Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/SFv21bp-pNGbVT9HTeYWy5OOBpA.roa
File: SFv21bp-pNGbVT9HTeYWy5OOBpA.roa (raw, json)
Hash identifier: S8kSVgPMLVymUltdsrNMq862a85qpLGPy7c1+H43eOA=
Subject key identifier: 48:5B:F6:D5:BA:7E:A4:D1:9B:55:3F:47:4D:E6:16:CB:93:8E:06:90
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 018EA2E4762DF50B92822FCFB6AC363232FA
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/SFv21bp-pNGbVT9HTeYWy5OOBpA.roa
Signing time: Wed 03 Apr 2024 07:37:45 +0000
ROA not before: Wed 03 Apr 2024 07:37:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200738
IP address blocks: 45.129.20.0/24 maxlen: 24
45.129.21.0/24 maxlen: 24
45.129.22.0/24 maxlen: 24
45.129.23.0/24 maxlen: 24
77.83.124.0/22 maxlen: 22
92.114.56.0/22 maxlen: 22
93.114.240.0/22 maxlen: 22
109.230.216.0/23 maxlen: 23
109.230.222.0/24 maxlen: 24
134.255.215.0/24 maxlen: 24
176.100.208.0/22 maxlen: 22
176.100.212.0/22 maxlen: 22
176.100.224.0/20 maxlen: 20
176.100.224.0/24 maxlen: 24
176.100.225.0/24 maxlen: 24
185.97.168.0/22 maxlen: 22
185.159.252.0/22 maxlen: 22
185.170.147.0/24 maxlen: 24
188.215.8.0/22 maxlen: 22
193.26.148.0/22 maxlen: 22
193.31.36.0/22 maxlen: 22
193.35.14.0/23 maxlen: 23
193.35.26.0/23 maxlen: 23
2a06:6c0::/48 maxlen: 48
2a06:6c0:1::/48 maxlen: 48
2a06:6c0:2::/48 maxlen: 48
2a06:6c0:3::/48 maxlen: 48
2a06:6c0:22::/48 maxlen: 48
2a06:6c0:23::/48 maxlen: 48
2a06:6c0:24::/48 maxlen: 48
2a06:6c0:25::/48 maxlen: 48
2a06:6c0:26::/48 maxlen: 48
2a06:6c0:254::/48 maxlen: 48
2a06:6c0:255::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 04 Apr 2024 06:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:e4:76:2d:f5:0b:92:82:2f:cf:b6:ac:36:32:32:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: Apr 3 07:37:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=485bf6d5ba7ea4d19b553f474de616cb938e0690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:40:6b:f2:ed:ed:da:97:05:07:81:ee:91:d2:
9a:6c:09:e2:68:99:0e:11:0c:ca:ca:f4:30:eb:3b:
7f:9a:6d:95:bf:75:2e:ab:ee:99:7e:83:47:04:b9:
32:6f:71:88:57:3f:ff:fc:cf:64:53:8d:15:7b:f3:
1d:b2:e4:03:c1:a7:03:28:95:a9:2e:da:16:fa:f1:
4d:57:39:e1:69:89:61:aa:0c:da:ca:d6:c1:9f:1b:
40:b4:51:45:3a:a0:d1:d0:a6:06:9a:d6:1b:36:c3:
e3:e8:3a:8d:20:0b:8c:eb:7c:e8:63:bf:7d:4b:06:
17:f9:4b:2a:86:84:63:de:21:61:1f:4f:cd:5e:48:
6e:4b:ab:8b:16:9a:15:a5:9c:27:6e:e7:91:8e:e7:
8f:d3:cf:48:3e:31:15:8a:10:16:e7:8c:a2:93:b5:
06:5b:23:c5:c7:40:43:20:5f:70:05:15:6a:cd:64:
3e:f0:75:a0:d0:29:03:33:df:28:17:ce:8d:d7:68:
d4:62:41:b3:a8:7f:e2:1f:93:1a:5c:5c:2e:98:ef:
b5:f5:23:e9:77:3a:3c:b5:c1:95:d9:2a:be:c7:ed:
51:3f:89:03:7f:fd:98:c3:fb:33:cf:a3:0b:38:a2:
ee:2e:73:cf:55:39:23:e1:96:ca:ce:93:d9:51:c7:
df:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:5B:F6:D5:BA:7E:A4:D1:9B:55:3F:47:4D:E6:16:CB:93:8E:06:90
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/SFv21bp-pNGbVT9HTeYWy5OOBpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.20.0/22
77.83.124.0/22
92.114.56.0/22
93.114.240.0/22
109.230.216.0/23
109.230.222.0/24
134.255.215.0/24
176.100.208.0/21
176.100.224.0/20
185.97.168.0/22
185.159.252.0/22
185.170.147.0/24
188.215.8.0/22
193.26.148.0/22
193.31.36.0/22
193.35.14.0/23
193.35.26.0/23
IPv6:
2a06:6c0::/46
2a06:6c0:22::-2a06:6c0:26:ffff:ffff:ffff:ffff:ffff
2a06:6c0:254::/47
Signature Algorithm: sha256WithRSAEncryption
00:5e:33:83:f6:40:98:f3:ac:52:78:2b:28:c3:1c:a2:66:54:
db:b6:8d:10:cb:df:cb:9a:21:fe:99:3f:1f:90:c1:28:69:07:
4d:9b:f3:a9:de:fa:91:7c:66:4b:cc:51:8e:2f:40:51:70:e4:
62:2f:eb:ca:5e:23:c1:ec:55:ff:44:ea:5c:a2:e8:d8:23:a1:
88:66:a3:12:d4:4a:76:6d:2d:32:3f:1f:05:9d:35:b8:86:10:
d6:f1:0b:c7:6a:14:9f:a6:77:3d:ce:e7:38:01:19:17:99:a4:
72:02:d8:e5:45:33:e6:af:5b:b7:fa:b1:88:9b:e7:1a:8f:7a:
1f:e4:08:3c:40:fe:d9:d2:19:20:06:1e:3b:d2:79:37:ce:2a:
15:aa:cd:33:b6:ec:5c:9b:87:44:74:3d:d2:aa:c2:bf:85:b9:
9d:02:bc:52:d9:1b:6c:22:93:41:74:ff:5e:0d:31:53:66:0a:
ab:c7:52:71:c0:97:f7:ef:db:c1:64:e4:32:11:ad:3b:2e:1f:
41:98:f4:82:d0:c8:ab:2c:3e:c1:b9:d2:9a:b4:e6:81:93:cb:
4c:2d:51:51:82:b9:fa:d9:d5:d0:68:96:b4:50:20:91:ab:65:
9f:4c:b4:68:f5:ab:cc:3a:ef:d0:5a:b6:ce:f6:21:5a:ab:a7:
f9:f4:9c:af
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAY6i5HYt9QuSgi/Ptqw2MjL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOTRhNDI1NTk1ZTkyM2M0YjUzYjljMDAwYWE4ZjE5YWQ5
MjNmMjAwHhcNMjQwNDAzMDczNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODViZjZkNWJhN2VhNGQxOWI1NTNmNDc0ZGU2MTZjYjkzOGUwNjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEBr8u3t2pcFB4HukdKabAniaJkO
EQzKyvQw6zt/mm2Vv3Uuq+6ZfoNHBLkyb3GIVz///M9kU40Ve/MdsuQDwacDKJWp
LtoW+vFNVznhaYlhqgzaytbBnxtAtFFFOqDR0KYGmtYbNsPj6DqNIAuM63zoY799
SwYX+UsqhoRj3iFhH0/NXkhuS6uLFpoVpZwnbueRjueP089IPjEVihAW54yik7UG
WyPFx0BDIF9wBRVqzWQ+8HWg0CkDM98oF86N12jUYkGzqH/iH5MaXFwumO+19SPp
dzo8tcGV2Sq+x+1RP4kDf/2Yw/szz6MLOKLuLnPPVTkj4ZbKzpPZUcffgQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFEhb9tW6fqTRm1U/R03mFsuTjgaQMB8GA1UdIwQY
MBaAFHCUpCVZXpI8S1O5wACqjxmtkj8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUt
Nzc3MzczZTYwNTVlLzEvU0Z2MjFicC1wTkdiVlQ5SFRlWVd5NU9PQnBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUtNzc3MzczZTYwNTVl
LzEvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDBsBAIAATBmAwQCLYEU
AwQCTVN8AwQCXHI4AwQCXXLwAwQBbebYAwQAbebeAwQAhv/XAwQDsGTQAwQEsGTg
AwQCuWGoAwQCuZ/8AwQAuaqTAwQCvNcIAwQCwRqUAwQCwR8kAwQBwSMOAwQBwSMa
MCwEAgACMCYDBwIqBgbAAAAwEgMHASoGBsAAIgMHACoGBsAAJgMHASoGBsACVDAN
BgkqhkiG9w0BAQsFAAOCAQEAAF4zg/ZAmPOsUngrKMMcomZU27aNEMvfy5oh/pk/
H5DBKGkHTZvzqd76kXxmS8xRji9AUXDkYi/ryl4jwexV/0TqXKLo2COhiGajEtRK
dm0tMj8fBZ01uIYQ1vELx2oUn6Z3Pc7nOAEZF5mkcgLY5UUz5q9bt/qxiJvnGo96
H+QIPED+2dIZIAYeO9J5N84qFarNM7bsXJuHRHQ90qrCv4W5nQK8UtkbbCKTQXT/
Xg0xU2YKq8dSccCX9+/bwWTkMhGtOy4fQZj0gtDIqyw+wbnSmrTmgZPLTC1RUYK5
+tnV0GiWtFAgkatln0y0aPWrzDrv0Fq2zvYhWqun+fScrw==
-----END CERTIFICATE-----
Generated at Thu Apr 4 09:24:12 2024 by rpki-client on console-ams.rpki-client.org