Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sxLIOwOkaaJFYIzaupwq9ZKYp8Q.roa
File: sxLIOwOkaaJFYIzaupwq9ZKYp8Q.roa (raw, json)
Hash identifier: DzEUQbHjOWCMe8gBkwi/2Y7qx+Hof3OEC3HyaA1x/NI=
Subject key identifier: B3:12:C8:3B:03:A4:69:A2:45:60:8C:DA:BA:9C:2A:F5:92:98:A7:C4
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018571F0F5B95010D34634BBC5D84C2000A3
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sxLIOwOkaaJFYIzaupwq9ZKYp8Q.roa
Signing time: Mon 02 Jan 2023 10:04:54 +0000
ROA not before: Mon 02 Jan 2023 10:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44717
IP address blocks: 78.136.66.0/23 maxlen: 23
151.237.204.0/23 maxlen: 23
93.119.30.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:f5:b9:50:10:d3:46:34:bb:c5:d8:4c:20:00:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 10:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b312c83b03a469a245608cdaba9c2af59298a7c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:85:ea:4f:15:3d:aa:58:35:de:88:25:00:ee:
01:ae:08:53:08:ba:18:ec:8a:ac:8d:a7:eb:cd:b2:
ae:bc:f2:5f:2f:8d:29:48:71:8a:06:d8:0e:47:7d:
7c:29:9f:ee:e7:1d:6a:4d:56:f5:46:df:a5:62:48:
a9:0d:7c:99:f0:80:f1:2d:2b:53:5c:3e:46:ee:9e:
ae:c4:69:c8:ad:30:bd:96:ad:1c:5f:e0:15:b1:82:
e7:02:b7:52:41:bb:36:78:64:6e:b9:06:7f:43:de:
5e:b8:6d:a3:3a:dd:be:3c:96:f6:7d:ec:a1:45:b2:
f6:c4:02:d2:a8:49:eb:0c:c9:f2:6f:96:a3:b9:58:
b7:09:c0:49:22:46:08:c4:83:da:e3:54:1d:16:ba:
6a:00:ff:e8:f9:18:79:eb:c1:8c:04:34:66:b1:a6:
fa:77:8d:f5:d6:85:ca:6e:e1:12:67:89:c3:39:7a:
9a:b1:18:e7:79:be:ad:35:d5:61:1a:84:35:38:f3:
dc:9e:72:63:aa:82:89:05:32:dd:60:77:fa:96:f2:
6e:6e:81:ec:f1:3e:7a:6b:99:b0:35:fb:0d:1c:05:
76:23:6f:ed:f9:5c:b5:88:6b:76:0b:88:5a:6d:cc:
a5:f3:34:2a:99:11:08:14:c9:4e:4a:49:af:c7:7d:
77:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:12:C8:3B:03:A4:69:A2:45:60:8C:DA:BA:9C:2A:F5:92:98:A7:C4
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sxLIOwOkaaJFYIzaupwq9ZKYp8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.66.0/23
93.119.30.0/23
151.237.204.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:b6:4c:d3:a2:20:da:05:72:30:f3:d0:ac:b3:37:6e:28:fd:
4e:15:d3:e0:49:60:5b:6e:e1:0e:54:b2:8e:49:b6:16:aa:bb:
28:30:08:f5:c0:fd:11:9a:fd:80:8d:72:b2:c5:14:ca:21:a5:
0d:a8:86:16:ec:91:a4:1f:28:89:1c:89:ad:78:5f:c0:65:36:
9e:97:0d:c2:c1:8b:93:f2:8e:cb:fb:34:da:67:ff:2e:55:79:
5b:b0:e5:3a:cf:d2:f3:23:e4:7a:03:af:c2:cb:61:ef:e5:35:
00:79:a6:15:4f:8d:de:e4:87:ab:3c:cf:ad:f1:48:a5:bd:2b:
43:6d:c7:8b:4c:ee:4a:0b:7f:8e:37:da:46:45:f4:4e:11:7b:
1c:7c:99:20:b7:69:c2:7c:99:57:bf:06:c0:96:00:7b:ce:94:
9e:c8:89:0a:85:70:73:39:2c:fb:38:14:ee:5d:58:43:53:da:
b3:e2:84:47:f9:75:14:f9:9b:4a:c8:24:9a:e9:01:a4:f5:a8:
1e:45:96:1d:e4:09:ec:c8:46:a7:35:c0:a8:0f:7e:33:a5:92:
68:c2:10:07:14:13:f6:a1:36:84:32:d2:71:e4:96:fc:81:64:
2f:b7:20:60:ff:7d:3f:b3:5b:f0:00:0c:84:06:9f:c0:58:79:
f5:27:fd:c3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx8PW5UBDTRjS7xdhMIACjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAyMTAwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzEyYzgzYjAzYTQ2OWEyNDU2MDhjZGFiYTljMmFmNTkyOThhN2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4XqTxU9qlg13oglAO4BrghTCLoY
7IqsjafrzbKuvPJfL40pSHGKBtgOR318KZ/u5x1qTVb1Rt+lYkipDXyZ8IDxLStT
XD5G7p6uxGnIrTC9lq0cX+AVsYLnArdSQbs2eGRuuQZ/Q95euG2jOt2+PJb2feyh
RbL2xALSqEnrDMnyb5ajuVi3CcBJIkYIxIPa41QdFrpqAP/o+Rh568GMBDRmsab6
d4311oXKbuESZ4nDOXqasRjneb6tNdVhGoQ1OPPcnnJjqoKJBTLdYHf6lvJuboHs
8T56a5mwNfsNHAV2I2/t+Vy1iGt2C4habcyl8zQqmREIFMlOSkmvx313swIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLMSyDsDpGmiRWCM2rqcKvWSmKfEMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvc3hMSU93T2thYUpGWUl6YXVwd3E5WktZcDhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBTohCAwQB
XXceAwQBl+3MMA0GCSqGSIb3DQEBCwUAA4IBAQAqtkzToiDaBXIw89CsszduKP1O
FdPgSWBbbuEOVLKOSbYWqrsoMAj1wP0Rmv2AjXKyxRTKIaUNqIYW7JGkHyiJHImt
eF/AZTaelw3CwYuT8o7L+zTaZ/8uVXlbsOU6z9LzI+R6A6/Cy2Hv5TUAeaYVT43e
5IerPM+t8UilvStDbceLTO5KC3+ON9pGRfROEXscfJkgt2nCfJlXvwbAlgB7zpSe
yIkKhXBzOSz7OBTuXVhDU9qz4oRH+XUU+ZtKyCSa6QGk9ageRZYd5AnsyEanNcCo
D34zpZJowhAHFBP2oTaEMtJx5Jb8gWQvtyBg/30/s1vwAAyEBp/AWHn1J/3D
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:37 2024 by rpki-client on console-fra.rpki-client.org