Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/SNg5Yp0vb0NCtjL-FdrPr3GkdzM.roa
File: SNg5Yp0vb0NCtjL-FdrPr3GkdzM.roa (raw, json)
Hash identifier: whZX/oQB41pdyyVDc3JtKovgsMGFb0PEGJroLOESYbs=
Subject key identifier: 48:D8:39:62:9D:2F:6F:43:42:B6:32:FE:15:DA:CF:AF:71:A4:77:33
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01874D56EB4D590BC87970424D0DD699D8B5
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/SNg5Yp0vb0NCtjL-FdrPr3GkdzM.roa
Signing time: Tue 04 Apr 2023 17:35:54 +0000
ROA not before: Tue 04 Apr 2023 17:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3561
IP address blocks: 77.36.112.0/21 maxlen: 24
93.120.96.0/22 maxlen: 22
46.151.36.0/22 maxlen: 24
188.191.252.0/22 maxlen: 24
77.36.68.0/22 maxlen: 24
91.237.44.0/22 maxlen: 24
194.33.102.0/23 maxlen: 24
194.33.100.0/23 maxlen: 24
194.33.100.0/22 maxlen: 24
81.161.4.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4d:56:eb:4d:59:0b:c8:79:70:42:4d:0d:d6:99:d8:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Apr 4 17:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48d839629d2f6f4342b632fe15dacfaf71a47733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:36:0b:30:ba:76:93:83:d8:ce:44:75:f9:86:
2d:21:02:c3:f9:a8:85:64:f6:34:20:a8:02:eb:8e:
fe:c4:4f:63:20:49:10:39:ef:32:48:ea:c9:a2:5f:
ca:ef:15:10:99:18:48:80:5a:4f:f1:22:ca:a0:f6:
0c:7e:8e:d8:b4:a1:0a:39:b5:d3:1f:ed:0e:a2:22:
23:9a:b3:00:04:85:b9:81:4e:58:a1:9b:7e:18:2a:
b2:83:55:8b:19:60:3d:01:59:1d:60:91:3c:ba:d6:
5e:7f:25:12:59:f9:a7:f5:f1:de:61:b6:4e:6d:d4:
a3:3e:08:1e:23:a4:93:e0:5c:1f:cd:e8:92:08:39:
08:8e:51:9b:18:70:83:c0:f7:11:e6:95:10:5f:28:
1b:22:ed:be:b2:99:89:57:98:63:c2:ad:34:67:80:
72:d9:d0:e8:1d:3d:de:7e:1a:8e:05:06:ee:1b:a0:
04:82:52:70:7a:dc:d8:39:c4:63:23:ef:88:b7:d0:
67:ac:0a:b7:ec:b8:9a:14:15:99:60:d9:33:9b:85:
e0:4b:33:77:4f:40:a9:f6:32:47:62:66:5a:cb:69:
a4:40:2e:a5:a2:a3:24:2c:2e:91:51:c9:6c:eb:93:
88:a0:59:2e:91:58:70:89:94:74:5e:36:07:03:be:
eb:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:D8:39:62:9D:2F:6F:43:42:B6:32:FE:15:DA:CF:AF:71:A4:77:33
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/SNg5Yp0vb0NCtjL-FdrPr3GkdzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.36.0/22
77.36.68.0/22
77.36.112.0/21
81.161.4.0/22
91.237.44.0/22
93.120.96.0/22
188.191.252.0/22
194.33.100.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:b5:d5:f4:2a:4a:a9:52:39:e5:4d:35:35:2c:39:ea:94:8c:
75:50:d8:63:bf:70:32:f1:bf:e4:a6:41:7c:a3:ab:bb:bf:f4:
ab:47:8c:ec:5f:1e:b9:a1:03:6d:29:78:7d:c4:d0:1c:0d:e8:
d9:e4:eb:8b:80:1c:34:15:b4:44:c4:91:4a:d0:a6:a1:3e:a4:
e3:ce:e4:31:a7:aa:b4:e7:02:e0:64:48:71:66:23:ae:d2:3f:
12:d8:e1:2e:77:18:93:f1:71:b2:45:31:fa:f3:6a:bb:01:c3:
61:78:55:8a:3a:ff:ce:ec:fb:4c:75:18:ad:80:14:37:13:4f:
e6:95:27:45:65:2d:9f:93:17:9e:16:35:1b:9d:17:80:70:92:
9b:4a:b0:32:e9:4d:bf:5a:38:ef:24:34:70:42:9f:56:e5:ef:
d7:48:7c:81:a7:d8:fb:5b:16:6f:db:89:cf:7f:77:b0:b9:c9:
20:0f:6a:c9:38:db:49:c2:49:cb:40:49:d4:66:fe:1d:ec:fd:
07:95:c9:6f:3b:f3:4a:cd:17:15:44:5d:ce:60:45:3d:95:49:
90:1e:5a:ef:82:dd:8b:d1:d3:48:e6:54:94:b6:a0:a1:71:36:
f3:79:0a:14:c2:a0:9c:af:7d:7a:3a:fd:cb:d0:84:43:f9:14:
c8:46:e1:a2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYdNVutNWQvIeXBCTQ3Wmdi1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNDA0MTczNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGQ4Mzk2MjlkMmY2ZjQzNDJiNjMyZmUxNWRhY2ZhZjcxYTQ3NzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDYLMLp2k4PYzkR1+YYtIQLD+aiF
ZPY0IKgC647+xE9jIEkQOe8ySOrJol/K7xUQmRhIgFpP8SLKoPYMfo7YtKEKObXT
H+0OoiIjmrMABIW5gU5YoZt+GCqyg1WLGWA9AVkdYJE8utZefyUSWfmn9fHeYbZO
bdSjPggeI6ST4FwfzeiSCDkIjlGbGHCDwPcR5pUQXygbIu2+spmJV5hjwq00Z4By
2dDoHT3efhqOBQbuG6AEglJwetzYOcRjI++It9BnrAq37LiaFBWZYNkzm4XgSzN3
T0Cp9jJHYmZay2mkQC6loqMkLC6RUcls65OIoFkukVhwiZR0XjYHA77r4wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEjYOWKdL29DQrYy/hXaz69xpHczMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvU05nNVlwMHZiME5DdGpMLUZkclByM0drZHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCLpckAwQC
TSREAwQDTSRwAwQCUaEEAwQCW+0sAwQCXXhgAwQCvL/8AwQCwiFkMA0GCSqGSIb3
DQEBCwUAA4IBAQAvtdX0KkqpUjnlTTU1LDnqlIx1UNhjv3Ay8b/kpkF8o6u7v/Sr
R4zsXx65oQNtKXh9xNAcDejZ5OuLgBw0FbRExJFK0KahPqTjzuQxp6q05wLgZEhx
ZiOu0j8S2OEudxiT8XGyRTH682q7AcNheFWKOv/O7PtMdRitgBQ3E0/mlSdFZS2f
kxeeFjUbnReAcJKbSrAy6U2/WjjvJDRwQp9W5e/XSHyBp9j7WxZv24nPf3ewuckg
D2rJONtJwknLQEnUZv4d7P0HlclvO/NKzRcVRF3OYEU9lUmQHlrvgt2L0dNI5lSU
tqChcTbzeQoUwqCcr316Ov3L0IRD+RTIRuGi
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:55 2023 by rpki-client on console-fra.rpki-client.org