Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/227afa-ddec-4644-982a-58faa27e5549/1/sxaBIsXfau0Y7yOZYzaHRND-nyI.roa
File: sxaBIsXfau0Y7yOZYzaHRND-nyI.roa (raw, json)
Hash identifier: fgTeHkJIyHnzzV7/Xwn5RahZXn68yszXVv0vEXJbrFs=
Subject key identifier: B3:16:81:22:C5:DF:6A:ED:18:EF:23:99:63:36:87:44:D0:FE:9F:22
Certificate issuer: /CN=b14aaa9b084864f44bae18ba076b26067754fb62
Certificate serial: 0185728C87EA8F148DF76759BFEA72FBF389
Authority key identifier: B1:4A:AA:9B:08:48:64:F4:4B:AE:18:BA:07:6B:26:06:77:54:FB:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUqqmwhIZPRLrhi6B2smBndU-2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/227afa-ddec-4644-982a-58faa27e5549/1/sxaBIsXfau0Y7yOZYzaHRND-nyI.roa
Signing time: Mon 02 Jan 2023 12:54:50 +0000
ROA not before: Mon 02 Jan 2023 12:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51985
IP address blocks: 5.39.232.0/21 maxlen: 21
185.26.248.0/22 maxlen: 22
46.17.80.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:87:ea:8f:14:8d:f7:67:59:bf:ea:72:fb:f3:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14aaa9b084864f44bae18ba076b26067754fb62
Validity
Not Before: Jan 2 12:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3168122c5df6aed18ef239963368744d0fe9f22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ff:4f:fd:9a:ea:3a:4f:6c:7d:37:fb:a8:cf:
44:60:0d:43:5a:f8:6d:5c:c4:bc:54:3a:34:58:a7:
ec:ee:ca:d1:a6:52:03:90:61:d8:db:2a:d9:22:32:
75:aa:ca:7a:8d:a3:25:90:4d:8b:9f:5b:1b:7e:2c:
2d:07:5a:99:be:24:a3:ca:ef:f7:90:61:b0:a6:51:
46:e6:c3:bb:7d:97:4b:e8:7b:b9:11:b4:6e:7e:7f:
b8:b0:29:3a:f4:0f:66:7e:b5:ef:b8:5c:7e:b2:b2:
f2:ea:74:30:a7:ea:5f:e0:fe:6b:db:4e:35:b8:f4:
7e:24:b2:d0:f7:1b:b9:9a:9a:df:f7:75:2a:7e:07:
83:17:d7:d5:82:0c:7f:1a:59:c7:d1:9f:1e:78:50:
79:36:b9:5a:83:2d:84:76:08:14:a9:fd:e1:22:85:
d7:fa:c7:42:94:c2:fc:4c:8d:09:e9:b6:4b:ea:ca:
54:e1:0e:d0:05:4f:84:51:d8:6a:a5:7f:d1:60:30:
6f:d2:bb:b0:d7:c6:67:f8:36:40:75:f9:dd:2f:05:
8f:b1:42:01:59:1f:4d:33:28:9b:1b:55:f1:1b:c1:
c8:05:c4:52:5d:15:67:80:56:09:c6:9f:b4:7e:cf:
d5:f5:cb:06:18:44:39:2d:25:68:f2:b7:6a:ad:89:
c0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:16:81:22:C5:DF:6A:ED:18:EF:23:99:63:36:87:44:D0:FE:9F:22
X509v3 Authority Key Identifier:
keyid:B1:4A:AA:9B:08:48:64:F4:4B:AE:18:BA:07:6B:26:06:77:54:FB:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUqqmwhIZPRLrhi6B2smBndU-2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/227afa-ddec-4644-982a-58faa27e5549/1/sxaBIsXfau0Y7yOZYzaHRND-nyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/227afa-ddec-4644-982a-58faa27e5549/1/sUqqmwhIZPRLrhi6B2smBndU-2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.232.0/21
46.17.80.0/21
185.26.248.0/22
Signature Algorithm: sha256WithRSAEncryption
28:19:e5:8a:c6:d5:43:bc:90:11:e0:fc:ad:21:d3:db:b2:c0:
2e:00:44:d3:7f:c2:00:d1:05:54:b4:cc:0c:62:36:c8:76:c5:
2a:e0:f7:03:d6:87:49:8b:f5:69:81:c4:09:6a:d5:a9:9c:3b:
c1:cd:17:a8:0e:48:ad:bf:1d:03:f4:12:59:a4:3a:6c:63:6d:
a9:af:ca:b1:8f:dc:69:8a:f1:60:7f:e4:ab:02:07:fd:d9:92:
93:6d:67:43:cf:e8:58:0f:7a:cc:98:11:49:ef:29:0a:6f:6d:
7f:fd:73:e6:21:95:0e:e9:36:b8:d0:bd:fd:97:27:57:51:30:
ce:a0:bd:d1:df:c4:e1:ee:5e:00:2c:59:03:cc:82:a5:0f:c6:
39:ba:a3:1b:1f:3e:0e:00:74:58:85:3c:7a:96:d8:4d:f9:21:
d6:c6:9e:4d:a6:59:67:06:0a:2e:32:15:91:1a:e2:04:2d:98:
92:9a:e5:93:1b:e7:59:65:45:fe:7e:b1:8e:11:44:06:52:51:
c3:6b:e5:6c:90:e1:bd:93:0c:bf:58:3d:c9:95:d8:87:24:70:
65:d9:4e:2d:06:d1:7b:af:1f:7a:69:19:89:e6:2c:e2:8a:c9:
24:7b:59:86:b8:c4:12:fb:92:14:ee:b2:14:11:a5:5e:b6:3c:
b9:f4:af:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyjIfqjxSN92dZv+py+/OJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNGFhYTliMDg0ODY0ZjQ0YmFlMThiYTA3NmIyNjA2Nzc1
NGZiNjIwHhcNMjMwMTAyMTI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzE2ODEyMmM1ZGY2YWVkMThlZjIzOTk2MzM2ODc0NGQwZmU5ZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/9P/ZrqOk9sfTf7qM9EYA1DWvht
XMS8VDo0WKfs7srRplIDkGHY2yrZIjJ1qsp6jaMlkE2Ln1sbfiwtB1qZviSjyu/3
kGGwplFG5sO7fZdL6Hu5EbRufn+4sCk69A9mfrXvuFx+srLy6nQwp+pf4P5r2041
uPR+JLLQ9xu5mprf93UqfgeDF9fVggx/GlnH0Z8eeFB5Nrlagy2EdggUqf3hIoXX
+sdClML8TI0J6bZL6spU4Q7QBU+EUdhqpX/RYDBv0ruw18Zn+DZAdfndLwWPsUIB
WR9NMyibG1XxG8HIBcRSXRVngFYJxp+0fs/V9csGGEQ5LSVo8rdqrYnAnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLMWgSLF32rtGO8jmWM2h0TQ/p8iMB8GA1UdIwQY
MBaAFLFKqpsISGT0S64YugdrJgZ3VPtiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VxcW13aElaUFJMcmhpNkIyc21CbmRVLTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yMjdhZmEtZGRlYy00NjQ0LTk4MmEt
NThmYWEyN2U1NTQ5LzEvc3hhQklzWGZhdTBZN3lPWll6YUhSTkQtbnlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8yMjdhZmEtZGRlYy00NjQ0LTk4MmEtNThmYWEyN2U1NTQ5
LzEvc1VxcW13aElaUFJMcmhpNkIyc21CbmRVLTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBSfoAwQD
LhFQAwQCuRr4MA0GCSqGSIb3DQEBCwUAA4IBAQAoGeWKxtVDvJAR4PytIdPbssAu
AETTf8IA0QVUtMwMYjbIdsUq4PcD1odJi/VpgcQJatWpnDvBzReoDkitvx0D9BJZ
pDpsY22pr8qxj9xpivFgf+SrAgf92ZKTbWdDz+hYD3rMmBFJ7ykKb21//XPmIZUO
6Ta40L39lydXUTDOoL3R38Th7l4ALFkDzIKlD8Y5uqMbHz4OAHRYhTx6lthN+SHW
xp5NpllnBgouMhWRGuIELZiSmuWTG+dZZUX+frGOEUQGUlHDa+VskOG9kwy/WD3J
ldiHJHBl2U4tBtF7rx96aRmJ5iziiskke1mGuMQS+5IU7rIUEaVetjy59K+r
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:07 2024 by rpki-client on console-ams.rpki-client.org