Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/sgotsCHDPtS2_FGkDxlxqYrPxyc.roa
File: sgotsCHDPtS2_FGkDxlxqYrPxyc.roa (raw, json)
Hash identifier: /nhsCKGCXm5mjrJuSHQZGi7u25QCEJgA7ZGEr5BZoEY=
Subject key identifier: B2:0A:2D:B0:21:C3:3E:D4:B6:FC:51:A4:0F:19:71:A9:8A:CF:C7:27
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018F803FA5FF1E6A7514F3251C4DB22D0729
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/sgotsCHDPtS2_FGkDxlxqYrPxyc.roa
Signing time: Thu 16 May 2024 07:13:25 +0000
ROA not before: Thu 16 May 2024 07:13:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2588
IP address blocks: 46.19.200.0/21 maxlen: 21
80.81.32.0/19 maxlen: 24
80.81.35.0/24 maxlen: 24
83.223.128.0/19 maxlen: 19
83.223.145.0/24 maxlen: 24
83.223.155.0/24 maxlen: 24
85.254.49.0/24 maxlen: 24
85.254.69.0/24 maxlen: 24
85.254.128.0/18 maxlen: 18
91.190.32.0/19 maxlen: 24
91.190.36.0/24 maxlen: 24
91.190.52.0/24 maxlen: 24
91.190.56.0/23 maxlen: 24
91.190.60.0/24 maxlen: 24
94.101.224.0/20 maxlen: 20
109.205.120.0/21 maxlen: 21
109.205.127.0/24 maxlen: 24
159.148.10.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
159.148.63.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
159.148.80.0/24 maxlen: 24
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
159.148.186.0/24 maxlen: 24
159.148.188.0/24 maxlen: 24
159.148.201.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
159.148.233.0/24 maxlen: 24
185.27.92.0/22 maxlen: 22
217.69.112.0/20 maxlen: 20
217.69.113.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 27 May 2024 07:31:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:3f:a5:ff:1e:6a:75:14:f3:25:1c:4d:b2:2d:07:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: May 16 07:13:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b20a2db021c33ed4b6fc51a40f1971a98acfc727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:30:83:21:58:28:68:53:b6:a7:49:7c:1b:53:
20:b3:40:fc:fd:25:51:29:f6:09:b2:72:33:06:56:
f0:cc:16:6b:2e:d5:34:ac:6b:47:5e:ef:05:e4:0b:
d5:43:21:4e:dd:ce:02:e9:9e:5e:9e:bf:fd:d0:7d:
21:d0:61:e2:7f:45:a0:c5:2a:d4:87:f2:eb:c2:78:
c9:6a:7a:f1:6b:b3:e9:b6:8a:d6:db:50:7a:d9:8d:
2a:4e:52:fd:82:40:cb:3f:79:73:46:00:7c:c5:5b:
65:b7:c4:d9:30:0a:1d:d8:64:0b:f6:94:d1:0b:54:
a9:35:ca:19:44:7e:0f:40:0c:92:48:28:14:d9:d1:
db:bb:03:a4:4f:a3:64:17:24:6d:c2:9d:55:46:b1:
61:ac:d5:88:f4:34:46:d5:9d:47:9a:d0:dc:01:95:
91:18:cf:d6:17:a7:03:bf:a2:51:a9:6d:d9:4e:1f:
e2:18:fb:1c:a0:72:91:10:85:e2:bd:86:84:f3:67:
70:d5:15:8b:e5:92:5c:20:a6:4f:57:b3:cd:9a:ef:
fa:6d:e0:a2:ef:13:70:28:50:24:de:41:53:99:49:
ed:76:45:38:ee:e3:13:01:8a:2d:86:95:9f:4a:fb:
73:96:fc:2d:ae:5c:78:33:64:1c:6f:9c:7f:7c:5a:
ba:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0A:2D:B0:21:C3:3E:D4:B6:FC:51:A4:0F:19:71:A9:8A:CF:C7:27
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/sgotsCHDPtS2_FGkDxlxqYrPxyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.49.0/24
85.254.69.0/24
85.254.128.0/18
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.10.0/24
159.148.49.0-159.148.50.255
159.148.63.0/24
159.148.78.0/24
159.148.80.0/24
159.148.116.0/23
159.148.186.0/24
159.148.188.0/24
159.148.201.0/24
159.148.229.0/24
159.148.233.0/24
185.27.92.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
1c:cc:05:28:6c:f4:80:fa:bf:5d:00:0f:1d:14:d0:15:51:2f:
06:9a:27:ac:31:90:61:f3:0d:f6:1b:e1:2d:ec:52:5e:e8:2f:
fd:81:f2:86:85:5e:a0:a9:6c:f6:c1:ea:0f:4e:b7:3d:fd:af:
d2:43:c3:b4:ca:f7:cc:13:24:a3:f4:dc:cb:b1:96:24:da:a2:
78:6f:0d:fb:e8:5a:5c:27:2a:48:a3:ab:b0:fc:68:1c:cf:87:
ac:e9:6b:d7:87:ef:a0:9e:dc:86:b2:c0:3f:c9:6a:f6:ba:06:
1c:f2:75:61:b7:e5:c7:d8:1b:0c:92:96:14:56:59:a8:ef:29:
27:44:21:5a:38:87:f1:02:06:9c:27:d6:f1:e1:64:d2:4d:81:
52:c9:49:64:6f:e8:b5:0b:42:3d:38:f4:61:66:74:a8:b3:33:
34:7d:ac:3e:d1:24:41:bc:52:35:f4:24:0e:7a:d7:ac:5f:0f:
a7:34:8d:d5:e0:10:53:38:1b:49:8e:1f:85:af:e1:f0:d3:f7:
95:43:e2:51:3d:fc:01:b7:bd:88:0c:4a:1c:b6:11:e1:48:cc:
ec:0b:d6:60:7b:2d:c1:38:0a:cf:c1:1c:dd:8b:f9:73:9a:26:
a8:64:e4:3b:14:8a:d1:4e:da:a4:7f:4d:ae:f0:a3:01:d1:15:
e7:8f:5c:be
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAY+AP6X/Hmp1FPMlHE2yLQcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwNTE2MDcxMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjBhMmRiMDIxYzMzZWQ0YjZmYzUxYTQwZjE5NzFhOThhY2ZjNzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDCDIVgoaFO2p0l8G1Mgs0D8/SVR
KfYJsnIzBlbwzBZrLtU0rGtHXu8F5AvVQyFO3c4C6Z5enr/90H0h0GHif0WgxSrU
h/LrwnjJanrxa7PptorW21B62Y0qTlL9gkDLP3lzRgB8xVtlt8TZMAod2GQL9pTR
C1SpNcoZRH4PQAySSCgU2dHbuwOkT6NkFyRtwp1VRrFhrNWI9DRG1Z1HmtDcAZWR
GM/WF6cDv6JRqW3ZTh/iGPscoHKREIXivYaE82dw1RWL5ZJcIKZPV7PNmu/6beCi
7xNwKFAk3kFTmUntdkU47uMTAYothpWfSvtzlvwtrlx4M2Qcb5x/fFq69wIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFLIKLbAhwz7UtvxRpA8ZcamKz8cnMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvc2dvdHNDSERQdFMyX0ZHa0R4bHhxWXJQeHljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBkwQCAAEwgYwDBAMu
E8gDBAVQUSADBAVT34ADBABV/jEDBABV/kUDBAZV/oADBAVbviADBAReZeADBANt
zXgDBACflAowDAMEAJ+UMQMEAJ+UMgMEAJ+UPwMEAJ+UTgMEAJ+UUAMEAZ+UdAME
AJ+UugMEAJ+UvAMEAJ+UyQMEAJ+U5QMEAJ+U6QMEArkbXAMEBNlFcDANBAIAAjAH
AwUAKgIGEDANBgkqhkiG9w0BAQsFAAOCAQEAHMwFKGz0gPq/XQAPHRTQFVEvBpon
rDGQYfMN9hvhLexSXugv/YHyhoVeoKls9sHqD063Pf2v0kPDtMr3zBMko/Tcy7GW
JNqieG8N++haXCcqSKOrsPxoHM+HrOlr14fvoJ7chrLAP8lq9roGHPJ1Ybflx9gb
DJKWFFZZqO8pJ0QhWjiH8QIGnCfW8eFk0k2BUslJZG/otQtCPTj0YWZ0qLMzNH2s
PtEkQbxSNfQkDnrXrF8PpzSN1eAQUzgbSY4fha/h8NP3lUPiUT38Abe9iAxKHLYR
4UjM7AvWYHstwTgKz8Ec3Yv5c5omqGTkOxSK0U7apH9NrvCjAdEV549cvg==
-----END CERTIFICATE-----
Generated at Mon May 27 09:46:47 2024 by rpki-client on console-fra.rpki-client.org