Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sbKscxXw4FM8xBomQnAINXk7iWY.roa
File: sbKscxXw4FM8xBomQnAINXk7iWY.roa (raw, json)
Hash identifier: upooLnxOn3h6mRghpnkLXL+YdfjOTKoVzB4qhDCYVgI=
Subject key identifier: B1:B2:AC:73:15:F0:E0:53:3C:C4:1A:26:42:70:08:35:79:3B:89:66
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188B148937D7D46D8A9426BFDB98EE957E1
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sbKscxXw4FM8xBomQnAINXk7iWY.roa
Signing time: Mon 12 Jun 2023 20:25:03 +0000
ROA not before: Mon 12 Jun 2023 20:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 84.32.91.0/24 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jul 2023 06:14:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b1:48:93:7d:7d:46:d8:a9:42:6b:fd:b9:8e:e9:57:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 12 20:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1b2ac7315f0e0533cc41a2642700835793b8966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:29:57:b9:82:1f:95:57:d4:f6:d9:9c:5c:09:
5d:b1:2b:76:d8:bd:96:2d:c3:18:08:cf:6d:43:bf:
97:6a:d2:ca:93:94:a8:0b:ee:1b:04:b5:df:7d:3e:
af:af:61:d4:3b:bf:44:9c:49:8f:43:51:91:72:21:
42:38:44:4e:e2:e5:ec:7b:74:da:ed:53:78:53:69:
e5:a0:19:c0:ca:73:53:96:b6:a0:76:9b:81:67:4f:
6d:c9:0b:82:29:9c:7b:34:13:cf:13:7e:04:4d:f7:
90:eb:35:07:24:40:f5:4c:ac:54:68:ad:86:a1:e3:
07:9b:1f:bd:7b:d5:fb:27:ea:59:5a:dd:f2:73:68:
17:57:58:9a:e8:e0:a6:97:83:a5:22:a2:80:87:e0:
ef:35:68:55:48:d4:23:14:4d:5b:3e:d2:77:7c:f1:
ef:e5:e2:88:1a:fb:9f:5f:42:c8:0e:f3:53:0d:5f:
b0:2e:b2:41:09:4d:a8:eb:5c:5a:b1:59:23:63:49:
6d:8f:1b:5f:cb:0b:a1:a3:6e:7a:10:1b:26:5e:00:
ff:7d:d1:a0:c8:d3:03:56:b3:d6:b9:1c:83:a4:17:
c0:33:80:26:79:2f:43:f3:a9:2b:ab:2c:17:49:ea:
d4:f7:c4:48:cf:6e:5a:8f:70:41:81:30:aa:42:22:
64:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B2:AC:73:15:F0:E0:53:3C:C4:1A:26:42:70:08:35:79:3B:89:66
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sbKscxXw4FM8xBomQnAINXk7iWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.91.0/24
88.216.22.0/23
88.216.131.0/24
Signature Algorithm: sha256WithRSAEncryption
32:61:1a:52:71:b0:c2:14:a0:2a:bd:a5:91:56:a8:e1:47:88:
f8:20:35:bc:f7:3a:a5:6e:66:46:05:26:9d:db:0b:48:0a:50:
95:93:81:21:aa:3b:cd:5c:d3:4a:fe:7b:60:be:9a:66:0c:a2:
32:d8:94:0a:ae:9a:f6:ca:a4:e2:11:7b:ad:dc:bc:24:02:9b:
bd:4e:8a:9f:03:03:bf:3f:46:be:06:40:47:00:7d:73:47:54:
1d:df:24:68:99:68:9f:e7:5c:d6:5c:21:5c:eb:e0:9a:82:08:
78:22:86:6b:42:05:d8:cf:bc:32:1a:23:29:38:4f:ab:01:ad:
aa:84:19:b7:a5:39:99:5c:cc:07:57:3f:28:63:ed:2f:5b:ea:
1a:c3:66:67:95:d8:7c:73:e2:f1:ab:6d:4d:29:2b:c4:13:f0:
88:96:0e:33:a1:e8:0c:e8:48:8b:42:a4:7d:db:66:e4:74:26:
e2:97:98:62:db:21:46:37:fa:55:2d:07:39:cd:c1:a0:a1:6e:
d2:55:2b:85:a9:6e:9f:3a:f5:c5:6d:bf:0b:36:cc:29:42:36:
4c:db:77:2b:fa:01:ca:30:89:4b:09:47:dd:12:32:10:91:1f:
60:92:98:8e:c4:ac:d1:1e:63:b7:09:9a:f7:95:6e:e5:0f:f3:
0b:86:2d:54
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYixSJN9fUbYqUJr/bmO6VfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjEyMjAyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWIyYWM3MzE1ZjBlMDUzM2NjNDFhMjY0MjcwMDgzNTc5M2I4OTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApClXuYIflVfU9tmcXAldsSt22L2W
LcMYCM9tQ7+XatLKk5SoC+4bBLXffT6vr2HUO79EnEmPQ1GRciFCOERO4uXse3Ta
7VN4U2nloBnAynNTlragdpuBZ09tyQuCKZx7NBPPE34ETfeQ6zUHJED1TKxUaK2G
oeMHmx+9e9X7J+pZWt3yc2gXV1ia6OCml4OlIqKAh+DvNWhVSNQjFE1bPtJ3fPHv
5eKIGvufX0LIDvNTDV+wLrJBCU2o61xasVkjY0ltjxtfywuho256EBsmXgD/fdGg
yNMDVrPWuRyDpBfAM4AmeS9D86krqywXSerU98RIz25aj3BBgTCqQiJkMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLGyrHMV8OBTPMQaJkJwCDV5O4lmMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvc2JLc2N4WHc0Rk04eEJvbVFuQUlOWGs3aVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCBbAwQB
WNgWAwQAWNiDMA0GCSqGSIb3DQEBCwUAA4IBAQAyYRpScbDCFKAqvaWRVqjhR4j4
IDW89zqlbmZGBSad2wtIClCVk4EhqjvNXNNK/ntgvppmDKIy2JQKrpr2yqTiEXut
3LwkApu9ToqfAwO/P0a+BkBHAH1zR1Qd3yRomWif51zWXCFc6+Caggh4IoZrQgXY
z7wyGiMpOE+rAa2qhBm3pTmZXMwHVz8oY+0vW+oaw2Znldh8c+Lxq21NKSvEE/CI
lg4zoegM6EiLQqR922bkdCbil5hi2yFGN/pVLQc5zcGgoW7SVSuFqW6fOvXFbb8L
NswpQjZM23cr+gHKMIlLCUfdEjIQkR9gkpiOxKzRHmO3CZr3lW7lD/MLhi1U
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:32 2024 by rpki-client on console-ams.rpki-client.org