Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/SMmi6vEn7V-xkpUPsCygyk9EIrg.roa
File: SMmi6vEn7V-xkpUPsCygyk9EIrg.roa (raw, json)
Hash identifier: BDVTJf68hDdgxrfh3euypiBXfLeHQnppE4n9IbWr8v0=
Subject key identifier: 48:C9:A2:EA:F1:27:ED:5F:B1:92:95:0F:B0:2C:A0:CA:4F:44:22:B8
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FD3F4E5F854405FD85B89B89DC184
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/SMmi6vEn7V-xkpUPsCygyk9EIrg.roa
Signing time: Mon 02 Jan 2023 17:38:03 +0000
ROA not before: Mon 02 Jan 2023 17:38:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3280
IP address blocks: 2.56.166.0/24 maxlen: 24
78.108.217.0/24 maxlen: 24
194.31.140.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
77.83.243.0/24 maxlen: 24
2a0b:b86::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:d3:f4:e5:f8:54:40:5f:d8:5b:89:b8:9d:c1:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48c9a2eaf127ed5fb192950fb02ca0ca4f4422b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ef:9a:63:bf:22:54:87:ec:ce:d4:6a:ec:59:
ed:e1:7f:ba:ba:86:ca:cb:de:16:a7:76:c2:f6:a2:
e2:ce:43:ab:c8:2b:42:8b:55:d5:e6:4a:a7:ac:c9:
f5:89:50:6c:e8:6c:de:b7:ba:77:0e:62:41:db:be:
8d:11:d9:b8:02:c2:6a:14:ce:01:40:10:a0:c6:9c:
a0:e5:34:99:9e:d1:4b:56:42:ef:69:85:8d:04:51:
b6:bd:5b:f3:57:98:b9:4d:9c:1e:b6:15:76:52:61:
4b:7b:06:fc:8f:e5:0b:38:50:40:8a:7c:82:88:9b:
d4:ba:ec:53:97:78:b0:0e:ae:74:35:06:ef:bb:c6:
d5:7d:ed:8e:c9:c9:98:8e:c5:7c:a5:4b:91:36:ed:
df:b1:15:ac:4a:5c:2a:b4:e5:06:2c:a1:3b:bd:4f:
65:6d:25:1c:31:56:35:fe:23:99:93:b3:e3:3c:ea:
35:89:4c:0f:ba:e2:bd:ef:1b:8e:f6:11:45:b8:48:
58:44:b0:82:08:7d:ae:0e:2e:37:c3:5b:17:71:b7:
b8:eb:fa:bc:99:2b:fa:90:f5:dd:4e:fc:fb:e6:9c:
46:6e:fb:74:c0:78:29:ff:17:45:2b:71:4b:19:d2:
59:20:85:53:5a:66:36:f5:27:3c:2e:fe:ef:19:97:
82:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:C9:A2:EA:F1:27:ED:5F:B1:92:95:0F:B0:2C:A0:CA:4F:44:22:B8
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/SMmi6vEn7V-xkpUPsCygyk9EIrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.166.0/24
45.90.146.0/24
77.83.243.0/24
78.108.217.0/24
194.31.140.0/24
IPv6:
2a0b:b86::/40
Signature Algorithm: sha256WithRSAEncryption
30:3d:67:f0:6b:24:8d:3b:39:29:d4:bc:95:dd:0a:58:c0:49:
01:92:53:d4:6b:81:a2:d9:e2:f6:cc:5f:8b:6b:b9:77:db:56:
be:4f:f6:0d:03:cd:eb:18:9d:8d:21:8c:75:4d:61:8b:a7:77:
cf:66:54:db:cf:49:ee:7d:b1:86:93:39:30:38:c5:9f:cc:e4:
18:68:aa:4d:c7:2c:59:e8:74:17:93:51:91:e5:bb:ad:5e:82:
94:62:42:f8:ee:12:4e:93:11:24:6f:66:46:a0:da:21:50:45:
c9:bf:cc:54:65:fc:a8:d5:9e:8b:82:dd:fb:02:35:a0:c3:f8:
7c:98:87:c7:86:09:22:13:3c:f0:91:ef:20:4f:e0:d4:d0:25:
f9:c1:d4:cc:9a:a2:4d:a9:98:9c:03:dc:9c:00:3a:f3:e1:a5:
79:a1:c1:0c:f8:be:6b:e6:5c:94:94:56:fa:50:c6:79:fd:62:
05:bd:1d:f7:d5:9e:2b:dd:67:d9:56:ff:31:4e:26:fa:fe:49:
1e:f9:aa:6f:1a:45:30:d4:c0:d2:ac:da:b6:92:49:72:ed:c2:
9f:31:5f:a1:49:7c:9d:0a:0e:33:b2:e6:af:eb:d7:fd:32:0d:
84:ba:99:72:33:a8:fb:97:ec:60:1c:8d:b8:98:4b:bf:c7:e2:
67:81:fa:9b
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVzj9P05fhUQF/YW4m4ncGEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGM5YTJlYWYxMjdlZDVmYjE5Mjk1MGZiMDJjYTBjYTRmNDQyMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2O+aY78iVIfsztRq7Fnt4X+6uobK
y94Wp3bC9qLizkOryCtCi1XV5kqnrMn1iVBs6Gzet7p3DmJB276NEdm4AsJqFM4B
QBCgxpyg5TSZntFLVkLvaYWNBFG2vVvzV5i5TZwethV2UmFLewb8j+ULOFBAinyC
iJvUuuxTl3iwDq50NQbvu8bVfe2OycmYjsV8pUuRNu3fsRWsSlwqtOUGLKE7vU9l
bSUcMVY1/iOZk7PjPOo1iUwPuuK97xuO9hFFuEhYRLCCCH2uDi43w1sXcbe46/q8
mSv6kPXdTvz75pxGbvt0wHgp/xdFK3FLGdJZIIVTWmY29Sc8Lv7vGZeCEwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFEjJourxJ+1fsZKVD7AsoMpPRCK4MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvU01taTZ2RW43Vi14a3BVUHNDeWd5azlFSXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQAAjimAwQA
LVqSAwQATVPzAwQATmzZAwQAwh+MMA4EAgACMAgDBgAqCwuGADANBgkqhkiG9w0B
AQsFAAOCAQEAMD1n8GskjTs5KdS8ld0KWMBJAZJT1GuBotni9sxfi2u5d9tWvk/2
DQPN6xidjSGMdU1hi6d3z2ZU289J7n2xhpM5MDjFn8zkGGiqTccsWeh0F5NRkeW7
rV6ClGJC+O4STpMRJG9mRqDaIVBFyb/MVGX8qNWei4Ld+wI1oMP4fJiHx4YJIhM8
8JHvIE/g1NAl+cHUzJqiTamYnAPcnAA68+GleaHBDPi+a+ZclJRW+lDGef1iBb0d
99WeK91n2Vb/MU4m+v5JHvmqbxpFMNTA0qzatpJJcu3CnzFfoUl8nQoOM7Lmr+vX
/TINhLqZcjOo+5fsYByNuJhLv8fiZ4H6mw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:39 2023 by rpki-client on console-fra.rpki-client.org