Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/SBcUB8MMyawGKusimo1KFrJ19oQ.roa
File: SBcUB8MMyawGKusimo1KFrJ19oQ.roa (raw, json)
Hash identifier: K5FGKCIYPB8XppjWg94ztQnlZjgnH7sjXz117/U8DzI=
Subject key identifier: 48:17:14:07:C3:0C:C9:AC:06:2A:EB:22:9A:8D:4A:16:B2:75:F6:84
Certificate issuer: /CN=fc0487a04f5aa442be519a17cb2bb22d783df23b
Certificate serial: 018CC795670ADA0C9A63764812EEE6B09D0F
Authority key identifier: FC:04:87:A0:4F:5A:A4:42:BE:51:9A:17:CB:2B:B2:2D:78:3D:F2:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ASHoE9apEK-UZoXyyuyLXg98js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/SBcUB8MMyawGKusimo1KFrJ19oQ.roa
Signing time: Tue 02 Jan 2024 00:31:46 +0000
ROA not before: Tue 02 Jan 2024 00:31:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44764
IP address blocks: 78.41.120.0/21 maxlen: 21
46.29.216.0/21 maxlen: 21
92.42.64.0/21 maxlen: 21
185.46.132.0/22 maxlen: 22
2a00:1400::/32 maxlen: 32
2a00:13e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:67:0a:da:0c:9a:63:76:48:12:ee:e6:b0:9d:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc0487a04f5aa442be519a17cb2bb22d783df23b
Validity
Not Before: Jan 2 00:31:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48171407c30cc9ac062aeb229a8d4a16b275f684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e4:08:f2:67:b1:b1:2e:13:4c:fc:e1:95:07:
eb:48:ca:ca:8b:ce:6a:a1:f8:6b:4e:4f:1b:c2:0d:
60:9d:86:de:af:be:03:0c:38:d1:7b:62:77:23:f2:
14:6b:58:d9:2f:af:5d:83:29:44:59:ae:df:0e:c9:
d6:0f:c4:d6:f8:45:34:88:ae:a4:9a:28:32:fd:e9:
e1:43:d0:58:07:d1:64:87:09:2e:3d:a5:02:90:13:
c9:7a:01:89:0b:a2:6d:b3:c6:ad:49:88:3c:ea:01:
49:2e:e3:d1:cb:9c:cf:5c:80:f6:28:db:03:a9:55:
2b:83:85:58:2e:cc:57:8e:c0:1a:96:f2:b4:89:66:
72:fe:26:ff:c2:98:55:48:f8:cc:a3:85:73:ca:38:
bd:a5:43:8b:73:c7:a3:1f:b3:ff:72:ec:00:a2:b9:
65:de:b0:60:b1:ce:8f:44:c9:6b:98:3c:66:66:de:
5b:10:f5:6b:ec:33:52:6e:54:4b:be:12:e7:a8:5a:
10:2a:62:3b:e3:7f:a6:cd:af:48:aa:b3:a6:ee:c6:
03:78:27:b4:d2:18:02:a5:c0:79:da:89:f8:c9:67:
dc:ce:01:50:aa:e7:73:2b:75:20:34:97:9a:2a:87:
02:d0:8c:5b:cc:18:f2:e3:b2:43:4d:55:ae:a9:31:
d9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:17:14:07:C3:0C:C9:AC:06:2A:EB:22:9A:8D:4A:16:B2:75:F6:84
X509v3 Authority Key Identifier:
keyid:FC:04:87:A0:4F:5A:A4:42:BE:51:9A:17:CB:2B:B2:2D:78:3D:F2:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ASHoE9apEK-UZoXyyuyLXg98js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/SBcUB8MMyawGKusimo1KFrJ19oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/_ASHoE9apEK-UZoXyyuyLXg98js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.216.0/21
78.41.120.0/21
92.42.64.0/21
185.46.132.0/22
IPv6:
2a00:13e0::/32
2a00:1400::/32
Signature Algorithm: sha256WithRSAEncryption
42:d9:fd:5a:09:db:50:60:44:1b:d9:b9:fd:51:1e:9e:4f:ff:
35:49:b2:3b:70:f9:22:f0:5e:44:72:3e:a0:74:09:04:ce:f1:
7a:bd:84:9b:cb:cc:e2:af:c4:66:eb:b2:eb:9f:88:40:1b:d9:
8a:dd:89:a6:95:77:ce:e2:8b:47:42:b7:5f:67:cd:c4:bf:97:
d3:59:16:18:8e:f8:31:5b:e7:58:d0:a4:22:1a:a0:d6:76:42:
08:d9:21:e5:68:f6:dd:87:db:cb:8b:27:e9:e9:8d:ce:38:e7:
b8:e6:d3:ac:6e:38:f7:c8:09:d1:db:c0:82:aa:b6:63:87:33:
a8:d3:cc:f4:fb:2a:9a:c4:69:73:96:8e:c2:f3:d2:b3:49:9c:
3f:48:4f:95:73:e6:12:b0:c0:cf:44:7f:92:86:e4:a4:0d:9d:
98:71:1f:80:28:bb:b6:93:b9:01:6d:e4:08:ce:8e:d5:88:de:
ad:9f:38:a2:57:be:a1:31:2d:84:34:8b:43:17:e1:10:a1:30:
d1:07:d6:d1:0e:5d:cc:db:c4:15:c7:86:d6:fb:f5:35:3c:66:
8a:ca:2a:07:05:96:b7:61:be:06:ab:cc:ac:a7:21:b8:f1:2a:
a9:67:83:7c:ca:5f:8f:e0:8b:c0:db:b8:81:6d:5b:85:94:24:
72:74:e8:e6
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzHlWcK2gyaY3ZIEu7msJ0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMDQ4N2EwNGY1YWE0NDJiZTUxOWExN2NiMmJiMjJkNzgz
ZGYyM2IwHhcNMjQwMTAyMDAzMTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODE3MTQwN2MzMGNjOWFjMDYyYWViMjI5YThkNGExNmIyNzVmNjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeQI8mexsS4TTPzhlQfrSMrKi85q
ofhrTk8bwg1gnYber74DDDjRe2J3I/IUa1jZL69dgylEWa7fDsnWD8TW+EU0iK6k
migy/enhQ9BYB9FkhwkuPaUCkBPJegGJC6Jts8atSYg86gFJLuPRy5zPXID2KNsD
qVUrg4VYLsxXjsAalvK0iWZy/ib/wphVSPjMo4Vzyji9pUOLc8ejH7P/cuwAorll
3rBgsc6PRMlrmDxmZt5bEPVr7DNSblRLvhLnqFoQKmI743+mza9IqrOm7sYDeCe0
0hgCpcB52on4yWfczgFQqudzK3UgNJeaKocC0IxbzBjy47JDTVWuqTHZOwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFEgXFAfDDMmsBirrIpqNShaydfaEMB8GA1UdIwQY
MBaAFPwEh6BPWqRCvlGaF8srsi14PfI7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0FTSG9FOWFwRUstVVpvWHl5dXlMWGc5OGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC83ODFhNjEtN2QwMy00YThlLTkwYmEt
MWIzYTM2ZTFhY2E4LzEvU0JjVUI4TU15YXdHS3VzaW1vMUtGckoxOW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC83ODFhNjEtN2QwMy00YThlLTkwYmEtMWIzYTM2ZTFhY2E4
LzEvX0FTSG9FOWFwRUstVVpvWHl5dXlMWGc5OGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDLh3YAwQD
Til4AwQDXCpAAwQCuS6EMBQEAgACMA4DBQAqABPgAwUAKgAUADANBgkqhkiG9w0B
AQsFAAOCAQEAQtn9WgnbUGBEG9m5/VEenk//NUmyO3D5IvBeRHI+oHQJBM7xer2E
m8vM4q/EZuuy65+IQBvZit2JppV3zuKLR0K3X2fNxL+X01kWGI74MVvnWNCkIhqg
1nZCCNkh5Wj23Yfby4sn6emNzjjnuObTrG4498gJ0dvAgqq2Y4czqNPM9PsqmsRp
c5aOwvPSs0mcP0hPlXPmErDAz0R/kobkpA2dmHEfgCi7tpO5AW3kCM6O1YjerZ84
ole+oTEthDSLQxfhEKEw0QfW0Q5dzNvEFceG1vv1NTxmisoqBwWWt2G+BqvMrKch
uPEqqWeDfMpfj+CLwNu4gW1bhZQkcnTo5g==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:17:28 2025 by rpki-client