Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/szQGljsAsJwBRLugiBv4_CrnmTo.roa
File: szQGljsAsJwBRLugiBv4_CrnmTo.roa (raw, json)
Hash identifier: Nrp4ZXi7+/WytDDnlHC8D1kpEcQN6CCjzq0g2GwnAd4=
Subject key identifier: B3:34:06:96:3B:00:B0:9C:01:44:BB:A0:88:1B:F8:FC:2A:E7:99:3A
Certificate issuer: /CN=7e65dab23940cb394f9aaa664fea4d6f8f42e318
Certificate serial: 0188F3D92D10992D75E6DFBA9E54A18B2F6E
Authority key identifier: 7E:65:DA:B2:39:40:CB:39:4F:9A:AA:66:4F:EA:4D:6F:8F:42:E3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/szQGljsAsJwBRLugiBv4_CrnmTo.roa
Signing time: Sun 25 Jun 2023 18:37:56 +0000
ROA not before: Sun 25 Jun 2023 18:37:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43541
IP address blocks: 185.64.216.0/22 maxlen: 22
185.59.208.0/22 maxlen: 22
93.185.96.0/20 maxlen: 20
46.243.48.0/24 maxlen: 24
46.243.48.0/21 maxlen: 21
185.14.252.0/22 maxlen: 22
46.243.55.0/24 maxlen: 24
217.16.176.0/20 maxlen: 20
178.251.184.0/21 maxlen: 21
78.24.8.0/21 maxlen: 21
185.115.2.0/24 maxlen: 24
185.115.1.0/24 maxlen: 24
2a02:5420:627::/48 maxlen: 48
2a00:1ed0::/32 maxlen: 32
2a00:1ed1::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 11 Jul 2023 17:20:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f3:d9:2d:10:99:2d:75:e6:df:ba:9e:54:a1:8b:2f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e65dab23940cb394f9aaa664fea4d6f8f42e318
Validity
Not Before: Jun 25 18:37:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b33406963b00b09c0144bba0881bf8fc2ae7993a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5e:a9:6b:74:26:08:37:60:6f:98:02:b2:51:
61:5e:db:16:b2:28:5e:e3:e6:9d:db:27:bb:dc:2c:
dc:1a:fb:4e:bb:77:0a:fe:2a:83:4e:93:0e:dd:bb:
b5:29:02:25:3c:74:a3:e9:05:82:4e:c0:c8:bf:00:
eb:d0:98:bb:5a:e3:d7:6b:b4:2a:88:7f:24:5a:95:
a9:d5:5f:1c:13:ba:7f:35:8e:ea:97:18:10:c2:a7:
a4:d3:98:2d:6a:26:e2:14:d0:ea:1f:0c:5c:ec:36:
d2:70:db:bc:77:76:a1:4f:7a:83:a0:21:65:e0:0f:
78:88:bf:97:3a:44:b2:33:50:d1:95:60:2f:ab:c4:
10:ac:21:db:43:32:99:8b:f6:e9:8a:11:91:af:79:
bb:02:29:c4:cc:a3:9b:23:56:c7:a7:ad:dc:8f:5e:
46:91:a2:13:46:78:9a:fe:63:35:17:17:85:d0:1f:
b7:4c:fd:58:07:8d:59:c5:62:67:5e:e0:3d:ae:a2:
50:c9:a9:3f:98:f0:84:2e:cc:74:2f:23:ae:19:fd:
3d:84:42:34:d2:d3:0a:cf:9e:57:e7:6d:2a:0c:84:
3d:cc:e1:e9:52:60:d5:35:e3:7e:6d:1a:0c:88:6c:
48:48:ff:da:f3:42:80:45:39:0e:f8:67:7b:e5:16:
dd:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:34:06:96:3B:00:B0:9C:01:44:BB:A0:88:1B:F8:FC:2A:E7:99:3A
X509v3 Authority Key Identifier:
keyid:7E:65:DA:B2:39:40:CB:39:4F:9A:AA:66:4F:EA:4D:6F:8F:42:E3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/szQGljsAsJwBRLugiBv4_CrnmTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/fmXasjlAyzlPmqpmT-pNb49C4xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.48.0/21
78.24.8.0/21
93.185.96.0/20
178.251.184.0/21
185.14.252.0/22
185.59.208.0/22
185.64.216.0/22
185.115.1.0-185.115.2.255
217.16.176.0/20
IPv6:
2a00:1ed0::/31
2a02:5420:627::/48
Signature Algorithm: sha256WithRSAEncryption
22:39:9b:62:01:c1:ec:cd:09:d1:58:a2:c5:89:7c:e0:8e:48:
7f:d1:57:2b:5a:de:e8:d9:23:74:96:c6:84:d8:d6:86:0b:cb:
5a:80:8a:49:04:4c:6a:df:c6:d1:c4:43:b1:79:2d:a4:51:68:
cc:f8:d7:87:b7:19:a6:d6:70:54:84:c3:db:0e:10:17:b2:85:
be:82:a3:ee:57:5e:85:e5:af:c7:f1:88:c4:7a:f9:d3:57:c5:
24:24:74:1f:e8:f4:6f:15:02:ee:a4:5b:5c:f3:cc:41:dc:e1:
ef:f6:8d:d1:b2:9c:07:51:fb:a4:b3:bf:c4:f9:45:cc:9a:6c:
23:e0:ac:9c:ab:1c:48:be:a5:a1:74:89:a1:54:97:f7:90:98:
6c:26:ce:27:8f:a3:0f:da:9f:4e:d9:a5:dd:76:b9:6a:67:d2:
90:ba:15:39:dc:92:67:3b:69:9e:4e:8f:5b:46:3e:8e:d8:ca:
aa:36:ae:d0:e6:c9:96:d2:d0:e5:98:03:24:35:68:6d:01:b8:
0b:e1:9d:e6:2d:18:81:a7:b4:f0:41:ef:5b:c3:d2:c4:4d:16:
a5:45:28:2b:0a:e7:9a:a0:6b:af:a3:38:98:4e:07:02:09:48:
81:4c:2b:36:b6:76:2e:73:a0:06:64:1b:b6:30:25:d9:62:e2:
57:00:49:31
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYjz2S0QmS115t+6nlShiy9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNjVkYWIyMzk0MGNiMzk0ZjlhYWE2NjRmZWE0ZDZmOGY0
MmUzMTgwHhcNMjMwNjI1MTgzNzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzM0MDY5NjNiMDBiMDljMDE0NGJiYTA4ODFiZjhmYzJhZTc5OTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy16pa3QmCDdgb5gCslFhXtsWsihe
4+ad2ye73CzcGvtOu3cK/iqDTpMO3bu1KQIlPHSj6QWCTsDIvwDr0Ji7WuPXa7Qq
iH8kWpWp1V8cE7p/NY7qlxgQwqek05gtaibiFNDqHwxc7DbScNu8d3ahT3qDoCFl
4A94iL+XOkSyM1DRlWAvq8QQrCHbQzKZi/bpihGRr3m7AinEzKObI1bHp63cj15G
kaITRnia/mM1FxeF0B+3TP1YB41ZxWJnXuA9rqJQyak/mPCELsx0LyOuGf09hEI0
0tMKz55X520qDIQ9zOHpUmDVNeN+bRoMiGxISP/a80KARTkO+Gd75Rbd6QIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFLM0BpY7ALCcAUS7oIgb+Pwq55k6MB8GA1UdIwQY
MBaAFH5l2rI5QMs5T5qqZk/qTW+PQuMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZm1YYXNqbEF5emxQbXFwbVQtcE5iNDlDNHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81OGViYjEtZGJlYy00N2Y5LWJiOTYt
ODQ5Y2ZjYWJiNjU3LzEvc3pRR2xqc0FzSndCUkx1Z2lCdjRfQ3JubVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC81OGViYjEtZGJlYy00N2Y5LWJiOTYtODQ5Y2ZjYWJiNjU3
LzEvZm1YYXNqbEF5emxQbXFwbVQtcE5iNDlDNHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBEBAIAATA+AwQDLvMwAwQD
ThgIAwQEXblgAwQDsvu4AwQCuQ78AwQCuTvQAwQCuUDYMAwDBAC5cwEDBAC5cwID
BATZELAwFgQCAAIwEAMFASoAHtADBwAqAlQgBicwDQYJKoZIhvcNAQELBQADggEB
ACI5m2IBwezNCdFYosWJfOCOSH/RVyta3ujZI3SWxoTY1oYLy1qAikkETGrfxtHE
Q7F5LaRRaMz414e3GabWcFSEw9sOEBeyhb6Co+5XXoXlr8fxiMR6+dNXxSQkdB/o
9G8VAu6kW1zzzEHc4e/2jdGynAdR+6Szv8T5RcyabCPgrJyrHEi+paF0iaFUl/eQ
mGwmziePow/an07Zpd12uWpn0pC6FTnckmc7aZ5Oj1tGPo7Yyqo2rtDmyZbS0OWY
AyQ1aG0BuAvhneYtGIGntPBB71vD0sRNFqVFKCsK55qga6+jOJhOBwIJSIFMKza2
di5zoAZkG7YwJdli4lcASTE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:48 2024 by rpki-client on console-fra.rpki-client.org