Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/Sb5tUm2MZX7CTCuKziBEVv3a2ZY.roa
File: Sb5tUm2MZX7CTCuKziBEVv3a2ZY.roa (raw, json)
Hash identifier: 6kLrlNQl9gWFCh++liWr738bOKqXZDehEv2wkL04+Nw=
Subject key identifier: 49:BE:6D:52:6D:8C:65:7E:C2:4C:2B:8A:CE:20:44:56:FD:DA:D9:96
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01867B6F4D044ECF007984AA5377B8576C6B
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/Sb5tUm2MZX7CTCuKziBEVv3a2ZY.roa
Signing time: Wed 22 Feb 2023 23:22:17 +0000
ROA not before: Wed 22 Feb 2023 23:22:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 85.8.160.0/23 maxlen: 23
85.8.162.0/23 maxlen: 23
92.249.62.0/23 maxlen: 23
92.249.60.0/23 maxlen: 23
84.54.0.0/23 maxlen: 23
84.54.2.0/23 maxlen: 23
85.8.144.0/23 maxlen: 23
85.8.146.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Mar 2023 15:17:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7b:6f:4d:04:4e:cf:00:79:84:aa:53:77:b8:57:6c:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Feb 22 23:22:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49be6d526d8c657ec24c2b8ace204456fddad996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:98:e1:bd:bf:3b:a8:d9:cc:44:7e:34:4e:94:
14:bf:c9:91:40:79:a1:00:6c:71:20:85:1f:0e:c2:
dc:47:8b:17:f8:df:3e:84:c2:3c:a3:b0:60:0f:76:
83:83:09:f2:83:96:da:2f:c5:60:a7:04:a1:de:1c:
3d:b8:e8:30:08:6b:bb:56:84:40:f6:f7:77:16:5d:
e7:12:49:c2:c9:03:1f:b4:3e:e3:06:e6:9e:a0:02:
70:04:88:24:82:a4:09:be:6d:c8:67:b5:cf:08:04:
d1:74:ab:75:18:61:34:ce:ff:60:45:11:b0:9d:2b:
cd:c5:76:4a:e1:5a:50:b6:d0:17:68:b2:5e:85:a7:
c6:aa:a7:e1:81:ce:4f:83:44:81:5e:11:ca:b4:ff:
b8:4f:e4:ff:ba:a8:ec:29:bb:45:bd:7d:45:59:94:
78:77:2c:10:31:f9:cc:50:f7:46:ee:99:ad:77:ba:
d7:61:e5:7b:23:c8:0d:52:d0:f1:cb:d0:f6:75:b4:
2b:7c:d5:24:9f:56:cd:29:4d:b8:8d:34:59:59:fb:
86:a2:78:9d:da:bf:d6:e7:89:eb:7e:2d:43:b1:f8:
67:0f:20:0b:42:4e:70:a5:47:50:d7:b6:f9:72:c7:
fa:a6:0c:14:87:c2:56:b4:15:2c:4a:8a:2b:b0:7d:
ca:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:BE:6D:52:6D:8C:65:7E:C2:4C:2B:8A:CE:20:44:56:FD:DA:D9:96
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/Sb5tUm2MZX7CTCuKziBEVv3a2ZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.0.0/22
85.8.144.0/22
85.8.160.0/22
92.249.60.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:9f:c8:aa:73:f8:61:9e:af:94:73:fc:91:87:ef:e7:70:3b:
59:24:3b:57:b6:bf:c9:eb:2b:76:ae:02:c4:59:5e:c8:bd:b8:
eb:cc:4a:ea:6c:33:73:f3:ce:f9:28:9f:07:53:2e:2c:9c:dc:
31:23:df:5a:ed:fd:25:28:2b:32:fd:0d:4b:48:0b:1d:47:03:
5d:e7:a3:7e:07:bd:4d:0e:51:5f:98:a8:06:31:ca:bb:23:1c:
5b:f4:b7:6e:e9:40:df:54:12:ab:fb:32:a0:e7:4a:db:82:75:
f3:b2:84:dc:73:b6:fc:af:84:31:80:32:30:5e:22:c8:26:66:
2f:ec:45:1a:0b:7e:4c:44:66:19:53:8e:88:e7:02:5f:26:03:
13:da:a5:75:ed:82:9c:57:20:71:89:29:29:9f:71:83:47:b9:
25:5b:b5:25:b4:58:52:51:00:6f:7a:ee:46:e6:32:88:49:c0:
61:09:83:41:71:cc:78:f6:8c:3b:6a:c9:a5:a8:33:a2:9d:2a:
c2:d2:13:8f:02:5f:82:8d:a8:81:75:62:55:39:28:6a:0c:c6:
f3:6e:e8:be:15:50:6c:db:2e:71:04:e6:a3:cb:74:fa:ab:a8:
b4:68:37:b1:61:b3:e6:40:a3:cf:cc:08:83:f1:a4:bb:7c:0e:
cc:8e:26:c7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYZ7b00ETs8AeYSqU3e4V2xrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMjIyMjMyMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWJlNmQ1MjZkOGM2NTdlYzI0YzJiOGFjZTIwNDQ1NmZkZGFkOTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpjhvb87qNnMRH40TpQUv8mRQHmh
AGxxIIUfDsLcR4sX+N8+hMI8o7BgD3aDgwnyg5baL8VgpwSh3hw9uOgwCGu7VoRA
9vd3Fl3nEknCyQMftD7jBuaeoAJwBIgkgqQJvm3IZ7XPCATRdKt1GGE0zv9gRRGw
nSvNxXZK4VpQttAXaLJehafGqqfhgc5Pg0SBXhHKtP+4T+T/uqjsKbtFvX1FWZR4
dywQMfnMUPdG7pmtd7rXYeV7I8gNUtDxy9D2dbQrfNUkn1bNKU24jTRZWfuGonid
2r/W54nrfi1DsfhnDyALQk5wpUdQ17b5csf6pgwUh8JWtBUsSoorsH3KYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEm+bVJtjGV+wkwris4gRFb92tmWMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvU2I1dFVtMk1aWDdDVEN1S3ppQkVWdjNhMlpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCVDYAAwQC
VQiQAwQCVQigAwQCXPk8MA0GCSqGSIb3DQEBCwUAA4IBAQChn8iqc/hhnq+Uc/yR
h+/ncDtZJDtXtr/J6yt2rgLEWV7IvbjrzErqbDNz8875KJ8HUy4snNwxI99a7f0l
KCsy/Q1LSAsdRwNd56N+B71NDlFfmKgGMcq7Ixxb9Ldu6UDfVBKr+zKg50rbgnXz
soTcc7b8r4QxgDIwXiLIJmYv7EUaC35MRGYZU46I5wJfJgMT2qV17YKcVyBxiSkp
n3GDR7klW7UltFhSUQBveu5G5jKIScBhCYNBccx49ow7asmlqDOinSrC0hOPAl+C
jaiBdWJVOShqDMbzbui+FVBs2y5xBOajy3T6q6i0aDexYbPmQKPPzAiD8aS7fA7M
jibH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org