Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/l-sgmoPCxGILGdhFt6KkwaJdS9I.roa
File: l-sgmoPCxGILGdhFt6KkwaJdS9I.roa (raw, json)
Hash identifier: fUAlPvnQ3j9cyqC42sdx5Chj3arVMArIWXYssTJM1UQ=
Subject key identifier: 97:EB:20:9A:83:C2:C4:62:0B:19:D8:45:B7:A2:A4:C1:A2:5D:4B:D2
Certificate issuer: /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial: 018D9D5C82C68466CE5EEE0F5E394DA6C786
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/l-sgmoPCxGILGdhFt6KkwaJdS9I.roa
Signing time: Mon 12 Feb 2024 12:48:22 +0000
ROA not before: Mon 12 Feb 2024 12:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60542
IP address blocks: 45.139.8.0/24 maxlen: 24
45.139.9.0/24 maxlen: 24
91.243.119.0/24 maxlen: 24
185.217.39.0/24 maxlen: 24
194.180.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 15:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:5c:82:c6:84:66:ce:5e:ee:0f:5e:39:4d:a6:c7:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
Validity
Not Before: Feb 12 12:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97eb209a83c2c4620b19d845b7a2a4c1a25d4bd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:35:cd:fa:1e:02:87:50:24:9c:63:b0:ce:05:
13:cd:7e:7f:2f:87:7c:39:57:eb:94:86:75:7e:e3:
1d:1c:12:b5:d8:11:4d:ba:c7:ba:97:9b:bc:f9:fd:
53:92:c0:e5:a6:83:e0:e0:44:66:24:b1:5d:26:97:
14:da:47:2f:0f:1f:d8:86:8b:56:7d:73:66:25:18:
3a:8e:61:17:39:4a:88:f8:66:e5:1b:b8:4c:74:3a:
ea:ed:1c:d3:e4:b0:ba:07:a1:41:f5:90:92:59:87:
a1:6f:e2:a4:31:5c:7e:41:03:17:12:22:64:e8:41:
db:28:12:1e:fa:d5:70:17:d5:6e:89:19:75:80:19:
4e:ad:b8:4d:41:1d:c3:09:7e:77:0f:f7:28:99:be:
bb:17:a4:8e:46:31:8c:4b:78:f3:f8:56:57:c3:bd:
3e:ab:d6:44:10:c9:1e:f7:48:48:b5:73:de:85:6b:
9e:df:1b:b7:ec:2f:4b:13:95:dd:0c:5d:74:01:cf:
92:e8:0e:46:ef:d1:2c:73:85:19:68:64:cc:40:67:
66:f1:37:de:f6:ae:b3:7e:9e:4f:bc:f1:03:c1:9e:
d3:ec:1d:0f:1a:54:8e:f4:df:e9:11:5f:51:74:56:
18:4e:44:1b:e1:f1:2f:52:bd:3a:27:29:e6:98:52:
c6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:EB:20:9A:83:C2:C4:62:0B:19:D8:45:B7:A2:A4:C1:A2:5D:4B:D2
X509v3 Authority Key Identifier:
keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/l-sgmoPCxGILGdhFt6KkwaJdS9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.8.0/23
91.243.119.0/24
185.217.39.0/24
194.180.209.0/24
Signature Algorithm: sha256WithRSAEncryption
18:ea:42:cd:ff:fa:59:22:98:d6:02:ca:32:d6:63:8c:01:a0:
5f:65:60:35:cb:6c:24:14:af:0f:7d:31:37:8b:0d:26:d5:c6:
6e:11:c4:67:66:31:51:69:2a:1c:d7:d1:37:40:6e:e2:d4:88:
f9:4a:1f:c4:50:62:01:16:41:61:bd:03:5c:ee:3d:e4:f9:01:
cf:ba:46:1d:d0:31:ff:34:39:ca:30:2f:39:6d:84:dd:e8:f3:
51:42:26:9f:4d:48:30:bc:80:f4:48:40:48:84:96:90:8e:55:
87:15:47:30:10:29:a4:29:a1:1c:a4:64:13:1b:31:47:cf:96:
fd:a9:a7:fb:68:4c:79:78:90:8b:70:cd:12:f2:87:56:5a:c0:
42:f7:0e:ae:e3:05:e3:62:2a:80:0e:cc:60:71:35:5d:84:0f:
26:76:27:40:fd:d4:11:d1:2c:fa:b7:78:fc:a6:11:36:d6:e3:
cf:27:6e:99:52:5a:27:67:7e:bf:bd:63:68:a6:1f:8e:4b:0d:
38:6e:02:4f:0f:e4:da:66:37:a4:04:4d:26:4a:ba:e7:ec:16:
55:c0:42:15:b9:64:41:eb:a2:0d:52:18:84:59:ec:3c:a5:61:
cf:fa:b6:7e:36:f8:83:2f:e1:cd:cc:2d:91:b2:b0:53:af:08:
34:b6:b0:b9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2dXILGhGbOXu4PXjlNpseGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjQwMjEyMTI0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2ViMjA5YTgzYzJjNDYyMGIxOWQ4NDViN2EyYTRjMWEyNWQ0YmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDXN+h4Ch1AknGOwzgUTzX5/L4d8
OVfrlIZ1fuMdHBK12BFNuse6l5u8+f1TksDlpoPg4ERmJLFdJpcU2kcvDx/YhotW
fXNmJRg6jmEXOUqI+GblG7hMdDrq7RzT5LC6B6FB9ZCSWYehb+KkMVx+QQMXEiJk
6EHbKBIe+tVwF9VuiRl1gBlOrbhNQR3DCX53D/comb67F6SORjGMS3jz+FZXw70+
q9ZEEMke90hItXPehWue3xu37C9LE5XdDF10Ac+S6A5G79Esc4UZaGTMQGdm8Tfe
9q6zfp5PvPEDwZ7T7B0PGlSO9N/pEV9RdFYYTkQb4fEvUr06JynmmFLG0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJfrIJqDwsRiCxnYRbeipMGiXUvSMB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvbC1zZ21vUEN4R0lMR2RoRnQ2S2t3YUpkUzlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYsIAwQA
W/N3AwQAudknAwQAwrTRMA0GCSqGSIb3DQEBCwUAA4IBAQAY6kLN//pZIpjWAsoy
1mOMAaBfZWA1y2wkFK8PfTE3iw0m1cZuEcRnZjFRaSoc19E3QG7i1Ij5Sh/EUGIB
FkFhvQNc7j3k+QHPukYd0DH/NDnKMC85bYTd6PNRQiafTUgwvID0SEBIhJaQjlWH
FUcwECmkKaEcpGQTGzFHz5b9qaf7aEx5eJCLcM0S8odWWsBC9w6u4wXjYiqADsxg
cTVdhA8mdidA/dQR0Sz6t3j8phE21uPPJ26ZUlonZ36/vWNoph+OSw04bgJPD+Ta
ZjekBE0mSrrn7BZVwEIVuWRB66INUhiEWew8pWHP+rZ+NviDL+HNzC2RsrBTrwg0
trC5
-----END CERTIFICATE-----
Generated at Thu Feb 22 18:56:46 2024 by rpki-client on console-ams.rpki-client.org