Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Sb2Mtz3XGqQc4MJczWsVsBYtYR0.roa
File: Sb2Mtz3XGqQc4MJczWsVsBYtYR0.roa (raw, json)
Hash identifier: NnKxW1tCjpSri5yBhoArXC85ee9Np+75s30KrLdK3Lo=
Subject key identifier: 49:BD:8C:B7:3D:D7:1A:A4:1C:E0:C2:5C:CD:6B:15:B0:16:2D:61:1D
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB8552DA77DE8C93D4676DA3F5FF0D7
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Sb2Mtz3XGqQc4MJczWsVsBYtYR0.roa
Signing time: Sun 01 Jan 2023 09:44:57 +0000
ROA not before: Sun 01 Jan 2023 09:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198952
IP address blocks: 90.85.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:55:2d:a7:7d:e8:c9:3d:46:76:da:3f:5f:f0:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49bd8cb73dd71aa41ce0c25ccd6b15b0162d611d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:fe:12:40:a2:82:c8:a5:bb:c8:8b:81:a7:99:
0d:98:3a:f0:40:09:22:bc:3f:a8:c9:a1:4e:30:6d:
9e:33:cf:09:7e:80:d9:23:83:7c:df:c5:d8:a6:d8:
ec:96:4f:61:bb:07:79:f3:3e:e8:d1:b8:2b:7f:aa:
08:ca:e3:b1:9a:95:b2:7d:b4:12:64:2a:e5:31:54:
ba:7f:fc:c9:ab:b3:64:74:dd:bc:92:20:ea:2c:7a:
9a:e8:c3:2a:8e:a0:da:0f:22:57:fc:8f:87:f9:14:
69:97:b1:65:e8:b7:65:47:d8:ce:d2:ef:e3:51:c8:
e7:ba:ec:5a:72:f6:0e:38:0e:35:40:cf:95:9f:77:
6e:99:07:27:4e:e6:31:c4:b1:70:e2:6b:78:2c:96:
90:c8:86:c7:f0:88:13:0d:fb:f0:e1:22:41:8a:c3:
ce:77:e9:f5:d2:1b:96:cf:1a:f6:37:4b:b5:04:d6:
1d:b3:6e:d2:08:11:90:99:54:2d:d3:97:9b:4a:0c:
b3:aa:77:66:86:3b:0b:0a:dd:6e:a7:e3:8c:c4:20:
de:ae:e7:8e:ea:25:25:18:67:c5:a5:77:4e:a4:e4:
12:8f:fc:02:42:cf:e3:8d:59:9a:e0:fd:5e:a2:cf:
9c:2f:d6:5d:35:21:91:c6:1c:8e:66:5d:a8:64:38:
63:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:BD:8C:B7:3D:D7:1A:A4:1C:E0:C2:5C:CD:6B:15:B0:16:2D:61:1D
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Sb2Mtz3XGqQc4MJczWsVsBYtYR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.85.2.0/24
Signature Algorithm: sha256WithRSAEncryption
84:bf:51:8a:f6:4b:84:c5:1e:77:ce:63:a9:9e:f1:c2:d3:ca:
aa:c7:3b:ce:25:a5:ef:30:38:92:c7:62:d2:e6:fa:f8:39:b6:
63:fc:3a:03:0a:5e:b2:54:7d:74:79:10:af:40:28:3e:32:22:
20:68:b5:39:ee:b8:82:c4:98:bc:c0:04:df:d4:08:39:b9:a7:
73:f4:78:b7:f0:04:19:9d:8d:2d:81:32:5a:ac:7d:2e:ae:ff:
07:4d:28:a1:51:c8:85:65:08:c1:c4:72:63:7a:32:75:d4:61:
39:c5:69:b6:e6:b4:66:43:c5:e8:d1:9e:5a:f8:6d:5d:d9:52:
0b:64:be:47:db:8e:73:03:f2:91:37:d2:84:8b:d1:c1:4e:34:
98:5c:16:dc:3d:f6:1f:a0:6a:8f:7b:f8:3b:90:ac:1a:5c:db:
3c:94:ee:2e:db:da:ed:ef:f5:df:16:4d:19:64:c8:4f:14:45:
5d:27:2f:b9:a4:a3:26:ee:30:b8:f9:b2:5f:9b:51:a0:d6:00:
94:40:bc:75:81:5a:45:41:0e:a3:e2:d6:f3:7d:a6:3b:49:4f:
df:27:35:d2:de:6f:08:ab:78:ae:41:49:a8:a3:45:c9:57:9c:
92:5f:ac:04:f7:73:b5:2a:76:96:7e:18:05:be:6c:68:49:dc:
7b:6f:9b:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuFUtp33oyT1Gdto/X/DXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWJkOGNiNzNkZDcxYWE0MWNlMGMyNWNjZDZiMTViMDE2MmQ2MTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhv4SQKKCyKW7yIuBp5kNmDrwQAki
vD+oyaFOMG2eM88JfoDZI4N838XYptjslk9huwd58z7o0bgrf6oIyuOxmpWyfbQS
ZCrlMVS6f/zJq7NkdN28kiDqLHqa6MMqjqDaDyJX/I+H+RRpl7Fl6LdlR9jO0u/j
UcjnuuxacvYOOA41QM+Vn3dumQcnTuYxxLFw4mt4LJaQyIbH8IgTDfvw4SJBisPO
d+n10huWzxr2N0u1BNYds27SCBGQmVQt05ebSgyzqndmhjsLCt1up+OMxCDerueO
6iUlGGfFpXdOpOQSj/wCQs/jjVma4P1eos+cL9ZdNSGRxhyOZl2oZDhj7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEm9jLc91xqkHODCXM1rFbAWLWEdMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvU2IyTXR6M1hHcVFjNE1KY3pXc1ZzQll0WVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWlUCMA0G
CSqGSIb3DQEBCwUAA4IBAQCEv1GK9kuExR53zmOpnvHC08qqxzvOJaXvMDiSx2LS
5vr4ObZj/DoDCl6yVH10eRCvQCg+MiIgaLU57riCxJi8wATf1Ag5uadz9Hi38AQZ
nY0tgTJarH0urv8HTSihUciFZQjBxHJjejJ11GE5xWm25rRmQ8Xo0Z5a+G1d2VIL
ZL5H245zA/KRN9KEi9HBTjSYXBbcPfYfoGqPe/g7kKwaXNs8lO4u29rt7/XfFk0Z
ZMhPFEVdJy+5pKMm7jC4+bJfm1Gg1gCUQLx1gVpFQQ6j4tbzfaY7SU/fJzXS3m8I
q3iuQUmoo0XJV5ySX6wE93O1KnaWfhgFvmxoSdx7b5tC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org