Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/sf_ZuJ4OpwETysfUuaG9J0WQ8LU.roa
File: sf_ZuJ4OpwETysfUuaG9J0WQ8LU.roa (raw, json)
Hash identifier: J7wFtefK+9eLibD/iygNCHeM+egEpBMzgnBxy7nufCQ=
Subject key identifier: B1:FF:D9:B8:9E:0E:A7:01:13:CA:C7:D4:B9:A1:BD:27:45:90:F0:B5
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0187C82E2C863529FD42A65DED86F6994C88
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/sf_ZuJ4OpwETysfUuaG9J0WQ8LU.roa
Signing time: Fri 28 Apr 2023 14:04:41 +0000
ROA not before: Fri 28 Apr 2023 14:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
195.138.124.0/24 maxlen: 24
195.138.125.0/24 maxlen: 24
195.138.122.0/24 maxlen: 24
195.138.123.0/24 maxlen: 24
195.138.126.0/24 maxlen: 24
195.138.127.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c8:2e:2c:86:35:29:fd:42:a6:5d:ed:86:f6:99:4c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 28 14:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1ffd9b89e0ea70113cac7d4b9a1bd274590f0b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9b:61:87:08:3a:67:74:50:f8:fc:0a:6f:25:
fe:29:4b:5b:8b:f0:4e:c6:88:55:f4:70:96:eb:a0:
3e:59:7a:4b:61:5c:2c:07:7e:95:06:85:3e:0e:ae:
4c:da:da:2e:04:20:ca:df:61:01:8b:3a:91:28:b1:
56:41:d1:16:cd:18:77:48:04:c8:ca:c0:4c:51:c4:
d2:f3:cd:95:af:aa:7e:e0:61:20:8b:fb:d8:69:84:
a1:05:2e:4c:71:69:2c:aa:47:59:75:5a:d4:1c:a0:
49:3c:76:62:6d:bb:af:89:5c:f7:bc:18:2a:60:c2:
c6:cf:2e:02:18:3a:99:bc:1d:f9:00:c9:03:60:d0:
8b:89:ac:c5:51:9a:b9:fb:eb:b7:83:bc:c4:d5:63:
27:88:89:72:21:ce:5d:82:c9:86:8d:45:07:85:f1:
7e:cf:6b:9c:87:57:dd:de:89:79:33:81:58:2e:f6:
b4:dd:d9:ce:46:74:bb:7e:56:a9:2b:4a:3a:6d:b3:
a3:c9:b0:a8:9c:d4:d9:d8:16:a3:31:49:22:ac:72:
b2:cb:36:99:e2:6f:35:fe:43:97:1a:68:67:a2:72:
e2:ed:31:94:df:89:aa:ba:fb:38:54:70:78:e3:4e:
6b:c1:37:b1:f2:8f:20:aa:a1:c2:6b:45:99:e5:4a:
31:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:FF:D9:B8:9E:0E:A7:01:13:CA:C7:D4:B9:A1:BD:27:45:90:F0:B5
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/sf_ZuJ4OpwETysfUuaG9J0WQ8LU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.138.122.0-195.138.127.255
Signature Algorithm: sha256WithRSAEncryption
47:58:3b:17:4b:8b:f4:18:52:28:e5:7f:d6:42:d3:c5:dd:c8:
46:33:42:e1:5a:d1:30:bb:2b:c9:98:fc:62:30:1e:8d:2a:e5:
58:0d:76:c3:a9:db:5d:9a:f1:ff:be:fa:1c:74:72:87:8a:13:
a6:ba:60:8f:41:df:e0:7a:73:a0:d0:c7:8c:66:2c:56:5f:52:
7a:d9:73:50:22:30:13:0c:d5:ee:a8:c9:33:8e:6b:2e:4f:5c:
d9:ef:e0:08:16:e7:f0:ce:a1:7e:ff:4f:5e:59:fd:c2:f9:cc:
dc:37:af:5f:54:b8:9d:42:c3:19:73:8b:dd:19:9d:4d:22:f8:
31:a3:a3:45:a9:80:e4:22:80:38:41:1d:83:b9:69:c2:49:44:
38:42:c4:98:4f:e0:03:74:ed:8f:91:17:12:8c:96:80:cc:65:
86:0f:69:9c:8d:0a:02:8c:4f:01:3b:4f:d5:87:b1:7b:0c:fb:
f9:b0:91:cf:78:90:3c:fe:78:7b:b4:d7:f5:8f:46:3b:3a:1d:
45:e3:dc:a5:fd:c0:48:4a:c7:a4:ee:43:3e:41:e1:c3:a9:a6:
97:5d:91:32:07:9b:84:e1:c4:ae:3f:27:cd:21:a5:f1:85:73:
5f:9d:b6:85:08:e9:a8:ef:6b:97:3b:9b:b1:6f:eb:6d:77:1d:
5d:13:38:a0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYfILiyGNSn9QqZd7Yb2mUyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwNDI4MTQwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWZmZDliODllMGVhNzAxMTNjYWM3ZDRiOWExYmQyNzQ1OTBmMGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5thhwg6Z3RQ+PwKbyX+KUtbi/BO
xohV9HCW66A+WXpLYVwsB36VBoU+Dq5M2touBCDK32EBizqRKLFWQdEWzRh3SATI
ysBMUcTS882Vr6p+4GEgi/vYaYShBS5McWksqkdZdVrUHKBJPHZibbuviVz3vBgq
YMLGzy4CGDqZvB35AMkDYNCLiazFUZq5++u3g7zE1WMniIlyIc5dgsmGjUUHhfF+
z2uch1fd3ol5M4FYLva03dnORnS7flapK0o6bbOjybConNTZ2BajMUkirHKyyzaZ
4m81/kOXGmhnonLi7TGU34mquvs4VHB4405rwTex8o8gqqHCa0WZ5UoxcwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLH/2bieDqcBE8rH1LmhvSdFkPC1MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvc2ZfWnVKNE9wd0VUeXNmVXVhRzlKMFdROExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHDinoD
BAfDigAwDQYJKoZIhvcNAQELBQADggEBAEdYOxdLi/QYUijlf9ZC08XdyEYzQuFa
0TC7K8mY/GIwHo0q5VgNdsOp212a8f+++hx0coeKE6a6YI9B3+B6c6DQx4xmLFZf
UnrZc1AiMBMM1e6oyTOOay5PXNnv4AgW5/DOoX7/T15Z/cL5zNw3r19UuJ1Cwxlz
i90ZnU0i+DGjo0WpgOQigDhBHYO5acJJRDhCxJhP4AN07Y+RFxKMloDMZYYPaZyN
CgKMTwE7T9WHsXsM+/mwkc94kDz+eHu01/WPRjs6HUXj3KX9wEhKx6TuQz5B4cOp
ppddkTIHm4ThxK4/J80hpfGFc1+dtoUI6ajva5c7m7Fv6213HV0TOKA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-fra.rpki-client.org