Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/SbT-NCma7v-TSQjBxTyDb1Cgh5o.roa
File: SbT-NCma7v-TSQjBxTyDb1Cgh5o.roa (raw, json)
Hash identifier: /j5i7D11jGF1vdTM5ZX640bnQw/ZrEL8TaIxwUk6jfg=
Subject key identifier: 49:B4:FE:34:29:9A:EE:FF:93:49:08:C1:C5:3C:83:6F:50:A0:87:9A
Certificate issuer: /CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Certificate serial: 01856C13903C7E4091C9AE59CA3766E865B3
Authority key identifier: 58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/SbT-NCma7v-TSQjBxTyDb1Cgh5o.roa
Signing time: Sun 01 Jan 2023 06:44:59 +0000
ROA not before: Sun 01 Jan 2023 06:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31357
IP address blocks: 78.140.0.0/18 maxlen: 18
78.140.0.0/19 maxlen: 19
78.140.4.0/24 maxlen: 24
46.166.253.0/24 maxlen: 24
46.166.254.0/24 maxlen: 24
95.170.96.0/20 maxlen: 20
95.170.96.0/19 maxlen: 19
95.170.104.0/21 maxlen: 21
95.170.120.0/22 maxlen: 22
95.170.120.0/21 maxlen: 21
95.170.124.0/22 maxlen: 22
78.140.48.0/20 maxlen: 20
78.140.58.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:90:3c:7e:40:91:c9:ae:59:ca:37:66:e8:65:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Validity
Not Before: Jan 1 06:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49b4fe34299aeeff934908c1c53c836f50a0879a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:36:c5:f9:5a:17:bd:37:87:02:28:19:0c:a6:
58:99:a8:d8:76:77:7b:14:2e:74:9a:73:1f:17:bb:
c0:39:f8:3d:0a:1f:c6:64:09:ba:20:c3:74:fc:f4:
5e:67:0d:c0:cb:2c:92:8f:f2:8f:9e:f9:9d:a8:59:
83:e9:cd:d4:7d:19:2d:04:ee:79:f6:5d:41:61:fd:
de:5b:6e:fc:af:fb:e5:ab:b7:8f:de:f6:49:5a:cf:
7b:bc:9e:d4:d0:99:56:94:e1:de:2e:eb:2a:2f:60:
9f:e0:91:4d:2b:13:f9:0e:f4:a1:68:3e:ba:ea:36:
48:8a:be:eb:90:45:2a:65:a3:b5:22:bc:c5:f6:e7:
4a:29:61:86:33:22:f4:85:42:69:a1:18:b1:45:bd:
8b:a4:4b:e7:2f:a4:fe:9a:c1:01:4e:03:a1:f1:86:
ac:de:65:85:47:51:78:0b:e0:eb:13:9f:fd:a1:70:
e8:52:68:d7:85:a2:48:2e:8b:47:8f:3b:e0:c1:9b:
9f:91:57:42:31:a4:5f:99:53:8e:78:45:0d:aa:f5:
46:23:ef:cd:40:00:6b:71:b0:e3:d6:12:a8:66:a7:
bb:26:94:32:85:77:21:d1:fd:35:f1:14:1e:de:d9:
8d:2c:2b:73:c2:d3:dd:fa:c4:9f:97:c1:d5:11:b2:
f6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B4:FE:34:29:9A:EE:FF:93:49:08:C1:C5:3C:83:6F:50:A0:87:9A
X509v3 Authority Key Identifier:
keyid:58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/SbT-NCma7v-TSQjBxTyDb1Cgh5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.166.253.0-46.166.254.255
78.140.0.0/18
95.170.96.0/19
Signature Algorithm: sha256WithRSAEncryption
12:5e:84:31:42:92:86:93:16:cb:ff:17:ef:68:87:97:07:ae:
6c:37:91:40:b9:01:03:53:3b:97:e6:18:6f:cc:90:3a:0b:ca:
6d:49:b6:21:4d:b2:99:56:72:07:ce:b6:26:d3:ae:e4:08:29:
3e:54:8b:5d:c6:de:d6:33:c4:a7:64:e8:85:ca:68:6d:84:5b:
d1:93:b0:1e:dd:47:aa:55:ec:4d:9b:44:3b:4f:84:8c:84:80:
7f:96:57:39:6a:d7:6b:5c:9a:75:44:ac:55:7a:e9:d0:c0:69:
96:b3:81:15:0a:71:06:3b:9e:20:9e:c2:c8:c6:21:4b:9c:a4:
ae:bd:a5:17:7a:48:84:f2:c7:ae:3d:e7:e2:cc:7b:00:28:5d:
f2:39:a7:44:2f:79:56:74:0b:a8:33:89:cb:37:c1:36:dd:c1:
ea:d0:a9:ac:b8:04:b6:69:dd:08:37:d5:31:13:f4:d0:19:7c:
5c:a2:92:14:c6:e6:02:a8:94:79:6e:ae:03:18:0f:5b:d7:3a:
bd:ea:33:64:19:fb:39:0d:37:99:59:9a:b1:8b:14:3f:38:fa:
4c:63:cc:b0:e7:0c:a7:0f:79:8d:1a:c5:7d:ef:4b:19:bc:6a:
c8:f6:66:d3:3a:25:21:c5:30:51:98:de:c3:d1:c4:90:c2:cd:
d6:a0:3c:53
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVsE5A8fkCRya5Zyjdm6GWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NTNlNjVhMzA4N2I0Y2E4NWM4ODAyYjYwZmYwZjAyYjQx
MDZkOTcwHhcNMjMwMTAxMDY0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWI0ZmUzNDI5OWFlZWZmOTM0OTA4YzFjNTNjODM2ZjUwYTA4NzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTbF+VoXvTeHAigZDKZYmajYdnd7
FC50mnMfF7vAOfg9Ch/GZAm6IMN0/PReZw3AyyySj/KPnvmdqFmD6c3UfRktBO55
9l1BYf3eW278r/vlq7eP3vZJWs97vJ7U0JlWlOHeLusqL2Cf4JFNKxP5DvShaD66
6jZIir7rkEUqZaO1IrzF9udKKWGGMyL0hUJpoRixRb2LpEvnL6T+msEBTgOh8Yas
3mWFR1F4C+DrE5/9oXDoUmjXhaJILotHjzvgwZufkVdCMaRfmVOOeEUNqvVGI+/N
QABrcbDj1hKoZqe7JpQyhXch0f018RQe3tmNLCtzwtPd+sSfl8HVEbL2hwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEm0/jQpmu7/k0kIwcU8g29QoIeaMB8GA1UdIwQY
MBaAFFhT5lowh7TKhciAK2D/DwK0EG2XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQt
ZTE4NjAyNzM5Y2Q1LzEvU2JULU5DbWE3di1UU1FqQnhUeURiMUNnaDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQtZTE4NjAyNzM5Y2Q1
LzEvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAupv0D
BAAupv4DBAZOjAADBAVfqmAwDQYJKoZIhvcNAQELBQADggEBABJehDFCkoaTFsv/
F+9oh5cHrmw3kUC5AQNTO5fmGG/MkDoLym1JtiFNsplWcgfOtibTruQIKT5Ui13G
3tYzxKdk6IXKaG2EW9GTsB7dR6pV7E2bRDtPhIyEgH+WVzlq12tcmnVErFV66dDA
aZazgRUKcQY7niCewsjGIUucpK69pRd6SITyx6495+LMewAoXfI5p0QveVZ0C6gz
ics3wTbdwerQqay4BLZp3Qg31TET9NAZfFyikhTG5gKolHlurgMYD1vXOr3qM2QZ
+zkNN5lZmrGLFD84+kxjzLDnDKcPeY0axX3vSxm8asj2ZtM6JSHFMFGY3sPRxJDC
zdagPFM=
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:53:56 2024 by rpki-client on console-ams.rpki-client.org