Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/SgBgOLX0vwAkT4BmEIf_P8Zcn_g.roa
File: SgBgOLX0vwAkT4BmEIf_P8Zcn_g.roa (raw, json)
Hash identifier: V7sP9/q1jAyG9WSwVH1PuvF42K6n51HD1vntXBwLmdQ=
Subject key identifier: 4A:00:60:38:B5:F4:BF:00:24:4F:80:66:10:87:FF:3F:C6:5C:9F:F8
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018571F0F48083736102B52C59E60EDD48FF
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/SgBgOLX0vwAkT4BmEIf_P8Zcn_g.roa
Signing time: Mon 02 Jan 2023 10:04:54 +0000
ROA not before: Mon 02 Jan 2023 10:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42947
IP address blocks: 88.148.8.0/23 maxlen: 23
84.232.66.0/23 maxlen: 23
84.232.68.0/24 maxlen: 24
84.232.94.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:f4:80:83:73:61:02:b5:2c:59:e6:0e:dd:48:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 10:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a006038b5f4bf00244f80661087ff3fc65c9ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:5d:02:23:03:11:02:16:90:17:6a:0c:95:fe:
7c:8b:50:f5:a1:bd:b6:a5:9a:15:7e:bd:ea:ae:90:
4c:93:77:83:f3:63:65:ff:19:4a:1b:e8:33:73:30:
9c:61:e6:32:71:3c:4c:1d:7a:b1:b0:ed:d7:c8:54:
55:44:47:27:5a:d0:74:1f:43:65:27:22:6c:e4:6d:
e2:2d:1c:03:bc:b4:fb:bb:42:62:2c:ef:e3:7b:32:
9f:fb:0c:91:2e:10:91:8d:06:4b:d1:7e:7c:97:e3:
53:58:ad:10:a9:cd:b9:cb:47:b0:a6:30:75:09:5a:
62:83:dd:dd:76:83:f1:23:4d:cc:d9:b6:c8:6d:15:
16:f8:19:82:b8:da:cb:b8:11:66:c0:16:21:21:15:
f9:71:28:ce:d1:ec:ef:9b:01:72:12:fd:ab:fb:d1:
a4:b0:3a:c2:59:2c:09:26:e7:47:c9:c7:23:4d:b7:
ae:92:46:be:6c:e9:3a:36:9e:b4:38:a6:b5:91:ed:
9b:95:88:27:09:2d:f1:57:10:27:86:d0:72:ea:a1:
a3:f7:18:8b:12:3a:46:3b:2e:52:b2:89:2d:93:36:
c6:d7:dc:f6:65:ad:27:4b:5b:3f:e0:df:ed:66:3a:
cc:3b:97:e0:6b:31:43:98:f7:5f:b8:8d:5b:69:97:
d3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:00:60:38:B5:F4:BF:00:24:4F:80:66:10:87:FF:3F:C6:5C:9F:F8
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/SgBgOLX0vwAkT4BmEIf_P8Zcn_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.66.0-84.232.68.255
84.232.94.0/24
88.148.8.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:f1:94:45:bb:8e:35:3e:eb:32:a8:2f:c1:e7:c2:33:d6:0b:
b0:46:b0:59:32:ce:9a:cb:ef:bb:b1:2c:5f:05:63:eb:06:3f:
86:e5:21:e6:fe:dc:ef:33:db:cb:18:44:86:ea:56:a4:aa:7e:
55:6c:bd:e9:64:2d:54:16:df:55:d3:c9:3f:12:17:21:40:93:
b6:93:8d:2e:f0:a8:56:e6:ea:ce:e0:a3:c4:9e:a7:68:28:0a:
50:dc:93:ef:de:81:c3:b9:e2:44:02:2f:96:62:01:1e:29:da:
01:09:02:23:a9:a9:d7:f2:ea:c8:0c:36:01:b9:67:a1:9c:65:
82:0e:49:37:63:76:f2:cf:c8:b1:8a:d0:2a:80:87:65:5a:79:
3f:62:f3:4a:bd:6a:73:fe:7a:ec:67:fb:28:0a:65:a0:60:72:
ed:48:0c:8b:a7:60:05:c2:f1:f6:25:86:6d:ec:2a:6c:f6:bb:
ea:2c:31:b7:a7:51:ad:c0:de:7a:ed:e8:f2:d0:01:9d:1b:0b:
58:58:ee:0a:8d:8c:48:a2:b2:2d:f3:57:98:ce:a8:96:c0:4c:
93:1c:d2:a4:f4:77:b2:79:09:98:f5:91:8f:ef:9c:f9:f6:98:
17:11:a3:cb:f7:45:88:9e:cb:2b:b6:29:6b:50:3e:b3:b0:2e:
db:75:08:6b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVx8PSAg3NhArUsWeYO3Uj/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAyMTAwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTAwNjAzOGI1ZjRiZjAwMjQ0ZjgwNjYxMDg3ZmYzZmM2NWM5ZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhV0CIwMRAhaQF2oMlf58i1D1ob22
pZoVfr3qrpBMk3eD82Nl/xlKG+gzczCcYeYycTxMHXqxsO3XyFRVREcnWtB0H0Nl
JyJs5G3iLRwDvLT7u0JiLO/jezKf+wyRLhCRjQZL0X58l+NTWK0Qqc25y0ewpjB1
CVpig93ddoPxI03M2bbIbRUW+BmCuNrLuBFmwBYhIRX5cSjO0ezvmwFyEv2r+9Gk
sDrCWSwJJudHyccjTbeukka+bOk6Np60OKa1ke2blYgnCS3xVxAnhtBy6qGj9xiL
EjpGOy5SsoktkzbG19z2Za0nS1s/4N/tZjrMO5fgazFDmPdfuI1baZfTuQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEoAYDi19L8AJE+AZhCH/z/GXJ/4MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvU2dCZ09MWDB2d0FrVDRCbUVJZl9QOFpjbl9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFU6EID
BABU6EQDBABU6F4DBAFYlAgwDQYJKoZIhvcNAQELBQADggEBAEvxlEW7jjU+6zKo
L8HnwjPWC7BGsFkyzprL77uxLF8FY+sGP4blIeb+3O8z28sYRIbqVqSqflVsvelk
LVQW31XTyT8SFyFAk7aTjS7wqFbm6s7go8Sep2goClDck+/egcO54kQCL5ZiAR4p
2gEJAiOpqdfy6sgMNgG5Z6GcZYIOSTdjdvLPyLGK0CqAh2VaeT9i80q9anP+euxn
+ygKZaBgcu1IDIunYAXC8fYlhm3sKmz2u+osMbenUa3A3nrt6PLQAZ0bC1hY7gqN
jEiisi3zV5jOqJbATJMc0qT0d7J5CZj1kY/vnPn2mBcRo8v3RYieyyu2KWtQPrOw
Ltt1CGs=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:46 2024 by rpki-client on console-ams.rpki-client.org