Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/sstASyUC0PATPMFND85RcunS5Xs.roa
File: sstASyUC0PATPMFND85RcunS5Xs.roa (raw, json)
Hash identifier: O9lTq4A9NoBe9SInXkGwpqc0tWP17HGHVF/LqmqVKqg=
Subject key identifier: B2:CB:40:4B:25:02:D0:F0:13:3C:C1:4D:0F:CE:51:72:E9:D2:E5:7B
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7B8EBC5492862F8A6EA8B9153F386
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/sstASyUC0PATPMFND85RcunS5Xs.roa
Signing time: Mon 02 Jan 2023 08:44:55 +0000
ROA not before: Mon 02 Jan 2023 08:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206654
IP address blocks: 194.180.238.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
2a0f:fa00::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 27 Jan 2023 10:43:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:b8:eb:c5:49:28:62:f8:a6:ea:8b:91:53:f3:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2cb404b2502d0f0133cc14d0fce5172e9d2e57b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:1c:17:93:4a:b5:2e:dc:cd:af:6d:22:42:c9:
00:43:59:16:ff:be:99:a4:50:b0:85:07:a7:75:82:
5d:e8:d7:75:be:b1:db:e2:76:9d:34:60:e6:a9:ed:
be:71:08:06:f0:13:19:10:c9:aa:ba:af:92:a6:a9:
67:76:8f:3f:7c:93:50:b0:3c:df:0e:38:e7:1e:ee:
f3:6a:e0:f0:91:63:82:da:8e:5b:63:9f:82:fe:ae:
6b:61:6f:50:42:e0:79:2f:d1:b9:3b:b7:1f:4b:6b:
74:cb:58:95:94:61:3b:55:be:37:c5:e9:fe:92:81:
df:91:88:9d:23:63:a6:38:d6:20:44:6f:54:7a:e9:
45:d6:7c:db:c5:23:37:0e:f6:27:ec:25:56:d9:4e:
28:c2:be:6b:a1:a3:78:68:07:9d:0a:48:0f:59:85:
ec:02:12:99:cc:99:ee:4a:e6:51:5e:de:83:5b:00:
7a:56:8d:4d:be:b7:78:8f:97:71:d1:7b:10:05:2d:
27:3a:90:87:f5:e6:fc:90:d7:38:bd:32:c6:84:e2:
93:84:86:6e:fa:4e:0c:a8:07:69:94:2b:6a:da:77:
fc:63:74:d9:8f:13:83:f2:1c:b5:e6:4d:25:70:d6:
ec:ff:48:28:08:6b:09:39:12:34:c0:cf:5b:24:a9:
39:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:CB:40:4B:25:02:D0:F0:13:3C:C1:4D:0F:CE:51:72:E9:D2:E5:7B
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/sstASyUC0PATPMFND85RcunS5Xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.238.0/24
194.213.10.0/24
IPv6:
2a0f:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
10:4a:99:18:c6:68:32:2a:0a:91:99:7a:fb:90:00:77:f0:d3:
99:bd:45:42:2e:4f:95:26:8c:58:e6:81:a9:c3:27:81:3a:1c:
3f:a6:e7:33:76:2b:17:3d:4b:20:cb:73:d5:9d:9e:e9:15:b4:
35:7a:51:5d:c0:ed:16:08:dd:d7:b7:92:d1:c3:1f:31:9a:27:
f7:32:2d:20:64:14:71:a1:34:b6:9b:4e:53:14:0c:ca:29:b6:
53:3a:b4:b4:62:34:43:28:94:7d:99:bc:fc:b0:6f:e7:77:0a:
bd:eb:18:46:de:19:b8:44:ba:68:a4:20:67:00:5f:53:3a:0a:
cf:b8:8f:34:f3:54:c9:8c:41:f5:59:8e:9f:86:21:a4:17:02:
8c:2e:54:1e:e3:16:13:13:da:db:67:ad:fa:a7:42:2d:eb:db:
05:74:1e:d8:f6:f3:0b:e2:7c:ea:04:0f:18:94:69:9b:2f:4a:
aa:3c:e0:52:43:ed:a9:a5:7d:d4:51:15:33:28:a2:1e:b6:fd:
06:8b:eb:cc:6e:5c:b1:b7:87:4c:66:c1:92:4f:cf:a7:f3:ae:
68:20:8c:37:9d:25:9b:98:c7:d2:99:59:04:bb:1c:ca:57:96:
0a:32:5c:ce:fd:c4:3b:ef:4d:bb:3e:62:6a:c8:8e:db:2c:49:
1a:db:23:32
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxp7jrxUkoYvim6ouRU/OGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmNiNDA0YjI1MDJkMGYwMTMzY2MxNGQwZmNlNTE3MmU5ZDJlNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RwXk0q1LtzNr20iQskAQ1kW/76Z
pFCwhQendYJd6Nd1vrHb4nadNGDmqe2+cQgG8BMZEMmquq+Spqlndo8/fJNQsDzf
DjjnHu7zauDwkWOC2o5bY5+C/q5rYW9QQuB5L9G5O7cfS2t0y1iVlGE7Vb43xen+
koHfkYidI2OmONYgRG9UeulF1nzbxSM3DvYn7CVW2U4owr5roaN4aAedCkgPWYXs
AhKZzJnuSuZRXt6DWwB6Vo1Nvrd4j5dx0XsQBS0nOpCH9eb8kNc4vTLGhOKThIZu
+k4MqAdplCtq2nf8Y3TZjxOD8hy15k0lcNbs/0goCGsJORI0wM9bJKk5SwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLLLQEslAtDwEzzBTQ/OUXLp0uV7MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvc3N0QVN5VUMwUEFUUE1GTkQ4NVJjdW5TNVhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwrTuAwQA
wtUKMA0EAgACMAcDBQMqD/oAMA0GCSqGSIb3DQEBCwUAA4IBAQAQSpkYxmgyKgqR
mXr7kAB38NOZvUVCLk+VJoxY5oGpwyeBOhw/puczdisXPUsgy3PVnZ7pFbQ1elFd
wO0WCN3Xt5LRwx8xmif3Mi0gZBRxoTS2m05TFAzKKbZTOrS0YjRDKJR9mbz8sG/n
dwq96xhG3hm4RLpopCBnAF9TOgrPuI8081TJjEH1WY6fhiGkFwKMLlQe4xYTE9rb
Z636p0It69sFdB7Y9vML4nzqBA8YlGmbL0qqPOBSQ+2ppX3UURUzKKIetv0Gi+vM
blyxt4dMZsGST8+n865oIIw3nSWbmMfSmVkEuxzKV5YKMlzO/cQ77027PmJqyI7b
LEka2yMy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org