Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Sjn4VXOmIDQ2OdgPtL4iWU__e-c.roa
File: Sjn4VXOmIDQ2OdgPtL4iWU__e-c.roa (raw, json)
Hash identifier: X1tuOsRZ5vN7o6iYKCAML4cBVF1CyHKOg56rc0Q2O5s=
Subject key identifier: 4A:39:F8:55:73:A6:20:34:36:39:D8:0F:B4:BE:22:59:4F:FF:7B:E7
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01856C53D8738DC5F5E0D970793D138C08C6
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Sjn4VXOmIDQ2OdgPtL4iWU__e-c.roa
Signing time: Sun 01 Jan 2023 07:55:12 +0000
ROA not before: Sun 01 Jan 2023 07:55:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212249
IP address blocks: 160.20.111.0/24 maxlen: 24
160.20.110.0/24 maxlen: 24
185.85.236.0/24 maxlen: 24
93.190.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:d8:73:8d:c5:f5:e0:d9:70:79:3d:13:8c:08:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 07:55:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a39f85573a620343639d80fb4be22594fff7be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:af:8d:8c:36:c1:95:c7:7f:b2:8b:cc:a2:20:
a1:33:10:db:8d:8d:67:ac:fd:aa:b4:63:2a:45:ac:
c9:38:6e:a2:2f:96:b6:6c:ae:02:2f:ff:c3:00:f2:
29:93:65:0b:c8:38:7b:3c:dd:d2:23:a5:44:db:54:
49:0e:64:6d:df:a5:aa:75:eb:25:7f:b6:20:3c:d5:
3f:ad:c5:9b:fb:3d:e8:20:36:7a:b0:75:51:4e:ac:
60:95:d2:22:88:4b:e2:ae:2b:83:5d:38:f0:53:98:
69:07:59:fd:89:40:e3:bd:a7:e2:18:c3:59:c7:35:
5e:ae:06:7f:2a:21:a1:76:c9:62:ed:d1:f6:b4:70:
c4:6e:96:29:7b:b8:27:95:41:3b:08:6c:b7:85:05:
8b:49:e8:fa:2c:bb:c3:9a:58:6b:43:d4:11:ad:1f:
1e:d8:2e:86:46:54:c3:5f:f2:3b:0a:62:c5:75:29:
a6:03:75:8a:8d:f2:22:01:6a:43:6f:07:55:e5:48:
ab:93:39:26:e3:87:52:18:97:4a:09:a7:9b:12:16:
b7:39:26:41:f7:32:8a:44:db:3c:fc:89:17:fa:75:
30:a2:49:16:7b:b1:3e:a5:ed:02:56:b7:fc:b8:95:
8b:c1:d2:9b:1d:9f:9d:e2:8e:b1:52:69:69:9a:09:
f4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:39:F8:55:73:A6:20:34:36:39:D8:0F:B4:BE:22:59:4F:FF:7B:E7
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Sjn4VXOmIDQ2OdgPtL4iWU__e-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.15.0/24
160.20.110.0/23
185.85.236.0/24
Signature Algorithm: sha256WithRSAEncryption
68:ca:21:92:9d:38:93:52:24:0c:f4:ff:4f:13:fb:e4:0e:b2:
f6:a9:53:c2:c9:31:fc:1b:29:42:e2:bd:cf:15:ee:54:60:6e:
e5:94:ee:ab:2d:26:4a:0e:f3:9e:00:4e:0f:b4:4d:20:4e:21:
d6:1e:32:c6:bb:cc:4c:1f:c0:f7:98:bd:84:10:ca:87:2e:9c:
bf:d3:87:f9:82:64:6b:54:1e:84:6c:8a:a7:97:49:a9:ad:4e:
51:9d:18:e1:29:5f:71:16:d3:8f:b1:be:0e:fd:68:d1:72:5b:
75:50:c1:c1:95:41:64:07:8c:2e:9a:d9:a7:91:e9:79:ff:b1:
94:22:91:12:43:f0:be:de:2c:0a:c4:70:20:d2:83:66:bf:44:
c6:ae:cf:20:55:54:af:a1:73:01:72:f9:18:03:cd:50:87:28:
0a:85:0b:57:0c:31:a5:72:b6:13:ac:a8:67:41:5c:09:f9:df:
6d:f2:c9:51:34:68:d3:0c:49:42:de:72:0a:c4:fb:48:ee:94:
09:e8:43:d8:18:bf:cb:18:7c:57:56:4d:9d:26:ca:58:2c:23:
0d:28:c9:65:b9:6a:30:8c:ed:2f:52:af:cd:c7:49:94:d1:3b:
79:81:68:e8:bc:f8:23:e3:af:8c:5d:54:a9:3d:e8:93:ec:e4:
03:1a:2b:ae
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsU9hzjcX14NlweT0TjAjGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwMTAxMDc1NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTM5Zjg1NTczYTYyMDM0MzYzOWQ4MGZiNGJlMjI1OTRmZmY3YmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiK+NjDbBlcd/sovMoiChMxDbjY1n
rP2qtGMqRazJOG6iL5a2bK4CL//DAPIpk2ULyDh7PN3SI6VE21RJDmRt36Wqdesl
f7YgPNU/rcWb+z3oIDZ6sHVRTqxgldIiiEviriuDXTjwU5hpB1n9iUDjvafiGMNZ
xzVergZ/KiGhdsli7dH2tHDEbpYpe7gnlUE7CGy3hQWLSej6LLvDmlhrQ9QRrR8e
2C6GRlTDX/I7CmLFdSmmA3WKjfIiAWpDbwdV5Uirkzkm44dSGJdKCaebEha3OSZB
9zKKRNs8/IkX+nUwokkWe7E+pe0CVrf8uJWLwdKbHZ+d4o6xUmlpmgn0KwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEo5+FVzpiA0NjnYD7S+IllP/3vnMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvU2puNFZYT21JRFEyT2RnUHRMNGlXVV9fZS1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXb4PAwQB
oBRuAwQAuVXsMA0GCSqGSIb3DQEBCwUAA4IBAQBoyiGSnTiTUiQM9P9PE/vkDrL2
qVPCyTH8GylC4r3PFe5UYG7llO6rLSZKDvOeAE4PtE0gTiHWHjLGu8xMH8D3mL2E
EMqHLpy/04f5gmRrVB6EbIqnl0mprU5RnRjhKV9xFtOPsb4O/WjRclt1UMHBlUFk
B4wumtmnkel5/7GUIpESQ/C+3iwKxHAg0oNmv0TGrs8gVVSvoXMBcvkYA81QhygK
hQtXDDGlcrYTrKhnQVwJ+d9t8slRNGjTDElC3nIKxPtI7pQJ6EPYGL/LGHxXVk2d
JspYLCMNKMlluWowjO0vUq/Nx0mU0Tt5gWjovPgj46+MXVSpPeiT7OQDGiuu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org