Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b58bbe-b50f-4857-871c-1c0e31de31c7/1/SbCHF-VUzFIxh1VBjsP-W8oNL2k.roa
File: SbCHF-VUzFIxh1VBjsP-W8oNL2k.roa (raw, json)
Hash identifier: 6TKmF95QnY5mfniUgX0CIUpZYFoxX5Xx3sBqgVqt+A4=
Subject key identifier: 49:B0:87:17:E5:54:CC:52:31:87:55:41:8E:C3:FE:5B:CA:0D:2F:69
Certificate issuer: /CN=78375fb6168b354841b91d305f9d0cdc0cb1501d
Certificate serial: 01856DAF471E4E35C933568A5EC4C473BEF5
Authority key identifier: 78:37:5F:B6:16:8B:35:48:41:B9:1D:30:5F:9D:0C:DC:0C:B1:50:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eDdfthaLNUhBuR0wX50M3AyxUB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/b58bbe-b50f-4857-871c-1c0e31de31c7/1/SbCHF-VUzFIxh1VBjsP-W8oNL2k.roa
Signing time: Sun 01 Jan 2023 14:14:41 +0000
ROA not before: Sun 01 Jan 2023 14:14:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62086
IP address blocks: 185.48.104.0/22 maxlen: 24
2a01:9820::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:47:1e:4e:35:c9:33:56:8a:5e:c4:c4:73:be:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78375fb6168b354841b91d305f9d0cdc0cb1501d
Validity
Not Before: Jan 1 14:14:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49b08717e554cc52318755418ec3fe5bca0d2f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:58:ca:dd:89:bb:15:f9:9b:8a:48:0d:e5:87:
87:14:dc:0b:a4:b2:f3:d3:d3:3b:ea:41:c4:9f:5a:
53:9a:36:9b:ca:7a:8f:b8:3d:cc:8f:14:e8:a3:2e:
9e:dd:68:9a:1e:1f:19:a2:58:af:a3:7c:e7:1a:6b:
95:df:46:6e:7a:57:ec:1e:1f:6c:d0:55:d4:fb:e3:
6b:06:03:47:d8:74:c3:f8:e3:7d:6e:8b:a4:ee:ab:
f0:1b:11:44:8d:b9:9b:e8:07:e1:44:a5:4e:96:17:
e6:9d:48:10:17:c0:96:6d:6f:24:7f:36:ba:66:d7:
20:f8:e7:4a:1d:ee:12:ee:9e:1b:65:ff:3a:6f:00:
f9:b4:42:d3:34:ea:09:3f:34:44:b8:b4:35:4d:c6:
bc:f5:de:5b:b4:9f:01:7e:95:ec:de:85:cd:4b:13:
19:7b:48:c4:0e:d6:19:a5:a6:d2:fe:66:1f:9e:69:
cb:3a:fd:33:f1:36:62:e6:e3:b8:43:1d:b4:8a:d3:
3b:80:5c:d7:04:50:5e:cc:d4:ae:f4:4f:00:8f:3b:
6e:4f:1b:e8:0c:1f:5b:6c:df:92:60:62:dc:b8:ba:
f9:9e:71:fd:9b:ab:4e:d3:bb:f0:c0:28:b7:98:57:
c7:d1:77:da:b3:72:73:bf:54:16:7a:be:b8:e8:bc:
44:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B0:87:17:E5:54:CC:52:31:87:55:41:8E:C3:FE:5B:CA:0D:2F:69
X509v3 Authority Key Identifier:
keyid:78:37:5F:B6:16:8B:35:48:41:B9:1D:30:5F:9D:0C:DC:0C:B1:50:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eDdfthaLNUhBuR0wX50M3AyxUB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b58bbe-b50f-4857-871c-1c0e31de31c7/1/SbCHF-VUzFIxh1VBjsP-W8oNL2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b58bbe-b50f-4857-871c-1c0e31de31c7/1/eDdfthaLNUhBuR0wX50M3AyxUB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.104.0/22
IPv6:
2a01:9820::/32
Signature Algorithm: sha256WithRSAEncryption
4c:5a:c3:65:97:d1:ce:7d:1f:dc:09:71:fe:b5:50:e0:40:d6:
20:ad:f0:a4:6d:11:40:b5:54:bc:7f:04:2d:c5:40:b9:20:d7:
48:fa:56:a4:93:91:59:0b:e8:24:23:11:04:9e:6b:ff:09:44:
6a:e0:88:4b:ce:ce:e5:a2:b9:ca:5c:7f:bc:d8:71:9a:8f:3f:
1c:5f:cd:e7:ab:ea:99:5e:d3:a7:dc:86:1c:4f:52:7a:20:ec:
6b:a6:f3:da:c3:00:6f:9f:15:fb:ed:e4:bd:78:da:d4:c6:37:
1e:8c:97:f7:eb:12:11:c0:d8:73:7f:bb:eb:15:34:fb:cc:1f:
e9:fd:01:b7:4c:f0:7a:22:51:c2:4c:89:10:13:d2:56:0c:1a:
0e:30:95:a2:c2:9f:50:81:4a:a0:1b:87:ee:4f:d8:58:d5:b1:
7d:4f:b3:8f:10:3a:db:21:07:cc:09:ac:85:78:38:f7:e2:14:
e5:59:c2:b8:75:62:dc:8c:7a:91:7c:78:69:9e:1d:da:7d:b0:
61:cb:0b:8a:3e:9a:af:b5:e8:91:c8:e4:7a:03:d8:8d:ce:eb:
b2:48:2f:ba:8f:3b:6e:f5:76:30:3f:c9:18:3c:ff:13:23:8f:
93:9b:f4:34:62:61:42:2b:2b:be:5e:6e:2e:e8:f2:0c:90:3c:
64:ec:1a:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtr0ceTjXJM1aKXsTEc771MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4Mzc1ZmI2MTY4YjM1NDg0MWI5MWQzMDVmOWQwY2RjMGNi
MTUwMWQwHhcNMjMwMTAxMTQxNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWIwODcxN2U1NTRjYzUyMzE4NzU1NDE4ZWMzZmU1YmNhMGQyZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVjK3Ym7FfmbikgN5YeHFNwLpLLz
09M76kHEn1pTmjabynqPuD3MjxTooy6e3WiaHh8Zolivo3znGmuV30ZuelfsHh9s
0FXU++NrBgNH2HTD+ON9bouk7qvwGxFEjbmb6AfhRKVOlhfmnUgQF8CWbW8kfza6
Ztcg+OdKHe4S7p4bZf86bwD5tELTNOoJPzREuLQ1Tca89d5btJ8BfpXs3oXNSxMZ
e0jEDtYZpabS/mYfnmnLOv0z8TZi5uO4Qx20itM7gFzXBFBezNSu9E8AjztuTxvo
DB9bbN+SYGLcuLr5nnH9m6tO07vwwCi3mFfH0Xfas3Jzv1QWer646LxEdwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEmwhxflVMxSMYdVQY7D/lvKDS9pMB8GA1UdIwQY
MBaAFHg3X7YWizVIQbkdMF+dDNwMsVAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZURkZnRoYUxOVWhCdVIwd1g1ME0zQXl4VUIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9iNThiYmUtYjUwZi00ODU3LTg3MWMt
MWMwZTMxZGUzMWM3LzEvU2JDSEYtVlV6Rkl4aDFWQmpzUC1XOG9OTDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9iNThiYmUtYjUwZi00ODU3LTg3MWMtMWMwZTMxZGUzMWM3
LzEvZURkZnRoYUxOVWhCdVIwd1g1ME0zQXl4VUIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTBoMA0E
AgACMAcDBQAqAZggMA0GCSqGSIb3DQEBCwUAA4IBAQBMWsNll9HOfR/cCXH+tVDg
QNYgrfCkbRFAtVS8fwQtxUC5INdI+lakk5FZC+gkIxEEnmv/CURq4IhLzs7lornK
XH+82HGajz8cX83nq+qZXtOn3IYcT1J6IOxrpvPawwBvnxX77eS9eNrUxjcejJf3
6xIRwNhzf7vrFTT7zB/p/QG3TPB6IlHCTIkQE9JWDBoOMJWiwp9QgUqgG4fuT9hY
1bF9T7OPEDrbIQfMCayFeDj34hTlWcK4dWLcjHqRfHhpnh3afbBhywuKPpqvteiR
yOR6A9iNzuuySC+6jztu9XYwP8kYPP8TI4+Tm/Q0YmFCKyu+Xm4u6PIMkDxk7Bqs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:10 2024 by rpki-client on console-fra.rpki-client.org