Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d4db03-e8ad-4027-9ce8-55e1ff7f32f9/1/sGOuZTD90IfGoWspLeNLhIoPCx8.roa
File: sGOuZTD90IfGoWspLeNLhIoPCx8.roa (raw, json)
Hash identifier: HmcOle8ifPJDa8cGXtS3cqTebjzhOjuZ2qw1e3VW7E4=
Subject key identifier: B0:63:AE:65:30:FD:D0:87:C6:A1:6B:29:2D:E3:4B:84:8A:0F:0B:1F
Certificate issuer: /CN=2b0e759c0ea67d8ff722aac887c7eccecded3ec7
Certificate serial: 01857079B8E6CAFB1154A10394A37925D91B
Authority key identifier: 2B:0E:75:9C:0E:A6:7D:8F:F7:22:AA:C8:87:C7:EC:CE:CD:ED:3E:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kw51nA6mfY_3IqrIh8fszs3tPsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/d4db03-e8ad-4027-9ce8-55e1ff7f32f9/1/sGOuZTD90IfGoWspLeNLhIoPCx8.roa
Signing time: Mon 02 Jan 2023 03:15:03 +0000
ROA not before: Mon 02 Jan 2023 03:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31007
IP address blocks: 194.6.249.0/24 maxlen: 24
91.235.114.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:b8:e6:ca:fb:11:54:a1:03:94:a3:79:25:d9:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b0e759c0ea67d8ff722aac887c7eccecded3ec7
Validity
Not Before: Jan 2 03:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b063ae6530fdd087c6a16b292de34b848a0f0b1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0e:d7:8e:40:ae:0b:9d:d5:6b:49:7e:61:8a:
82:ab:78:cf:2f:07:d7:c5:6f:a9:7b:48:7b:38:0f:
b4:14:f1:51:67:bf:1b:15:b2:c4:cb:cc:cd:5f:b0:
55:1c:72:d4:c7:83:b6:27:ec:34:ef:98:42:1d:e2:
6b:83:fd:b9:9d:f5:a4:e6:70:d6:14:cb:6f:18:ca:
e9:c2:2c:fa:e4:2d:5b:75:df:d1:68:06:c3:ff:08:
ec:2a:5b:ca:b8:e8:db:94:8e:68:67:7c:07:73:a2:
78:9f:aa:a7:0b:6e:7a:e5:9f:80:d0:ba:6f:4d:51:
76:ca:b0:c6:ba:32:2c:b8:f2:54:31:32:3a:f9:62:
66:17:45:50:37:bc:29:4a:1f:4b:34:4a:44:6a:67:
12:1c:c0:48:df:1a:da:20:48:a9:66:d9:98:51:46:
51:9f:65:a3:eb:cd:92:59:65:39:11:19:97:0d:58:
90:fd:72:21:71:ad:ca:17:96:57:50:69:fd:57:8e:
a3:86:5a:0c:f4:b9:ae:4d:23:f1:33:95:66:36:b7:
05:24:37:25:11:e8:ab:b3:31:93:69:c3:c3:18:92:
23:40:bd:fd:6f:40:e3:cb:a6:6e:a2:e8:5f:a8:1c:
39:26:56:b9:c4:1c:4b:f4:93:cd:7c:68:6d:4f:14:
fc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:63:AE:65:30:FD:D0:87:C6:A1:6B:29:2D:E3:4B:84:8A:0F:0B:1F
X509v3 Authority Key Identifier:
keyid:2B:0E:75:9C:0E:A6:7D:8F:F7:22:AA:C8:87:C7:EC:CE:CD:ED:3E:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kw51nA6mfY_3IqrIh8fszs3tPsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d4db03-e8ad-4027-9ce8-55e1ff7f32f9/1/sGOuZTD90IfGoWspLeNLhIoPCx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d4db03-e8ad-4027-9ce8-55e1ff7f32f9/1/Kw51nA6mfY_3IqrIh8fszs3tPsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.114.0/23
194.6.249.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:74:82:48:9b:89:1b:6f:27:8e:b2:cc:b4:7b:98:85:93:b4:
d6:2c:bd:a7:ac:d1:c1:56:a0:ea:44:23:98:90:e1:ba:6c:48:
f3:39:42:35:b8:75:33:3a:96:a6:44:17:c7:9f:61:d8:8d:bd:
fe:01:42:6d:9e:a0:5c:b6:93:23:eb:80:41:9f:90:8a:3d:bc:
40:59:e8:5e:83:28:17:1e:c8:53:af:b9:dc:3b:8d:42:13:6d:
10:dc:bf:3a:5a:51:5d:b3:fc:a5:b0:33:a3:d2:1e:76:07:6f:
fe:f6:16:3c:ad:2e:ca:00:ac:68:79:64:11:46:76:70:ea:d9:
ef:3f:61:3d:06:16:43:59:f8:3f:41:2f:cb:63:b8:6d:23:d9:
38:1c:14:ee:a6:11:a9:a3:31:4f:9a:dc:13:58:55:bf:7f:5b:
58:ea:d6:12:ba:9a:70:39:26:cb:9b:35:fe:72:58:14:ca:8d:
5f:4f:74:bd:cc:de:5a:99:9f:ed:3b:03:a4:97:1d:c3:0b:d4:
ba:06:2e:a7:e6:12:d3:69:ea:b5:28:1e:65:f0:34:ad:8f:5e:
e0:d3:c5:f4:0f:56:b3:73:23:df:9b:73:d1:ec:24:ca:bb:7d:
6e:47:48:4f:c6:ba:4b:c9:3a:33:9f:1c:92:f9:24:3b:fb:5e:
2c:ef:26:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwebjmyvsRVKEDlKN5JdkbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMGU3NTljMGVhNjdkOGZmNzIyYWFjODg3YzdlY2NlY2Rl
ZDNlYzcwHhcNMjMwMTAyMDMxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDYzYWU2NTMwZmRkMDg3YzZhMTZiMjkyZGUzNGI4NDhhMGYwYjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkw7XjkCuC53Va0l+YYqCq3jPLwfX
xW+pe0h7OA+0FPFRZ78bFbLEy8zNX7BVHHLUx4O2J+w075hCHeJrg/25nfWk5nDW
FMtvGMrpwiz65C1bdd/RaAbD/wjsKlvKuOjblI5oZ3wHc6J4n6qnC2565Z+A0Lpv
TVF2yrDGujIsuPJUMTI6+WJmF0VQN7wpSh9LNEpEamcSHMBI3xraIEipZtmYUUZR
n2Wj682SWWU5ERmXDViQ/XIhca3KF5ZXUGn9V46jhloM9LmuTSPxM5VmNrcFJDcl
EeirszGTacPDGJIjQL39b0Djy6ZuouhfqBw5Jla5xBxL9JPNfGhtTxT8TQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLBjrmUw/dCHxqFrKS3jS4SKDwsfMB8GA1UdIwQY
MBaAFCsOdZwOpn2P9yKqyIfH7M7N7T7HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3c1MW5BNm1mWV8zSXFySWg4ZnN6czN0UHNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kNGRiMDMtZThhZC00MDI3LTljZTgt
NTVlMWZmN2YzMmY5LzEvc0dPdVpURDkwSWZHb1dzcExlTkxoSW9QQ3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kNGRiMDMtZThhZC00MDI3LTljZTgtNTVlMWZmN2YzMmY5
LzEvS3c1MW5BNm1mWV8zSXFySWg4ZnN6czN0UHNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+tyAwQA
wgb5MA0GCSqGSIb3DQEBCwUAA4IBAQBfdIJIm4kbbyeOssy0e5iFk7TWLL2nrNHB
VqDqRCOYkOG6bEjzOUI1uHUzOpamRBfHn2HYjb3+AUJtnqBctpMj64BBn5CKPbxA
WehegygXHshTr7ncO41CE20Q3L86WlFds/ylsDOj0h52B2/+9hY8rS7KAKxoeWQR
RnZw6tnvP2E9BhZDWfg/QS/LY7htI9k4HBTuphGpozFPmtwTWFW/f1tY6tYSuppw
OSbLmzX+clgUyo1fT3S9zN5amZ/tOwOklx3DC9S6Bi6n5hLTaeq1KB5l8DStj17g
08X0D1azcyPfm3PR7CTKu31uR0hPxrpLyToznxyS+SQ7+14s7yZl
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:44 2024 by rpki-client on console-fra.rpki-client.org