Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sgxxqx3Hf_9omG57H2-Zj4FFJY0.roa
File: sgxxqx3Hf_9omG57H2-Zj4FFJY0.roa (raw, json)
Hash identifier: azCWcFilpV+mREYSWOQIQYRWFxtlAKO/Tf3MnEvlRJQ=
Subject key identifier: B2:0C:71:AB:1D:C7:7F:FF:68:98:6E:7B:1F:6F:99:8F:81:45:25:8D
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018570672EF5E26F79CEE2179370B96CFCF0
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sgxxqx3Hf_9omG57H2-Zj4FFJY0.roa
Signing time: Mon 02 Jan 2023 02:54:48 +0000
ROA not before: Mon 02 Jan 2023 02:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 89.185.0.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Feb 2023 23:23:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:2e:f5:e2:6f:79:ce:e2:17:93:70:b9:6c:fc:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 2 02:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b20c71ab1dc77fff68986e7b1f6f998f8145258d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ed:4f:89:df:0e:f8:34:b6:67:67:d9:7c:31:
ea:73:72:57:ca:0a:ce:fc:33:a3:57:83:59:7a:dc:
54:ec:1d:42:fb:28:0e:8b:a5:d0:05:89:18:4b:0a:
b9:6b:c1:29:6d:4b:52:6f:54:10:5a:cd:49:c7:bd:
5f:59:33:5d:75:6b:ad:5b:bd:db:cc:ce:4b:07:f8:
3e:f8:32:43:13:8f:ff:75:7b:9b:d3:3f:d3:c6:62:
6f:e0:f6:7d:fe:ff:ba:ee:04:1a:f9:95:f1:ed:e5:
a6:09:48:a9:71:3e:15:64:b5:76:93:b3:73:b6:9c:
ad:cd:ab:c9:65:6c:d9:a9:1d:f1:b8:73:85:30:91:
8b:1a:28:ad:e3:0c:1f:73:c3:ff:43:47:1d:15:08:
35:b2:f4:dd:49:2c:98:36:2e:36:62:6d:47:3d:17:
2f:78:9a:0d:4f:2e:f0:60:7b:6d:dd:62:9c:40:5e:
b8:af:88:e4:42:b0:de:22:20:b0:37:1b:68:e2:53:
ca:49:73:32:2b:6f:65:7e:86:cf:38:6d:1f:d6:fc:
47:c2:71:0c:e1:85:73:32:cb:87:33:2f:02:3c:9c:
23:06:c3:9c:6e:17:a7:75:dd:e0:e7:89:8e:91:89:
9e:0d:2d:8a:ca:4d:ca:85:d0:88:68:de:a1:5a:47:
57:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0C:71:AB:1D:C7:7F:FF:68:98:6E:7B:1F:6F:99:8F:81:45:25:8D
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sgxxqx3Hf_9omG57H2-Zj4FFJY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
Signature Algorithm: sha256WithRSAEncryption
91:6e:1e:85:9f:e0:ee:18:8d:dc:e1:21:7d:5e:68:83:8a:1a:
33:ac:75:b4:15:26:ea:02:e1:d3:1d:b2:2d:a8:47:13:b4:35:
95:5b:de:e2:9a:2a:f3:40:18:be:68:39:5e:b5:3d:f2:90:bc:
61:9a:39:b4:1c:b9:6f:62:8d:7e:9e:5b:5f:7d:07:65:92:78:
ab:60:3c:02:45:59:be:1b:3b:89:bf:f2:9e:20:53:da:86:6a:
3e:b8:8b:ab:07:05:b6:38:3d:83:00:c8:b4:7a:06:6d:d8:fe:
9e:1e:f3:32:39:16:ed:ba:5b:f5:2c:ca:a2:d1:9f:0c:1d:67:
5b:7d:84:2d:bd:22:1c:f7:3b:9f:6f:2b:ad:69:6b:e7:fe:03:
53:ce:5e:1a:92:39:1f:a0:09:a2:c5:cd:ab:f4:0c:5e:2f:b5:
2d:7e:77:12:1f:fb:c9:90:3e:ac:c4:06:4a:bd:6c:47:11:f9:
28:e5:7a:d4:4f:34:41:5c:14:a1:96:c0:ac:11:2f:de:e5:b2:
27:d5:b3:f1:5d:64:02:40:15:2b:69:15:ac:43:ad:61:1c:e9:
b2:37:3f:39:7b:e9:ba:49:86:68:61:30:dd:ef:43:17:1a:0d:
15:b2:14:0d:c6:2d:34:b2:68:84:ca:74:c4:7b:d1:b4:be:46:
e1:f6:3f:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZy714m95zuIXk3C5bPzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwMTAyMDI1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjBjNzFhYjFkYzc3ZmZmNjg5ODZlN2IxZjZmOTk4ZjgxNDUyNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+1Pid8O+DS2Z2fZfDHqc3JXygrO
/DOjV4NZetxU7B1C+ygOi6XQBYkYSwq5a8EpbUtSb1QQWs1Jx71fWTNddWutW73b
zM5LB/g++DJDE4//dXub0z/TxmJv4PZ9/v+67gQa+ZXx7eWmCUipcT4VZLV2k7Nz
tpytzavJZWzZqR3xuHOFMJGLGiit4wwfc8P/Q0cdFQg1svTdSSyYNi42Ym1HPRcv
eJoNTy7wYHtt3WKcQF64r4jkQrDeIiCwNxto4lPKSXMyK29lfobPOG0f1vxHwnEM
4YVzMsuHMy8CPJwjBsOcbhendd3g54mOkYmeDS2Kyk3KhdCIaN6hWkdXAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIMcasdx3//aJhuex9vmY+BRSWNMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvc2d4eHF4M0hmXzlvbUc1N0gyLVpqNEZGSlkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWbkAMA0G
CSqGSIb3DQEBCwUAA4IBAQCRbh6Fn+DuGI3c4SF9XmiDihozrHW0FSbqAuHTHbIt
qEcTtDWVW97imirzQBi+aDletT3ykLxhmjm0HLlvYo1+nltffQdlknirYDwCRVm+
GzuJv/KeIFPahmo+uIurBwW2OD2DAMi0egZt2P6eHvMyORbtulv1LMqi0Z8MHWdb
fYQtvSIc9zufbyutaWvn/gNTzl4akjkfoAmixc2r9AxeL7UtfncSH/vJkD6sxAZK
vWxHEfko5XrUTzRBXBShlsCsES/e5bIn1bPxXWQCQBUraRWsQ61hHOmyNz85e+m6
SYZoYTDd70MXGg0VshQNxi00smiEynTEe9G0vkbh9j8I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org