Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SNGPgMY2ATqcqsY1mnuAPc-Sn_c.roa
File: SNGPgMY2ATqcqsY1mnuAPc-Sn_c.roa (raw, json)
Hash identifier: XnW7t14TiMKwGb5bg1EasIwVD/rPYJPnBhywJl9iDw0=
Subject key identifier: 48:D1:8F:80:C6:36:01:3A:9C:AA:C6:35:9A:7B:80:3D:CF:92:9F:F7
Certificate issuer: /CN=4987941e74c1c03e7aba3b878530095eb6fa874e
Certificate serial: 018CC2DB11AE780C668E5FCD112CA1344BA8
Authority key identifier: 49:87:94:1E:74:C1:C0:3E:7A:BA:3B:87:85:30:09:5E:B6:FA:87:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SNGPgMY2ATqcqsY1mnuAPc-Sn_c.roa
Signing time: Mon 01 Jan 2024 02:29:45 +0000
ROA not before: Mon 01 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200736
IP address blocks: 45.66.40.0/22 maxlen: 24
2a10:9301::/36 maxlen: 42
2a10:9300::/29 maxlen: 36
2a10:9300::/36 maxlen: 42
Validation: Failed, certificate revoked on Thu 01 Feb 2024 12:02:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:11:ae:78:0c:66:8e:5f:cd:11:2c:a1:34:4b:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4987941e74c1c03e7aba3b878530095eb6fa874e
Validity
Not Before: Jan 1 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48d18f80c636013a9caac6359a7b803dcf929ff7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f6:ee:e7:27:9d:34:b3:f3:2b:a6:24:8b:09:
49:29:b2:8f:26:4b:a8:64:b1:5d:6c:a7:89:0f:12:
dd:c4:1f:a3:90:75:02:71:4f:1f:4d:21:cb:74:42:
08:77:a0:99:a6:de:0e:5f:fd:3d:e1:5c:6e:92:39:
17:87:85:bf:fc:f5:b4:bd:c7:45:85:03:46:2a:5f:
00:53:0c:57:9d:3b:9d:3e:a7:57:93:0f:85:0f:1a:
7e:2d:1b:e2:c6:3a:09:6d:b8:5a:1b:1f:bb:c3:39:
15:05:ed:f9:9e:bf:91:41:5d:68:9a:c9:c2:e2:c6:
90:c9:4a:c2:9a:80:eb:4d:49:93:76:28:16:ca:c5:
df:cd:1a:83:13:db:8c:5d:f2:77:22:30:aa:82:0e:
96:b7:d1:22:dd:77:d4:a7:2c:4a:d1:54:af:87:bd:
8a:91:7c:c9:16:a2:d1:5b:d9:60:8a:6e:aa:d7:ef:
99:00:8e:5a:3f:d2:18:59:b7:2a:23:2f:5f:51:e2:
9c:10:97:13:5f:49:5b:72:8c:4b:ca:6d:da:0b:28:
35:57:af:e9:7a:14:7d:6b:c0:78:d2:f4:6c:76:f7:
66:46:84:22:5f:77:72:0e:34:bb:86:83:15:08:d7:
91:2a:aa:59:b3:96:29:9c:45:ff:a3:63:51:bb:5e:
6b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:D1:8F:80:C6:36:01:3A:9C:AA:C6:35:9A:7B:80:3D:CF:92:9F:F7
X509v3 Authority Key Identifier:
keyid:49:87:94:1E:74:C1:C0:3E:7A:BA:3B:87:85:30:09:5E:B6:FA:87:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SNGPgMY2ATqcqsY1mnuAPc-Sn_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SYeUHnTBwD56ujuHhTAJXrb6h04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.40.0/22
IPv6:
2a10:9300::/29
Signature Algorithm: sha256WithRSAEncryption
7b:1b:38:91:0a:a1:b9:11:17:c6:a7:99:bb:85:77:5a:18:7a:
33:3f:46:65:77:e6:a9:64:ab:87:60:aa:78:e8:18:3b:c8:77:
c6:e6:56:04:50:51:b7:02:59:9e:54:1f:d6:b5:4a:37:e9:48:
d2:68:ae:b4:3b:91:ce:2a:31:6f:82:f3:a8:fe:55:20:c6:66:
8b:b0:2a:11:9e:3a:a4:38:0b:68:cd:97:46:d7:80:1d:7d:62:
0e:3c:fb:f7:fc:7b:77:d2:2c:53:cb:29:ac:25:6e:34:2f:99:
d8:75:3c:aa:cb:43:2b:b8:e8:f1:c6:89:e8:64:cf:0a:a3:b1:
b2:9b:f6:8f:44:e0:65:58:9d:c1:35:78:ae:12:86:50:97:c0:
b5:3a:75:be:59:25:59:d2:0f:44:28:2e:17:50:58:0a:97:4c:
36:1e:fd:ff:db:a0:d8:0d:73:55:1c:6f:19:97:07:e7:04:97:
8e:c3:c6:37:01:0d:20:d9:5f:07:33:05:48:0d:2e:d9:d9:ae:
33:a1:53:f1:99:44:15:8c:37:1d:bd:d8:5d:d5:84:17:f8:e1:
c3:e5:6a:e9:c4:d0:f4:1e:fc:b9:c5:36:ce:98:85:41:f3:7d:
87:ea:f5:a4:77:a8:c2:df:25:03:a1:c0:c0:4f:fc:f8:01:41:
34:d2:c0:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2xGueAxmjl/NESyhNEuoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODc5NDFlNzRjMWMwM2U3YWJhM2I4Nzg1MzAwOTVlYjZm
YTg3NGUwHhcNMjQwMTAxMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGQxOGY4MGM2MzYwMTNhOWNhYWM2MzU5YTdiODAzZGNmOTI5ZmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfbu5yedNLPzK6YkiwlJKbKPJkuo
ZLFdbKeJDxLdxB+jkHUCcU8fTSHLdEIId6CZpt4OX/094VxukjkXh4W//PW0vcdF
hQNGKl8AUwxXnTudPqdXkw+FDxp+LRvixjoJbbhaGx+7wzkVBe35nr+RQV1omsnC
4saQyUrCmoDrTUmTdigWysXfzRqDE9uMXfJ3IjCqgg6Wt9Ei3XfUpyxK0VSvh72K
kXzJFqLRW9lgim6q1++ZAI5aP9IYWbcqIy9fUeKcEJcTX0lbcoxLym3aCyg1V6/p
ehR9a8B40vRsdvdmRoQiX3dyDjS7hoMVCNeRKqpZs5YpnEX/o2NRu15rzQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEjRj4DGNgE6nKrGNZp7gD3Pkp/3MB8GA1UdIwQY
MBaAFEmHlB50wcA+ero7h4UwCV62+odOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1llVUhuVEJ3RDU2dWp1SGhUQUpYcmI2aDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83MDc3N2ItNjhiMC00MmE4LTllOWQt
ZThhZGE1MWVlOGZmLzEvU05HUGdNWTJBVHFjcXNZMW1udUFQYy1Tbl9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83MDc3N2ItNjhiMC00MmE4LTllOWQtZThhZGE1MWVlOGZm
LzEvU1llVUhuVEJ3RDU2dWp1SGhUQUpYcmI2aDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUIoMA0E
AgACMAcDBQMqEJMAMA0GCSqGSIb3DQEBCwUAA4IBAQB7GziRCqG5ERfGp5m7hXda
GHozP0Zld+apZKuHYKp46Bg7yHfG5lYEUFG3AlmeVB/WtUo36UjSaK60O5HOKjFv
gvOo/lUgxmaLsCoRnjqkOAtozZdG14AdfWIOPPv3/Ht30ixTyymsJW40L5nYdTyq
y0MruOjxxonoZM8Ko7Gym/aPROBlWJ3BNXiuEoZQl8C1OnW+WSVZ0g9EKC4XUFgK
l0w2Hv3/26DYDXNVHG8ZlwfnBJeOw8Y3AQ0g2V8HMwVIDS7Z2a4zoVPxmUQVjDcd
vdhd1YQX+OHD5WrpxND0Hvy5xTbOmIVB832H6vWkd6jC3yUDocDAT/z4AUE00sCP
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:15:06 2025 by rpki-client