Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/SGBqyRK25uv5UD9j3CbfWoVmN-M.roa
File: SGBqyRK25uv5UD9j3CbfWoVmN-M.roa (raw, json)
Hash identifier: fA0oKP4Ue0UrjfYdFI9o2Qf96F7fxmMQIeND3OP6Ni4=
Subject key identifier: 48:60:6A:C9:12:B6:E6:EB:F9:50:3F:63:DC:26:DF:5A:85:66:37:E3
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAEF69A4F618041C99B5B816D750EE3
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/SGBqyRK25uv5UD9j3CbfWoVmN-M.roa
Signing time: Sun 01 Jan 2023 09:34:43 +0000
ROA not before: Sun 01 Jan 2023 09:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24851
IP address blocks: 37.235.55.0/24 maxlen: 24
2a03:f80:44::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:f6:9a:4f:61:80:41:c9:9b:5b:81:6d:75:0e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48606ac912b6e6ebf9503f63dc26df5a856637e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6a:f0:55:91:44:68:0f:97:39:b1:25:d5:4b:
62:83:f6:46:80:cf:c4:fd:9d:f8:a7:50:f3:e4:f0:
29:f3:9a:76:12:be:9f:1e:16:f7:19:8b:7e:b8:21:
43:c7:b9:9d:ab:1f:5f:de:8b:2a:a0:15:8c:a6:02:
6d:fa:36:4c:6c:68:80:78:1b:45:43:d4:01:e4:fd:
24:9b:90:c2:93:c4:db:bd:65:cc:80:56:7f:d0:2b:
48:d5:2b:d1:7e:b8:f0:e7:72:b5:c6:49:a1:6c:49:
1f:c8:b9:32:3b:0f:92:b3:82:ba:2e:03:0b:02:74:
3c:75:8a:ff:91:1f:f9:0e:23:fd:20:5c:b5:18:b3:
8c:df:6d:10:70:c8:96:56:64:8f:00:3b:dc:de:cf:
35:b4:31:77:eb:e2:86:81:54:5b:ce:86:5d:be:41:
78:df:a5:68:6f:d9:56:ac:a6:c9:2f:88:22:92:fe:
e4:8c:b0:a2:14:c9:81:14:55:83:a6:83:90:d6:15:
48:07:a8:30:95:da:c5:8f:32:29:e7:d0:74:d2:89:
77:b5:dc:b4:ba:2e:ca:df:85:2c:a8:4b:a2:ed:dc:
4b:09:80:a7:0c:a7:4b:e8:f8:77:f4:d0:34:7f:da:
6c:6a:f8:89:2e:18:3a:f9:dc:fb:4a:3d:28:0b:7a:
5b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:60:6A:C9:12:B6:E6:EB:F9:50:3F:63:DC:26:DF:5A:85:66:37:E3
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/SGBqyRK25uv5UD9j3CbfWoVmN-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.55.0/24
IPv6:
2a03:f80:44::/48
Signature Algorithm: sha256WithRSAEncryption
5b:47:73:78:79:a6:4f:62:83:51:63:75:8c:74:5f:fd:fe:41:
40:e8:6e:1c:a3:03:41:ac:9c:c5:ce:70:a7:00:b1:35:5b:6f:
ad:e7:47:40:e4:96:ec:3b:15:4e:16:4f:04:ac:92:3b:df:9d:
1e:35:a5:e8:a2:73:d0:68:8c:ba:bb:ca:4c:7a:da:10:5c:a9:
d4:a1:33:34:d2:d3:9e:f3:6c:4b:78:ae:83:e8:99:1f:bf:31:
79:99:1f:ff:31:c5:47:19:8f:9d:22:85:9e:2c:d0:55:3a:76:
6f:e4:85:a7:a9:f6:fe:d8:d9:2e:7d:35:b1:09:c9:12:f6:15:
58:76:17:16:ff:6d:c8:c6:cf:d2:b3:15:18:bc:93:e3:e8:51:
f8:5a:cc:c8:94:02:8e:ad:de:69:f9:c4:de:b6:04:f2:c6:e0:
66:fe:e8:a1:13:92:65:fd:7c:ed:7d:51:56:52:6c:7b:8b:9e:
ec:d5:9d:f7:b7:3b:87:55:08:15:b4:70:56:58:69:f7:46:a8:
05:3f:1f:e7:65:0c:bd:42:16:c9:35:de:d7:23:9a:3f:0c:f7:
87:b8:1f:00:0e:9e:8e:ed:3e:ef:52:6b:98:c2:ac:2f:19:26:
4f:f7:d5:cf:a0:ee:8f:4b:58:7e:0a:8e:af:bc:7e:03:b7:f6:
53:2c:f9:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsrvaaT2GAQcmbW4FtdQ7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODYwNmFjOTEyYjZlNmViZjk1MDNmNjNkYzI2ZGY1YTg1NjYzN2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2rwVZFEaA+XObEl1Utig/ZGgM/E
/Z34p1Dz5PAp85p2Er6fHhb3GYt+uCFDx7mdqx9f3osqoBWMpgJt+jZMbGiAeBtF
Q9QB5P0km5DCk8TbvWXMgFZ/0CtI1SvRfrjw53K1xkmhbEkfyLkyOw+Ss4K6LgML
AnQ8dYr/kR/5DiP9IFy1GLOM320QcMiWVmSPADvc3s81tDF36+KGgVRbzoZdvkF4
36Vob9lWrKbJL4gikv7kjLCiFMmBFFWDpoOQ1hVIB6gwldrFjzIp59B00ol3tdy0
ui7K34UsqEui7dxLCYCnDKdL6Ph39NA0f9psaviJLhg6+dz7Sj0oC3pb/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEhgaskStubr+VA/Y9wm31qFZjfjMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvU0dCcXlSSzI1dXY1VUQ5ajNDYmZXb1ZtTi1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAJes3MA8E
AgACMAkDBwAqAw+AAEQwDQYJKoZIhvcNAQELBQADggEBAFtHc3h5pk9ig1FjdYx0
X/3+QUDobhyjA0GsnMXOcKcAsTVbb63nR0Dkluw7FU4WTwSskjvfnR41peiic9Bo
jLq7ykx62hBcqdShMzTS057zbEt4roPomR+/MXmZH/8xxUcZj50ihZ4s0FU6dm/k
haep9v7Y2S59NbEJyRL2FVh2Fxb/bcjGz9KzFRi8k+PoUfhazMiUAo6t3mn5xN62
BPLG4Gb+6KETkmX9fO19UVZSbHuLnuzVnfe3O4dVCBW0cFZYafdGqAU/H+dlDL1C
Fsk13tcjmj8M94e4HwAOno7tPu9Sa5jCrC8ZJk/31c+g7o9LWH4Kjq+8fgO39lMs
+Zc=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:24 2024 by rpki-client on console-ams.rpki-client.org