Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/SJvuc4F8vPgMw5ONUZtUXzcxL3I.roa
File: SJvuc4F8vPgMw5ONUZtUXzcxL3I.roa (raw, json)
Hash identifier: uK4HgqXO23vAm0hAZ0zt58gC2qDmN86OhzHtyDFPkn0=
Subject key identifier: 48:9B:EE:73:81:7C:BC:F8:0C:C3:93:8D:51:9B:54:5F:37:31:2F:72
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018C5E77FA60140BE6888F0AB94C85B4C8EC
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/SJvuc4F8vPgMw5ONUZtUXzcxL3I.roa
Signing time: Tue 12 Dec 2023 14:39:30 +0000
ROA not before: Tue 12 Dec 2023 14:39:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 171.22.144.0/24 maxlen: 24
91.103.120.0/21 maxlen: 24
185.235.71.0/24 maxlen: 24
95.111.128.0/20 maxlen: 20
95.111.144.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 20 Dec 2023 23:41:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:77:fa:60:14:0b:e6:88:8f:0a:b9:4c:85:b4:c8:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Dec 12 14:39:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=489bee73817cbcf80cc3938d519b545f37312f72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0f:18:17:a9:f7:af:2c:a6:51:62:db:b8:6c:
3f:e2:a1:fb:7f:70:ea:22:2c:04:70:6d:be:b9:7b:
29:0b:ef:12:93:2e:bb:39:5c:7d:fb:16:20:03:46:
0c:b4:15:fe:42:2a:52:ea:89:91:66:a5:87:75:66:
1f:a2:96:4f:24:fa:b0:eb:59:4c:4c:94:63:ff:bd:
a8:37:76:50:48:9e:8b:8a:98:35:90:ee:d8:db:a2:
45:e4:0f:50:65:40:2c:a6:20:0c:35:6f:13:31:f4:
ba:64:04:be:22:a9:fa:71:1a:00:1f:29:4f:c6:d6:
c1:34:3c:b5:73:0b:1e:8e:f1:bc:11:40:9a:78:93:
93:d6:4c:17:6a:47:a2:2f:c0:c7:e3:8b:77:60:4c:
ed:9b:23:6d:25:44:a5:d6:45:4a:19:31:b0:e3:2c:
78:b6:56:a6:1c:ee:1a:a4:a2:ba:f7:e7:27:7e:7a:
06:93:eb:54:43:36:df:be:c6:6d:39:25:7b:d9:eb:
c3:3b:59:f8:61:61:b2:52:5a:ff:90:ff:5b:d5:2c:
f2:7b:7d:9a:2f:21:09:57:8e:ef:3a:70:7e:bf:19:
71:36:2c:09:70:e0:36:72:c3:18:e3:dd:ba:03:be:
e9:b4:b3:a1:90:65:ec:32:b4:0b:f1:e1:eb:e7:73:
96:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:9B:EE:73:81:7C:BC:F8:0C:C3:93:8D:51:9B:54:5F:37:31:2F:72
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/SJvuc4F8vPgMw5ONUZtUXzcxL3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.120.0/21
95.111.128.0/19
171.22.144.0/24
185.235.71.0/24
Signature Algorithm: sha256WithRSAEncryption
13:4e:fe:ee:83:9b:3f:7f:14:88:75:89:fc:2a:d0:00:25:15:
6b:46:73:83:c2:4a:64:49:c9:39:34:b0:9f:31:c6:b8:8b:cd:
06:b7:35:62:e8:77:a7:61:73:b2:86:ae:c5:34:d0:27:3d:34:
ba:a3:4c:df:ae:22:fb:2f:09:d4:ae:fb:b9:2d:f0:a4:8d:71:
a8:0c:6c:61:15:bd:de:93:96:30:bd:b6:0b:a4:43:d5:2f:e6:
79:94:bb:2e:4e:5b:f9:5c:39:0e:9b:06:4f:18:a7:45:9e:80:
2b:7b:58:5a:8f:6a:bd:43:06:32:45:7c:88:65:00:fa:7e:c3:
60:03:3a:aa:d5:3b:a2:6c:50:8b:26:91:5a:a5:75:e2:6b:fe:
ab:0c:62:fa:18:c9:09:f7:e4:ec:22:21:75:a3:fd:1c:14:13:
69:4f:b7:8c:c5:a5:47:c6:bb:10:d6:b4:7b:d6:c8:08:f4:05:
d4:6a:68:3b:ac:0e:9a:56:c6:94:da:41:c8:88:fa:87:5b:32:
d8:be:01:e9:1d:2e:23:17:27:f7:fd:36:72:35:61:ab:4f:15:
f5:0d:96:d0:0f:7c:f0:cf:8c:75:99:85:f3:11:1c:ee:ed:de:
f1:f5:b6:23:7b:1c:9c:68:67:40:24:0f:6a:40:f3:2d:00:cd:
ef:e2:65:e9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYxed/pgFAvmiI8KuUyFtMjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMxMjEyMTQzOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODliZWU3MzgxN2NiY2Y4MGNjMzkzOGQ1MTliNTQ1ZjM3MzEyZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ8YF6n3ryymUWLbuGw/4qH7f3Dq
IiwEcG2+uXspC+8Sky67OVx9+xYgA0YMtBX+QipS6omRZqWHdWYfopZPJPqw61lM
TJRj/72oN3ZQSJ6Lipg1kO7Y26JF5A9QZUAspiAMNW8TMfS6ZAS+Iqn6cRoAHylP
xtbBNDy1cwsejvG8EUCaeJOT1kwXakeiL8DH44t3YEztmyNtJUSl1kVKGTGw4yx4
tlamHO4apKK69+cnfnoGk+tUQzbfvsZtOSV72evDO1n4YWGyUlr/kP9b1Szye32a
LyEJV47vOnB+vxlxNiwJcOA2csMY4926A77ptLOhkGXsMrQL8eHr53OWbwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEib7nOBfLz4DMOTjVGbVF83MS9yMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvU0p2dWM0Rjh2UGdNdzVPTlVadFVYemN4TDNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDW2d4AwQF
X2+AAwQAqxaQAwQAuetHMA0GCSqGSIb3DQEBCwUAA4IBAQATTv7ug5s/fxSIdYn8
KtAAJRVrRnODwkpkSck5NLCfMca4i80GtzVi6HenYXOyhq7FNNAnPTS6o0zfriL7
LwnUrvu5LfCkjXGoDGxhFb3ek5YwvbYLpEPVL+Z5lLsuTlv5XDkOmwZPGKdFnoAr
e1haj2q9QwYyRXyIZQD6fsNgAzqq1TuibFCLJpFapXXia/6rDGL6GMkJ9+TsIiF1
o/0cFBNpT7eMxaVHxrsQ1rR71sgI9AXUamg7rA6aVsaU2kHIiPqHWzLYvgHpHS4j
Fyf3/TZyNWGrTxX1DZbQD3zwz4x1mYXzERzu7d7x9bYjexycaGdAJA9qQPMtAM3v
4mXp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org