Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/sjkIta7N7AQQhUqxgktGEs02Tzk.roa
File: sjkIta7N7AQQhUqxgktGEs02Tzk.roa (raw, json)
Hash identifier: O2KgoPzKSTjEnUxQSabxFkJgcfISorPMgcXddDPbxq8=
Subject key identifier: B2:39:08:B5:AE:CD:EC:04:10:85:4A:B1:82:4B:46:12:CD:36:4F:39
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A23D3B8C1DF42F6CC5D007D0967FD
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/sjkIta7N7AQQhUqxgktGEs02Tzk.roa
Signing time: Tue 02 Jan 2024 12:33:28 +0000
ROA not before: Tue 02 Jan 2024 12:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60573
IP address blocks: 146.120.172.0/23 maxlen: 24
93.170.2.0/24 maxlen: 24
95.46.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:23:d3:b8:c1:df:42:f6:cc:5d:00:7d:09:67:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b23908b5aecdec0410854ab1824b4612cd364f39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1c:58:b8:e5:fd:0b:f8:de:9e:dc:b4:2d:45:
be:2f:da:5a:4d:eb:fc:7e:b8:99:9f:e6:58:0a:4d:
04:f6:61:40:47:15:ce:95:26:83:83:b1:b9:0a:df:
96:4a:91:6f:4b:4c:48:1a:be:64:cb:da:ee:f9:5e:
9f:72:d0:cf:18:07:88:af:cb:71:d2:3a:5a:bb:dc:
fd:86:fb:bc:f7:0f:31:ff:38:87:cf:83:60:b3:ea:
27:44:f6:64:4d:13:b3:92:cb:18:50:e4:fd:3c:bc:
1c:c4:cd:e5:5e:9d:92:26:66:d1:92:7d:39:bd:2a:
56:5c:59:12:8f:96:1f:21:44:d0:93:3f:62:e5:96:
20:86:c0:03:ab:cb:f0:6d:f1:35:0f:7b:83:2a:59:
ea:03:53:1b:2e:62:69:c0:d2:27:53:bb:22:f2:9f:
19:0e:75:18:e0:23:d3:00:58:cf:7a:64:0b:05:b0:
2f:11:b4:d5:ab:e2:ac:00:06:5a:60:5b:8e:b6:b3:
56:18:0b:ff:5f:6f:3a:2b:ce:bd:8b:26:d6:c6:13:
56:dc:31:d3:ae:83:a6:45:ed:2b:df:83:95:ab:81:
12:57:be:ee:0c:2a:37:a8:ab:ec:c5:68:94:f8:af:
13:28:46:98:d8:d8:4b:93:44:78:d9:34:d1:32:4d:
71:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:39:08:B5:AE:CD:EC:04:10:85:4A:B1:82:4B:46:12:CD:36:4F:39
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/sjkIta7N7AQQhUqxgktGEs02Tzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.2.0/24
95.46.77.0/24
146.120.172.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:83:4c:4f:b1:94:c8:6d:be:36:43:20:4a:70:c6:59:ca:e9:
89:68:37:9a:30:6a:57:f1:ad:92:09:e4:15:e1:c5:31:61:cb:
3c:77:89:8f:55:c4:7b:fc:bf:68:3f:5e:6c:31:6d:b1:c1:1b:
50:52:4a:4c:2d:2d:d7:d6:5c:04:37:d0:b4:8f:86:53:61:31:
7e:e4:41:3e:0d:56:03:88:31:2a:df:7c:4e:e4:86:61:0e:d6:
7e:55:74:6e:63:fc:0d:1b:75:ca:89:84:f5:d5:8f:e1:15:4b:
c3:0e:50:cd:1e:8f:d9:03:8d:ea:a2:81:e2:54:86:52:9b:34:
96:ab:09:5f:bc:84:d2:db:2b:1d:6b:17:16:02:3e:a8:80:0b:
11:cc:b0:25:31:00:39:7c:5b:93:2e:a4:0d:7b:ac:6d:e5:20:
fa:d5:bb:1e:10:75:9e:b3:ff:b7:1b:cd:95:0b:50:ed:93:ea:
89:1a:88:c4:80:81:f2:cc:ff:d2:b7:47:a9:7f:29:ac:34:2c:
fa:8f:d4:b6:a3:b7:74:4d:01:5f:d6:96:41:d0:ff:f5:f2:50:
c6:08:aa:58:12:76:70:d8:f1:d8:09:a9:75:12:44:92:f7:eb:
28:11:62:46:c3:56:8f:f4:52:68:6e:e2:ff:56:e4:fd:5e:8c:
5d:77:48:8d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKiPTuMHfQvbMXQB9CWf9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjM5MDhiNWFlY2RlYzA0MTA4NTRhYjE4MjRiNDYxMmNkMzY0ZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBxYuOX9C/jenty0LUW+L9paTev8
friZn+ZYCk0E9mFARxXOlSaDg7G5Ct+WSpFvS0xIGr5ky9ru+V6fctDPGAeIr8tx
0jpau9z9hvu89w8x/ziHz4Ngs+onRPZkTROzkssYUOT9PLwcxM3lXp2SJmbRkn05
vSpWXFkSj5YfIUTQkz9i5ZYghsADq8vwbfE1D3uDKlnqA1MbLmJpwNInU7si8p8Z
DnUY4CPTAFjPemQLBbAvEbTVq+KsAAZaYFuOtrNWGAv/X286K869iybWxhNW3DHT
roOmRe0r34OVq4ESV77uDCo3qKvsxWiU+K8TKEaY2NhLk0R42TTRMk1x3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLI5CLWuzewEEIVKsYJLRhLNNk85MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvc2prSXRhN043QVFRaFVxeGdrdEdFczAyVHprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXaoCAwQA
Xy5NAwQBknisMA0GCSqGSIb3DQEBCwUAA4IBAQCcg0xPsZTIbb42QyBKcMZZyumJ
aDeaMGpX8a2SCeQV4cUxYcs8d4mPVcR7/L9oP15sMW2xwRtQUkpMLS3X1lwEN9C0
j4ZTYTF+5EE+DVYDiDEq33xO5IZhDtZ+VXRuY/wNG3XKiYT11Y/hFUvDDlDNHo/Z
A43qooHiVIZSmzSWqwlfvITS2ysdaxcWAj6ogAsRzLAlMQA5fFuTLqQNe6xt5SD6
1bseEHWes/+3G82VC1Dtk+qJGojEgIHyzP/St0epfymsNCz6j9S2o7d0TQFf1pZB
0P/18lDGCKpYEnZw2PHYCal1EkSS9+soEWJGw1aP9FJobuL/VuT9Xoxdd0iN
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:53:02 2025 by rpki-client