Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/sbPixWDXAh5vAOQQ2nhNn7HIC2c.roa
File: sbPixWDXAh5vAOQQ2nhNn7HIC2c.roa (raw, json)
Hash identifier: l/4ajwq++z5Qt5PKK/gGVQqGSilcG7WcYdZ/CMaizdM=
Subject key identifier: B1:B3:E2:C5:60:D7:02:1E:6F:00:E4:10:DA:78:4D:9F:B1:C8:0B:67
Certificate issuer: /CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Certificate serial: 01869748A63190358B049007A121F9FFE156
Authority key identifier: B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/sbPixWDXAh5vAOQQ2nhNn7HIC2c.roa
Signing time: Tue 28 Feb 2023 09:09:26 +0000
ROA not before: Tue 28 Feb 2023 09:09:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41421
IP address blocks: 91.132.112.0/23 maxlen: 23
185.194.212.0/22 maxlen: 24
188.65.40.0/21 maxlen: 21
37.157.200.0/21 maxlen: 21
193.91.4.0/24 maxlen: 24
193.91.12.0/23 maxlen: 23
185.170.65.0/24 maxlen: 24
31.214.137.0/24 maxlen: 24
93.115.39.0/24 maxlen: 24
89.250.192.0/20 maxlen: 20
31.214.138.0/24 maxlen: 24
194.5.180.0/24 maxlen: 24
31.214.140.0/24 maxlen: 24
31.214.145.0/24 maxlen: 24
86.106.22.0/24 maxlen: 24
89.33.167.0/24 maxlen: 24
185.53.132.0/22 maxlen: 24
159.253.240.0/21 maxlen: 21
185.128.156.0/22 maxlen: 22
2a02:4c80::/32 maxlen: 32
2a01:b8e0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:48:a6:31:90:35:8b:04:90:07:a1:21:f9:ff:e1:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Validity
Not Before: Feb 28 09:09:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1b3e2c560d7021e6f00e410da784d9fb1c80b67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ab:dd:44:f5:5a:35:59:c0:f4:ef:b5:f8:f6:
7a:49:e3:41:68:24:f3:36:00:1f:bc:85:1c:72:88:
19:8a:e2:ec:92:95:19:e3:ff:cb:4f:44:67:05:6a:
d8:9d:29:fb:2c:a8:f0:9e:c7:39:5d:4a:d6:cf:d2:
54:57:6d:ff:af:a3:a8:67:ff:1a:d7:5c:99:4b:9e:
6b:dc:e0:17:93:e4:f6:43:69:b5:7f:92:1e:75:29:
2f:02:c3:73:4e:ae:7f:0b:4a:72:6e:6f:aa:35:64:
9e:46:ba:d8:86:f1:f4:02:07:80:12:cb:7c:49:f6:
ea:f0:fc:3e:14:f4:89:df:6a:8e:bd:b3:b4:2b:aa:
bd:a3:62:c7:25:39:15:0e:b4:66:fa:39:2c:0a:41:
b2:33:e9:d7:8d:16:cb:c1:a3:ad:e7:ec:24:63:fb:
a5:ab:64:bc:5c:d8:5c:39:56:bb:7b:64:bf:c4:72:
3a:84:9f:03:76:c8:cf:a6:dd:a6:28:d1:1e:84:44:
08:99:6c:29:25:35:70:56:98:51:d0:c7:01:24:6b:
13:06:84:4b:bc:85:bd:73:e9:03:e9:0e:36:8a:f1:
1e:f9:11:ea:ae:6e:54:67:c0:cb:ff:01:74:b0:27:
17:e8:b4:a3:56:e4:64:ce:94:eb:88:7c:e8:85:16:
a3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B3:E2:C5:60:D7:02:1E:6F:00:E4:10:DA:78:4D:9F:B1:C8:0B:67
X509v3 Authority Key Identifier:
keyid:B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/sbPixWDXAh5vAOQQ2nhNn7HIC2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.137.0-31.214.138.255
31.214.140.0/24
31.214.145.0/24
37.157.200.0/21
86.106.22.0/24
89.33.167.0/24
89.250.192.0/20
91.132.112.0/23
93.115.39.0/24
159.253.240.0/21
185.53.132.0/22
185.128.156.0/22
185.170.65.0/24
185.194.212.0/22
188.65.40.0/21
193.91.4.0/24
193.91.12.0/23
194.5.180.0/24
IPv6:
2a01:b8e0::/32
2a02:4c80::/32
Signature Algorithm: sha256WithRSAEncryption
46:cb:05:87:62:d5:2e:09:a8:21:d4:06:eb:89:5a:27:d6:b3:
b1:03:de:f2:fd:af:88:72:61:ee:13:37:4c:98:c5:5a:93:af:
5c:e5:a9:d1:b7:ea:44:92:9f:fe:93:3b:dd:fe:26:d9:9e:18:
c1:2a:df:d8:19:89:9c:bb:d6:47:e2:38:b4:10:27:28:4d:98:
1e:17:a6:27:67:4e:6e:6e:0f:b2:af:dc:14:32:29:b2:59:7e:
4f:10:88:84:99:98:7f:81:8c:2f:92:87:55:08:97:5d:d9:29:
31:d7:87:02:14:40:0d:52:de:0f:85:a6:ea:4d:d8:6c:4e:fb:
8a:f6:42:99:45:d0:db:7f:0c:6c:5b:fb:18:2c:31:6e:09:f0:
dc:73:02:d0:4f:f7:f0:6c:44:bf:ef:cd:79:39:12:df:38:bc:
6b:3c:12:8a:e7:c1:eb:4d:cd:e0:fa:02:6a:e0:73:38:6c:7e:
bc:e9:b8:3c:98:25:c0:4f:d0:62:27:9a:ff:c5:a7:b0:43:19:
fd:3b:e7:8b:5a:6e:64:04:1f:3c:4f:95:57:c0:de:5d:15:b5:
fb:b1:17:c9:a1:90:af:4f:75:83:2e:9a:44:fa:1e:b0:4c:eb:
fd:4d:29:ca:e4:08:39:56:ed:e3:a2:10:ab:9e:d2:8c:07:8d:
3b:ad:d5:33
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYaXSKYxkDWLBJAHoSH5/+FWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDkxNjhmZGI1MmU5YjdkMWE3YTVlOGY1MThlZGZiYzJj
M2Y5YWYwHhcNMjMwMjI4MDkwOTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWIzZTJjNTYwZDcwMjFlNmYwMGU0MTBkYTc4NGQ5ZmIxYzgwYjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6vdRPVaNVnA9O+1+PZ6SeNBaCTz
NgAfvIUccogZiuLskpUZ4//LT0RnBWrYnSn7LKjwnsc5XUrWz9JUV23/r6OoZ/8a
11yZS55r3OAXk+T2Q2m1f5IedSkvAsNzTq5/C0pybm+qNWSeRrrYhvH0AgeAEst8
Sfbq8Pw+FPSJ32qOvbO0K6q9o2LHJTkVDrRm+jksCkGyM+nXjRbLwaOt5+wkY/ul
q2S8XNhcOVa7e2S/xHI6hJ8DdsjPpt2mKNEehEQImWwpJTVwVphR0McBJGsTBoRL
vIW9c+kD6Q42ivEe+RHqrm5UZ8DL/wF0sCcX6LSjVuRkzpTriHzohRajuQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFLGz4sVg1wIebwDkENp4TZ+xyAtnMB8GA1UdIwQY
MBaAFLQJFo/bUum30ael6PUY7fvCw/mvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2Qt
ZmE3MThhYzlkNzU4LzEvc2JQaXhXRFhBaDV2QU9RUTJuaE5uN0hJQzJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2QtZmE3MThhYzlkNzU4
LzEvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjB6BAIAATB0MAwDBAAf
1okDBAAf1ooDBAAf1owDBAAf1pEDBAMlncgDBABWahYDBABZIacDBARZ+sADBAFb
hHADBABdcycDBAOf/fADBAK5NYQDBAK5gJwDBAC5qkEDBAK5wtQDBAO8QSgDBADB
WwQDBAHBWwwDBADCBbQwFAQCAAIwDgMFACoBuOADBQAqAkyAMA0GCSqGSIb3DQEB
CwUAA4IBAQBGywWHYtUuCagh1AbriVon1rOxA97y/a+IcmHuEzdMmMVak69c5anR
t+pEkp/+kzvd/ibZnhjBKt/YGYmcu9ZH4ji0ECcoTZgeF6YnZ05ubg+yr9wUMimy
WX5PEIiEmZh/gYwvkodVCJdd2Skx14cCFEANUt4PhabqTdhsTvuK9kKZRdDbfwxs
W/sYLDFuCfDccwLQT/fwbES/7815ORLfOLxrPBKK58HrTc3g+gJq4HM4bH686bg8
mCXAT9BiJ5r/xaewQxn9O+eLWm5kBB88T5VXwN5dFbX7sRfJoZCvT3WDLppE+h6w
TOv9TSnK5Ag5Vu3johCrntKMB407rdUz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:42 2023 by rpki-client on console-ams.rpki-client.org