Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/SJ6keB1JfhMgiDjw-6iyO6XsQEk.roa
File: SJ6keB1JfhMgiDjw-6iyO6XsQEk.roa (raw, json)
Hash identifier: Vx9OmhuCUAtsIwSMQTAMos1+SQ/gxKpEBKn+RIWZUGI=
Subject key identifier: 48:9E:A4:78:1D:49:7E:13:20:88:38:F0:FB:A8:B2:3B:A5:EC:40:49
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 018809AF64B7CEFF64A7A059DE16B161472D
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/SJ6keB1JfhMgiDjw-6iyO6XsQEk.roa
Signing time: Thu 11 May 2023 07:21:09 +0000
ROA not before: Thu 11 May 2023 07:21:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207456
IP address blocks: 185.239.204.0/24 maxlen: 24
185.239.204.0/22 maxlen: 22
185.239.206.0/24 maxlen: 24
185.239.205.0/24 maxlen: 24
185.239.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Jun 2023 15:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:09:af:64:b7:ce:ff:64:a7:a0:59:de:16:b1:61:47:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: May 11 07:21:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=489ea4781d497e13208838f0fba8b23ba5ec4049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f8:e0:94:44:d7:59:eb:51:9b:d3:00:49:da:
78:66:20:98:1a:9f:4e:23:cb:b8:9f:b1:61:93:4e:
e0:6e:24:34:9e:1f:9f:4b:8b:78:da:81:96:b9:41:
6c:c8:f1:7a:42:1b:e3:c5:42:ac:75:a3:25:4a:14:
38:4a:e3:bd:a4:63:53:b0:1c:59:05:74:8d:fb:fa:
15:98:b4:3c:29:f3:55:ec:a0:81:67:4f:f9:c3:d8:
c5:e4:5d:60:39:c7:ab:27:30:3f:bb:b0:1d:be:ed:
49:e3:83:aa:7f:21:1e:8a:c6:d4:59:a8:e1:8d:b2:
80:40:c6:5b:f2:b5:88:49:89:40:6e:08:56:fc:39:
63:e0:04:89:ed:e2:02:0b:08:d3:3c:ac:53:2a:98:
eb:75:e5:86:2e:4d:ac:03:81:fe:b8:f3:a7:17:34:
80:7b:5f:c8:61:5f:b4:9d:7b:34:a3:22:2e:52:41:
5e:d0:3b:9e:c9:76:89:b9:bb:6f:67:84:34:64:7c:
44:bd:40:73:c9:c3:f7:1f:c1:16:5c:27:1a:70:af:
b2:f9:4d:fd:4a:05:6e:fa:be:1a:23:59:b6:2b:05:
82:2a:5d:7c:ea:8e:2f:a8:3e:44:f3:eb:62:e7:e5:
b7:86:ee:bf:c2:9e:60:c5:33:d2:7f:57:20:16:0f:
cd:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:9E:A4:78:1D:49:7E:13:20:88:38:F0:FB:A8:B2:3B:A5:EC:40:49
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/SJ6keB1JfhMgiDjw-6iyO6XsQEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.204.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:cc:6f:94:ad:92:fd:11:ac:d1:0b:ba:87:32:20:e5:97:30:
a3:88:1c:10:b1:25:4f:26:90:d9:d5:d1:82:f9:d6:72:39:86:
a8:04:99:e6:84:4f:2f:f8:90:aa:87:60:6c:a4:e1:97:f0:f6:
bc:5c:fd:30:15:7d:d8:56:b8:98:77:f0:fc:8e:84:2e:b1:19:
c7:2c:22:58:10:1c:c5:b6:2c:3f:79:f1:6f:2b:01:ba:8b:28:
90:c7:e5:4a:25:cc:c0:0d:37:1e:45:bf:2d:52:44:51:2c:ec:
1d:27:ee:6d:52:71:52:fb:fd:5e:0b:bd:4a:22:cd:1b:bb:14:
63:b8:cb:03:1e:9b:af:c4:74:25:ad:f1:68:53:e3:49:5b:fd:
ff:0e:9a:3f:8c:f4:5f:1f:21:f6:0a:3a:eb:3d:a3:07:e9:54:
3c:09:3c:e8:3f:b0:49:8a:ed:6f:7a:1b:e8:0d:51:ea:db:cd:
81:ba:bf:c2:26:10:22:63:1a:28:d9:c1:9a:e7:a4:15:3e:e0:
ca:a9:f6:73:0f:af:05:af:28:6e:db:02:63:b3:ec:98:db:78:
62:cc:05:f4:0c:34:2c:d2:32:aa:e5:20:4b:64:e5:95:7e:8d:
24:3f:df:bf:f8:06:39:83:ec:90:82:15:2a:32:bb:08:e3:fb:
7f:24:a2:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgJr2S3zv9kp6BZ3haxYUctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjMwNTExMDcyMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODllYTQ3ODFkNDk3ZTEzMjA4ODM4ZjBmYmE4YjIzYmE1ZWM0MDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvjglETXWetRm9MASdp4ZiCYGp9O
I8u4n7Fhk07gbiQ0nh+fS4t42oGWuUFsyPF6QhvjxUKsdaMlShQ4SuO9pGNTsBxZ
BXSN+/oVmLQ8KfNV7KCBZ0/5w9jF5F1gOcerJzA/u7Advu1J44OqfyEeisbUWajh
jbKAQMZb8rWISYlAbghW/Dlj4ASJ7eICCwjTPKxTKpjrdeWGLk2sA4H+uPOnFzSA
e1/IYV+0nXs0oyIuUkFe0DueyXaJubtvZ4Q0ZHxEvUBzycP3H8EWXCcacK+y+U39
SgVu+r4aI1m2KwWCKl186o4vqD5E8+ti5+W3hu6/wp5gxTPSf1cgFg/NTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEiepHgdSX4TIIg48Puosjul7EBJMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvU0o2a2VCMUpmaE1naURqdy02aXlPNlhzUUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue/MMA0G
CSqGSIb3DQEBCwUAA4IBAQBuzG+UrZL9EazRC7qHMiDllzCjiBwQsSVPJpDZ1dGC
+dZyOYaoBJnmhE8v+JCqh2BspOGX8Pa8XP0wFX3YVriYd/D8joQusRnHLCJYEBzF
tiw/efFvKwG6iyiQx+VKJczADTceRb8tUkRRLOwdJ+5tUnFS+/1eC71KIs0buxRj
uMsDHpuvxHQlrfFoU+NJW/3/Dpo/jPRfHyH2CjrrPaMH6VQ8CTzoP7BJiu1vehvo
DVHq282Bur/CJhAiYxoo2cGa56QVPuDKqfZzD68Fryhu2wJjs+yY23hizAX0DDQs
0jKq5SBLZOWVfo0kP9+/+AY5g+yQghUqMrsI4/t/JKJf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:19 2024 by rpki-client on console-fra.rpki-client.org