Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/SuUVJ-wBGVCpabhJRqBhNigGC6o.roa
File: SuUVJ-wBGVCpabhJRqBhNigGC6o.roa (raw, json)
Hash identifier: qbf0TWRCX8fEOlolR1vbOzISvDwIgGwmyukIKf3twC0=
Subject key identifier: 4A:E5:15:27:EC:01:19:50:A9:69:B8:49:46:A0:61:36:28:06:0B:AA
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 018EA02E7D561FBE5F7B726C18B3AF998802
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/SuUVJ-wBGVCpabhJRqBhNigGC6o.roa
Signing time: Tue 02 Apr 2024 18:59:45 +0000
ROA not before: Tue 02 Apr 2024 18:59:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46261
IP address blocks: 139.28.136.0/24 maxlen: 24
195.206.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 12:32:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a0:2e:7d:56:1f:be:5f:7b:72:6c:18:b3:af:99:88:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Apr 2 18:59:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ae51527ec011950a969b84946a0613628060baa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:cc:3f:86:f4:ba:cd:a2:f4:38:84:f6:b1:1e:
7c:29:fe:ce:31:ac:31:f5:2e:00:6d:ac:a2:3a:c7:
d1:74:9b:19:bb:56:f7:f3:fe:da:ec:12:8d:f0:7f:
17:b7:ee:76:c5:80:a1:c4:23:b5:dd:be:d2:ad:fd:
c7:ca:22:15:e9:a0:d5:13:38:9b:a3:1b:73:1d:c3:
94:d0:da:93:64:20:83:41:10:92:8f:14:3a:d5:51:
de:bc:2e:b6:73:b9:b7:01:29:4e:c0:fd:b8:dc:63:
b2:02:a3:af:b1:3e:e5:8b:d0:5a:b6:bd:89:15:ba:
12:aa:27:c3:07:0d:d2:6e:8c:bf:ad:88:9f:20:22:
ae:3c:1d:b1:8d:ef:73:8c:bc:d3:a8:89:0c:b6:1f:
21:58:80:c9:ae:54:2c:4e:d7:d2:b6:31:0c:7d:ac:
af:e0:29:f7:ac:81:0d:8e:ae:52:86:07:d2:6e:c2:
e4:9e:68:b4:cf:54:2d:41:f2:d4:06:3f:9e:f5:d7:
a4:1d:97:da:0f:6b:bd:30:39:13:69:c9:7c:85:86:
ba:1f:47:52:cb:58:ee:02:ab:c1:66:5d:3b:8b:b1:
b4:57:3e:99:7a:b1:30:ce:50:48:2e:55:09:42:a5:
aa:12:4b:07:1e:ff:41:64:06:eb:cb:2f:fa:03:e6:
7a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E5:15:27:EC:01:19:50:A9:69:B8:49:46:A0:61:36:28:06:0B:AA
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/SuUVJ-wBGVCpabhJRqBhNigGC6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.136.0/24
195.206.111.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:5c:36:21:a9:9c:02:3a:f2:34:7f:95:59:5d:70:ec:d5:0f:
3c:0a:d4:c3:8c:f1:27:48:8b:89:76:30:aa:22:2d:76:e0:b2:
89:b2:7a:24:db:79:e8:c8:c8:84:d6:b9:ab:21:3d:e8:51:5b:
04:a0:3c:3f:4a:5e:04:4f:58:55:7a:f0:3e:64:32:26:c4:42:
f5:75:4b:92:c4:8e:52:0b:03:8b:7d:4a:87:56:fd:87:e2:35:
a7:ca:16:e8:00:86:cf:77:9e:65:fe:51:44:25:47:cd:c7:b8:
a2:ab:c9:12:53:09:d6:23:5a:4e:08:e9:41:20:06:9e:89:fe:
5e:d5:0d:40:da:e3:89:35:b6:5f:8b:bf:49:5c:a3:ac:03:22:
20:ec:66:36:e1:5f:e4:5e:4d:ef:82:58:37:69:0b:b1:07:71:
63:61:8e:61:45:f2:3c:6d:93:53:c0:f8:70:45:0c:99:9f:74:
4e:50:95:c4:9c:a3:4a:f0:64:0f:0b:81:18:7c:ef:26:ae:99:
30:92:38:04:60:94:f9:35:57:e2:e2:81:ef:49:9e:a1:19:72:
d9:ca:04:da:1e:41:34:33:36:a2:99:b4:1d:35:a8:d5:63:12:
f2:93:8d:35:e0:de:f5:2a:10:46:aa:5d:3b:9d:bd:58:e1:61:
21:5d:05:a2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6gLn1WH75fe3JsGLOvmYgCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjQwNDAyMTg1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWU1MTUyN2VjMDExOTUwYTk2OWI4NDk0NmEwNjEzNjI4MDYwYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8w/hvS6zaL0OIT2sR58Kf7OMawx
9S4AbayiOsfRdJsZu1b38/7a7BKN8H8Xt+52xYChxCO13b7Srf3HyiIV6aDVEzib
oxtzHcOU0NqTZCCDQRCSjxQ61VHevC62c7m3ASlOwP243GOyAqOvsT7li9Batr2J
FboSqifDBw3Sboy/rYifICKuPB2xje9zjLzTqIkMth8hWIDJrlQsTtfStjEMfayv
4Cn3rIENjq5ShgfSbsLknmi0z1QtQfLUBj+e9dekHZfaD2u9MDkTacl8hYa6H0dS
y1juAqvBZl07i7G0Vz6ZerEwzlBILlUJQqWqEksHHv9BZAbryy/6A+Z6ywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFErlFSfsARlQqWm4SUagYTYoBguqMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvU3VVVkotd0JHVkNwYWJoSlJxQmhOaWdHQzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAixyIAwQA
w85vMA0GCSqGSIb3DQEBCwUAA4IBAQAcXDYhqZwCOvI0f5VZXXDs1Q88CtTDjPEn
SIuJdjCqIi124LKJsnok23noyMiE1rmrIT3oUVsEoDw/Sl4ET1hVevA+ZDImxEL1
dUuSxI5SCwOLfUqHVv2H4jWnyhboAIbPd55l/lFEJUfNx7iiq8kSUwnWI1pOCOlB
IAaeif5e1Q1A2uOJNbZfi79JXKOsAyIg7GY24V/kXk3vglg3aQuxB3FjYY5hRfI8
bZNTwPhwRQyZn3ROUJXEnKNK8GQPC4EYfO8mrpkwkjgEYJT5NVfi4oHvSZ6hGXLZ
ygTaHkE0MzaimbQdNajVYxLyk4014N71KhBGql07nb1Y4WEhXQWi
-----END CERTIFICATE-----
Generated at Wed Apr 3 16:48:14 2024 by rpki-client on console-ams.rpki-client.org