRqUbNac8/QAw5cqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEj0NhlrX3IMJfS9zMvd7OARwijcMB8GA1UdIwQY
MBaAFE+yu3utUPGSGBCgKOeO3WX4H2p9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDdLN2U2MVE4WklZRUtBbzU0N2RaZmdmYW4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9mZGEzODItNDI1Ny00MWMzLThlYzYt
MjdmYmM5OWVhM2M2LzEvU1BRMkdXdGZjZ3dsOUwzTXk5M3M0QkhDS053LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9mZGEzODItNDI1Ny00MWMzLThlYzYtMjdmYmM5OWVhM2M2
LzEvVDdLN2U2MVE4WklZRUtBbzU0N2RaZmdmYW4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+5HMA0G
CSqGSIb3DQEBCwUAA4IBAQA5JXRkwFOqOJVTMcopyvTcw7Uh+8++LMp94YmwUMvN
ptVK0209sFO13SZMwGSDlcZNO2rPPA+BNeRBKuzXzhqnQypen5Smdgt/Sf8BczR6
yv92kdqlhY494k/2HXt6guKxz53BRRLvoxeFeGjsygU/xPM94MHnCpbyy3gvujKf
UNVN+orG1KRbwsxNg2zOID9kNewvdz4xib4fFzAIzt3hFxjoYZJBqwV8/Pcfb5qT
RiYqI8H/NRV16jiGQpn5GftVGk8pk+JsN24Rl95ctNjZDPFHahvjp+5jNg8/LJgk
qwl2UuHQiYNtSyho+5BwCVqVloRFgFWvrN2WMSZj75F4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:31 2024 by rpki-client on console-ams.rpki-client.org