Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/sFhuGUIGxbmarhGf_Di10XELroY.roa
File: sFhuGUIGxbmarhGf_Di10XELroY.roa (raw, json)
Hash identifier: IvQ7TcYemaokXDcnKAVm/k5+AHNMWSz9iXhFTga601k=
Subject key identifier: B0:58:6E:19:42:06:C5:B9:9A:AE:11:9F:FC:38:B5:D1:71:0B:AE:86
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 018571B9E55F17E564633FB23C3B877B660C
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/sFhuGUIGxbmarhGf_Di10XELroY.roa
Signing time: Mon 02 Jan 2023 09:04:46 +0000
ROA not before: Mon 02 Jan 2023 09:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 45.67.4.0/22 maxlen: 32
92.119.168.0/22 maxlen: 32
2.58.76.0/22 maxlen: 32
213.173.60.0/22 maxlen: 32
Validation: Failed, certificate revoked on Mon 02 Jan 2023 15:56:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:e5:5f:17:e5:64:63:3f:b2:3c:3b:87:7b:66:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Jan 2 09:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0586e194206c5b99aae119ffc38b5d1710bae86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cf:7b:4c:80:b7:5a:3b:90:47:c2:3f:82:9f:
8e:3e:12:97:f7:0e:b8:1e:f8:c0:40:95:09:47:12:
21:ba:19:15:92:4e:12:75:2b:69:cc:d3:a7:a6:dd:
5f:67:21:ac:e1:79:69:14:1c:2b:63:96:11:23:a3:
23:d0:74:7d:14:e4:b5:f2:ac:b5:e1:83:5b:c8:a0:
bb:1d:8d:52:e2:c0:8f:6d:a9:3e:64:49:08:3c:61:
28:33:d5:f7:04:2d:bd:ec:e7:86:ce:a3:f8:94:0d:
06:0c:47:ea:d3:dc:86:29:0b:11:e9:ae:68:49:7f:
66:1c:88:01:3f:66:5e:3c:8f:7f:76:2a:9a:ff:be:
2f:20:4b:94:86:c0:30:fd:c6:5a:54:31:c1:ea:df:
bf:50:87:25:9e:1f:f5:e6:42:e7:be:d5:cf:3e:7e:
df:f9:4b:8c:eb:1a:2d:a6:d4:dd:70:d7:4f:c7:b9:
03:39:4f:1c:9f:aa:a3:e7:c7:f7:5b:68:19:55:00:
14:da:d9:19:d6:a8:74:5d:81:f3:56:50:4c:bc:4f:
e5:00:32:00:75:f1:1f:63:0b:f6:c9:1a:d3:a1:e0:
da:b7:8b:d9:f8:a3:15:0d:fc:ac:a9:23:63:f1:70:
97:3c:7d:57:a5:e3:d5:8a:12:cf:40:79:53:c2:eb:
b0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:58:6E:19:42:06:C5:B9:9A:AE:11:9F:FC:38:B5:D1:71:0B:AE:86
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/sFhuGUIGxbmarhGf_Di10XELroY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.76.0/22
45.67.4.0/22
92.119.168.0/22
213.173.60.0/22
Signature Algorithm: sha256WithRSAEncryption
47:7a:60:32:43:01:8e:f1:94:79:66:04:0b:52:4d:26:fb:ea:
0f:53:3c:5d:f1:f3:c3:b5:3f:8b:29:1f:b5:1c:06:79:a7:1d:
a5:ab:37:a5:7c:f8:6c:7e:49:0a:7f:1a:23:a6:91:9d:18:c7:
04:37:72:fc:3e:de:56:1d:73:bf:8b:cc:a3:d2:30:79:be:dc:
77:cb:68:61:b7:a5:61:36:ad:db:0d:50:f6:66:1c:0c:d7:25:
85:ae:84:ab:75:d2:c1:5e:76:2e:cf:23:ab:be:5a:85:67:9e:
15:8e:ce:19:d4:dd:79:e5:f4:64:a6:98:0f:20:83:49:dd:29:
49:86:47:95:57:86:ce:c2:0a:c7:1e:79:11:30:76:d1:45:1b:
68:d2:e3:0c:e7:7b:67:de:55:49:df:ba:a0:cc:9c:c3:86:4e:
f6:f9:b3:f0:7e:e8:c0:50:ac:31:3a:08:12:34:e2:91:32:d2:
13:3e:8d:97:3d:14:e0:5f:11:31:d0:82:0e:49:ec:fd:4f:f5:
f8:9b:76:89:81:fc:8b:c3:e8:8b:a6:91:b0:97:2c:5b:05:7b:
ba:32:8b:49:38:36:4a:23:ae:fb:1c:8b:4d:e1:74:30:9d:dd:
83:d2:52:ad:c3:7a:57:cb:41:13:6a:5c:9d:a7:6e:48:96:c7:
fb:7f:8f:d8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxueVfF+VkYz+yPDuHe2YMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOTkxYWZjZDQ1NWViMWIxNzRmY2Y4OWY4ZTEwZWFmN2Y3
MGIzNTUwHhcNMjMwMTAyMDkwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDU4NmUxOTQyMDZjNWI5OWFhZTExOWZmYzM4YjVkMTcxMGJhZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAic97TIC3WjuQR8I/gp+OPhKX9w64
HvjAQJUJRxIhuhkVkk4SdStpzNOnpt1fZyGs4XlpFBwrY5YRI6Mj0HR9FOS18qy1
4YNbyKC7HY1S4sCPbak+ZEkIPGEoM9X3BC297OeGzqP4lA0GDEfq09yGKQsR6a5o
SX9mHIgBP2ZePI9/diqa/74vIEuUhsAw/cZaVDHB6t+/UIclnh/15kLnvtXPPn7f
+UuM6xotptTdcNdPx7kDOU8cn6qj58f3W2gZVQAU2tkZ1qh0XYHzVlBMvE/lADIA
dfEfYwv2yRrToeDat4vZ+KMVDfysqSNj8XCXPH1XpePVihLPQHlTwuuwdQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLBYbhlCBsW5mq4Rn/w4tdFxC66GMB8GA1UdIwQY
MBaAFIOZGvzUVesbF0/PifjhDq9/cLNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmIt
ZTE1NDM3MzgwMDk5LzEvc0ZodUdVSUd4Ym1hcmhHZl9EaTEwWEVMcm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmItZTE1NDM3MzgwMDk5
LzEvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjpMAwQC
LUMEAwQCXHeoAwQC1a08MA0GCSqGSIb3DQEBCwUAA4IBAQBHemAyQwGO8ZR5ZgQL
Uk0m++oPUzxd8fPDtT+LKR+1HAZ5px2lqzelfPhsfkkKfxojppGdGMcEN3L8Pt5W
HXO/i8yj0jB5vtx3y2hht6VhNq3bDVD2ZhwM1yWFroSrddLBXnYuzyOrvlqFZ54V
js4Z1N155fRkppgPIINJ3SlJhkeVV4bOwgrHHnkRMHbRRRto0uMM53tn3lVJ37qg
zJzDhk72+bPwfujAUKwxOggSNOKRMtITPo2XPRTgXxEx0IIOSez9T/X4m3aJgfyL
w+iLppGwlyxbBXu6MotJODZKI677HItN4XQwnd2D0lKtw3pXy0ETalydp25Ilsf7
f4/Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:53 2024 by rpki-client on console-ams.rpki-client.org