Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/sJm71mALQxE3t93zUmCzbnjtKT0.roa
File: sJm71mALQxE3t93zUmCzbnjtKT0.roa (raw, json)
Hash identifier: DcBYThW2H0hZkmcLf6f3i5gVs3ZchpI1ueapEz+3OOQ=
Subject key identifier: B0:99:BB:D6:60:0B:43:11:37:B7:DD:F3:52:60:B3:6E:78:ED:29:3D
Certificate issuer: /CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Certificate serial: 0186EF130850FE972AEC7C9CEE18653E110A
Authority key identifier: 97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/sJm71mALQxE3t93zUmCzbnjtKT0.roa
Signing time: Fri 17 Mar 2023 10:17:27 +0000
ROA not before: Fri 17 Mar 2023 10:17:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43652
IP address blocks: 195.200.252.0/23 maxlen: 24
185.83.248.0/22 maxlen: 24
2a05:a040::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ef:13:08:50:fe:97:2a:ec:7c:9c:ee:18:65:3e:11:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Validity
Not Before: Mar 17 10:17:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b099bbd6600b431137b7ddf35260b36e78ed293d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ca:65:f1:15:dd:ba:90:9e:7e:dd:bc:43:1d:
b2:ce:b4:70:fa:7b:91:30:4e:24:1c:cb:68:21:57:
21:0c:0f:8c:c1:e1:64:0a:ab:ec:1b:da:7e:ca:e8:
b6:40:6a:9f:10:3a:90:84:39:e1:31:63:32:25:15:
0a:ee:98:d3:73:71:50:29:ed:bd:9b:34:ae:be:3b:
5f:9d:af:c1:3c:99:7d:ca:aa:3a:d2:3d:c9:6d:02:
f1:7d:7b:89:ef:b7:5b:98:e6:dd:3c:7d:d3:3f:28:
61:e2:18:67:29:06:7e:8e:fe:ae:51:35:06:e1:cf:
04:7b:45:69:95:d2:4b:41:83:4c:45:f5:4a:43:5b:
9f:4d:e3:c1:4f:8b:b6:b8:8e:85:65:3e:8e:38:5e:
08:31:2d:9b:a7:9b:6c:a3:1e:74:01:71:55:32:c1:
56:9d:41:41:b1:19:71:69:b2:fb:2f:d8:e1:46:15:
61:cb:ed:1e:c1:28:b9:dd:b9:76:48:56:38:51:7b:
31:94:b7:8e:4a:fc:ae:4e:66:25:7a:25:e4:43:6b:
12:e0:ed:8d:fb:66:fb:f5:99:f3:ed:d0:6e:47:06:
cd:82:aa:d6:f4:08:5a:7a:bd:89:63:c4:a4:79:8f:
c0:e0:e5:83:c5:9b:f6:d6:7b:e4:49:73:b4:68:7c:
54:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:99:BB:D6:60:0B:43:11:37:B7:DD:F3:52:60:B3:6E:78:ED:29:3D
X509v3 Authority Key Identifier:
keyid:97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/sJm71mALQxE3t93zUmCzbnjtKT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.248.0/22
195.200.252.0/23
IPv6:
2a05:a040::/29
Signature Algorithm: sha256WithRSAEncryption
3e:9c:23:bc:7d:cf:d3:53:5d:47:a3:77:1b:c8:4f:15:a2:c2:
5d:48:5b:60:2a:de:d2:bd:bd:bd:f3:39:89:45:3f:39:0b:34:
ee:71:8b:e1:9f:f2:a8:ed:89:17:f6:92:19:36:c6:0b:67:3f:
3e:de:34:f7:35:ae:4a:41:e6:35:05:be:25:e6:90:c8:96:6a:
da:12:4c:b0:86:d0:b0:15:87:22:e1:36:79:82:58:86:c0:c8:
20:2f:1f:0e:d6:98:bf:4d:03:ec:d4:0e:9c:6b:fd:69:6a:64:
91:e6:e1:ce:48:35:ba:f7:13:fd:0f:7a:a4:08:23:a2:71:0e:
ef:57:98:9e:c6:2b:0a:51:cc:ed:21:e3:a3:00:1a:ec:b5:72:
c3:e1:6c:31:77:fe:dc:42:e3:e9:a4:7e:48:58:6e:5e:1a:05:
32:bf:e0:df:9c:c7:3d:cb:b6:29:ee:87:cc:46:9b:2d:3d:50:
2b:08:bc:44:1e:5c:f7:74:c4:c2:b5:e4:2d:20:ea:69:1b:ac:
1e:56:eb:cf:43:4d:ac:1a:eb:ee:e6:0a:35:6d:8c:6a:b1:95:
62:b2:71:73:c4:83:7a:3e:af:20:4a:af:45:52:0d:eb:50:29:
3d:7b:60:02:ce:e7:34:7b:e5:96:40:ae:c1:dc:18:ed:a5:b6:
0b:41:01:a7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbvEwhQ/pcq7Hyc7hhlPhEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OWY1Y2E4YzMzZjEzNGMzYzE1N2Q0OGI5YzJhZTRlOTFi
NjMwYmYwHhcNMjMwMzE3MTAxNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDk5YmJkNjYwMGI0MzExMzdiN2RkZjM1MjYwYjM2ZTc4ZWQyOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcpl8RXdupCeft28Qx2yzrRw+nuR
ME4kHMtoIVchDA+MweFkCqvsG9p+yui2QGqfEDqQhDnhMWMyJRUK7pjTc3FQKe29
mzSuvjtfna/BPJl9yqo60j3JbQLxfXuJ77dbmObdPH3TPyhh4hhnKQZ+jv6uUTUG
4c8Ee0VpldJLQYNMRfVKQ1ufTePBT4u2uI6FZT6OOF4IMS2bp5tsox50AXFVMsFW
nUFBsRlxabL7L9jhRhVhy+0ewSi53bl2SFY4UXsxlLeOSvyuTmYleiXkQ2sS4O2N
+2b79Znz7dBuRwbNgqrW9Ahaer2JY8SkeY/A4OWDxZv21nvkSXO0aHxU4wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLCZu9ZgC0MRN7fd81Jgs2547Sk9MB8GA1UdIwQY
MBaAFJefXKjDPxNMPBV9SLnCrk6RtjC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgt
MTQ3MGFjMzY0ZGQyLzEvc0ptNzFtQUxReEUzdDkzelVtQ3pibmp0S1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgtMTQ3MGFjMzY0ZGQy
LzEvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVP4AwQB
w8j8MA0EAgACMAcDBQMqBaBAMA0GCSqGSIb3DQEBCwUAA4IBAQA+nCO8fc/TU11H
o3cbyE8VosJdSFtgKt7Svb298zmJRT85CzTucYvhn/Ko7YkX9pIZNsYLZz8+3jT3
Na5KQeY1Bb4l5pDIlmraEkywhtCwFYci4TZ5gliGwMggLx8O1pi/TQPs1A6ca/1p
amSR5uHOSDW69xP9D3qkCCOicQ7vV5iexisKUcztIeOjABrstXLD4Wwxd/7cQuPp
pH5IWG5eGgUyv+DfnMc9y7Yp7ofMRpstPVArCLxEHlz3dMTCteQtIOppG6weVuvP
Q02sGuvu5go1bYxqsZVisnFzxIN6Pq8gSq9FUg3rUCk9e2ACzuc0e+WWQK7B3Bjt
pbYLQQGn
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:18 2024 by rpki-client on console-ams.rpki-client.org