Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/SzncEBNtW3BYqT1ZaUo4f5lJTwU.roa
File: SzncEBNtW3BYqT1ZaUo4f5lJTwU.roa (raw, json)
Hash identifier: +r0LepA9kck00Ua+6JNI+/rC+JvsfU4ksT2idJFmhpg=
Subject key identifier: 4B:39:DC:10:13:6D:5B:70:58:A9:3D:59:69:4A:38:7F:99:49:4F:05
Certificate issuer: /CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Certificate serial: 018C10CD562D06F24D7B5CF74678A9E8F241
Authority key identifier: 53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/SzncEBNtW3BYqT1ZaUo4f5lJTwU.roa
Signing time: Mon 27 Nov 2023 12:42:21 +0000
ROA not before: Mon 27 Nov 2023 12:42:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29244
IP address blocks: 91.92.11.0/24 maxlen: 24
91.92.9.0/24 maxlen: 24
91.92.10.0/24 maxlen: 24
91.92.8.0/24 maxlen: 24
91.92.13.0/24 maxlen: 24
91.92.12.0/24 maxlen: 24
91.92.14.0/24 maxlen: 24
91.92.15.0/24 maxlen: 24
85.118.192.0/21 maxlen: 21
193.193.182.0/24 maxlen: 24
193.194.147.0/24 maxlen: 24
193.194.155.0/24 maxlen: 24
193.193.171.0/24 maxlen: 24
149.62.192.0/18 maxlen: 18
149.62.204.0/24 maxlen: 24
149.62.206.0/24 maxlen: 24
149.62.205.0/24 maxlen: 24
149.62.208.0/24 maxlen: 24
149.62.209.0/24 maxlen: 24
149.62.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:10:cd:56:2d:06:f2:4d:7b:5c:f7:46:78:a9:e8:f2:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Validity
Not Before: Nov 27 12:42:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b39dc10136d5b7058a93d59694a387f99494f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ce:b9:42:29:c8:9f:06:b2:13:4e:4d:20:46:
d1:ff:f7:51:6e:50:3e:f8:d1:f8:78:d6:73:9a:30:
3b:3f:56:e7:3e:01:02:fb:4e:97:63:32:80:3e:33:
13:38:ca:3b:19:83:7c:be:2a:bb:be:d1:7d:e6:bb:
69:ab:4e:d6:e8:fb:47:d7:91:ac:71:d4:ea:13:93:
cc:5e:68:89:63:a4:ec:57:d9:4c:42:4c:96:c4:cb:
63:2f:74:5a:9e:a6:65:7d:0e:95:a1:26:4a:bd:db:
e7:c4:81:e3:cf:8d:ba:b2:4a:7c:70:22:29:b0:64:
f5:35:d4:94:35:13:17:6a:7c:a6:9e:05:87:3b:ed:
39:35:3a:09:2b:93:67:b9:89:bc:ae:5d:1b:5e:be:
55:0b:68:b6:9e:13:89:78:65:af:21:46:d5:e6:60:
af:32:73:08:9d:a7:56:f4:c1:26:17:2a:61:df:bd:
18:68:59:49:cb:f7:0a:ad:1f:4a:52:6c:27:49:7e:
5d:d8:29:a8:39:fe:8e:17:c4:4d:76:59:b6:16:7f:
d1:f1:c0:51:3e:cd:27:f6:de:17:24:0e:fc:ff:40:
f8:a6:13:29:d7:4b:4a:ac:b0:fd:9c:5c:4b:6a:66:
93:8f:3d:ee:df:b1:5e:26:05:6e:93:c2:c0:19:63:
dc:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:39:DC:10:13:6D:5B:70:58:A9:3D:59:69:4A:38:7F:99:49:4F:05
X509v3 Authority Key Identifier:
keyid:53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/SzncEBNtW3BYqT1ZaUo4f5lJTwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.192.0/21
91.92.8.0/21
149.62.192.0/18
193.193.171.0/24
193.193.182.0/24
193.194.147.0/24
193.194.155.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:ad:34:b6:70:15:b2:e9:60:28:20:4c:19:2a:46:ee:70:e0:
a8:36:a9:69:71:de:f8:88:60:4c:97:b1:cd:f0:69:ef:8a:e5:
ff:b3:75:6b:4b:2c:61:81:79:c1:80:3d:dd:10:80:82:56:10:
b5:e9:78:a2:dc:21:62:21:ba:75:a3:22:d9:40:21:4b:80:fa:
d8:9d:1e:21:ca:99:01:d2:1c:ae:25:b1:92:39:cc:06:b0:c2:
2c:68:9d:d6:65:05:9f:2c:10:d8:77:a3:14:31:24:c9:53:a1:
30:11:07:10:36:bc:c9:a4:0d:8c:ca:c7:32:c7:ca:3d:e6:7b:
2f:e3:11:f6:e3:1d:51:12:1f:a6:d0:3a:d1:59:66:60:c5:3e:
74:27:78:22:0d:3e:ce:9f:de:c0:81:80:47:ea:55:30:5b:41:
3b:17:41:44:6e:39:30:28:6d:8e:53:6c:ee:18:24:6a:4b:19:
8d:02:14:f7:60:b2:3c:0b:66:d7:c1:06:6b:0e:9d:ee:8d:17:
6a:10:a1:7c:48:2d:49:56:68:e8:d2:12:0d:9c:9b:1f:d3:a8:
9f:b9:4d:1c:88:e5:bb:5c:8e:0f:b2:b3:37:41:c5:f3:3d:de:
ca:71:b9:4e:6f:8c:35:41:30:eb:15:28:b7:3f:2b:d6:a7:d3:
49:c5:5d:f6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYwQzVYtBvJNe1z3Rnip6PJBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzZhMTA2Y2VjZGViYTkyZTBiODBlNWU5YTVjNzg5YmE3
NGM2MmIwHhcNMjMxMTI3MTI0MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjM5ZGMxMDEzNmQ1YjcwNThhOTNkNTk2OTRhMzg3Zjk5NDk0ZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhs65QinInwayE05NIEbR//dRblA+
+NH4eNZzmjA7P1bnPgEC+06XYzKAPjMTOMo7GYN8viq7vtF95rtpq07W6PtH15Gs
cdTqE5PMXmiJY6TsV9lMQkyWxMtjL3RanqZlfQ6VoSZKvdvnxIHjz426skp8cCIp
sGT1NdSUNRMXanymngWHO+05NToJK5NnuYm8rl0bXr5VC2i2nhOJeGWvIUbV5mCv
MnMInadW9MEmFyph370YaFlJy/cKrR9KUmwnSX5d2CmoOf6OF8RNdlm2Fn/R8cBR
Ps0n9t4XJA78/0D4phMp10tKrLD9nFxLamaTjz3u37FeJgVuk8LAGWPcIQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEs53BATbVtwWKk9WWlKOH+ZSU8FMB8GA1UdIwQY
MBaAFFM2oQbOzeupLguA5emlx4m6dMYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAt
ZGQ4MDNjNWI4NWRiLzEvU3puY0VCTnRXM0JZcVQxWmFVbzRmNWxKVHdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAtZGQ4MDNjNWI4NWRi
LzEvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDVXbAAwQD
W1wIAwQGlT7AAwQAwcGrAwQAwcG2AwQAwcKTAwQAwcKbMA0GCSqGSIb3DQEBCwUA
A4IBAQDIrTS2cBWy6WAoIEwZKkbucOCoNqlpcd74iGBMl7HN8GnviuX/s3VrSyxh
gXnBgD3dEICCVhC16Xii3CFiIbp1oyLZQCFLgPrYnR4hypkB0hyuJbGSOcwGsMIs
aJ3WZQWfLBDYd6MUMSTJU6EwEQcQNrzJpA2Myscyx8o95nsv4xH24x1REh+m0DrR
WWZgxT50J3giDT7On97AgYBH6lUwW0E7F0FEbjkwKG2OU2zuGCRqSxmNAhT3YLI8
C2bXwQZrDp3ujRdqEKF8SC1JVmjo0hINnJsf06ifuU0ciOW7XI4PsrM3QcXzPd7K
cblOb4w1QTDrFSi3PyvWp9NJxV32
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:10 2024 by rpki-client on console-ams.rpki-client.org