Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/SGqsSnfA7SdaR81stIaaAEdjutw.roa
File: SGqsSnfA7SdaR81stIaaAEdjutw.roa (raw, json)
Hash identifier: FFYGzqvOWiLVYSsbHb/XHZV8mOEXrnt8o+1MzFkRpvY=
Subject key identifier: 48:6A:AC:4A:77:C0:ED:27:5A:47:CD:6C:B4:86:9A:00:47:63:BA:DC
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 018CC86F842A3C6ADC27092CAC1F044525FF
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/SGqsSnfA7SdaR81stIaaAEdjutw.roa
Signing time: Tue 02 Jan 2024 04:30:00 +0000
ROA not before: Tue 02 Jan 2024 04:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8239
IP address blocks: 213.192.196.0/24 maxlen: 24
212.59.192.0/19 maxlen: 19
195.5.64.0/19 maxlen: 19
2001:ac0:c800::/44 maxlen: 44
Validation: Failed, certificate revoked on Wed 06 Mar 2024 09:39:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:84:2a:3c:6a:dc:27:09:2c:ac:1f:04:45:25:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Jan 2 04:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=486aac4a77c0ed275a47cd6cb4869a004763badc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:24:d8:4d:79:c2:d5:9d:3f:0c:17:0b:27:4d:
3e:31:24:75:a1:82:9d:3c:d2:a6:26:56:16:40:c0:
2f:1a:9e:60:0f:45:ba:2d:31:02:62:5f:d5:71:f9:
bd:6f:88:e3:e5:29:d4:18:2f:0a:4e:9d:f3:37:1f:
00:de:65:1e:a5:b0:7d:a4:5b:74:f3:44:92:fd:f0:
c0:86:96:34:5a:a8:99:96:e2:99:33:7a:cf:4f:39:
30:b9:31:38:bc:5e:99:43:ac:51:06:50:10:6f:b8:
19:52:fa:2d:d8:35:ca:61:fc:72:d2:79:06:07:c9:
81:72:e8:fa:d5:f1:68:ae:cf:a7:98:38:e5:c8:61:
20:2c:0b:0a:8e:30:4d:02:f4:2e:7b:66:d5:12:3b:
1d:eb:33:1b:f3:ef:a2:05:68:40:f6:58:8a:a3:45:
a3:72:16:f0:19:50:03:92:67:3b:e1:a8:c2:e8:ea:
fb:b2:a0:75:4d:1d:75:3b:6e:ff:86:8e:6a:2d:29:
7a:0d:e5:a2:41:66:51:09:cc:dc:0d:ed:5f:55:e4:
c1:86:e7:92:3c:ca:d4:67:0a:34:8e:0d:79:44:4e:
65:51:86:bd:09:6f:63:9e:4d:7f:f3:1a:b6:86:25:
43:62:18:fb:8d:c3:df:f1:e7:70:62:48:32:83:8a:
f6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:6A:AC:4A:77:C0:ED:27:5A:47:CD:6C:B4:86:9A:00:47:63:BA:DC
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/SGqsSnfA7SdaR81stIaaAEdjutw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.64.0/19
212.59.192.0/19
213.192.196.0/24
IPv6:
2001:ac0:c800::/44
Signature Algorithm: sha256WithRSAEncryption
ac:9f:9e:5c:9f:d3:b3:69:8c:a2:92:fb:59:7d:d0:05:48:34:
e9:37:50:0f:78:d1:a8:29:10:36:1b:12:fb:57:cf:2a:dc:af:
bf:e4:01:ec:9b:60:d9:ea:68:f2:9c:e8:2e:a9:b7:1f:d5:a8:
87:5b:5f:12:50:f5:d2:07:1a:ad:12:77:9b:69:0e:18:2f:56:
e6:5e:85:86:06:7a:9e:3b:45:61:ba:b2:e3:a3:9b:d5:b9:99:
42:71:98:cc:1e:e2:d0:2e:07:1e:38:94:57:4e:bc:68:ff:7a:
5b:50:ed:83:97:cf:01:c4:d2:75:47:be:5c:37:3e:93:eb:cf:
62:19:60:53:e9:08:6f:a7:6b:87:b7:2b:f0:5f:93:5e:33:89:
61:ca:37:57:cf:3d:9b:68:93:cf:3d:87:47:52:88:69:82:fb:
6d:cd:07:8a:81:69:f1:b5:8b:dd:67:bd:c8:29:96:e5:5a:f0:
21:3a:8c:74:20:2b:20:ab:35:c0:7b:ce:a5:fc:73:df:9f:b2:
87:ea:b5:91:6b:0e:a9:20:71:27:81:a3:6a:94:8c:ea:61:2a:
eb:f3:3b:df:ff:b1:aa:8e:fc:85:d9:b1:5e:9a:cd:cb:d0:06:
c2:c3:5d:b7:be:84:a6:ba:31:51:23:3e:70:11:1e:e8:1d:93:
05:8a:34:4a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzIb4QqPGrcJwksrB8ERSX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjQwMTAyMDQzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODZhYWM0YTc3YzBlZDI3NWE0N2NkNmNiNDg2OWEwMDQ3NjNiYWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSTYTXnC1Z0/DBcLJ00+MSR1oYKd
PNKmJlYWQMAvGp5gD0W6LTECYl/Vcfm9b4jj5SnUGC8KTp3zNx8A3mUepbB9pFt0
80SS/fDAhpY0WqiZluKZM3rPTzkwuTE4vF6ZQ6xRBlAQb7gZUvot2DXKYfxy0nkG
B8mBcuj61fFors+nmDjlyGEgLAsKjjBNAvQue2bVEjsd6zMb8++iBWhA9liKo0Wj
chbwGVADkmc74ajC6Or7sqB1TR11O27/ho5qLSl6DeWiQWZRCczcDe1fVeTBhueS
PMrUZwo0jg15RE5lUYa9CW9jnk1/8xq2hiVDYhj7jcPf8edwYkgyg4r26wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEhqrEp3wO0nWkfNbLSGmgBHY7rcMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvU0dxc1NuZkE3U2RhUjgxc3RJYWFBRWRqdXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQFwwVAAwQF
1DvAAwQA1cDEMA8EAgACMAkDBwQgAQrAyAAwDQYJKoZIhvcNAQELBQADggEBAKyf
nlyf07NpjKKS+1l90AVINOk3UA940agpEDYbEvtXzyrcr7/kAeybYNnqaPKc6C6p
tx/VqIdbXxJQ9dIHGq0Sd5tpDhgvVuZehYYGep47RWG6suOjm9W5mUJxmMwe4tAu
Bx44lFdOvGj/eltQ7YOXzwHE0nVHvlw3PpPrz2IZYFPpCG+na4e3K/Bfk14ziWHK
N1fPPZtok889h0dSiGmC+23NB4qBafG1i91nvcgpluVa8CE6jHQgKyCrNcB7zqX8
c9+fsofqtZFrDqkgcSeBo2qUjOphKuvzO9//saqO/IXZsV6azcvQBsLDXbe+hKa6
MVEjPnARHugdkwWKNEo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:57 2024 by rpki-client on console-ams.rpki-client.org