Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/sCgSyizDngRCqtTKjVmCggFmxOc.roa
File: sCgSyizDngRCqtTKjVmCggFmxOc.roa (raw, json)
Hash identifier: a6EfxfHwowkXSWzRkABYROSUPs/9dl3X58WnQtiy1Ws=
Subject key identifier: B0:28:12:CA:2C:C3:9E:04:42:AA:D4:CA:8D:59:82:82:01:66:C4:E7
Certificate issuer: /CN=fb723706d0e83758ba52138e9db4207b5a5c189c
Certificate serial: 0189067C4FC6CEFD3188606F4DA3B994A4CA
Authority key identifier: FB:72:37:06:D0:E8:37:58:BA:52:13:8E:9D:B4:20:7B:5A:5C:18:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3I3BtDoN1i6UhOOnbQge1pcGJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/sCgSyizDngRCqtTKjVmCggFmxOc.roa
Signing time: Thu 29 Jun 2023 09:29:17 +0000
ROA not before: Thu 29 Jun 2023 09:29:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48345
IP address blocks: 185.168.169.0/24 maxlen: 24
91.223.220.0/24 maxlen: 24
91.234.215.0/24 maxlen: 24
94.232.112.0/21 maxlen: 21
2001:67c:174::/48 maxlen: 48
2001:67c:15b8::/48 maxlen: 48
2001:67c:28d8::/48 maxlen: 48
2a0e:d340::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:06:7c:4f:c6:ce:fd:31:88:60:6f:4d:a3:b9:94:a4:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb723706d0e83758ba52138e9db4207b5a5c189c
Validity
Not Before: Jun 29 09:29:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b02812ca2cc39e0442aad4ca8d5982820166c4e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f1:f3:18:b3:64:76:5f:1d:44:20:8d:2c:0a:
83:cf:85:34:a7:97:40:5b:ed:73:23:f8:65:95:26:
40:e3:53:fa:f4:02:77:e7:d5:39:e9:e6:cf:d1:ed:
88:52:4b:13:0d:02:7f:4c:e3:98:cd:b3:53:bd:ed:
09:19:96:ce:98:f1:12:29:2c:49:a3:33:02:cd:80:
0d:85:62:93:db:63:35:82:77:24:67:c8:a7:18:67:
6a:29:d3:98:2e:5f:fb:96:b2:1c:da:25:f2:78:eb:
f3:9d:f8:19:fc:d8:70:89:46:be:8d:73:18:e4:39:
6e:fd:c2:89:5b:70:bd:38:40:12:7e:ca:15:ca:78:
62:b9:90:47:74:12:f0:e3:f8:a5:76:a6:9c:c2:ef:
8d:f8:b4:d9:a8:ae:90:d2:f8:43:a9:58:54:5e:12:
86:2a:79:1a:ec:ed:b4:6f:b0:ae:09:68:57:2f:0b:
84:63:c4:2a:d0:b9:9d:17:cb:ec:76:06:c3:82:f9:
e5:1a:2b:2a:8e:69:ab:7d:b8:92:ae:fc:7b:bc:67:
28:cb:89:45:d2:d3:85:79:1e:ba:5f:26:48:d7:64:
29:f2:6f:1c:0a:aa:19:84:5a:85:d8:e0:6e:6b:2a:
97:a0:97:af:e4:b0:ba:23:af:80:e8:d4:02:d5:e2:
21:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:28:12:CA:2C:C3:9E:04:42:AA:D4:CA:8D:59:82:82:01:66:C4:E7
X509v3 Authority Key Identifier:
keyid:FB:72:37:06:D0:E8:37:58:BA:52:13:8E:9D:B4:20:7B:5A:5C:18:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3I3BtDoN1i6UhOOnbQge1pcGJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/sCgSyizDngRCqtTKjVmCggFmxOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/1-3I3BtDoN1i6UhOOnbQge1pcGJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.220.0/24
91.234.215.0/24
94.232.112.0/21
185.168.169.0/24
IPv6:
2001:67c:174::/48
2001:67c:15b8::/48
2001:67c:28d8::/48
2a0e:d340::/48
Signature Algorithm: sha256WithRSAEncryption
3d:92:fa:4f:ae:45:3d:f6:a0:bd:31:fe:8a:00:54:bb:28:74:
66:08:26:b3:1b:4a:db:51:91:cb:f4:08:af:78:e6:87:a9:30:
9f:47:df:32:8f:0f:28:f6:3e:12:9a:40:33:d0:3d:df:fb:65:
62:fe:e9:06:a9:03:01:54:60:66:8d:90:2e:14:a6:99:2e:3f:
5b:de:76:f8:49:49:45:ac:2f:bc:5e:8b:09:94:85:da:d1:63:
f5:c8:6a:02:aa:f8:fc:80:96:e4:e3:b6:38:f6:25:b1:a9:c7:
b6:87:eb:5c:96:3b:5b:e4:49:c8:15:07:79:0a:41:93:52:a3:
bf:5c:a2:e2:56:55:64:37:05:ce:92:b0:ca:5a:89:88:98:ce:
30:4f:fa:cc:fb:0d:5c:36:22:e5:9b:42:04:ae:37:64:72:88:
f2:e1:94:c3:67:6b:4c:6b:27:36:84:d5:99:a2:ed:0b:c3:84:
4b:4f:1a:34:c7:c6:82:ed:31:6c:b8:43:de:a7:5f:b0:ba:f7:
c3:cc:36:fd:17:3e:b4:81:c2:21:9e:4e:b4:f5:38:54:5e:04:
91:26:67:15:2d:74:3a:6c:ad:33:e9:be:01:f2:3b:5d:1a:3e:
0d:2c:ea:18:64:ac:99:29:79:1e:77:a4:42:0b:ca:7b:33:62:
73:19:ed:6a
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYkGfE/Gzv0xiGBvTaO5lKTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzIzNzA2ZDBlODM3NThiYTUyMTM4ZTlkYjQyMDdiNWE1
YzE4OWMwHhcNMjMwNjI5MDkyOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDI4MTJjYTJjYzM5ZTA0NDJhYWQ0Y2E4ZDU5ODI4MjAxNjZjNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/HzGLNkdl8dRCCNLAqDz4U0p5dA
W+1zI/hllSZA41P69AJ359U56ebP0e2IUksTDQJ/TOOYzbNTve0JGZbOmPESKSxJ
ozMCzYANhWKT22M1gnckZ8inGGdqKdOYLl/7lrIc2iXyeOvznfgZ/NhwiUa+jXMY
5Dlu/cKJW3C9OEASfsoVynhiuZBHdBLw4/ildqacwu+N+LTZqK6Q0vhDqVhUXhKG
Knka7O20b7CuCWhXLwuEY8Qq0LmdF8vsdgbDgvnlGisqjmmrfbiSrvx7vGcoy4lF
0tOFeR66XyZI12Qp8m8cCqoZhFqF2OBuayqXoJev5LC6I6+A6NQC1eIhJwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFLAoEsosw54EQqrUyo1ZgoIBZsTnMB8GA1UdIwQY
MBaAFPtyNwbQ6DdYulITjp20IHtaXBicMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zSTNCdERvTjFpNlVoT09uYlFnZTFwY0dKdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkvY2ZhYzMxLTgzNTYtNDMyZC1hMzRk
LWI2MTQzNjExOTZmZC8xL3NDZ1N5aXpEbmdSQ3F0VEtqVm1DZ2dGbXhPYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTkvY2ZhYzMxLTgzNTYtNDMyZC1hMzRkLWI2MTQzNjExOTZm
ZC8xLzEtM0kzQnREb04xaTZVaE9PbmJRZ2UxcGNHSncuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXQYIKwYBBQUHAQcBAf8ETjBMMB4EAgABMBgDBABb39wD
BABb6tcDBANe6HADBAC5qKkwKgQCAAIwJAMHACABBnwBdAMHACABBnwVuAMHACAB
Bnwo2AMHACoO00AAADANBgkqhkiG9w0BAQsFAAOCAQEAPZL6T65FPfagvTH+igBU
uyh0ZggmsxtK21GRy/QIr3jmh6kwn0ffMo8PKPY+EppAM9A93/tlYv7pBqkDAVRg
Zo2QLhSmmS4/W952+ElJRawvvF6LCZSF2tFj9chqAqr4/ICW5OO2OPYlsanHtofr
XJY7W+RJyBUHeQpBk1Kjv1yi4lZVZDcFzpKwylqJiJjOME/6zPsNXDYi5ZtCBK43
ZHKI8uGUw2drTGsnNoTVmaLtC8OES08aNMfGgu0xbLhD3qdfsLr3w8w2/Rc+tIHC
IZ5OtPU4VF4EkSZnFS10OmytM+m+AfI7XRo+DSzqGGSsmSl5HnekQgvKezNicxnt
ag==
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:27 2024 by rpki-client on console-ams.rpki-client.org