Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/sJoXlQO31NlLvOV54lSxgY-CA54.roa
File: sJoXlQO31NlLvOV54lSxgY-CA54.roa (raw, json)
Hash identifier: j149FVN84AtjS7HZvJsvGBHniDa8bOQiBNJtl9Q/YhE=
Subject key identifier: B0:9A:17:95:03:B7:D4:D9:4B:BC:E5:79:E2:54:B1:81:8F:82:03:9E
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018E31EF882CC7691396A75EE8001B85869F
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/sJoXlQO31NlLvOV54lSxgY-CA54.roa
Signing time: Tue 12 Mar 2024 09:12:45 +0000
ROA not before: Tue 12 Mar 2024 09:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203
IP address blocks: 80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.204.212.0/22 maxlen: 24
195.26.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 15:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:31:ef:88:2c:c7:69:13:96:a7:5e:e8:00:1b:85:86:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Mar 12 09:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b09a179503b7d4d94bbce579e254b1818f82039e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8f:f3:4f:75:80:52:07:86:eb:ef:90:86:54:
af:81:76:f8:23:8e:6a:0e:2f:2c:a2:b0:dd:30:d3:
55:b6:3a:3a:6e:96:6c:70:fe:7e:a7:b0:b7:7d:b9:
96:52:dc:1c:2a:33:07:ea:de:a5:db:01:5c:d2:49:
2e:08:ee:5e:00:e6:7b:3a:a9:1d:dd:aa:f6:9d:b3:
16:5d:5e:15:44:9f:b8:fb:3f:ed:73:03:a9:18:67:
9b:cd:ae:3f:2b:da:d9:d9:88:31:76:1c:ad:e3:9f:
a3:af:81:72:bd:b2:7b:99:5f:23:1f:c8:42:aa:60:
92:71:ca:a6:1c:21:95:f8:8c:06:00:2e:41:8a:b1:
1b:68:26:a1:a1:b1:90:15:39:d3:4b:df:0c:83:08:
57:66:65:f5:22:4d:aa:4c:99:37:f8:db:17:f5:58:
b0:ca:16:6e:2d:d3:60:40:e6:af:bf:3a:b3:c3:c5:
38:c6:ae:3e:30:5b:e8:df:53:33:45:c3:4c:45:ac:
a3:cd:20:e5:2d:ec:46:1d:47:87:5f:40:73:66:f0:
c0:0d:40:6e:85:84:7c:a1:cc:2e:48:f9:e7:85:d0:
1d:d6:c8:99:d0:d2:ec:a6:44:20:22:ae:3d:83:ee:
39:23:52:04:65:07:0c:4d:20:63:0b:55:be:73:f2:
6e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:9A:17:95:03:B7:D4:D9:4B:BC:E5:79:E2:54:B1:81:8F:82:03:9E
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/sJoXlQO31NlLvOV54lSxgY-CA54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.240.0/20
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
185.79.184.0/22
185.178.216.0/22
185.204.212.0/22
195.26.32.0/19
Signature Algorithm: sha256WithRSAEncryption
71:9f:5b:92:70:84:2e:61:98:8d:42:c5:74:1b:7c:21:2d:47:
18:85:2d:19:b0:81:7a:a3:77:fc:88:08:c8:f5:57:61:bc:3e:
75:c2:25:ba:f6:75:61:6d:33:e3:24:0f:03:14:65:2f:ba:60:
30:c6:e7:6c:a6:4e:42:ac:dc:b9:6b:af:de:d4:7f:e6:46:8e:
76:b0:1a:f5:1b:db:9e:2e:ca:84:1e:99:80:59:fd:bb:d2:6a:
44:a9:cc:38:9d:73:95:b1:e4:45:8b:c2:77:38:7c:49:8a:6e:
ba:cc:a4:ae:fd:66:ef:35:12:e7:1a:5c:58:fb:b2:46:1f:60:
93:f6:a1:16:37:c4:65:f8:6e:5a:c1:51:56:1f:aa:37:f7:b3:
6a:39:5e:a5:60:dd:bf:9e:5d:da:c7:62:d2:bb:f3:6e:bd:b3:
b5:c5:84:0d:3e:97:ca:73:08:dc:c5:c7:5f:95:a8:6d:af:f1:
8b:bf:55:c2:79:49:d0:ce:df:9e:23:c6:5f:d9:e1:ae:00:fc:
02:0c:a1:e0:70:2a:54:42:49:62:43:15:b6:20:40:c0:7a:d8:
53:2f:0e:12:10:af:e2:15:67:81:0a:9e:eb:3d:75:af:4f:1f:
c4:92:33:27:32:bb:8e:1e:68:2f:a3:bf:0e:76:26:62:99:1e:
85:15:2f:e3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY4x74gsx2kTlqde6AAbhYafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwMzEyMDkxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDlhMTc5NTAzYjdkNGQ5NGJiY2U1NzllMjU0YjE4MThmODIwMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAio/zT3WAUgeG6++QhlSvgXb4I45q
Di8sorDdMNNVtjo6bpZscP5+p7C3fbmWUtwcKjMH6t6l2wFc0kkuCO5eAOZ7Oqkd
3ar2nbMWXV4VRJ+4+z/tcwOpGGebza4/K9rZ2Ygxdhyt45+jr4FyvbJ7mV8jH8hC
qmCSccqmHCGV+IwGAC5BirEbaCahobGQFTnTS98MgwhXZmX1Ik2qTJk3+NsX9Viw
yhZuLdNgQOavvzqzw8U4xq4+MFvo31MzRcNMRayjzSDlLexGHUeHX0BzZvDADUBu
hYR8ocwuSPnnhdAd1siZ0NLspkQgIq49g+45I1IEZQcMTSBjC1W+c/JuRwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLCaF5UDt9TZS7zleeJUsYGPggOeMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvc0pvWGxRTzMxTmxMdk9WNTRsU3hnWS1DQTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEUErwAwQF
VV9gAwQDXCp4AwQDX4FAAwQCuU+4AwQCubLYAwQCuczUAwQFwxogMA0GCSqGSIb3
DQEBCwUAA4IBAQBxn1uScIQuYZiNQsV0G3whLUcYhS0ZsIF6o3f8iAjI9VdhvD51
wiW69nVhbTPjJA8DFGUvumAwxudspk5CrNy5a6/e1H/mRo52sBr1G9ueLsqEHpmA
Wf270mpEqcw4nXOVseRFi8J3OHxJim66zKSu/WbvNRLnGlxY+7JGH2CT9qEWN8Rl
+G5awVFWH6o397NqOV6lYN2/nl3ax2LSu/NuvbO1xYQNPpfKcwjcxcdflahtr/GL
v1XCeUnQzt+eI8Zf2eGuAPwCDKHgcCpUQkliQxW2IEDAethTLw4SEK/iFWeBCp7r
PXWvTx/EkjMnMruOHmgvo78OdiZimR6FFS/j
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:55 2024 by rpki-client on console-ams.rpki-client.org